Desktop Type Hijack

**stonesrule** · 2006-08-14, 18:04

I had fake anti spyware programs popup a screen over the desktop and a balloon popup from the windows tray area displaying messages that my computer was infected with spyware and telling me I needed to download and purchase their removal program.

I went through all the instructions in order posted by tashi in the forum "Smitfraud:SpyAxe, SpywareFalcon, and other desktop type hijacks". I no longer see the pop screens and balloons.

As per the instructions I will now post the rapport.txt, Ewido log and the HJT log for analysis. I'm also posting the SpybotSD.Report. Thanks for the help.

Rapport:
SmitFraudFix v2.81

Scan done at 8:21:22.67, Mon 08/14/2006
Run from C:\Documents and Settings\emchenry\My Documents\Temp\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:26:04 AM 8/14/2006

+ Scan result:

Ewido Log:
HKLM\SOFTWARE\Microsoft\VisualStudio\Analyzer\Events\{6C736D71-BCBF-11D0-8A23-00AA00B58E10} -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-299502267-606747145-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1DA7DBE8-C51B-4AE4-BC6E-21863349B0B4} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-299502267-606747145-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DA7DBE8-C51B-4AE4-BC6E-21863349B0B4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\emchenry\Cookies\emchenry@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@bfast[1].txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@ehg-oreilly.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\emchenry\Cookies\emchenry@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.

::Report end

**stonesrule** · 2006-08-14, 18:06

HJT Log:
Logfile of HijackThis v1.99.1
Scan saved at 9:45:39 AM, on 8/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\oracle\ora92\bin\omtsreco.exe
C:\WINDOWS\System32\tcpsvcs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Belkin Bulldog Plus\upsd.exe
C:\PROGRA~1\MI4F93~1\webtool.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Belkin Bulldog Plus\MUPS.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:81
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Imagistics\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe
O4 - HKCU\..\Run: [Timezone] "C:\Program Files\Microsoft Time Zone\TimeZone.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MUPS.lnk = C:\Program Files\Belkin Bulldog Plus\MUPS.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .xfd: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - http://xbox/download/CfxIEAx.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro Activex control v6) - http://datacenter/teechart6/DLLS/TeeChart/teechart6.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1120768968590
O16 - DPF: {80017034-D4F8-410D-9B03-0E713C34CEAD} (Chart Object) - http://dsi-testserver/ChartfxInt62/d...lient.Core.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/ca...ail/DASAct.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab27513.cab
O16 - DPF: {D06B46A5-4DF0-42F8-A616-45BC2BE0F87F} (AnnotationX Object) - http://dsi-testserver/ChartfxInt62/d...Annotation.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://freetrial.webex.com/client/v...ex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = decisionsciencesinc.com
O17 - HKLM\Software\..\Telephony: DomainName = decisionsciencesinc.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = decisionsciencesinc.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SQL Server FullText Search (SQLEXPRESS) (msftesql$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\msftesql.exe" -s:MSSQL.2 -f:SQLEXPRESS (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oracle\ora92\bin\omtsreco.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: UPS - UPSentry Service (UPSentry_Smart) - Delta - C:\Program Files\Belkin Bulldog Plus\upsd.exe

**stonesrule** · 2006-08-14, 18:08

SpybotSD.Report:
--- Search result list ---
FunWebProducts: Class ID (Registry key, fixed)
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

FunWebProducts: Settings (Registry key, fixed)
HKEY_USERS\.DEFAULT\Software\Fun Web Products

FunWebProducts: Settings (Registry key, fixed)
HKEY_USERS\S-1-5-20\Software\Fun Web Products

FunWebProducts: Settings (Registry key, fixed)
HKEY_USERS\S-1-5-18\Software\Fun Web Products

MyWay.MyWebSearch: Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\FocusInteractive

MyWay.MyWebSearch: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

MyWay.MyWebSearch: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\MyWebSearch

FunWeb: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\Fun Web Products

FunWeb: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\FunWebProducts

MyWebSearch: Class ID (Registry key, fixed)
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}

MyWebSearch: Interface (Registry key, fixed)
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

MyWebSearch: Interface (Registry key, fixed)
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-11 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-11 Includes\Cookies.sbi (*)
2006-08-11 Includes\Dialer.sbi (*)
2006-08-11 Includes\Hijackers.sbi (*)
2006-08-11 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-08-11 Includes\Malware.sbi (*)
2006-08-11 Includes\PUPS.sbi (*)
2006-08-11 Includes\Revision.sbi (*)
2006-08-11 Includes\Security.sbi (*)
2006-08-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi (*)

--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Hotfix (KB886906)
/ .NETFramework / 1.0: Microsoft .NET Framework 1.0 Service Pack 3 (KB867461)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX: DirectX Update 819696
/ DirectX / DX9 / SP1: DirectX 9 Hotfix - KB839643
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Windows Media Player: Windows Media Player Hotfix [See KB837272 for more information]
/ Windows Media Player: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player / SP0: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 819639
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows XP / SP0: Update for Windows Internet Explorer 7 Beta 3 (KB922880)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB887797
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888240
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Hotfix for Windows XP (KB896344)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Update for Windows XP (KB900930)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917537)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)

**stonesrule** · 2006-08-14, 18:10

--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10c40f37ac87a18f624143d4fe6e8dec

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 48800
MD5: 52bb7cefd5f5ae8940bd745b4afc8cce

Located: HK_LM:Run, ControlCenter2.0
command: C:\Program Files\Imagistics\ControlCenter2\brctrcen.exe /autorun
file:

Located: HK_LM:Run, IndexSearch
command: C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
file: C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
size: 40960
MD5: 3e29e032f022a9044c3ac463d682f8a3

Located: HK_LM:Run, IntelliPoint
command: "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
file: C:\Program Files\Microsoft IntelliPoint\ipoint.exe
size: 461584
MD5: 6f823b154ea55b4b7c2c79b51b9e9638

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 00d20b701816bdd2cc2445e6c388ef70

Located: HK_LM:Run, itype
command: "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
file: C:\Program Files\Microsoft IntelliType Pro\itype.exe
size: 437008
MD5: f3d4582b881707077c238e31a98bd10b

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, NVMixerTray
command: "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
file: C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
size: 131072
MD5: 46ee79e42e5e056e91ea4eb07e7b807a

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 67a8dd30af82e412cb4bf1b6d1623809

Located: HK_LM:Run, PaperPort PTD
command: C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
file: C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
size: 57393
MD5: 631376a55da14c8bf2cf38d1543a15a2

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 383145864f6543c97a7e1b78505d2f1c

Located: HK_LM:Run, SSBkgdUpdate
command: "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
file: C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
size: 155648
MD5: 1c3ca3e7807f915933bb4e08e599ddab

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100

Located: HK_LM:Run, Windows Defender
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 777424
MD5: 3207bba7a51043ff2c5d64df4c3b6310

