Another "Instant Access/ eGroups Thread

You know the deal, i can not stop these god forsaken popups for good. i tried the uninstall program, i deleted things in the registry, and i downloaded and bought the best virus killer out there (supposely) So please, help me, and try not to make it too complicated, im great with computers, but im not a complex thinker.

 

Welcome to WindowsBBS Sanedem

What operating system? Do you have HijackThis 1.99.1?

 

Windows 98 if thats what you mean, and i downloaded hijackthis and found no instances of any of the adware

 

the only thing im havin trouble with is the popups from instant access.

 

Please post a HijackThis log, and a GetLog.txt log as outlined here. If the GetLog doesn't show the uninstall entries, run the bat again. If still not there, do this for the uninstall key.

 

Logfile of HijackThis v1.99.1
Scan saved at 8:59:32 PM, on 4/4/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\VTTIMER.EXE
C:\PROGRAM FILES\VIAUDIOI\SBADECK\ADECK.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\WINDOWS\SYSTEM\HPZTSB10.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\PROGRAM FILES\CALLWAVE\IAM.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\WAOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\SHELLMON.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\AOLWBSPD.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\PROGRAM FILES\VIAUDIOI\SBADECK\ADECK.EXE 1
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\attune_ce.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE "
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe "
O4 - HKLM\..\Run: [aoxhgdw] c:\windows\system\aoxhgdw.exe
O4 - HKLM\..\Run: [Corel Reminder] "C:\PROGRAM FILES\COREL\GRAPHICS10\REGISTER\NAVBROWSER.EXE" /r /i "C:\PROGRAM FILES\COREL\GRAPHICS10\REGISTER\NavLoad.ini "
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe "
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE "
O4 - HKCU\..\Run: [ScanSpyware] "C:\PROGRAM FILES\SCANSPYWARE V3.8.0.4\SCANNER.EXE" /rb
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net


did you want me to post the getlog, its was too long

 

Yes. Post it in two replies if necessary.

 

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ScanRegistry "= "C:\\WINDOWS\\scanregw.exe /autorun "
"TaskMonitor "= "C:\\WINDOWS\\taskmon.exe "
"SystemTray "= "SysTray.Exe "
"LoadPowerProfile "= "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme "
"VTTimer "= "VTTimer.exe "
"AudioDeck "= "C:\\PROGRAM FILES\\VIAUDIOI\\SBADECK\\ADECK.EXE 1 "
"AttuneClientEngine "= "C:\\PROGRA~1\\AVEO\\ATTUNE\\bin\\attune_ce.exe "
"RealTray "= "C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER "
"HP Component Manager "= "\ "C:\\PROGRAM FILES\\HP\\HPCORETECH\\HPCMPMGR.EXE\" "
"HPDJ Taskbar Utility "= "C:\\WINDOWS\\SYSTEM\\hpztsb10.exe "
"HP Software Update "= "\ "C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe\" "
"aoxhgdw "= "c:\\windows\\system\\aoxhgdw.exe "
"Corel Reminder "= "\ "C:\\PROGRAM FILES\\COREL\\GRAPHICS10\\REGISTER\\NAVBROWSER.EXE\" /r /i \ "C:\\PROGRAM FILES\\COREL\\GRAPHICS10\\REGISTER\\NavLoad.ini\" "
"mdac_runonce "= "C:\\WINDOWS\\SYSTEM\\runonce.exe "
"AOL Spyware Protection "= "\ "C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\AOLSP Scheduler.exe\" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed "= "1 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange "= "1 "
"Installed "= "1 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed "= "1 "

