Logfile of HijackThis v1.99.1
Scan saved at 7:33:42 PM, on 11/5/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\ArcGIS\ArcIMS\Server\bin\aimsserver.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\apache\Apache2\bin\ApacheMonitor.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\Administrator.NWHC276\Desktop\HijackThis.exe
C:\WINNT\System32\svchost.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\apache\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://gswimdnm02.e...gov/iNotes6.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://usgs.webex.c...bex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EF26692-5A4F-42D4-BDD7-EE3519D698EA}: NameServer = 130.11.48.2,136.177.16.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = er.usgs.gov,cr.usgs.gov,wr.usgs.gov
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = er.usgs.gov,cr.usgs.gov,wr.usgs.gov
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = er.usgs.gov,cr.usgs.gov,wr.usgs.gov
O20 - Winlogon Notify: Uninstall - C:\WINNT\system32\e6jmlg1116.dll
O23 - Service: Apache2 - Unknown owner - C:\apache\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: ArcIMS Application Server 9.1 - Unknown owner - C:\Program Files\ArcGIS\ArcIMS\AppServer\Aims_appserver.exe
O23 - Service: ArcIMS Monitor 9.1 - Unknown owner - C:\Program Files\ArcGIS\ArcIMS\server\monitor\AIMS_Monitor.exe
O23 - Service: ArcIMS Tasker 9.1 - Unknown owner - C:\Program Files\ArcGIS\ArcIMS\AppServer\tasker\AIMS_Tasker.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ArcSde Service(esri_sde) (esri_sde) - Environmental Systems Research Institute, Inc. - C:\ArcGIS\ArcSDE\sqlexe\bin\giomgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Apache Tomcat (Tomcat5) - Apache Software Foundation - C:\Tomcat5028\bin\tomcat5.exe
Here is alog from CWShredder
**** Run Keys ****
RUN: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
RUN: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
RUN: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
RUN: [Spyware Begone] c:\freescan\freescan.exe -FastScan
**** Browser Helper Objects ****
**** IE Toolbars ****
**** IE Extensions ****
IEExt: [Web Browser Applet Control] C:\WINNT\system32\msjava.dll
**** Hosts File Entries ****
HOSTS: 127.0.0.1 www.isearch.com
HOSTS: 127.0.0.1 isearch.com
HOSTS: 127.0.0.1 www.idownload.com
HOSTS: 127.0.0.1 idownload.com
HOSTS: 127.0.0.1 www.websearch.com
HOSTS: 127.0.0.1 websearch.com
HOSTS: 127.0.0.1 www.clkoptimizer.com
HOSTS: 127.0.0.1 www.page-not-found.net
HOSTS: 127.0.0.1 page-not-found.net
HOSTS: 127.0.0.1 www.mytotalsearch.com
HOSTS: 127.0.0.1 mytotalsearch.com
HOSTS: 127.0.0.1 www.lop.com
HOSTS: 127.0.0.1 lop.com
HOSTS: 127.0.0.1 xads.offeroptimizer.comm
HOSTS: 127.0.0.1 search.offeroptimizer.com
HOSTS: 127.0.0.1 ximages.offeroptimizer.com
HOSTS: 127.0.0.1 xlime.offeroptimizer.com
HOSTS: 127.0.0.1 code.ignphrases.com
HOSTS: 127.0.0.1 xadsj-o.offeroptimizer.com
HOSTS: 127.0.0.1 xadsj.offeroptimizer.com
HOSTS: 127.0.0.1 www.offeroptimizer.com
HOSTS: 127.0.0.1 as.adwave.com
HOSTS: 127.0.0.1 sr.adwave.com
HOSTS: 127.0.0.1 clear-search.com
HOSTS: 127.0.0.1 www.adwave.com
HOSTS: 127.0.0.1 adwave.com EVENT:HOST:127.0.0.1
HOSTS: 127.0.0.1 www.pacimedia.com
HOSTS: 127.0.0.1 www.clrsch.com
HOSTS: 127.0.0.1 clr-sch.com
HOSTS: 127.0.0.1 sds-qckads.com
HOSTS: 127.0.0.1 www.igetnet.com
HOSTS: 127.0.0.1 r1.clrsch.com
HOSTS: 127.0.0.1 sds.clrsch.com
HOSTS: 127.0.0.1 status.qckads.com
HOSTS: 127.0.0.1 www.qoolaid.com
HOSTS: 127.0.0.1 www.qoologic.com
HOSTS: 127.0.0.1 www.isearchhere.com
HOSTS: 127.0.0.1 isearchhere.com
HOSTS: 127.0.0.1 status.clrsch.com
HOSTS: 127.0.0.1 www.CLKPrecision.com
HOSTS: 127.0.0.1 www.urllogic.com
HOSTS: 127.0.0.1 www.urllogic.com
**** IE Settings ****
Default Page: http://www.microsoft...er=6&ar=msnhome
Default Search: http://www.microsoft...=ie&ar=iesearch
Local Page: C:\WINNT\system32\blank.htm
**** IE Context Menu (Right click) ****
**** Layered Service Providers ****
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{19FC99A2-2EE1-44DC-ACD5-142AA3266B8E}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{19FC99A2-2EE1-44DC-ACD5-142AA3266B8E}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{715C5D8D-1B72-4751-8BA9-DA9FD0A2833C}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{715C5D8D-1B72-4751-8BA9-DA9FD0A2833C}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0D0852D2-EB75-45DA-B3FE-8385468DF988}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0D0852D2-EB75-45DA-B3FE-8385468DF988}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3EF26692-5A4F-42D4-BDD7-EE3519D698EA}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{3EF26692-5A4F-42D4-BDD7-EE3519D698EA}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9F357AC0-19D7-4455-8BEE-1C9C73570F55}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9F357AC0-19D7-4455-8BEE-1C9C73570F55}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{28AF9FB7-9A88-466D-9D5D-0F9F2575D8CC}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{28AF9FB7-9A88-466D-9D5D-0F9F2575D8CC}] DATAGRAM 2