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a

Located: Startup (common), MUPS.lnk
command: C:\Program Files\Belkin Bulldog Plus\MUPS.exe
file: C:\Program Files\Belkin Bulldog Plus\MUPS.exe
size: 49152
MD5: 2cd3206b3e5ed0e174febd2214001d7a

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, NavLogon
command: C:\WINDOWS\system32\NavLogon.dll
file: C:\WINDOWS\system32\NavLogon.dll
size: 43760
MD5: 0871047fe86f51355950e02220fd1db3

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

--- Browser helper object list ---
{00C6482D-C502-44C8-8409-FCE54AD9C208} (HelperObject Class)
BHO name:
CLSID name: HelperObject Class
description: SnagIt
classification: Legitimate
known filename: SnagItBHO.dll
info link: http://www.techsmith.com/products/snagit/default.asp
info source: TonyKlein
Path: C:\Program Files\TechSmith\SnagIt 7\
Long name: SnagItBHO.dll
Short name: SNA335~1.DLL
Date (created): 6/17/2005 8:24:00 AM
Date (last access): 8/14/2006 8:27:22 AM
Date (last write): 6/17/2005 8:24:00 AM
Filesize: 49152
Attributes: archive
MD5: E31FC8793FEB379C813F1E7902B94058
CRC32: A029D562
Version: 1.0.1.0

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 1/12/2006 9:38:22 PM
Date (last access): 8/14/2006 8:27:22 AM
Date (last write): 1/12/2006 9:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\Program Files\Spybot - Search & Destroy\
Long name: SDHelper.dll
Short name:
Date (created): 8/11/2006 2:45:26 PM
Date (last access): 8/14/2006 9:41:38 AM
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: ssv.dll
Short name:
Date (created): 11/10/2005 2:03:56 PM
Date (last access): 8/14/2006 8:27:22 AM
Date (last write): 11/10/2005 2:22:10 PM
Filesize: 184423
Attributes: archive
MD5: F01726F7CA8538FDD4663C9DB8FEAEDC
CRC32: 0111B892
Version: 5.0.60.5

{9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
BHO name:
CLSID name: Windows Live Sign-in Helper
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 4/17/2006 1:32:58 PM
Date (last access): 8/14/2006 8:27:22 AM
Date (last write): 4/17/2006 1:32:58 PM
Filesize: 323904
Attributes: archive
MD5: 4D834364B09155778A3330A67EBD4621
CRC32: D2CB2586
Version: 4.0.248.1

--- ActiveX list ---
Microsoft XML Parser for Java (Microsoft XML Parser for Java)
DPF name: Microsoft XML Parser for Java
CLSID name:
Installer:
Codebase: file://C:\WINDOWS\Java\classes\xmldso.cab
description:
classification: Legitimate
known filename: %WINDIR%\Java\classes\xmldso.cab
info link:
info source: Patrick M. Kolla

{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 7/27/2006 10:07:02 AM
Date (last access): 8/11/2006 3:00:38 PM
Date (last write): 7/27/2006 10:07:02 AM
Filesize: 557056
Attributes: archive
MD5: 2DA25D5262D714BFA420D6DE849E67A1
CRC32: 0098926B
Version: 7.1.0.210

{11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control)
DPF name:
CLSID name: iPIX ActiveX Control
Installer:
Codebase: http://www.ipix.com/viewers/ipixx.cab
description: iPIX ActiveX Control
classification: Open for discussion
known filename: ipixx.ocx
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\DOWNLO~1\
Long name: ipixx.ocx
Short name:
Date (created): 6/2/2000 12:29:42 PM
Date (last access): 8/11/2006 3:01:00 PM
Date (last write): 6/2/2000 12:29:42 PM
Filesize: 102912
Attributes:
MD5: FF183CADA1ED933276B169E304E88910
CRC32: E85AE186
Version: 6.2.0.5

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://download.macromedia.com/pub/s...irector/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 10/11/2004 3:20:42 PM
Date (last access): 8/11/2006 1:13:20 PM
Date (last write): 9/9/2004 2:45:18 PM
Filesize: 54488
Attributes: archive
MD5: 12EF836DCCCDD0211F3E09D72812B9C6
CRC32: 8038F1E1
Version: 10.1.0.11

{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=48835
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 6:04:22 PM
Date (last access): 8/14/2006 8:16:20 AM
Date (last write): 6/19/2006 4:19:42 PM
Filesize: 571184
Attributes: archive
MD5: 31BF58C9814F840EB10A2B7A410ABEA3
CRC32: DAFAE165
Version: 1.5.540.0

{21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control)
DPF name:
CLSID name: ChartFX Internet Control
Installer: C:\WINDOWS\Downloaded Program Files\CfxIEAx.inf
Codebase: http://xbox/download/CfxIEAx.cab
description:
classification: Open for discussion
known filename: CfxIEAx.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: CfxIEAx.ocx
Short name:
Date (created): 7/22/2002 12:23:32 PM
Date (last access): 8/11/2006 3:01:00 PM
Date (last write): 7/22/2002 12:23:32 PM
Filesize: 640582
Attributes: archive
MD5: 0BC276EBF11DA2514F35EBA53C6A138C
CRC32: 11CC8426
Version: 5.5.6.0

{31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer)
DPF name:
CLSID name: Microsoft PID Sniffer
Installer: C:\WINDOWS\Downloaded Program Files\odc.inf
Codebase: https://support.microsoft.com/OAS/ActiveX/odc.cab
description:
classification: Legitimate
known filename: odc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: odc.dll
Short name:
Date (created): 10/27/2004 12:07:58 AM
Date (last access): 8/11/2006 1:13:18 PM
Date (last write): 10/27/2004 12:07:58 AM
Filesize: 277256
Attributes: archive
MD5: B6C36FD61195CFE4247EFC094A7A0BF8
CRC32: 34B3B3E9
Version: 3.0.34.0

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.microsoft.com/officeup...tent/opuc3.cab
description:
classification: Legitimate
known filename: opuc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 8/27/2003 4:10:30 AM
Date (last access): 8/14/2006 9:38:54 AM
Date (last write): 8/8/2005 1:25:14 AM
Filesize: 532992
Attributes: archive
MD5: 6433993EBB9B2B6CD18F4256FD7A7C07
CRC32: AEF6FCDD
Version: 12.0.3208.1000

{4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool)
DPF name:
CLSID name: Malicious Software Removal Tool
Installer: C:\WINDOWS\Downloaded Program Files\WebCleaner.inf
Codebase: http://download.microsoft.com/downlo...WebCleaner.cab
description:
classification: Legitimate
known filename: WebCleaner.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: WebCleaner.dll
Short name: WEBCLE~1.DLL
Date (created): 9/8/2005 8:08:22 PM
Date (last access): 8/14/2006 9:38:14 AM
Date (last write): 11/15/2005 5:31:18 PM
Filesize: 2351968
Attributes: archive
MD5: 0886FB18D110CCB4FE75228701A54B9B
CRC32: A3A31025
Version: 1.10.913.0