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ICW]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IE40]
@=" "
"DisplayName "= "Microsoft Internet Explorer 6 SP1 and Internet Tools "
"UninstallString "= "rundll32 setupwbv.dll,IE6Maintenance \ "C:\\Program Files\\Internet Explorer\\Setup\\SETUP.EXE\" /g \ "C:\\WINDOWS\\IE Uninstall Log.Txt\" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX]
@=" "
"QuietDisplayName "= "AOL Support Files "
"QuietUninstallString "= "rundll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\unie5bak.inf,,,256 "
"RequiresIESysFile "= "5.00 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent]
@=" "
"QuietDisplayName "= "Task Scheduler "
"QuietUninstallString "= "RunDll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\mstask.inf,,,256 "
"RequiresIESysFile "= "5.00 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack]
@=" "
"QuietDisplayName "= "Offline Browsing Pack "
"QuietUninstallString "= "rundll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\mobilepk.inf,,,256 "
"RequiresIESysFile "= "6.0.2800.1100 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IEData]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MSJavaVM]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MSTASK]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VGX]
@=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting]
"DisplayName "= "NetMeeting 3.0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress]
@=" "
"RequiresIESysFile "= "5.0 "
"RequiresWABFile "= "5.0 "
"UninstallString "= "\ "C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:OE /UNINSTALL /PROMPT "
"QuietUninstallString "= "\ "C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:OE /UNINSTALL "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook]
@=" "
"UninstallString "= "\ "C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:WAB /CALLER:WIN9X /UNINSTALL /PROMPT "
"QuietUninstallString "= "\ "C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:WAB /CALLER:WIN9X /UNINSTALL "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Branding]
"QuietUninstallString "= "Rundll32 IedkCS32.dll,BrandCleanInstallStubs "
"RequiresIESysFile "= "100.0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft NetShow Player 2.0]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VTInfo2]
"DisplayName "= "S3 S3Info2 "
"UninstallString "= "vtuninst.exe -reg 5 'HKLM\\Software\\S3\\VT\\S3Uninst\\S3Info2' "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VTDisplay]
"DisplayName "= "S3 S3Display "
"UninstallString "= "vtuninst.exe -reg 5 'HKLM\\Software\\S3\\VT\\S3Uninst\\S3Display' "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VTGamma2]
"DisplayName "= "S3 S3Gamma2 "
"UninstallString "= "vtuninst.exe -reg 5 'HKLM\\Software\\S3\\VT\\S3Uninst\\S3Gamma2' "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VTOverlay]
"DisplayName "= "S3 S3Overlay "
"UninstallString "= "vtuninst.exe -reg 5 'HKLM\\Software\\S3\\VT\\S3Uninst\\S3Overlay' "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\S3]
"DisplayName "= "UniCHrome Graphics Driver and Utilities "
"UninstallString "= "C:\\PROGRA~1\\S3\\S3\\s3setvga.exe -s -fC:\\PROGRA~1\\S3\\S3\\S3.uns "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A4D7B764-4140-11D4-88EB-0050DA3579C0}]
"LocalPackage "= "C:\\WINDOWS\\Installer\\28229.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "= "Hotline "
"DisplayVersion "= "5.5.9 "
"HelpLink "=hex(2):68,74,74,70,3a,2f,2f,77,77,77,2e,6e,65,72,6f,2e,63,6f,6d,00
"HelpTelephone "=" "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\NEROEXPRESS\\NEROEXPRESS55\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,41,34,44,37,\
42,37,36,34,2d,34,31,34,30,2d,31,31,44,34,2d,38,38,45,42,2d,30,30,35,30,44,\
41,33,35,37,39,43,30,7d,00
"NoModify "=dword:00000001
"Publisher "= "ahead software gmbh "
"Readme "=hex(2):30,00
"Size "=" "
"EstimatedSize "=dword:0000f45b
"UninstallString "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,41,34,44,\
37,42,37,36,34,2d,34,31,34,30,2d,31,31,44,34,2d,38,38,45,42,2d,30,30,35,30,\
44,41,33,35,37,39,43,30,7d,00
"URLInfoAbout "= "http://www.nero.com "
"URLUpdateInfo "= "http://www.nero.com "
"VersionMajor "=dword:00000005
"VersionMinor "=dword:00000005
"WindowsInstaller "=dword:00000001
"Version "=dword:05050009
"Language "=dword:00000000
"DisplayName "= "Nero Express "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VIA Audio Driver Setup Program]
"UninstallString "= "C:\\PROGRA~1\\VIAUDIOI\\SBASETUP\\UnAudioAP.exe PCI\\VEN_1106&DEV_3059 C:\\WINDOWS\\IsUninst.exe -y-f\ "\ "\ "C:\\PROGRA~1\\VIAUDIOI\\SBASETUP\\Uninst.isu\ "\ "\" "
"DisplayName "= "VIA Audio Driver Setup Program "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PhotoRecall Deluxe]
"UninstallString "= "C:\\WINDOWS\\IsUninst.exe -f\ "C:\\Program Files\\PhotoRecall\\DeIsL1.isu\" -c\ "C:\\Program Files\\PhotoRecall\\PRUninst.dll\" "