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
DirectAnimation Java Classes [file://C:\WINNT\Java\classes\dajava.cab]
Microsoft XML Parser for Java [file://C:\WINNT\Java\classes\xmldso.cab]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [http://www.apple.com...x/qtplugin.cab]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} [http://www.kaspersky...an_unicode.cab]
{17492023-C23A-453E-A040-C7C580BBF700} [http://go.microsoft..../?linkid=39204] C:\WINNT\system32\GWFSPidGen.DLL C:\WINNT\system32\LegitCheckControl.DLL
{33564D57-0000-0010-8000-00AA00389B71} [http://download.micr...22/wmv9VCM.CAB]
{3BFFE033-BF43-11D5-A271-00A024A51325} [https://gswimdnm02.e...ov/iNotes6.cab]
{4B48D5DF-9021-45F7-A240-60304302A215} [http://download.micr...WebCleaner.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/...ndows-i586.cab]
{9F1C11AA-197B-4942-BA54-47A8489BB47F} [http://v4.windowsupd...273.4799652778]
{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}
{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} [http://java.sun.com/...ndows-i586.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://fpdownload.ma...sh/swflash.cab]
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [https://usgs.webex.c...ex/ieatgpc.cab]
**** Windows Services ****
[Alerter] %SystemRoot%\System32\services.exe
[Apache2] "C:\apache\Apache2\bin\Apache.exe" -k runservice
[AppMgmt] %SystemRoot%\system32\services.exe
[ArcIMS Application Server 9.1] C:\Program Files\ArcGIS\ArcIMS\AppServer\Aims_appserver.exe
[ArcIMS Monitor 9.1] C:\Program Files\ArcGIS\ArcIMS\server\monitor\AIMS_Monitor.exe
[ArcIMS Tasker 9.1] C:\Program Files\ArcGIS\ArcIMS\AppServer\tasker\AIMS_Tasker.exe
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Ati HotKey Poller] %SystemRoot%\System32\Ati2evxx.exe
[BITS] %SystemRoot%\System32\svchost.exe -k BITSgroup
[Browser] %SystemRoot%\System32\services.exe
[cisvc] C:\WINNT\System32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[DefWatch] "C:\Program Files\Symantec AntiVirus\DefWatch.exe"
[Dfs] %SystemRoot%\system32\Dfssvc.exe
[Dhcp] %SystemRoot%\System32\services.exe
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\services.exe
[Dnscache] %SystemRoot%\System32\services.exe
[esri_sde] C:\ArcGIS\ArcSDE\sqlexe\bin\giomgr.exe
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINNT\System32\svchost.exe -k netsvcs
[Fax] %systemroot%\system32\faxsvc.exe
[IDriverT] "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
[iPodService] C:\Program Files\iPod\bin\iPodService.exe
[IsmServ] %SystemRoot%\System32\ismserv.exe
[kdc] %SystemRoot%\System32\lsass.exe
[lanmanserver] %SystemRoot%\System32\services.exe
[lanmanworkstation] %SystemRoot%\System32\services.exe
[LicenseService] %SystemRoot%\System32\llssrv.exe
[LmHosts] %SystemRoot%\System32\services.exe
[Macromedia Licensing Service] "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
[Messenger] %SystemRoot%\System32\services.exe
[mnmsrvc] C:\WINNT\System32\mnmsrvc.exe
[MSDTC] C:\WINNT\System32\msdtc.exe
[MSIServer] C:\WINNT\system32\msiexec.exe /V
[MSSEARCH] "C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"
[MSSQLSERVER] C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
[MSSQLServerADHelper] C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtFrs] %SystemRoot%\system32\ntfrs.exe
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\services.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\regsvc.exe
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe -s
[SamSs] %SystemRoot%\system32\lsass.exe
[SavRoam] "C:\Program Files\Symantec AntiVirus\SavRoam.exe"
[SCardDrv] %SystemRoot%\System32\SCardSvr.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\system32\MSTask.exe
[seclogon] %SystemRoot%\system32\services.exe
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[SQLSERVERAGENT] C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlagent.exe
[Symantec AntiVirus] "C:\Program Files\Symantec AntiVirus\Rtvscan.exe"