{536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro Activex control v6)
DPF name:
CLSID name: TeeChart Pro Activex control v6
Installer:
Codebase: http://datacenter/teechart6/DLLS/TeeChart/teechart6.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: TeeChart6.ocx
Short name: TEECHA~1.OCX
Date (created): 7/20/2003 7:00:00 AM
Date (last access): 8/11/2006 3:01:06 PM
Date (last write): 7/20/2003 7:00:00 AM
Filesize: 3137024
Attributes: archive
MD5: CE88EE31040E270AB45F79D0568BC9C0
CRC32: 52BE4976
Version: 6.0.0.3

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.microsoft.com/microsof...?1120768968590
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 4:19:32 AM
Date (last access): 8/11/2006 2:17:48 PM
Date (last write): 5/26/2005 4:19:32 AM
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{80017034-D4F8-410D-9B03-0E713C34CEAD} (Chart Object)
DPF name:
CLSID name: Chart Object
Installer: C:\WINDOWS\Downloaded Program Files\ChartFX.ComIEClient.Core.inf
Codebase: http://dsi-testserver/ChartfxInt62/d...lient.Core.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ChartFX.ComIEClient.Core.dll
Short name: CHARTF~1.DLL
Date (created): 4/26/2006 12:34:44 PM
Date (last access): 8/14/2006 9:38:14 AM
Date (last write): 4/26/2006 12:34:44 PM
Filesize: 2920448
Attributes: archive
MD5: EEA2B9D2A8B38EDFDCD1B10B22D31AB5
CRC32: 36559465
Version: 6.2.2301.17328

**stonesrule** · 2006-08-14, 18:11

{814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class)
DPF name:
CLSID name: DASWebDownload Class
Installer: C:\WINDOWS\Downloaded Program Files\DASAct.inf
Codebase: http://das.microsoft.com/activate/ca...ail/DASAct.cab
description:
classification: Open for discussion
known filename: DASAct.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\
Long name: DASAct.dll
Short name:
Date (created): 9/23/2003 10:50:32 AM
Date (last access): 8/14/2006 9:38:54 AM
Date (last write): 9/23/2003 10:50:32 AM
Filesize: 154320
Attributes: archive
MD5: 9585A0BF0765C4748287D8577547559C
CRC32: 3A5C8F45
Version: 2.0.1.3184

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 2:03:56 PM
Date (last access): 8/11/2006 3:01:00 PM
Date (last write): 11/10/2005 2:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class)
DPF name:
CLSID name: MsnMessengerSetupDownloadControl Class
Installer: C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.inf
Codebase: http://messenger.msn.com/download/Ms...Downloader.cab
description:
classification: Legitimate
known filename: MsnMessengerSetupDownloader.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnMessengerSetupDownloader.ocx
Short name: MSNMES~1.OCX
Date (created): 11/5/2004 4:58:20 PM
Date (last access): 8/11/2006 1:04:18 PM
Date (last write): 11/5/2004 4:58:20 PM
Filesize: 119496
Attributes: archive
MD5: 1B40AA6A5D25E6CB4EDFC4C717113161
CRC32: 4F5D45E3
Version: 1.0.0.1

{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://zone.msn.com/binFramework/v10...o.cab27513.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 4/6/2004 7:03:12 PM
Date (last access): 8/11/2006 3:01:08 PM
Date (last write): 4/6/2004 7:03:12 PM
Filesize: 85032
Attributes: archive
MD5: 65431ACCF09A96C3BE53B7681BFFE44D
CRC32: C8777857
Version: 9.2.7513.1

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 2:03:56 PM
Date (last access): 8/14/2006 9:43:08 AM
Date (last write): 11/10/2005 2:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 11/10/2005 2:03:56 PM
Date (last access): 8/14/2006 9:43:08 AM
Date (last write): 11/10/2005 2:22:10 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{D06B46A5-4DF0-42F8-A616-45BC2BE0F87F} (AnnotationX Object)
DPF name:
CLSID name: AnnotationX Object
Installer:
Codebase: http://dsi-testserver/ChartfxInt62/d...Annotation.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ChartFX.ComIEClient.Annotation.dll
Short name: CHARTF~2.DLL
Date (created): 4/26/2006 12:36:02 PM
Date (last access): 8/14/2006 9:38:14 AM
Date (last write): 4/26/2006 12:36:02 PM
Filesize: 485376
Attributes: archive
MD5: CBC770A08B7FCF8C0F74B06B2E9698FA
CRC32: 885FD662
Version: 6.2.2301.17295

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/s...sh/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash8b.ocx
Short name:
Date (created): 3/31/2006 11:45:12 AM
Date (last access): 8/14/2006 8:19:28 AM
Date (last write): 3/31/2006 11:45:12 AM
Filesize: 1443464
Attributes: readonly archive
MD5: 12719EDDAAB9CAEEF28C6E58192F594B
CRC32: 680E085C
Version: 8.0.24.0

{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
DPF name:
CLSID name: GpcContainer Class
Installer: C:\WINDOWS\Downloaded Program Files\ieatgpc.inf
Codebase: https://freetrial.webex.com/client/v...ex/ieatgpc.cab
description:
classification: Open for discussion
known filename: ieatgpc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ieatgpc.dll

--- Process list ---
PID: 0 ( 0) [System]
PID: 152 ( 4) \SystemRoot\System32\smss.exe
PID: 204 ( 152) \??\C:\WINDOWS\system32\csrss.exe
PID: 228 ( 152) \??\C:\WINDOWS\system32\winlogon.exe
PID: 272 ( 228) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 284 ( 228) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 428 ( 272) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 484 ( 272) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 524 ( 272) C:\Program Files\Windows Defender\MsMpEng.exe
size: 14032
MD5: E7E81C6BCD697F5921DF6D6781D2673D
PID: 588 ( 272) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 888 ( 856) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1376 ( 888) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/14/2006 9:43:07 AM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s

--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip[*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C96E476E-E5EC-4757-8097-CC6057A937FE}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C96E476E-E5EC-4757-8097-CC6057A937FE}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{98470028-C77F-456E-A722-6D51464E43D2}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{98470028-C77F-456E-A722-6D51464E43D2}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5826F7C9-8F37-43C3-9DFB-0C8401B7E282}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5826F7C9-8F37-43C3-9DFB-0C8401B7E282}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B003F294-7B55-4DED-9A06-82C333C02D14}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B003F294-7B55-4DED-9A06-82C333C02D14}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42AEA3F6-1C10-4587-947E-721A061CA18F}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{42AEA3F6-1C10-4587-947E-721A061CA18F}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: PNRP Cloud Namespace Provider
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename: C:\WINDOWS\system32\pnrpnsp.dll