"DisplayName "= "PhotoRecall Deluxe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Data Access Objects (DAO)]
"UninstallString "= "C:\\WINDOWS\\uninst.exe -f\ "C:\\Program Files\\Common Files\\Microsoft Shared\\DAO\\DeIsL1.isu\" "
"DisplayName "= "Data Access Objects (DAO) 3.0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{00000409-78E1-11D2-B60F-006097C998E7}]
"RegOwner "= "Kay "
"RegCompany "=" "
"ProductID "= "50106-335-9800936-02420 "
"LocalPackage "= "C:\\WINDOWS\\Installer\\a4bdb.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "9.00.2720 "
"HelpLink "=hex(2):68,74,74,70,3a,2f,2f,77,77,77,2e,6d,69,63,72,6f,73,6f,66,74,\
2e,63,6f,6d,2f,73,75,70,70,6f,72,74,00
"HelpTelephone "=" "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,49,7b,30,30,30,30,\
30,34,30,39,2d,37,38,45,31,2d,31,31,44,32,2d,42,36,30,46,2d,30,30,36,30,39,\
37,43,39,39,38,45,37,7d,00
"Publisher "= "Microsoft Corporation "
"Readme "=hex(2):20,43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,4d,69,63,\
72,6f,73,6f,66,74,20,4f,66,66,69,63,65,5c,4f,66,66,69,63,65,5c,6f,66,72,65,\
61,64,39,2e,74,78,74,20,00
"Size "=" "
"EstimatedSize "=dword:0004211e
"UninstallString "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,49,7b,30,30,30,\
30,30,34,30,39,2d,37,38,45,31,2d,31,31,44,32,2d,42,36,30,46,2d,30,30,36,30,\
39,37,43,39,39,38,45,37,7d,00
"URLInfoAbout "=" "
"URLUpdateInfo "=" "
"VersionMajor "=dword:00000009
"VersionMinor "=dword:00000000
"WindowsInstaller "=dword:00000001
"Version "=dword:09000aa0
"Language "=dword:00000409
"DisplayName "= "Microsoft Office 2000 Premium "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HTMLHelp]
"QuietDisplayName "= "Internet Explorer Help "
"QuietUninstallString "= "rundll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\hhupdcab.inf,,,256 "
"RequiresIESysFile "= "4.70.0.1155 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WebPost]
"DisplayName "= "Microsoft Web Publishing Wizard 1.6 "
"QuietUninstallString "= "RunDll32 ADVPACK.DLL,LaunchINFSection C:\\WINDOWS\\INF\\wpie5x86.inf,WebPostUninstall,5 "
"RequiresIESysFile "= "4.70.0.1155 "
"UninstallString "= "RunDll32 ADVPACK.DLL,LaunchINFSection C:\\WINDOWS\\INF\\wpie5x86.inf,WebPostUninstall "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ADIELangPack]
"UninstallString "= "RunDll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\AD.inf, Uninstall "
"QuietUninstallString "= "rundll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\AD.inf,Uninstall "
"RequiresIESysFile "= "5.00 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9E50DEC9-081B-441F-B647-98DBEA8B01DD}]
"RegOwner "= "Kay "
"RegCompany "=" "
"ProductID "=" "
"LocalPackage "= "C:\\WINDOWS\\Installer\\5132a.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "10 "
"HelpLink "=hex(2):68,74,74,70,3a,2f,2f,77,77,77,2e,63,6f,72,65,6c,2e,63,6f,6d,\
00
"HelpTelephone "= "555-555-1234 "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\ "
"ModifyPath "= "D:\\Setup32.exe "
"NoRepair "=dword:00000001
"Publisher "= "Corel "
"Readme "=" "
"Size "=" "
"EstimatedSize "=dword:0005f864
"SystemComponent "=dword:00000001
"UninstallString "= "C:\\WINDOWS\\Corel\\uninst32.exe "
"URLInfoAbout "= "http://www.corel.com "
"URLUpdateInfo "= "http://www.corel.com "
"VersionMajor "=dword:0000000a
"VersionMinor "=dword:0000000a
"WindowsInstaller "=dword:00000001
"Version "=dword:0a000000
"Language "=dword:00000409
"DisplayName "= "CorelDRAW 10 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8F7C09A4-EBAE-11D3-A9AF-005004D2ECE4}]
"RegOwner "= "Kay "
"RegCompany "=" "
"ProductID "= "None "
"LocalPackage "= "C:\\WINDOWS\\Installer\\7c45a.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "= "Customer Support "
"DisplayVersion "= "2.3.2.0628 "
"HelpLink "=hex(2):61,74,74,75,6e,65,73,75,70,70,6f,72,74,40,61,76,65,6f,2e,63,\
6f,6d,00
"HelpTelephone "=" "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\Corel\\Graphics10\\Aveo\\09\\01\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,49,7b,38,46,37,43,\
30,39,41,34,2d,45,42,41,45,2d,31,31,44,33,2d,41,39,41,46,2d,30,30,35,30,30,\
34,44,32,45,43,45,34,7d,00
"NoRepair "=dword:00000001
"Publisher "= "Aveo Inc "
"Readme "=" "
"Size "=" "
"EstimatedSize "=dword:00003c09
"UninstallString "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,49,7b,38,46,37,\
43,30,39,41,34,2d,45,42,41,45,2d,31,31,44,33,2d,41,39,41,46,2d,30,30,35,30,\
30,34,44,32,45,43,45,34,7d,00
"URLInfoAbout "= "http://www.aveo.com "
"URLUpdateInfo "= "http://www.aveo.com/download "
"VersionMajor "=dword:00000002
"VersionMinor "=dword:00000003
"WindowsInstaller "=dword:00000001
"Version "=dword:02030002
"Language "=dword:00000409
"DisplayName "= "Attune 2.3.2 "
"DisplayIcon "= "C:\\PROGRA~1\\AVEO\\ATTUNE\\Bin\\Attune.exe "