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k tapisrv
[TermService] %SystemRoot%\System32\termsrv.exe
[TlntSvr] %SystemRoot%\system32\tlntsvr.exe
[Tomcat5] C:\Tomcat5028\bin\tomcat5.exe //RS//Tomcat5
[TrkSvr] %SystemRoot%\system32\services.exe
[TrkWks] %SystemRoot%\system32\services.exe
[UPS] %SystemRoot%\System32\ups.exe
[UtilMan] %SystemRoot%\System32\UtilMan.exe
[W32Time] %SystemRoot%\System32\services.exe
[WinMgmt] %SystemRoot%\System32\WBEM\WinMgmt.exe
[WLTRYSVC] %SystemRoot%\System32\wltrysvc.exe %SystemRoot%\System32\bcmwltry.exe
[WMDM PMSP Service] C:\WINNT\system32\mspmspsv.exe
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\system32\Services.exe
[wuauserv] %systemroot%\system32\svchost.exe -k wugroup
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[spupdsvc] C:\WINNT\system32\spupdsvc.exe
**** Custom IE Search Items ****
SEARCH: [SearchAssistant] http://ie.search.msn...st/srchasst.htm
SEARCH: [CustomizeSearch] http://ie.search.msn...st/srchcust.htm
**** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINNT\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] about:blank
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Q261272] yes
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Use FormSuggest] no
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Error Dlg Details Pane Open] yes
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [FormSuggest PW Ask] no
IEOPT: [AddToFavoritesExpanded]
IEOPT: [Use Custom Search URL]
IEOPT: [AutoSearch]
IEOPT: [Expand Alt Text] no
IEOPT: [Move System Caret] no
IEOPT: [NscSingleExpand]
IEOPT: [NoWebJITSetup]
IEOPT: [Page_Transitions]
IEOPT: [FavIntelliMenus] no
IEOPT: [Enable Browser Extensions] no
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [SmoothScroll]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [Show image placeholders]
IEOPT: [Print_Background] no
IEOPT: [Check_Associations] no
IEOPT: [Default_Page_URL] http://www.microsoft...er=6&ar=msnhome
IEOPT: [Default_Search_URL] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] C:\WINNT\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] about:blank
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.00.2800.1106
IEOPT: [FullScreen] no
IEOPT: [Check_Associations] no
From Spybot
--- Search result list ---
NicTechNetworks.Zestyfind: Executable (File, fixed)
C:\WINNT\iconu.exe
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-10-22 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-10-28 Includes\Cookies.sbi (*)
2005-10-28 Includes\Dialer.sbi (*)
2005-10-28 Includes\Hijackers.sbi (*)
2005-10-28 Includes\Keyloggers.sbi (*)
2005-10-28 Includes\Malware.sbi (*)
2005-10-28 Includes\PUPS.sbi (*)
2005-10-28 Includes\Revision.sbi (*)
2005-10-28 Includes\Security.sbi (*)
2005-10-28 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-10-28 Includes\Trojans.sbi (*)
--- System information ---
Windows 2000 (Build: 2195) Service Pack 4
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Patch Available For XMLHTTP Vulnerability
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB834707
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB867282
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB883939
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB889293
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB890923
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB896688
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB896727
/ Internet Explorer 6 / SP1: Windows 2000 Hotfix - KB905495
/ MSXML4: Patch Available For XMLHTTP Vulnerability
/ Outlook Express 6 / SP1: Windows 2000 Hotfix - KB897715
/ Windows 2000 / SP4: Windows 2000 Service Pack 4
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB820888
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB822831
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB823182
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB823559
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB824105
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB825119
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB826232
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB828035
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB828741
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB828749
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB835732
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB837001
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB839643
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB839645