Namespace Provider 4: PNRP Name Namespace Provider
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename: C:\WINDOWS\system32\pnrpnsp.dll

--- Uninstall list ---
(AddressBook)

ATI - Software Uninstall Utility 6.14.10.1008 (All ATI Software)
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Display Driver 8.231-060221a1-030895C-ATI (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

AtlantaFalcons Screen Saver (AtlantaFalcons)
uninstall cmd: C:\WINDOWS\system32\AtlantaFalcons.scr /u

(Branding)

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

ewido anti-spyware 4.0 (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Program Files\Hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hijackthis 1.99.1 (Hijackthis_is1)
install location: C:\Program Files\Hijackthis\
uninstall cmd: "C:\Program Files\Hijackthis\unins000.exe"
publisher: Soeperman Enterprises Ltd
help link: http://www.merijn.org

(HTML Help Workshop)

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 Beta 3 20060623.092706 (ie7beta3)
install date: 20060629
uninstall cmd: "C:\WINDOWS\ie7beta3\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

**stonesrule** · 2006-08-14, 18:13

(IEData)

(InstallShield Uninstall Information)

iTunes 6.0.5.20 (InstallShield_{54C0D94A-F467-4ABC-9D02-6E58748668D4})
version: 100663301
version (major): 6
estimated size: 35158
install date: 20060727
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{54C0D94A-F467-4ABC-9D02-6E58748668D4} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

QuickTime 7.1 (InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 71343
install date: 20060727
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\_is83\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

(InstallShield_{DAD439AE-8CDE-4521-891D-BF121B8A8B8E})

Internet Explorer Security Plugin 2006 (Internet Explorer Security Plugin 2006)
uninstall cmd: "C:\Program Files\IntCodec\iesuninst.exe"

Internet Security Add-On (Internet Security Add-On)
uninstall cmd: "C:\Program Files\IntCodec\isauninst.exe"

iPIX ActiveX Viewer (IPIX ActiveX Viewer)
uninstall cmd: C:\WINDOWS\ipUninst.exe C:\WINDOWS\Unwise.exe /a C:\WINDOWS\Downloaded Program Files\IPIXActX.log, Uninstall iPIX ActiveX Viewer

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=834707

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282

Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939

(KB884016)

(KB884267)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

(KB885353)

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

(KB886612)

(KB887078)

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

(KB887626)

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB887797 20041018.133824 (KB887797)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887797

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888240 20041025.162401 (KB888240)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888240$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888240

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

(KB888656)

(KB889858)

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050630
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050413
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050413
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890923

Windows Media Format SDK Hotfix - KB891122 (KB891122)
install date: 20051026
uninstall cmd: "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891122

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

(KB892313)

Windows XP Hotfix - KB893066 1 (KB893066)
install date: 20050413
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050413
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

(KB893240)

(KB893241)

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

(KB895181)

(KB895316)

(KB895572)

Hotfix for Windows XP (KB896344) 2 (KB896344)
install date: 20050630
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896344

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051108
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Security Update for Windows XP (KB896688) 1 (KB896688)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896688

Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727

(KB897586)

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050628
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

(KB898549)

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588

Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

(KB900399)

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060425
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Update for Windows XP (KB900930) 1 (KB900930)
install date: 20050729
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900930

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Hotfix for Windows Media Format SDK (KB902344) (KB902344)
install date: 20051026
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902344

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235

Security Update for Windows XP (KB904706) 1 (KB904706)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Update for Windows XP (KB904942) 2 (KB904942)
install date: 20060308
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20051011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20051216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915

(KB907658)

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531

Microsoft Base Smart Card Cryptographic Service Provider Package (KB909520)
uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20051216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567

(KB911854)

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060106
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446

**stonesrule** · 2006-08-14, 18:14

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389

Hotfix for Windows XP (KB914440) 6 (KB914440)
install date: 20060629
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914440

Hotfix for Windows XP (KB915865) 2 (KB915865)
install date: 20060425
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=915865

Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159

Security Update for Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/917283

Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422

Security Update for Windows XP (KB917537) 1 (KB917537)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917537$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917537

Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953

Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060615
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439

Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214

Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670

Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683

Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398

Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883

Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616

Update for Windows Internet Explorer 7 Beta 3 (KB922880) 20060714.120000 (KB922880)
install date: 20060727
uninstall cmd: "C:\WINDOWS\ie7updates\KB922880\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922880

Lexmark Software Uninstall (Lexmark_HostCD)
uninstall cmd: C:\Program Files\Lexmark_HostCD\Install\Uninstall.exe
publisher: Lexmark International, Inc.
help link: http://support.lexmark.com

LiveUpdate 2.6 (Symantec Corporation) 2.6.18.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

Microsoft .NET Framework 1.0 Hotfix (KB886906) (M886906)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M886906\M886906Uninstall.msp"

Macromedia Shockwave Player (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

(Measurement Services Client)

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft .NET Framework 2.0 SDK - ENU (Microsoft .NET Framework 2.0 SDK - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\SDK\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft .NET Framework 2.0 SDK - ENU\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft .NET Framework (English) v1.0.3705 (Microsoft .NET Framework Full v1.0.3705 (1033))
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\repair.htm

Microsoft MSDN 2005 Express Edition - ENU (Microsoft MSDN 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - ENU\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

(Microsoft NetShow Player 2.0)

Microsoft SQL Server 2000 8.00.534 (Microsoft SQL Server 2000)
version (major): 8
install date: 5-18-2004
install location: C:\Program Files\Microsoft SQL Server\80\Tools
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Microsoft SQL Server\80\Tools\Uninst.isu" -c"C:\Program Files\Microsoft SQL Server\80\Tools\sqlsun.dll" -msql.mif
publisher: Microsoft
help link: http://www.microsoft.com/sql

Microsoft SQL Server 2005 (Microsoft SQL Server 2005)
uninstall cmd: "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52152

Microsoft Visual Basic 2005 Express Edition - ENU (Microsoft Visual Basic 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Basic 2005 Express Edition - ENU\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Visual C# 2005 Express Edition - ENU (Microsoft Visual C# 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual C# 2005 Express Edition - ENU\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Visual C++ 2005 Express Edition - ENU (Microsoft Visual C++ 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual C++ 2005 Express Edition - ENU\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Visual J# 2.0 Redistributable Package (Microsoft Visual J# 2.0 Redistributable Package)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Visual J# 2005 Express Edition - ENU (Microsoft Visual J# 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual J# 2005 Express Edition - ENU\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Visual Web Developer 2005 Express Edition - ENU (Microsoft Visual Web Developer 2005 Express Edition - ENU)
install location: C:\Program Files\Microsoft Visual Studio 8\
uninstall cmd: C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Web Developer 2005 Express Edition - ENU\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