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C9172615-3EE1-4938-A437-281022B82778}]
"UninstallString "= "C:\\Program Files\\InstallShield Installation Information\\{C9172615-3EE1-4938-A437-281022B82778}\\setup.exe deinst "
"DisplayName "= "Intel(R) 536EP V.92 Modem "
"LogFile "= "C:\\Program Files\\InstallShield Installation Information\\{C9172615-3EE1-4938-A437-281022B82778}\\setup.ilg "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}]
"DisplayIcon "=hex(2):43,3a,5c,50,72,6f,67,72,61,6d,20,46,69,6c,65,73,5c,43,6c,\
61,73,73,69,63,20,50,68,6f,6e,65,54,6f,6f,6c,73,5c,50,68,6f,6e,54,6f,6f,6c,\
2e,65,78,65,00
"HelpLink "=hex(2):68,74,74,70,3a,2f,2f,77,77,77,2e,62,76,72,70,2e,63,6f,6d,00
"Publisher "= "BVRP Software "
"DisplayVersion "= "4.01 (020812amigo.04) "
"VersionMajor "=dword:00000004
"VersionMinor "=dword:00000001
"InstallLocation "= "C:\\Program Files\\Classic PhoneTools "
"Language "=dword:00000009
"DisplayName "= "Classic PhoneTools "
"UninstallString "= "RunDll32 C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\ENGINE\\6\\INTEL3~1\\Ctor.dll,LaunchSetup \ "C:\\Program Files\\InstallShield Installation Information\\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\\SETUP.EXE\" -l0x9 ControlPanel "
"LogFile "= "C:\\Program Files\\InstallShield Installation Information\\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\\setup.ilg "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShockwaveFlash]
"QuietDisplayName "= "Shockwave Flash "
"QuietUninstallString "= "RunDll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\swflash.inf,DefaultUninstall,5 "
"RequiresIESysFile "= "4.70.0.1155 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\America Online us]
@=" "
"DisplayName "= "America Online (Choose which version to remove) "
"UninstallString "= "C:\\Program Files\\Common Files\\aolshare\\Aolunins_us.exe "
"DisplayIcon "= "C:\\Program Files\\America Online 9.0\\AOL.EXE "
"InstalledPath "= "C:\\Program Files\\America Online 9.0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AolCoach]
"DisplayName "= "AOL Coach Version 1.0(Build:20030807.3) "
"UnInstallString "= "C:\\Program Files\\Common Files\\aolshare\\Coach\\AolCInUn.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RealPlayer 6.0]
@=" "
"UninstallString "= "C:\\Program Files\\Common Files\\Real\\Update\\\\rnuninst.exe RealNetworks|RealPlayer|6.0 "
"DisplayName "= "RealPlayer Basic "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\128PATCH]
"QuietUninstallString "= "Rundll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\iedom.inf,,,256 "
"RequiresIESysFile "= "5.00 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\expinst]
"QuietDisplayName "= "Internet Explorer Exception pack "
"QuietUninstallString "= "\ "C:\\PROGRA~1\\INTERN~1\\W2K\\expinst.exe\" /EU ieexinst.inf "
"RequiresIESysFile "= "5.50 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IEREADME]
"QuietDisplayName "= "Internet Explorer ReadMe "
"QuietUninstallString "= "rundll32 advpack.dll,LaunchINFSectionEx C:\\WINDOWS\\INF\\iereadme.inf,,,256 "
"RequiresIESysFile "= "6.0.2800.1106 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\StreetPlugin]
"UninstallString "= "C:\\Program Files\\Learn2.com\\StRunner\\stuninst.exe "
"DisplayName "= "Learn2 Player (Uninstall Only) "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip]
"DisplayName "= "WinZip "
"UninstallString "= "\ "C:\\PROGRAM FILES\\WINZIP\\WINZIP32.EXE\" /uninstall "
"InstallLocation "= "C:\\PROGRA~1\\WINZIP\\ "
"Publisher "= "WinZip Computing, Inc. "
"VersionMajor "=dword:00000009
"VersionMinor "=dword:00000000