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB840315
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB840987
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB841356
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB841533
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB841872
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB841873
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB842526
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB842773
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB871250
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB873333
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB873339
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB883935
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB885250
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB885834
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB885835
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB885836
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB888113
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB890046
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB890047
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB890175
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB890859
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB891711
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB891781
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB893066
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB893086
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB893756
/ Windows 2000 / SP5: Windows Installer 3.1 (KB893803)
/ Windows 2000 / SP5: Windows Installer 3.1 (KB893803)
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB894320
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB896358
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB896422
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB896423
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB899587
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB899588
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB899589
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB899591
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB900725
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB901017
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB901214
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB902400
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB904368
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB904706
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB905414
/ Windows 2000 / SP5: Windows 2000 Hotfix - KB905749
/ Windows 2000 / SP5: Update Rollup 1 for Windows 2000 SP4
/ Windows Media Player: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player / SP0: Windows Media Player Hotfix [See Q828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player 9 / SP0: Windows Media Player 9 Hotfix [See KB885492 for more information]
--- Startup entries list ---
Located: HK_LM:Run, gcasServ
command: "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: 263740ede788a60a6c0a47249fc410bf
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: d772c357e47a6817ac3b73f2426b3c10
Located: HK_LM:Run, vptray
command: C:\PROGRA~1\SYMANT~2\VPTray.exe
file: C:\PROGRA~1\SYMANT~2\VPTray.exe
size: 124232
MD5: 46af9457ff9d22a5832490c546169363
Located: HK_CU:Run, Spyware Begone
command: c:\freescan\freescan.exe -FastScan
file:
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0
Located: Startup (common), Monitor Apache Servers.lnk
command: C:\apache\Apache2\bin\ApacheMonitor.exe
file: C:\apache\Apache2\bin\ApacheMonitor.exe
size: 41042
MD5: 33ba43c2aa5272bc54fe40c1c3cea16a
Located: Startup (common), Service Manager.lnk
command: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
file: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
size: 69632
MD5: 978294640062c57482bf2b65a342c266
Located: WinLogon, StillImage
command: C:\WINNT\system32\i8loli3318.dll
file: C:\WINNT\system32\i8loli3318.dll
size: 0
MD5: d41d8cd98f00b204e9800998ecf8427e ???
--- Browser helper object list ---
--- ActiveX list ---
{3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class)
DPF name:
CLSID name: iNotes6 Class
Installer: C:\WINNT\Downloaded Program Files\inotes6.inf
Codebase: https://gswimdnm02.e...gov/iNotes6.cab
Path: C:\WINNT\Downloaded Program Files\
Long name: inotes6.dll
Short name:
Date (created): 3/12/2004 9:08:36 AM
Date (last access): 11/5/2005 6:23:04 PM
Date (last write): 3/12/2004 9:08:36 AM