Microsoft Web Application Stress Tool (Microsoft Web Application Stress Tool)
uninstall cmd: C:\PROGRA~1\MI4F93~1\UNWISE.EXE C:\PROGRA~1\MI4F93~1\INSTALL.LOG

(MobileOptionPack)

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(MsJavaVM)

(NetMeeting)

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

PL/SQL Developer (PL/SQL Developer [80687277])
uninstall cmd: aaRemove "PL/SQL Developer [80687277]"

Public Messenger ver 2.03 (Public Messenger ver 2.03)
uninstall cmd: "C:\Program Files\IntCodec\pmuninst.exe"

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(SchedulingAgent)

(Sevinst)

(Shockwave)

Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: http://www.macromedia.com/go/flashplayer_support/

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Microsoft Visual Studio .NET Enterprise Architect 2003 - English (Visual Studio .NET Enterprise Architect 2003 - English)
install location: C:\Program Files\Microsoft Visual Studio .NET 2003\
uninstall cmd: "C:\Program Files\Microsoft Visual Studio .NET 2003\Setup\Visual Studio .NET Enterprise Architect 2003 - English\setup.exe" /MaintMode
publisher: Microsoft
help link: http://support.microsoft.com/default...&FR=0&LN=EN-US
readme: C:\Program Files\Microsoft Visual Studio .NET 2003\readme.htm

**stonesrule** · 2006-08-14, 18:16

(WallpaperToy)

West Wind HTML Help Builder (Shareware) 3.20 3.20 (West Wind HTML Help Builder (Shareware))
version (major): 3
version (minor): 20
install date: 2006-02-09 15:56:43
install location: C:\Program Files\wwHelp
install source: C:\Documents and Settings\emchenry\My Documents\Temp
uninstall cmd: C:\PROGRA~1\wwHelp\Setup.exe /remove
publisher: West Wind Technologies
help link: http://www.west-wind.com/wwhelp

Windows Genuine Advantage Validation Tool (KB892130) 1.5.0530.0 (WGA)
install date: 20060308
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130

Windows Genuine Advantage Notifications (KB905474) 1.5.0540.0 (WgaNotify)
install date: 20060629
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

Winamp (remove only) (Winamp)
uninstall cmd: "C:\Program Files\Winamp\UninstWA.exe"

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 2 20040803.231319 (Windows XP Service Pack)
uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113

WinZip 10.0 (6698) (WinZip)
version (major): 10
install location: C:\PROGRA~1\WINZIP\
uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
publisher: WinZip Computing LP
help link: http://www.winzip.com/xsupport.htm

Windows Media Connect (WMCSetup)
uninstall cmd: "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=47544

Windows Media Format 11 runtime (WMFDist11)
install date: 20060519
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20060519
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) (Wudf01000)
install date: 20060519
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build machine winmain(wmbla)

ATI Control Panel 6.14.10.5120 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS) 9.1.2047.00 ({0DAA9912-3FE2-4B84-B926-8D7F71A8A99A})
version: 151062527
version (major): 9
version (minor): 1
estimated size: 63989
install date: 20060616
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{0DAA9912-3FE2-4B84-B926-8D7F71A8A99A}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52152

Ulead PhotoImpact XL 8.5 ({0DDDE141-9696-4E33-AB82-EF398169D7E5})
version: 134545408
version (major): 8
install location: C:\Program Files\Ulead Systems\Ulead PhotoImpact XL
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DDDE141-9696-4E33-AB82-EF398169D7E5}\setup.exe" -l0x9
publisher: Ulead System

Microsoft FrontPage Client - English 7.00.9209 ({17B66E83-1BC9-11D5-A54A-0090278A1BB8})
version: 117449721
version (major): 7
estimated size: 601
install date: 20040518
install source: d:\
publisher: Microsoft

Microsoft Visual J# .NET Redistributable Package 1.1 1.1.4322 ({1A655D51-1423-48A3-B748-8F5A0BE294C8})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 11679
install date: 20050512
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Repairjshcore.htm

Debugging Tools for Windows 6.4.7.2 ({1C943495-B69F-4D41-AE0E-23C57ECD90EE})
version: 100925447
version (major): 6
version (minor): 4
estimated size: 28894
install date: 20060616
install source: C:\Program Files\Microsoft Platform SDK for Windows Server 2003 R2\Setup\
uninstall cmd: MsiExec.exe /I{1C943495-B69F-4D41-AE0E-23C57ECD90EE}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ddk/debugging

Microsoft Visual Web Developer 2005 Express Edition - ENU 8.0.50727.42 ({221125DC-6A40-4900-B844-591F5E1195B0})
version: 134268455
version (major): 8
estimated size: 166569
install date: 20060615
install location: C:\Program Files\Microsoft Visual Studio 8\
install source: C:\Documents and Settings\emchenry\Local Settings\Temp\SIT32140.tmp\
uninstall cmd: MsiExec.exe /X{221125DC-6A40-4900-B844-591F5E1195B0}
publisher: Microsoft Corporation

Microsoft SQL Server 2005 Backward compatibility 8.05.1704 ({2243F21A-E132-44F7-BA13-024D0845C815})
version: 134547112
version (major): 8
version (minor): 5
estimated size: 26972
install date: 20060616
install location: c:\Program Files\Microsoft SQL Server\
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{2243F21A-E132-44F7-BA13-024D0845C815}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52150

Microsoft MSDN 2005 Express Edition - ENU 1.16.50727.42 ({23E5C72C-CC08-4EE0-9CC2-D925B232B331})
version: 17876519
version (major): 1
version (minor): 16
estimated size: 239920
install date: 20060615
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

Microsoft Visual Studio 2005 Web Deployment Projects 8.0.60403 ({29F0F7F6-3AE6-4A04-B002-8C8CC7AD9BAD})
version: 134278131
version (major): 8
estimated size: 1273
install date: 20060623
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\I4H1W6S6\
uninstall cmd: MsiExec.exe /I{29F0F7F6-3AE6-4A04-B002-8C8CC7AD9BAD}
publisher: Microsoft
contact: Microsoft
help link: http://go.microsoft.com/fwlink/?LinkId=55111

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 155929
install date: 20060116
install source: C:\Documents and Settings\emchenry\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

WebFldrs XP 9.50.6513 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2460
install date: 20040430
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

Microsoft XML Parser 8.50.2162.6 ({3CE06D54-72B1-44B2-AB60-E4277EC80EF4})
version: 137496690
version (major): 8
version (minor): 50
estimated size: 1184
install date: 20050524
install source: C:\Documents and Settings\emchenry\My Documents\Temp\
publisher: Microsoft Corporation
help link: http://www.msdn.microsoft.com/xml

ATI HYDRAVISION 3.25.0006 ({3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"