"DisplayVersion "=" 9.0 SR-1 (6224) "
"HelpLink "= "http://www.winzip.com/xsupport.htm "
"URLInfoAbout "= "http://www.winzip.com "
"URLUpdateInfo "= "http://www.winzip.com "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Little Fighter 2 v1.9]
"DisplayName "= "Little Fighter 2 v1.9 "
"UninstallString "= "c:\\MY DOCUMENTS\\GAMES\\little fighter\\Uninstal.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DEC511B1-59CB-4F15-AD75-0543034572A5}]
"UninstallString "= "RunDll32 C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\ENGINE\\6\\INTEL3~1\\Ctor.dll,LaunchSetup \ "C:\\Program Files\\InstallShield Installation Information\\{DEC511B1-59CB-4F15-AD75-0543034572A5}\\SETUP.EXE\" "
"DisplayName "= "MapleStory "
"LogFile "= "C:\\Program Files\\InstallShield Installation Information\\{DEC511B1-59CB-4F15-AD75-0543034572A5}\\setup.ilg "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}]
"LocalPackage "= "C:\\WINDOWS\\Installer\\6d1e66.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "=" "
"DisplayVersion "= "1.00.0000 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,46,39,30,31,\
43,41,36,44,2d,41,30,37,34,2d,34,32,44,33,2d,41,31,31,44,2d,33,33,41,41,45,\
36,46,46,44,30,43,31,7d,00
"NoModify "=dword:00000001
"NoRepair "=dword:00000001
"Publisher "= "Hewlett-Packard "
"Readme "=" "
"Size "=" "
"EstimatedSize "=dword:0001bcde
"UninstallString "= "msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1} "
"URLInfoAbout "= "http://productfinder.support.hp.com/tps/Hub?h_product=hpdeskjet337233&h_tool=prodhomes,support&h_lang=en "
"URLUpdateInfo "=" "
"VersionMajor "=dword:00000001
"VersionMinor "=dword:00000000
"WindowsInstaller "=dword:00000001
"Version "=dword:01000000
"Language "=dword:00000000
"DisplayName "= "HP Deskjet 3740 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B81023A5-71ED-46EB-BE3B-9F974D1155F1}]
"RegOwner "= "Kay "
"RegCompany "=" "
"ProductID "= "none "
"LocalPackage "= "C:\\WINDOWS\\Installer\\6e6e35.msi "
"AuthorizedCDFPrefix "=" "
"Comments "=" "
"Contact "= "http://www.hp.com/support "
"DisplayVersion "= "3.0.1.25 "
"HelpLink "=" "
"HelpTelephone "=" "
"InstallDate "= "20050316 "
"InstallLocation "=" "
"InstallSource "= "D:\\APPLICATIONS\\HPSU\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,42,38,31,30,\
32,33,41,35,2d,37,31,45,44,2d,34,36,45,42,2d,42,45,33,42,2d,39,46,39,37,34,\
44,31,31,35,35,46,31,7d,00
"NoModify "=dword:00000001
"Publisher "= "HEWLET~1|Hewlett-Packard "
"Readme "=" "
"Size "=" "
"EstimatedSize "=dword:00000ea2
"UninstallString "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,42,38,31,\
30,32,33,41,35,2d,37,31,45,44,2d,34,36,45,42,2d,42,45,33,42,2d,39,46,39,37,\
34,44,31,31,35,35,46,31,7d,00
"URLInfoAbout "= "http://www.hp.com "
"URLUpdateInfo "=" "
"VersionMajor "=dword:00000003
"VersionMinor "=dword:00000000
"WindowsInstaller "=dword:00000001
"Version "=dword:03000001
"Language "=dword:00000000
"DisplayName "= "HP Software Update "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ahriman's Prophecy]
"UninstallString "= "C:\\WINDOWS\\Ahriman's Prophecy Uninstaller.exe "
"DisplayName "= "Ahriman's Prophecy "
"DisplayVersion "= "2.0 "
"Publisher "= "Amaranth Productions "
"NoModify "=dword:00000001
"NoRepair "=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Glace]
"DisplayName "= "Glace "
"UninstallString "= "\ "C:\\My Documents\\Games\\Glace\\Uninstall Glace.exe\" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CallWave]
"DisplayName "= "CallWave Internet Answering Machine (remove only) "
"UninstallString "= "C:\\Program Files\\CallWave\\IAM.exe -remove "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\JAAIME]