Filesize: 356352
Attributes: archive
MD5: B74379299FFB149E4C07EC6106FF789D
CRC32: 6938B015
Version: 6.0.31.0
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
DPF name:
CLSID name: GpcContainer Class
Installer: C:\WINNT\Downloaded Program Files\ieatgpc.inf
Codebase: https://usgs.webex.c...bex/ieatgpc.cab
description:
classification: Open for discussion
known filename: ieatgpc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINNT\Downloaded Program Files\
Long name: ieatgpc.dll
Short name:
Date (created): 7/22/2005 10:53:32 AM
Date (last access): 11/5/2005 6:23:14 PM
Date (last write): 7/22/2005 10:53:32 AM
Filesize: 86016
Attributes: archive
MD5: 86175E8E28DF5DCE58F84A0A832F41AC
CRC32: C11F2821
Version: 2.0.0.7
--- Process list ---
PID: 0 ( 0) [System]
PID: 156 ( 8) \SystemRoot\System32\smss.exe
PID: 180 ( 156) \??\C:\WINNT\system32\winlogon.exe
PID: 232 ( 180) C:\WINNT\system32\services.exe
size: 92944
MD5: B861B4E6E9637EB76A40C10C552E0229
PID: 244 ( 180) C:\WINNT\system32\lsass.exe
size: 33552
MD5: F19D0A319AB4BF5496F08807CB9B8651
PID: 436 ( 232) C:\WINNT\system32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 472 ( 232) C:\WINNT\system32\spoolsv.exe
size: 47376
MD5: FACFB75ECC070103619FA044E0B210D3
PID: 556 ( 232) C:\WINNT\System32\Ati2evxx.exe
size: 98304
MD5: 8DF468E0FDD735023ADCBFEE7625F641
PID: 576 ( 232) C:\Program Files\Symantec AntiVirus\DefWatch.exe
size: 30024
MD5: 626534AD71DAB174C4524214A9E8BB89
PID: 592 ( 232) C:\WINNT\System32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 636 ( 232) C:\WINNT\System32\llssrv.exe
size: 85264
MD5: 6F8BDCBE2908CBD8E52F43DE007B2403
PID: 868 ( 232) C:\WINNT\system32\regsvc.exe
size: 68368
MD5: 250C4CE389783FA2398E3AFA4317008C
PID: 844 ( 232) C:\WINNT\system32\MSTask.exe
size: 122128
MD5: B00529EAE5D0CE97010B69CC677128C8
PID: 984 ( 232) C:\Program Files\Symantec AntiVirus\Rtvscan.exe
size: 1267024
MD5: 825349E7566B49E583399CA821D3436A
PID: 1056 ( 232) C:\WINNT\System32\WBEM\WinMgmt.exe
size: 196706
MD5: 05B2001E1BC653FD6091E741B46F71B4
PID: 1096 ( 232) C:\WINNT\system32\mspmspsv.exe
size: 53248
MD5: AF619B3908BB1C9336FB6981609018FE
PID: 1112 ( 232) C:\WINNT\system32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 1132 ( 232) C:\WINNT\system32\Dfssvc.exe
size: 90896
MD5: CC9B709C81A5E7282B97328EC7592E2F
PID: 332 ( 232) C:\WINNT\System32\msdtc.exe
size: 6928
MD5: EDC54E17CDF1811A472D518A82182449
PID: 1340 ( 232) C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
size: 73728
MD5: D02DA157E549697154010280DDAD45FD
PID: 1560 ( 232) C:\WINNT\System32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 2084 ( 524) C:\Program Files\ArcGIS\ArcIMS\Server\bin\aimsserver.exe
size: 131140
MD5: C8502DC2B2A270832D4EFD5C0F9961AC
PID: 2096 ( 232) C:\WINNT\System32\svchost.exe
size: 7952
MD5: 9E64AD53CFD9DA2D22E8A924F8C6E62C
PID: 1760 ( 180) C:\WINNT\system32\rundll32.exe
size: 10000
MD5: 1ED5274825CD1EEBBE102B9FF7C9EC31
PID: 1872 (1380) C:\WINNT\Explorer.EXE
size: 243472
MD5: 59CF2B7DCED9111F48F51B4B570E672D
PID: 1920 (1872) C:\PROGRA~1\SYMANT~2\VPTray.exe
size: 124232
MD5: 46AF9457FF9D22A5832490C546169363
PID: 1792 (1872) C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 473928
MD5: 263740EDE788A60A6C0A47249FC410BF
PID: 1784 (1872) C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: D772C357E47A6817AC3B73F2426B3C10
PID: 216 ( 436) C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
size: 756552
MD5: 21BD4696317A4A6383F86CDC5E026BFD
PID: 2068 (1872) C:\apache\Apache2\bin\ApacheMonitor.exe
size: 41042
MD5: 33BA43C2AA5272BC54FE40C1C3CEA16A
PID: 2248 (1872) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
size: 69632
MD5: 978294640062C57482BF2B65A342C266
PID: 2284 (1112) C:\WINNT\system32\wuauclt.exe
size: 124184
MD5: EBF1AB7E4FC05CABF2F4680D2A45F827
PID: 1860 (1872) C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
size: 824832
MD5: 1B0EDBF799B57EAD6EF68A82906C2097
PID: 2056 (1872) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 91136
MD5: EB9EAF627F705525D01DE5FA07EA1818
PID: 1832 ( 232) C:\Program Files\ewido\security suite\ewidoguard.exe
size: 163904
MD5: 13EE66A939D7C3A2ED62C967DEBD52BB
PID: 2344 ( 232) C:\Program Files\ewido\security suite\ewidoctrl.exe
size: 16448
MD5: 867D9D1FA818F8629BB7A4A26E94B06A
PID: 2412 (1768) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 1188 (1832) C:\Program Files\ewido\security suite\securitysuite.exe
size: 528448
MD5: D1BEA8EA19F7911516572D653E666CF8
PID: 8 ( 0) System
PID: 184 ( 156) CSRSS.EXE
PID: 504 ( 232) Aims_AppServer.
