Tampabelle,
Yes, spybot still finds the smitfraud problems. Here is a copy of the spybot report. I wasn't sure which information you wanted so I included the entire report.
We're also experiencing another problem now. We have the "Scotty WinPatrol" program loaded on the computer and it *cotinually* (like every 5 mins) displays a message about Adobe Photoshop. It says: "Scotty the watchdog is on patrol and has detected a change to one of your file type associations." Then it says, " Adobe Photoshop Album Starter Edition. C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\ComponentLauncher.exe"
It tells me that the above program is running and a change was made to the exact same thing! Then it asks if i want to allow it. Whether i press yes or now makes no difference. the alert comes again and again.
Thank you very much!
pcorps
--- Search result list ---
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\adulthell.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bin.wordsx.cc\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cc20foreva.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\crl.thawte.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\datingforlove.org\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dl.ad-ware.cc\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\e-finder.cc\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\fast-look.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\[bleep]-[bleep].org\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\letgohome.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\love-catalog.net\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\makechoice.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\meetyourfriend.biz\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msnprotection.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\new.8ad.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s13.remove.cc\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\s2.kav.cc\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\terra.hcworld.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\tracking.allposters.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\visitfriend.net\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webpidor.biz\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.6o9.com\*!=W=4
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-776561741-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.niger.ru\*!=W=4
Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-08-23 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-09-30 Includes\Cookies.sbi (*)
2005-09-30 Includes\Dialer.sbi (*)
2005-09-30 Includes\Hijackers.sbi (*)
2005-09-30 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-09-30 Includes\Malware.sbi (*)
2005-09-30 Includes\PUPS.sbi (*)
2005-09-30 Includes\Revision.sbi (*)
2005-09-30 Includes\Security.sbi (*)
2005-09-30 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-09-30 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP1: DirectX 9 Hotfix - KB839643
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB889293
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB890923
/ Windows Media Player: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player / SP0: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player 9 / SP0: Windows Media Player 9 Hotfix [See KB885492 for more information]
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885626
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
--- Startup entries list ---
Located: HK_LM:Run, Adobe Photo Downloader
command: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
file: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
size: 57344
MD5: 617fa5be646b5e8d6670fd4710acd2d3
Located: HK_LM:Run, AOL Spyware Protection
command: "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
file: C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
size: 78960
MD5: 60fb8e9e346ed0ff19b692e999a7c4d3
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 67184
MD5: eb992a85c604a9977e1161e6560ba611
Located: HK_LM:Run, diagent
command: "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
file: C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
size: 135264
MD5: 8eb2419f6228651874b99a338696a77d
Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 114741
MD5: 2bff8a443334a034df73d2c8d808d2a7
Located: HK_LM:Run, gcasServ
command: "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: 263740ede788a60a6c0a47249fc410bf
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff
Located: HK_LM:Run, PCMService
command: "C:\Program Files\Dell\Media Experience\PCMService.exe"
file: C:\Program Files\Dell\Media Experience\PCMService.exe
size: 204800
MD5: 3f22eaad167797f2de16fa7968593d59
Located: HK_LM:Run, POINTER
command: point32.exe
file:
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 9b4c1812595c389ab9ccf1ff3b315248
Located: HK_LM:Run, THGuard
command: "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
file: C:\Program Files\TrojanHunter 4.2\THGuard.exe
size: 1089024
MD5: edb3dca0b1f57ac8d915c8ad0830b27c
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 151597
MD5: a05da809ac0d86d916d09e3a908d3a06
Located: HK_LM:Run, UpdReg
command: C:\WINDOWS\UpdReg.EXE
file: C:\WINDOWS\UpdReg.EXE
size: 90112
MD5: c419df63e0121d72411285780c2fc6cc
Located: HK_LM:Run, vptray
command: C:\PROGRA~1\SYMANT~1\VPTray.exe
file: C:\PROGRA~1\SYMANT~1\VPTray.exe
size: 120640
MD5: fb7c5949dca2d774461758c0f259f470
Located: HK_LM:Run, WinPatrol
command: C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
file: C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
size: 230592
MD5: e59c3e9f2fa07236890f8ae1edb2e947
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, DellSupport
command: "C:\Program Files\Dell Support\DSAgnt.exe" /startup
file: C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: cea4715092cb7984420dbc9f51fb4c35
Located: HK_CU:Run, Sonic RecordNow!