Symantec AntiVirus 10.0.2010.2 ({46B63F23-2B4A-4525-A827-688026BE5E40})
version: 167774170
version (major): 10
estimated size: 160402
install date: 20060210
install source: C:\Documents and Settings\emchenry\My Documents\Temp\NAV 10.0.2\SAV\
uninstall cmd: MsiExec.exe /I{46B63F23-2B4A-4525-A827-688026BE5E40}
publisher: Symantec Corporation
comments: Thank you for using Symantec security products.
contact: Technical Support
help link: http://www.symantec.com/techsupp
help telephone: 1 (800) 721-3934

Microsoft SQL Server Native Client 9.00.2047.00 ({50A0893D-47D8-48E0-A7E8-44BCD7E4422E})
version: 150996991
version (major): 9
estimated size: 4284
install date: 20060616
install location: c:\Program Files\Microsoft SQL Server\
install source: c:\3fb7d090fecff8b34b706f99416ed807\setup\
uninstall cmd: MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52153

Microsoft SQL Server Setup Support Files (English) 9.00.2047.00 ({53F5C3EE-05ED-4830-994B-50B2F0D50FCE})
version: 150996991
version (major): 9
estimated size: 24325
install date: 20060616
install location: c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\
install source: c:\b75fa04312a066a1a6bd8bb4a0f516b3\Setup\
uninstall cmd: MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52154

iTunes 6.0.5.20 ({54C0D94A-F467-4ABC-9D02-6E58748668D4})
version: 100663301
version (major): 6
estimated size: 35158
install date: 20060727
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

MSDN Library for Visual Studio .NET 2003 7.38.3053 ({5757AE1A-1DB4-4898-9806-09F77FBD5E57})
version: 119933933
version (major): 7
version (minor): 38
estimated size: 1780577
install date: 20060621
install source: D:\
uninstall cmd: MsiExec.exe /I{5757AE1A-1DB4-4898-9806-09F77FBD5E57}
publisher: Microsoft

Microsoft Visual Basic 2005 Express Edition - ENU 8.0.50727.42 ({577AD794-8B34-40B4-9E7A-BE4CFFE396E6})
version: 134268455
version (major): 8
estimated size: 158433
install date: 20060615
install location: C:\Program Files\Microsoft Visual Studio 8\
install source: C:\Documents and Settings\emchenry\Local Settings\Temp\SIT37734.tmp\
uninstall cmd: MsiExec.exe /X{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}
publisher: Microsoft Corporation

Windows Genuine Advantage v1.3.0254.0 1.3.0254.0 ({63569CE9-FA00-469C-AF5C-E5D4D93ACF91})
version: 16974078
version (major): 1
version (minor): 3
estimated size: 519
install date: 20050727
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
publisher: Microsoft
comments: Your Comments
contact: Customer Support Department
help link: http://www.microsoft.com/genuine/dow...date.aspx/help
help telephone: 1-425.882.8080

Multi-Function Suite 1.00.000 ({63762F86-4611-45CE-BCA3-EC3E16612A17})
version: 16777216
install location: C:\Program Files\Brmfl04i
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63762F86-4611-45CE-BCA3-EC3E16612A17}\Setup.exe" -l0x9 Brunin03.dllBrunin03.dll

Microsoft .NET Framework 2.0 SDK - ENU 2.0.50727 ({639159C2-B27B-4208-8965-D8A0AEDBDED2})
version: 33605159
version (major): 2
estimated size: 905117
install date: 20060616
install location: C:\Program Files\Microsoft Visual Studio 8\SDK\
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

Microsoft Visual J# 2.0 Redistributable Package 2.0.50727 ({68A35043-C55A-4237-88C9-37EE1C63ED71})
version: 33605159
version (major): 2
estimated size: 54717
install date: 20060615
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
version: 33605159
version (major): 2
estimated size: 214903
install date: 20060713
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

Windows Live Messenger 8.0.0792.00 ({7A837109-E671-470D-B489-F1EBE471D220})
version: 134218520
version (major): 8
estimated size: 27429
install date: 20060629
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{7A837109-E671-470D-B489-F1EBE471D220}
publisher: Microsoft Corporation

Microsoft Visual C# 2005 Express Edition - ENU 8.0.50727.42 ({7E7D7935-B0C8-4032-80BA-2CDC9E43C3B8})
version: 134268455
version (major): 8
estimated size: 130914
install date: 20060615
install location: C:\Program Files\Microsoft Visual Studio 8\
install source: C:\Documents and Settings\emchenry\Local Settings\Temp\SIT38743.tmp\
uninstall cmd: MsiExec.exe /X{7E7D7935-B0C8-4032-80BA-2CDC9E43C3B8}
publisher: Microsoft Corporation

Microsoft FxCop 1.35 1.35.60331.0 ({846D9AAD-EA7D-4126-9177-F874FD389BE4})
version: 19131307
version (major): 1
version (minor): 35
estimated size: 7157
install date: 20060616
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\288NL1OW\
uninstall cmd: MsiExec.exe /I{846D9AAD-EA7D-4126-9177-F874FD389BE4}
publisher: Microsoft Corporation

5.09 ({8A42F680-2DD6-11D4-9A8C-0040F6982C20})
version: 84475904
version (major): 5
version (minor): 9
estimated size: 2292
install date: 20060303
install source: \\dsiapp05\NetApps\Imagistics FX2100 Multipurpose printer\ENG\PPPORT9\SE\ENGLISH\
uninstall cmd: MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
publisher: ScanSoft, Inc.
comments: Rewrite from Black Ice Software, Inc.'s IS6.x project.
help link: http://www.scansoft.com
help telephone: 978-977-2000

Microsoft Baseline Security Analyzer 2.0 2.0.5029.2 ({8A8F4EF8-160C-4E0F-B32D-92E2313E039B})
version: 33559461
version (major): 2
estimated size: 2435
install date: 20050707
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\EJ8B3K5O\
uninstall cmd: MsiExec.exe /I{8A8F4EF8-160C-4E0F-B32D-92E2313E039B}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=16531
readme: file://C:\Program Files\Microsoft Baseline Security Analyzer 2\Help\readme.html

SourceGear Vault Client 3.1.9 ({8BC1B46E-3CFC-4C00-ACE2-262E308D8B8B})
version: 50397193
version (major): 3
version (minor): 1
estimated size: 29151
install date: 20060628
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\NVOJKFOO\
uninstall cmd: MsiExec.exe /I{8BC1B46E-3CFC-4C00-ACE2-262E308D8B8B}
publisher: SourceGear LLC
help link: http://www.sourcegear.com/vault
help telephone: 217.356.0105 x700

Microsoft Office XP Media Content 10.0.2619.0 ({90300409-6000-11D3-8CFE-0050048383C9})
version: 167774779
version (major): 10
estimated size: 625193
install date: 20040430
install location: INSTALLLOCATION
install source: D:\
uninstall cmd: MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: ARPREADMESETTING