PID: 524 ( 232) Aims_Monitor.ex
PID: 540 ( 232) Aims_Tasker.exe
PID: 736 ( 232) sqlservr.exe
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 11/5/2005 6:43:43 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINNT\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINNT\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft...er=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
WebEx (ActiveTouchMeetingClient)
uninstall cmd: C:\WINNT\DOWNLO~1\atcliun.exe
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Apache Tomcat 5.0 (remove only) (Apache Tomcat 5.0)
uninstall cmd: "C:\Tomcat5028\Uninstall.exe"
ATI Display Driver (ATI Display Driver)
uninstall cmd: rundll32 C:\WINNT\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
(Branding)
CleanUp! (CleanUp!)
uninstall cmd: C:\Program Files\CleanUp!\uninstall.exe
(Connection Manager)
CutePDF Writer 2.3 (CutePDF Writer Installation)
uninstall cmd: C:\WINNT\system32\uninscpw.exe C:\Program Files\
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
ewido security suite (ewidosecuritysuite)
install location: C:\Program Files\ewido\security suite
uninstall cmd: C:\Program Files\ewido\security suite\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net
(expinst)
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\hjt\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(IEREADME)
(InstallShield Uninstall Information)
QuickTime 7.0.3 (InstallShield_{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD})
version: 117440515
version (major): 7
estimated size: 62254
install date: 20051017
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\ADMINI~2.NWH\LOCALS~1\Temp\_is2D\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
iTunes 6.0.0.18 (InstallShield_{13616DE2-9795-4910-8C93-80D45AF09658})
version: 100663296
version (major): 6
estimated size: 30987
install date: 20051017
install location: C:\Program Files\iTunes\
install source: C:\WINNT\Downloaded Installations\{13616DE2-9795-4910-8C93-80D45AF09658}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{13616DE2-9795-4910-8C93-80D45AF09658} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
IrfanView (remove only) (IrfanView)
uninstall cmd: C:\Program Files\IrfanView\iv_uninstall.exe
iText Toolbox (iText Toolbox)
uninstall cmd: C:\WINNT\system32\javaws.exe -uninstall "http://www.lowagie.c...ext/itext.jnlp"
Java Web Start (Java Web Start)
uninstall cmd: "C:\Program Files\Java Web Start\uninst-javaws.exe"
Kaspersky On-line Scanner 5.0.67.0 (Kaspersky On-line Scanner)
estimated size: 6040
install location: C:\WINNT\system32\KASPER~1\KASPER~1
uninstall cmd: C:\WINNT\system32\KASPER~1\KASPER~1\kavuninstall.exe
publisher: Kaspersky Lab
contact: Customer Support Department
help link: http://www.kaspersky.com/support.asp
Windows 2000 Hotfix - KB834707 20040929.091901 (KB834707-IE6SP1-20040929.091901)
uninstall cmd: C:\WINNT\$NtUninstallKB834707-IE6SP1-20040929.091901$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=834707
Windows 2000 Hotfix - KB842773 (KB842773)
uninstall cmd: C:\WINNT\$NtUninstallKB842773$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=842773
Windows 2000 Hotfix - KB867282 20050127.163319 (KB867282-IE6SP1-20050127.163319)
uninstall cmd: C:\WINNT\$NtUninstallKB867282-IE6SP1-20050127.163319$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=867282
Windows 2000 Hotfix - KB883935 20040826.144249 (KB883935)
uninstall cmd: C:\WINNT\$NtUninstallKB883935$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=883935
Windows 2000 Hotfix - KB883939 20050428.125228 (KB883939-IE6SP1-20050428.125228)
uninstall cmd: "C:\WINNT\$NtUninstallKB883939-IE6SP1-20050428.125228$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=883939
(KB884016)
Windows Media Player 9 Hotfix [See KB885492 for more information] (KB885492)
uninstall cmd: C:\WINNT\$NtUninstallKB885492$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885492
Windows 2000 Hotfix - KB889293 20041111.235619 (KB889293-IE6SP1-20041111.235619)
uninstall cmd: C:\WINNT\$NtUninstallKB889293-IE6SP1-20041111.235619$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=889293