command:
file:
Located: Startup (common), Acrobat Assistant.lnk
command: C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
file: C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
size: 49254
MD5: 0e6e43d31ac16bcf682eb5f63178c492
Located: Startup (common), Adobe Gamma Loader.exe.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: e2ed2664703637eb5f942ac98ebcba76
Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office10\OSA.EXE
file: C:\Program Files\Microsoft Office\Office10\OSA.EXE
size: 83360
MD5: 5bc65464354a9fd3beaa28e18839734a
Located: Startup (common), NkbMonitor.exe.lnk
command: C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
file: C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
size: 118784
MD5: 70b9b7c5c5b3cdb1df2e8dfb5dcc3b52
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, NavLogon
command: C:\WINDOWS\System32\NavLogon.dll
file: C:\WINDOWS\System32\NavLogon.dll
size: 55104
MD5: f4edb3a832b79b34497478a589a13f9d
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link:
http://www.adobe.com.../readstep2.html info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/14/2004 1:56:50 AM
Date (last access): 10/1/2005 3:01:52 PM
Date (last write): 12/14/2004 1:56:50 AM
Filesize: 63136
Attributes: archive
MD5: 42729C3DE75A7A51FC6F9EF6546C9199
CRC32: 4D60BD07
Version: 7.0.0.1333
{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link:
http://spybot.eon.net.au/ info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 8/23/2005 9:05:44 PM
Date (last access): 10/1/2005 3:01:52 PM
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0
--- ActiveX list ---
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner)
DPF name:
CLSID name: Symantec AntiVirus scanner
Installer: C:\WINDOWS\Downloaded Program Files\avsniff.inf
Codebase:
http://security.syma...bin/AvSniff.cab description: Symantec online scanner
classification: Legitimate
known filename: AVSNIFF.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\Downloaded Program Files\
Long name: avsniff.dll
Short name:
Date (created): 4/27/2005 9:43:34 AM
Date (last access): 10/1/2005 3:17:46 PM
Date (last write): 4/27/2005 9:43:34 AM
Filesize: 202352
Attributes: archive
MD5: DED7B2F31D562643DAFD67F304813CB8
CRC32: 2921D0E7
Version: 2004.12.14.55
{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class)
DPF name:
CLSID name: QDiagAOLCCUpdateObj Class
Installer: C:\WINDOWS\Downloaded Program Files\qdiagcc.inf
Codebase:
http://aolcc.aol.com...kup/qdiagcc.cab description:
classification: Open for discussion
known filename: qdiagcc.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\
Long name: qdiagcc.ocx
Short name:
Date (created): 2/23/2004 10:58:20 AM
Date (last access): 9/30/2005 4:58:18 PM
Date (last write): 2/23/2004 10:58:20 AM
Filesize: 1003520
Attributes: archive
MD5: 8B6C90078C00352FFC6F78BE1E4891DE
CRC32: 896B9758
Version: 1.0.1.367
{644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class)
DPF name:
CLSID name: Symantec RuFSI Utility Class
Installer: C:\WINDOWS\Downloaded Program Files\CabSA.inf
Codebase:
http://security.syma...n/bin/cabsa.cab description:
classification: Legitimate
known filename: rufsi.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: rufsi.dll
Short name:
Date (created): 4/27/2005 9:43:46 AM
Date (last access): 10/1/2005 3:17:46 PM
Date (last write): 4/27/2005 9:43:46 AM
Filesize: 161432
Attributes: archive
MD5: 2E5FCBD80A006132A302E2B3C5ED653E
CRC32: 4A61625E
Version: 2004.6.23.42
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
DPF name:
CLSID name: HouseCall Control
Installer: C:\WINDOWS\Downloaded Program Files\xscan.inf
Codebase:
http://a840.g.akamai...all/xscan53.cab description: Trend Micro Antivirus online scanner
classification: Legitimate
known filename: XSCAN53.OCX
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\DOWNLO~1\
Long name: xscan53.ocx
Short name:
Date (created): 6/9/2004 4:56:02 PM
Date (last access): 9/18/2005 8:48:18 PM
Date (last write): 6/9/2004 4:56:02 PM
Filesize: 435712
Attributes: archive
MD5: DCFFCA7F818B4CF4DF29B8932907735D
CRC32: 89BBB9BF
Version: 5.70.0.1086
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase:
http://www.pandasoft...free/asinst.cab description:
classification: Open for discussion
known filename: ASINST.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 9/2/2005 4:41:28 PM
Date (last access): 10/1/2005 3:17:46 PM
Date (last write): 9/2/2005 4:41:28 PM
Filesize: 135168
Attributes: archive
MD5: 51C818502B44E79F7811B049830117B1
CRC32: 398FAC89
Version: 58.0.0.0
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase:
http://download.macr...ash/swflash.cab description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash8.ocx
Short name:
Date (created): 8/27/2005 1:38:56 PM
Date (last access): 9/30/2005 4:27:46 PM
Date (last write): 8/27/2005 1:38:56 PM
Filesize: 1435272
Attributes: archive
MD5: 900373C059C2B51CA91BF110DBDECB33
CRC32: F19599BC
Version: 8.0.22.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 612 ( 4) \SystemRoot\System32\smss.exe
PID: 660 ( 612) \??\C:\WINDOWS\system32\csrss.exe
PID: 684 ( 612) \??\C:\WINDOWS\system32\winlogon.exe
PID: 728 ( 684) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 740 ( 684) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 936 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1024 ( 728) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1124 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1236 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1376 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1920 ( 728) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 196 ( 128) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 328 ( 196) C:\Program Files\Microsoft Hardware\Mouse\point32.exe