"DisplayName "= "Microsoft Global IME for Japanese "
"UninstallString "= "RunDll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\1041aime.inf, Uninstall "
"QuietUninstallString "= "RunDll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\1041aime.inf, QuietUninstall,1 "
"RequiresIESysFile "= "4.71 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\JAIELangPack]
"DisplayName "= "Japanese Language Support "
"UninstallString "= "RunDll32 advpack.dll,LaunchINFSection C:\\WINDOWS\\INF\\ja.inf, Uninstall "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Maydisle Online 1.7C]
"DisplayName "= "Maydisle Online 1.7C "
"UninstallString "= "C:\\My Documents\\Games\\mayde\\Uninstall.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soldat_is1]
"Inno Setup: Setup Version "= "3.0.6 "
"Inno Setup: App Path "= "C:\\My Documents\\Games\\Soldat "
"Inno Setup: Icon Group "= "Soldat "
"Inno Setup: User "= "Kay "
"Inno Setup: Selected Tasks "=" "
"Inno Setup: Deselected Tasks "= "desktopicon,desktopicon2,desktopicon3 "
"DisplayName "= "Soldat 1.2.1 "
"UninstallString "= "\ "C:\\My Documents\\Games\\Soldat\\unins000.exe\" "
"Publisher "= "Michal Marcinkowski "
"URLInfoAbout "= "http://www.soldat.pl "
"HelpLink "= "http://www.soldat.pl "
"URLUpdateInfo "= "http://www.soldat.pl "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BII-NARY]
"DisplayName "= "BII-NARY "
"UninstallString "= "c:\\MY DOCUMENTS\\GAMES\\binary\\Uninstal.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soldat Map Maker_is1]
"Inno Setup: Setup Version "= "3.0.6 "
"Inno Setup: App Path "= "C:\\My Documents\\Games\\Soldat "
"Inno Setup: Icon Group "= "Soldat Map Maker "
"Inno Setup: User "= "Kay "
"Inno Setup: Selected Tasks "=" "
"Inno Setup: Deselected Tasks "= "desktopicon,desktopicon2 "
"DisplayName "= "Soldat Map Maker 1.2 "
"UninstallString "= "\ "C:\\My Documents\\Games\\Soldat\\unins001.exe\" "
"Publisher "= "Michal Marcinkowski "
"URLInfoAbout "= "http://www.soldat.prv.pl "
"HelpLink "= "http://www.soldat.prv.pl "
"URLUpdateInfo "= "http://www.soldat.prv.pl "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WMP7]
"RequiresIESysFile "= "4.70.0.1155 "
"UninstallString "= "C:\\PROGRA~1\\WINDOW~1\\setup_wm.exe /Uninstall "
"DisplayName "= "Windows Media Player system update (9 Series) "
"DisplayIcon "= "C:\\PROGRA~1\\WINDOW~1\\wmplayer.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\aoxhgdw]
"UninstallString "= "c:\\windows\\system\\aoxhgdw.exe -uninstall "
"DisplayName "= "aoxhgdw "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\YInstHelper]
"DisplayName "= "Yahoo! Install Manager "
"UninstallString "= "C:\\WINDOWS\\SYSTEM\\regsvr32 /u C:\\WINDOWS\\DOWNLO~1\\YINSTH~1.DLL "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger]
"DisplayName "= "Yahoo! Messenger "
"UninstallString "= "C:\\PROGRA~1\\YAHOO!\\MESSEN~1\\UNWISE.EXE C:\\PROGRA~1\\YAHOO!\\MESSEN~1\\INSTALL.LOG "
"DisplayIcon "= "C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe,-0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger Explorer Bar]
"DisplayName "= "Yahoo! Messenger Explorer Bar "
"UninstallString "= "C:\\WINDOWS\\SYSTEM\\regsvr32 /u /s C:\\PROGRA~1\\YAHOO!\\MESSEN~1\\YHEXBM~1.DLL "
"DisplayIcon "= "C:\\PROGRA~1\\YAHOO!\\MESSEN~1\\YHEXBM~1.DLL,-107 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Internet Mail]
"DisplayName "= "Yahoo! Internet Mail "
"UninstallString "= "C:\\WINDOWS\\SYSTEM\\regsvr32 /u /s C:\\PROGRA~1\\YAHOO!\\COMMON\\YMMAPI.DLL "
"DisplayIcon "= "C:\\PROGRA~1\\YAHOO!\\COMMON\\YMMAPI.DLL,0 "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 5.0]