Microsoft Visio for Enterprise Architects [English] 10.2.5110 ({90560409-6D54-11D4-BEE3-00C04F990354})
version: 167908342
version (major): 10
version (minor): 2
estimated size: 237793
install date: 20060809
install source: D:\
uninstall cmd: MsiExec.exe /I{90560409-6D54-11D4-BEE3-00C04F990354}
publisher: Microsoft Corporation
contact: Microsoft Corporation
help link: http://support.microsoft.com
help telephone: +1 (425) 454-2030

Microsoft Office 2003 Web Components 11.0.6558.0 ({90A40409-6000-11D3-8CFE-0150048383C9})
version: 184555934
version (major): 11
estimated size: 16556
install date: 20060616
install location: c:\Program Files\Microsoft Office\
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support

**stonesrule** · 2006-08-14, 18:16

Microsoft Office XP Professional 10.0.6626.0 ({91110409-6000-11D3-8CFE-0050048383C9})
version: 167778786
version (major): 10
estimated size: 614747
install date: 20060809
install source: D:\
uninstall cmd: MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office10\1033\OFREAD10.HTM

Microsoft Office Project Standard 2003 11.0.7969.0 ({913A0409-6000-11D3-8CFE-0150048383C9})
version: 184557345
version (major): 11
estimated size: 306189
install date: 20060713
install source: C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{913A0409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1033\PJREADME.HTM

Microsoft Visual J# 2005 Express Edition - ENU 8.0.50727.42 ({94160B78-D7C5-4706-8E03-9D8B3763C7DB})
version: 134268455
version (major): 8
estimated size: 143210
install date: 20060615
install location: C:\Program Files\Microsoft Visual Studio 8\
install source: C:\Documents and Settings\emchenry\Local Settings\Temp\SIT40937.tmp\
uninstall cmd: MsiExec.exe /X{94160B78-D7C5-4706-8E03-9D8B3763C7DB}
publisher: Microsoft Corporation

Microsoft Platform SDK (R2) (3790.2075) 5.2.3790.2075 ({9A0ED01E-FD18-457A-AB9C-0835DCDB17BB})
version: 84020942
version (major): 5
version (minor): 2
estimated size: 962539
install date: 20060616
install source: http://download.microsoft.com/downlo...-C351BA099151/
uninstall cmd: MsiExec.exe /I{9A0ED01E-FD18-457A-AB9C-0835DCDB17BB}
publisher: Microsoft Corporation
comments: Update/Uninstall/Repair this SDK
help link: http://www.microsoft.com/msdownload/...msdk/sdkupdate

PaperPort 9.02.0814 ({A17EABB6-D0C6-44E5-820C-72DC7F495064})
version: 151126830
version (major): 9
version (minor): 2
estimated size: 50936
install date: 20060303
install source: \\dsiapp05\NetApps\Imagistics FX2100 Multipurpose printer\ENG\PPPORT9\SE\ENGLISH\
uninstall cmd: MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
publisher: ScanSoft, Inc.
comments: PaperPort SE
help link: http://www.scansoft.com
help telephone: 978-977-2000
readme: 0

4.21 ({A2529672-574A-4A99-86A5-C1770A0E31FE})
version: 68485120
version (major): 4
version (minor): 21
estimated size: 3389
install date: 20060303
install source: \\dsiapp05\NetApps\Imagistics FX2100 Multipurpose printer\ENG\PPPORT9\SE\ENGLISH\
uninstall cmd: MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
publisher: zeonbj
comments: ZEON DocuCom PDF Core Library is useful for developing PDF document.
contact: zeonbj
help link: www.pdfwizard.com

Microsoft SQL Server 2005 Tools 9.1.2047.00 ({A30965BD-2D4D-45CE-8F04-6A6889818CF1})
version: 151062527
version (major): 9
version (minor): 1
estimated size: 397069
install date: 20060616
install source: c:\b75fa04312a066a1a6bd8bb4a0f516b3\Setup\
uninstall cmd: MsiExec.exe /I{A30965BD-2D4D-45CE-8F04-6A6889818CF1}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52152

Microsoft SQL Server Management Studio Express 9.00.2047.00 ({A4512736-8D63-4298-9271-5329931FA46B})
version: 150996991
version (major): 9
estimated size: 84670
install date: 20060616
install location: c:\Program Files\Microsoft SQL Server\
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{A4512736-8D63-4298-9271-5329931FA46B}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=55742

Windows Defender Signatures 1.20.0.0 ({A5CC2A09-E9D3-49EC-923D-03874BBD4C2C})
version: 18087936
version (major): 1
version (minor): 20
estimated size: 2892
install date: 20060629
install source: C:\Program Files\Windows Defender\
uninstall cmd: MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
publisher: Microsoft Corporation

Microsoft Visual C++ 2005 Express Edition - ENU 8.0.50727.42 ({AB6F4AB9-AC85-4002-9829-B6EEA55AE3A5})
version: 134268455
version (major): 8
estimated size: 237474
install date: 20060615
install location: C:\Program Files\Microsoft Visual Studio 8\
install source: C:\Documents and Settings\emchenry\Local Settings\Temp\SIT39543.tmp\
uninstall cmd: MsiExec.exe /X{AB6F4AB9-AC85-4002-9829-B6EEA55AE3A5}
publisher: Microsoft Corporation

Adobe Reader 7.0.8 7.0.8 ({AC76BA86-7AD7-1033-7B44-A70700000002})
version: 117440520
version (major): 7
estimated size: 66591
install date: 20060609
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig707\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70700000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

MSXML 6.0 Parser 6.00.3883.8 ({AEB9948B-4FF2-47C9-990E-47014492A0FE})
version: 100667179
version (major): 6
estimated size: 1340
install date: 20060615
install source: c:\f8aeee39022f27c411\Setup\
uninstall cmd: MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52156

Microsoft SQL Server 2005 (SQLEXPRESS) 9.1.2047.00 ({B0F9497C-52B4-4686-8E73-74D866BBDF59})
version: 151062527
version (major): 9
version (minor): 1
estimated size: 234130
install date: 20060616
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{B0F9497C-52B4-4686-8E73-74D866BBDF59}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52152

Windows Defender 1.1.1347.6 ({B2D7CE29-614A-4ACC-8BFE-009EB3A244C9})
version: 16844099
version (major): 1
version (minor): 1
estimated size: 9956
install date: 20060629
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\NE85U9RF\
uninstall cmd: MsiExec.exe /I{B2D7CE29-614A-4ACC-8BFE-009EB3A244C9}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=55273

Reporting Add-In for Microsoft Visual Web Developer 2005 Express 9.00.1399.06 ({B383EEC2-A3EC-4E76-9CFC-26A2328712FC})
version: 150996343
version (major): 9
estimated size: 9709
install date: 20060615
install location: C:\Program Files\Microsoft SQL Server\
install source: C:\Documents and Settings\emchenry\Local Settings\Temporary Internet Files\Content.IE5\YBMNXTOI\
uninstall cmd: MsiExec.exe /I{B383EEC2-A3EC-4E76-9CFC-26A2328712FC}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52606