size: 167936
MD5: F06DBF9BC50CDC46B6AD6DCD80A3622B
PID: 340 ( 196) C:\Program Files\Dell\Media Experience\PCMService.exe
size: 204800
MD5: 3F22EAAD167797F2DE16FA7968593D59
PID: 464 ( 412) C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
size: 135264
MD5: 8EB2419F6228651874B99A338696A77D
PID: 476 ( 196) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 114741
MD5: 2BFF8A443334A034DF73D2C8D808D2A7
PID: 552 ( 728) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 243312
MD5: E7C059304FE47B7F8FA5341DD17EF9DC
PID: 572 ( 196) C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
size: 78960
MD5: 60FB8E9E346ED0FF19B692E999A7C4D3
PID: 640 ( 196) C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: 263740EDE788A60A6C0A47249FC410BF
PID: 652 ( 728) C:\WINDOWS\System32\CTsvcCDA.exe
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 704 ( 728) C:\Program Files\Symantec AntiVirus\DefWatch.exe
size: 30528
MD5: 64BFD65D2384521F2C55EA2D417A7275
PID: 812 ( 196) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 67184
MD5: EB992A85C604A9977E1161E6560BA611
PID: 960 ( 728) C:\Program Files\ewido\security suite\ewidoctrl.exe
size: 16448
MD5: 867D9D1FA818F8629BB7A4A26E94B06A
PID: 1068 ( 196) C:\PROGRA~1\SYMANT~1\VPTray.exe
size: 120640
MD5: FB7C5949DCA2D774461758C0F259F470
PID: 1184 ( 936) C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
size: 756552
MD5: 21BD4696317A4A6383F86CDC5E026BFD
PID: 1192 ( 196) C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
size: 230592
MD5: E59C3E9F2FA07236890F8AE1EDB2E947
PID: 1304 ( 728) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
size: 270336
MD5: 5186E143CF425FC80BEA36433B9D3B2D
PID: 1336 ( 728) C:\WINDOWS\System32\nvsvc32.exe
size: 73728
MD5: 85A2A4AD01B86098317F8140B22C58B7
PID: 1496 ( 728) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
size: 1107784
MD5: 8E98A3FC3E165F2FD240C6E0A234C29B
PID: 1812 ( 728) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 255600
MD5: ED26D9D0FC355FC48B90D5226462FAAE
PID: 1984 ( 196) C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: 9B4C1812595C389AB9CCF1FF3B315248
PID: 1972 ( 196) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
size: 57344
MD5: 617FA5BE646B5E8D6670FD4710ACD2D3
PID: 192 ( 196) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 268 ( 196) C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: CEA4715092CB7984420DBC9F51FB4C35
PID: 2020 ( 196) C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
size: 49254
MD5: 0E6E43D31AC16BCF682EB5F63178C492
PID: 400 ( 196) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: E2ED2664703637EB5F942AC98EBCBA76
PID: 1796 ( 196) C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
size: 118784
MD5: 70B9B7C5C5B3CDB1DF2E8DFB5DCC3B52
PID: 2152 ( 728) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2532 ( 728) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 372 ( 276) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 151597
MD5: A05DA809AC0D86D916D09E3A908D3A06
PID: 3772 ( 196) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
PID: 2036 ( 196) THGuard.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 10/1/2005 3:27:11 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearchHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://search.msn.com/spbasic.htmHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://webmail.atlan...b.net/index.phpHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
www.google.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
www.google.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearchHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
www.google.com
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft...er=6&ar=msnhomeHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft...=ie&ar=iesearchHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htmHKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B28BE1AC-C0D3-4FB2-8F90-41F2D915AAE0}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B28BE1AC-C0D3-4FB2-8F90-41F2D915AAE0}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D58A0240-0D6C-4B71-B98F-9FDBBEDB8F3B}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D58A0240-0D6C-4B71-B98F-9FDBBEDB8F3B}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09CA9BA9-BB66-4710-88CC-39383610F6AC}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{09CA9BA9-BB66-4710-88CC-39383610F6AC}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C1E4EFE3-0B72-4A43-8920-D8D904C5DD90}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C1E4EFE3-0B72-4A43-8920-D8D904C5DD90}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A6A72AA9-3E8A-4A24-BCB1-14C77BD1FB97}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A6A72AA9-3E8A-4A24-BCB1-14C77BD1FB97}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
Ad-Aware SE Professional (Ad-Aware SE Professional)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
publisher: Lavasoft
help link:
http://www.lavasoft.de (AddressBook)
Adobe Acrobat 5.0 5.0 (Adobe Acrobat 5.0)
version (major): 5
install location: C:\Program Files\Adobe\Acrobat 5.0
install source: E:\Adobe Acrobat 5.0\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
publisher: Adobe Systems, Inc.