"UninstallString "= "C:\\WINDOWS\\ISUNINST.EXE -f\ "C:\\Program Files\\Common Files\\Adobe\\Acrobat 5.0\\98\\Uninst.isu\" -c\ "C:\\Program Files\\Common Files\\Adobe\\Acrobat 5.0\\98\\Uninst.dll\" "
"DisplayName "= "Adobe Acrobat 5.0 "
"InstallSource "= "C:\\WINDOWS\\TEMP\\pft313~TMP\\ "
"VersionMinor "=dword:00000001
"DisplayVersion "= "5.1 "
"URLInfoAbout "= "http://www.adobe.com/prodindex/acrobat/main.html "
"VersionMajor "=dword:00000005
"HelpTelephone "=" "
"ModifyPath "= "\ "C:\\WINDOWS\\TEMP\\pft313~TMP\\Setup.exe\" "
"Publisher "= "Adobe Systems, Inc. "
"URLUpdateInfo "= "http://www.adobe.com/prodindex/acrobat/main.html "
"HelpLink "= "http://www.adobe.com/prodindex/acrobat/main.html "
"DisplayIcon "= "C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\acrord32.exe,0 "
"InstallLocation "= "C:\\Program Files\\Adobe\\Acrobat 5.0 "
"UninstallPath "= "C:\\WINDOWS\\ISUNINST.EXE -f\ "C:\\Program Files\\Common Files\\Adobe\\Acrobat 5.0\\98\\Uninst.isu\" -c\ "C:\\Program Files\\Common Files\\Adobe\\Acrobat 5.0\\98\\Uninst.dll\" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8BC3608-61A8-4DB3-A6E8-3B67B36448DE}]
"LocalPackage "= "C:\\WINDOWS\\Installer\\8a636.msi "
"AuthorizedCDFPrefix "=" "
"Comments "= "Greeting Card Factory Express "
"Contact "= "Technical Support "
"DisplayVersion "= "3.0.0.5 "
"HelpLink "=hex(2):68,74,74,70,3a,2f,2f,77,77,77,2e,6e,6f,76,61,64,65,76,65,6c,\
6f,70,6d,65,6e,74,2e,63,6f,6d,00
"HelpTelephone "= "818-591-9600 "
"InstallDate "= "20050401 "
"InstallLocation "= "C:\\Program Files\\Nova Development\\Greeting Card Factory Express\\ "
"InstallSource "= "E:\\GCF\\ "
"ModifyPath "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,45,38,42,43,\
33,36,30,38,2d,36,31,41,38,2d,34,44,42,33,2d,41,36,45,38,2d,33,42,36,37,42,\
33,36,34,34,38,44,45,7d,00
"NoModify "=dword:00000001
"NoRepair "=dword:00000001
"Publisher "= "Nova Development "
"Readme "=" "
"Size "=" "
"EstimatedSize "=dword:00162cd3
"UninstallString "=hex(2):4d,73,69,45,78,65,63,2e,65,78,65,20,2f,58,7b,45,38,42,\
43,33,36,30,38,2d,36,31,41,38,2d,34,44,42,33,2d,41,36,45,38,2d,33,42,36,37,\
42,33,36,34,34,38,44,45,7d,00
"URLInfoAbout "= "http://www.novadevelopment.com "
"URLUpdateInfo "= "http://www.novadevelopment.com "
"VersionMajor "=dword:00000003
"VersionMinor "=dword:00000000
"WindowsInstaller "=dword:00000001
"Version "=dword:03000000
"Language "=dword:00000409
"DisplayName "= "Greeting Card Factory Express "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Spyware Protection]
"DisplayName "= "AOL Spyware Protection "
"UninstallString "= "C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\UNWISE.EXE C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\INSTALL.LOG "
"Publisher "= "AOL Spyware Protection "
"DisplayVersion "= "1.0.78 "
"Comments "= "AOL Spyware Protection "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\XoftSpy]
"DisplayName "= "XoftSpy "
"UninstallString "= "C:\\Program Files\\XoftSpy\\uninstall.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer]
"DisplayName "= "Viewpoint Media Player "
"UninstallString "= "C:\\Program Files\\Viewpoint\\Viewpoint Experience Technology\\mtsAxInstaller.exe /u "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis]
"DisplayName "= "HijackThis 1.99.1 "
"UninstallString "= "C:\\WINDOWS\\TEMPORARY INTERNET FILES\\CONTENT.IE5\\XHBTJHH4\\HijackThis.exe /uninstall "
"DisplayIcon "= "C:\\WINDOWS\\TEMPORARY INTERNET FILES\\CONTENT.IE5\\XHBTJHH4\\HijackThis.exe "
"DisplayVersion "= "1.99.1 "
"Publisher "= "Soeperman Enterprises Ltd. "
"URLInfoAbout "= "http://www.spywareinfo.com/~merijn/ "