Windows 2000 Hotfix - KB890046 20050517.235025 (KB890046)
uninstall cmd: "C:\WINNT\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890046
Windows 2000 Hotfix - KB890923 20050225.103456 (KB890923-IE6SP1-20050225.103456)
uninstall cmd: "C:\WINNT\$NtUninstallKB890923-IE6SP1-20050225.103456$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=890923
Windows 2000 Hotfix - KB893756 20050702.42421 (KB893756)
uninstall cmd: "C:\WINNT\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893756
Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINNT\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=42467
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINNT\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=42467
Windows 2000 Hotfix - KB894320 20050429.01037 (KB894320)
uninstall cmd: "C:\WINNT\$NtUninstallKB894320$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=894320
Windows 2000 Hotfix - KB896358 20050421.70926 (KB896358)
uninstall cmd: "C:\WINNT\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896358
Windows 2000 Hotfix - KB896422 20050503.23608 (KB896422)
uninstall cmd: "C:\WINNT\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896422
Windows 2000 Hotfix - KB896423 20050713.01536 (KB896423)
uninstall cmd: "C:\WINNT\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896423
Windows 2000 Hotfix - KB896688 20051004.130236 (KB896688-IE6SP1-20051004.130236)
uninstall cmd: "C:\WINNT\$NtUninstallKB896688-IE6SP1-20051004.130236$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=896688
Windows 2000 Hotfix - KB896727 20050719.165959 (KB896727-IE6SP1-20050719.165959)
uninstall cmd: "C:\WINNT\$NtUninstallKB896727-IE6SP1-20050719.165959$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=896727
Windows 2000 Hotfix - KB897715 20050503.210336 (KB897715-OE6SP1-20050503.210336)
uninstall cmd: "C:\WINNT\$NtUninstallKB897715-OE6SP1-20050503.210336$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=897715
Windows 2000 Hotfix - KB899587 20050614.212757 (KB899587)
uninstall cmd: "C:\WINNT\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899587
Windows 2000 Hotfix - KB899588 20050628.234036 (KB899588)
uninstall cmd: "C:\WINNT\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899588
Windows 2000 Hotfix - KB899589 20050822.21016 (KB899589)
uninstall cmd: "C:\WINNT\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899589
Windows 2000 Hotfix - KB899591 20050629.14549 (KB899591)
uninstall cmd: "C:\WINNT\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899591
Windows 2000 Hotfix - KB900725 20050923.34708 (KB900725)
uninstall cmd: "C:\WINNT\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900725
Windows 2000 Hotfix - KB901017 20050830.22150 (KB901017)
uninstall cmd: "C:\WINNT\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901017
Windows 2000 Hotfix - KB901214 20050629.02152 (KB901214)
uninstall cmd: "C:\WINNT\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901214
Windows 2000 Hotfix - KB902400 20050905.04634 (KB902400)
uninstall cmd: "C:\WINNT\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=902400
Windows 2000 Hotfix - KB904368 20050719.212549 (KB904368)
uninstall cmd: "C:\WINNT\$NtUninstallKB904368$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=904368
Windows 2000 Hotfix - KB904706 20050830.201441 (KB904706)
uninstall cmd: "C:\WINNT\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=904706
Windows 2000 Hotfix - KB905414 20050816.13004 (KB905414)
uninstall cmd: "C:\WINNT\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905414
Windows 2000 Hotfix - KB905495 20050805.184113 (KB905495-IE6SP1-20050805.184113)
uninstall cmd: "C:\WINNT\$NtUninstallKB905495-IE6SP1-20050805.184113$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=905495
Windows 2000 Hotfix - KB905749 20050902.21643 (KB905749)
uninstall cmd: "C:\WINNT\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905749
LiveReg (Symantec Corporation) 2.0.6.1314 (LiveReg)
install location: C:\Program Files\Common Files\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
publisher: Symantec Corporation