Microsoft .NET Framework (English) 1.0.3705 ({B43357AA-3A6D-4D94-B56E-43C44D09E548})
version: 16780921
version (major): 1
estimated size: 50372
install date: 20060209
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
publisher: Microsoft

Microsoft Managed DirectX (1126) 9.00.1126 ({B4C88CF0-B617-4658-8F84-C4E847FBC9F7})
version: 150996070
version (major): 9
estimated size: 11898
install date: 20060117
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\
publisher: Microsoft
comments: DirectX for Managed Languages
contact: Microsoft
help link: http://msdn.microsoft.com/DirectX

Data Dynamics ActiveReports for .NET SP3 3.3.0 ({BFC2E966-065C-47F7-86F3-770ACC83B924})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 75087
install date: 20050413
install source: C:\Documents and Settings\emchenry\My Documents\Work\Downloads\
uninstall cmd: MsiExec.exe /I{BFC2E966-065C-47F7-86F3-770ACC83B924}
publisher: Data Dynamics
comments: ActiveReports Reporting Components Package for Microsoft Visual Studio.NET
contact: Data Dynamics
help link: http://www.datadynamics.com

Microsoft SQL Server VSS Writer 9.00.2047.00 ({C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8})
version: 150996991
version (major): 9
estimated size: 679
install date: 20060616
install location: c:\Program Files\Microsoft SQL Server\
install source: c:\3fb7d090fecff8b34b706f99416ed807\Setup\
uninstall cmd: MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=52155

QuickTime 7.1 ({C21D5524-A970-42FA-AC8A-59B8C7CDCA31})
version: 117506048
version (major): 7
version (minor): 1
estimated size: 71343
install date: 20060727
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\_is83\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

Microsoft Visual Studio 2005 Premier Partner Edition - ENU 8.0.50727.42 ({C25EF637-BE7A-4761-9B45-9069989C319F})
version: 134268455
version (major): 8
estimated size: 168041
install date: 20060616
install source: c:\b75fa04312a066a1a6bd8bb4a0f516b3\Setup\
uninstall cmd: MsiExec.exe /I{C25EF637-BE7A-4761-9B45-9069989C319F}
publisher: Microsoft Corporation

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 51779
install date: 20060209
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Ulead Photo Explorer 8.0 ({D271DAE0-8D68-4C97-8356-A126D48A1D8C})
version (major): 8
install location: C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0
publisher: Ulead Systems, Inc.

Visual Studio.NET Baseline - English 7.1.3088 ({D4D24FE5-FAB3-4FE2-AFFC-623955F4DF3A})
version: 117509136
version (major): 7
version (minor): 1
estimated size: 1787
install date: 20050512
install source: d:\
publisher: Microsoft

NvMixer ({D7A6C517-11F2-419F-B5BB-27772B939698})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall

SimpLite-MSN 2.2 02.02.0006 ({D8337B61-C283-43AC-ABF4-2BE8395B71F6})
version: 33685510
version (major): 2
version (minor): 2
estimated size: 7777
install date: 20060727
install source: C:\Documents and Settings\emchenry\My Documents\Temp\
uninstall cmd: MsiExec.exe /I{D8337B61-C283-43AC-ABF4-2BE8395B71F6}
publisher: Secway
contact: Secway
help link: http://www.secway.fr/support/

Visual Studio.NET Baseline - English 7.0.9466 ({DA82F00E-7294-40E7-B7A6-60B4C16C605E})
version: 117449978
version (major): 7
estimated size: 2027
install date: 20040518
install source: d:\
publisher: Microsoft

Visual Studio .NET Enterprise Architect 2003 - English 7.1.3088 ({E05F0409-0E9A-48A1-AC04-E35E3033604A})
version: 117509136
version (major): 7
version (minor): 1
estimated size: 1212807
install date: 20050512
install location: C:\Program Files\Microsoft Visual Studio .NET 2003\
install source: d:\
publisher: Microsoft

Belkin Bulldog Plus ({E3D16DAD-1AEE-11D6-B82B-004033AA2C09})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3D16DAD-1AEE-11D6-B82B-004033AA2C09}\Setup.exe" -l0x9

Microsoft IntelliPoint 5.5 5.50.661.0 ({EBC91840-41E1-4CC3-AC11-0B889546223C})
version: 87163541
version (major): 5
version (minor): 50
estimated size: 7112
install date: 20060117
install source: C:\Program Files\Microsoft IntelliPoint 5.5\ipoint\setup\
publisher: Microsoft
help link: http://microsoft.com/support/

Microsoft IntelliType Pro 5.5 5.50.661.0 ({F02CF4B0-05EC-4938-A8D2-F739AF3B4363})
version: 87163541
version (major): 5
version (minor): 50
estimated size: 7908
install date: 20060117
install source: C:\Program Files\Microsoft IntelliType Pro 5.5\itype\setup\
publisher: Microsoft
help link: http://microsoft.com/support/

SnagIt 7 7.2.4 ({F1608947-B8A4-4D65-A7B8-8B1D669C0E2C})
version: 117571588
version (major): 7
version (minor): 2
estimated size: 20276
install date: 20060126
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{F1608947-B8A4-4D65-A7B8-8B1D669C0E2C}
publisher: TechSmith Corporation
help link: http://support.techsmith.com

Windows Live Sign-in Assistant 4.000.248.1 ({F652D238-5F29-42D5-BAF3-0115EF977EC2})
version: 67109112
version (major): 4
estimated size: 1112
install date: 20060629
install source: C:\DOCUME~1\emchenry\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
publisher: Microsoft Corporation

HighMAT Extension to Microsoft Windows XP CD Writing Wizard 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F})
version: 16844657
version (major): 1
version (minor): 1
estimated size: 2182
install date: 20060209
install location: C:\Program Files\HighMAT CD Writing Wizard\
install source: C:\WINDOWS\Downloaded Installations\{D2740A23-4ECC-4893-BAFB-51532E37AFF8}\
uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
publisher: Microsoft Corporation
readme: C:\Program Files\HighMAT CD Writing Wizard\1033\\HighMAT_readme.htm

**LonnyRJones** · 2006-08-18, 03:02

Hello, sorry for the delay.

Are there any current problems or questions ?

Thread: Desktop Type Hijack

Thread Tools

Display

Desktop Type Hijack

Continued Thread Posting of Logs 01

Continued Thread Posting of Logs 02

Continued Thread Posting of Logs 03

Continued Thread Posting of Logs 04

Continued Thread Posting of Logs 05

Continued Thread Posting of Logs 06

Continued Thread Posting of Logs 06

Continued Thread Posting of Logs 07

Posting Permissions