help link:
http://www.adobe.com...robat/main.htmlAdobe PageMaker 7.0 7.0 (Adobe PageMaker 7.0)
version (major): 1
install location: C:\Program Files\Adobe\PageMaker 7.0
install source: E:\PageMaker70\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\PageMaker 7.0\Uninst.isu" -c"C:\Program Files\Adobe\PageMaker 7.0\Uninst.dll"
publisher: Adobe Systems, Inc.
Adobe Photoshop 6.0 6.0 (Adobe Photoshop 6.0)
version (major): 6
install location: C:\Program Files\Adobe\Photoshop 6.0
install source: F:\TECH\Adobe\PhotoShop 6.01\Adobe Photoshop 6.01\Adobe Photoshop 6.0\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
publisher: Adobe Systems, Inc.
Adobe Download Manager 2.0 (Remove Only) 2.0 (AdobeESD)
uninstall cmd: "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adware Away v2.2.8.8 (Adware Away v2.2.8.8_is1)
uninstall cmd: "C:\Program Files\Adware Away\unins000.exe"
AOL Instant Messenger (AOL Instant Messenger)
uninstall cmd: C:\PROGRA~1\AIM\uninstll.exe -LOG= C:\PROGRA~1\AIM\install.log -OEM=
AOL Spyware Protection 1.0.72 (AOL Spyware Protection)
uninstall cmd: C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
publisher: AOL Spyware Protection
comments: AOL Spyware Protection
(Branding)
(Cache and Cookie Washer (AOL))
CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
Conexant SmartHSFi V.9x 56K DF PCI Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2702)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Conexant D850 56K V.9x DFVc Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
(Connection Manager)
Cookie Washer (AOL) (Cookie Washer (AOL))
uninstall cmd: C:\WINDOWS\remccaol.exe
(Creative Mixer 3)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
(Creative PlayCenter 2.0)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
(Creative Recorder)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
(Creative Restore Defaults)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
(Creative WaveStudio)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Support 5.0.0 (766) (DellSupport)
uninstall cmd: rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
(Diagnostics3)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
(DirectAnimation)
(DirectDrawEx)
(dlatray.exe)
uninstall cmd: C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
DrawPlus 3.0 (DrawPlus 3.0)
uninstall cmd: C:\WINDOWS\UNINST.EXE -f"C:\PROGRA~1\BRODER~1\DrawPlus\DeIsL1.isu"
(DXM_Runtime)
ewido security suite (ewidosecuritysuite)
install location: C:\Program Files\ewido\security suite
uninstall cmd: C:\Program Files\ewido\security suite\Uninstall.exe
publisher: ewido networks
help link:
http://www.ewido.net (expinst)
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Alan Stein\Desktop\more spywayre programs\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
Broadcom Advanced Control Suite 3.36.0000 (InstallShield_{468190DA-FB4C-45BA-8E40-4B165FF1A939})
version: 52690944
version (major): 3
version (minor): 36
estimated size: 1756
install date: 20040306
install source: C:\dell\drivers\R56238\WinDiag\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{468190DA-FB4C-45BA-8E40-4B165FF1A939} /l1033
publisher: Broadcom
comments: Broadcom Advanced Control Suite(BACS)
contact: Dell Customer Support
help link:
http://www.support.dell.comMicrosoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link:
http://support.micro...m?kbid=KB870669Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=873333Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=873339Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=883939 (KB884016)
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885250Windows Media Player 9 Hotfix [See KB885492 for more information] (KB885492)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885492$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885492Windows XP Hotfix - KB885626 20040909.122822 (KB885626)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885626$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885626Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885835Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885836Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=885884Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=886185Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=887472Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=887742Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=888113Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=888302Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=890046Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=890175Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050517
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=890859Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050516
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=890923Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=891781Windows XP Hotfix - KB893066 1 (KB893066)
install date: 20050517
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=893066Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050517
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=893086Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=893756 (KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://go.microsoft....k/?LinkId=42467Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=894391Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=896358Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=896422Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=896423Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=896428Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=896727Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050630
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=898461Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=899587Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=899588Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=899591Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
http://support.micro...com?kbid=901214Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
pu