LiveUpdate 2.0 (Symantec Corporation) 2.0.39.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation
Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINNT\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
(Microsoft NetShow Player 2.0)
Microsoft SQL Server 2000 8.00.194 (Microsoft SQL Server 2000)
version (major): 8
install date: 9-15-2004
install location: C:\Program Files\Microsoft SQL Server\MSSQL
uninstall cmd: C:\WINNT\IsUninst.exe -f"C:\Program Files\Microsoft SQL Server\MSSQL\Uninst.isu" -c"C:\Program Files\Microsoft SQL Server\MSSQL\sqlsun.dll" -msql.mif i=MSSQLSERVER
publisher: Microsoft
help link: http://www.microsoft.com/sql
(MobileOptionPack)
Motorola Wireless Network Adapter (Motorola Wireless Network Adapter)
uninstall cmd: C:\WINNT\system32\BCMWLU00.exe verbose
Mozilla Firefox (1.0.4) 1.0.4 (en-US) (Mozilla Firefox (1.0.4))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\WINNT\UninstallFirefox.exe /ua "1.0.4 (en-US)"
publisher: Mozilla
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
(MsJavaVM)
(NetMeeting)
(OutlookExpress)
Python 2.1 (Python 2.1)
uninstall cmd: C:\Python21\\Python21\UNWISE.EXE C:\Python21\\Python21\INSTALL.LOG
Python 2.1 combined Win32 extensions (Python 2.1 combined Win32 extensions)
uninstall cmd: C:\Python21\UNWISE~1.EXE C:\Python21\w32inst.log
Windows Media Player Hotfix [See Q828026 for more information] (Q828026)
uninstall cmd: C:\WINNT\$NtUninstallQ828026$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=828026
Internet Explorer Q903235 (Q903235)
uninstall cmd: C:\WINNT\ieuninst.exe C:\WINNT\INF\Q903235.inf
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=903235
Registrar Lite 2.00 (Registrar Lite 2.00)
uninstall cmd: "C:\Program Files\Registrar Lite\unwise.exe" C:\PROGRA~1\REGIST~1\INSTALL.LOG
publisher: Resplendence Software Projects Sp.
help link: http://www.resplendence.com
ScanSpyware v3.8.0.4 (ScanSpyware_is1)
install location: C:\Program Files\ScanSpyware v3.8.0.4\
uninstall cmd: "C:\Program Files\ScanSpyware v3.8.0.4\unins000.exe"
publisher: PC Security Center, Inc.
help link: http://www.scanspyware.net
(SchedulingAgent)
(Sevinst)
Macromedia Flash Player 8 8 (ShockwaveFlash)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINNT\INF\swflash.inf,DefaultUninstall,5
publisher: Macromedia
help link: http://www.macromedi...player_support/
Spybot - Search & Destroy 1.3.1 TX 1.3.1 TX (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Update Rollup 1 for Windows 2000 SP4 20050602.215753 (Update Rollup 1)
uninstall cmd: "C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=891861
Windows 2000 Service Pack 4 (Windows 2000 Service Pack)
uninstall cmd: C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
WinZip 9.0 (6028) (WinZip)
version (major): 9
install location: C:\PROGRA~1\WINZIP\
uninstall cmd: "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
publisher: WinZip Computing, Inc.
help link: http://www.winzip.com/xsupport.htm
Macromedia Dreamweaver 8 8.0.0.2734 ({0837A661-FEC3-48B3-876C-91E7D32048A9})
version: 134217728
version (major): 8
estimated size: 150399
install date: 20051022
install location: C:\Program Files\Macromedia\Dreamweaver 8\
install source: C:\WINNT\Downloaded Installations\Macromedia Dreamweaver 8\
uninstall cmd: MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
publisher: Macromedia
comments: Language: En
help link: http://www.macromedi...mweaver/support
QuickTime 7.0.3 ({0B69DA57-BC7D-461D-B7D6-2AA9F08869CD})
version: 117440515
version (major): 7
estimated size: 62254
install date: 20051017
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\ADMINI~2.NWH\LOCALS~1\Temp\_is2D\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
iTunes 6.0.0.18 ({13616DE2-9795-4910-8C93-80D45AF09658})
version: 100663296
version (major): 6
estimated size: 30987
install date: 20051017
install location: C:\Program Files\iTunes\
install source: C:\WINNT\Downloaded Installations\{13616DE2-9795-4910-8C93-80D45AF09658}\
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: <a href="http://www.info.apple.com/" target=
Edited by mkh, 05 November 2005 - 07:39 PM.