 

that it?

 

i g2g sleep some ill post back tomorrow I APPRECIATE THE HELP SO FAR!!!!! thnks, man

 

Download the attached Zipzap.zip file. Rename if necessary. Extract to your desktop. Note to others.....the attachment was written specifically for this machine. Please do not use if you have zipzap popups too. Start your own thread and someone will gladly assist you.

Scan again with HijackThis and fix the following entry.

O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binari...ACCESS_1058.cab

Reboot to safe mode and double click the Zipzap.bat file.

Open Internet Options in the control panel and delete the Temporary Internet Files.
Open My Compter, right click C: and select properties, then disk cleanup. Check all boxes and click OK.

Reboot and post a new HJT log.

 

Logfile of HijackThis v1.99.1
Scan saved at 5:04:32 PM, on 4/5/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\VTTIMER.EXE
C:\PROGRAM FILES\VIAUDIOI\SBADECK\ADECK.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\WINDOWS\SYSTEM\HPZTSB10.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\PROGRAM FILES\CALLWAVE\IAM.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\WAOL.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\SHELLMON.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\PROGRAM FILES\VIAUDIOI\SBADECK\ADECK.EXE 1
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\attune_ce.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE "
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe "
O4 - HKLM\..\Run: [Corel Reminder] "C:\PROGRAM FILES\COREL\GRAPHICS10\REGISTER\NAVBROWSER.EXE" /r /i "C:\PROGRAM FILES\COREL\GRAPHICS10\REGISTER\NavLoad.ini "
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe "
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE "
O4 - HKCU\..\Run: [ScanSpyware] "C:\PROGRAM FILES\SCANSPYWARE V3.8.0.4\SCANNER.EXE" /rb
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

 

Looks good. Have the popups stopped?

 

ill wait and see

 

OK. In the mean-time I recommend you download Spybot Version 1.3 from my signature and install. Allow it to load SD Helper. Open it up and click mode on the toolbar, then advanced mode. Click immunize in the left pane, then immunize again, this time from above with the green + beside it (always recheck this setting after downloading updates). Click the link below that for SpywareBlaster, download, install, enable all protection and update. Check for updates regularly and watch for any protection being disabled.
Then download IESpyad.exe, double click to extract (it extracts to C:\IESpyad by default), open the folder, double click the ie-ads.reg file and allow it to merge into the registry. (IESpyad puts zipzappromos into the restricted sites, as well as many other nasties)

That will give you some added layers of protection against unwanted parasites.

 

ALL BEETTERRR!! thks muchhhoss

 

Glad to hear it. You're most welcome.