Jump to content

intervalhehehe still kicking


Recommended Posts

I installed WinRar software and was infected with the 'intervalhehehe' virus. My story is basically the same as user Sadfart posted on Nov30th.

1-Immediatly after installing the software, I kept getting pop-ups saying 'intervalhehehe...intervalhehehe...intervalhehehe...intervalhehehe!!!' I also got the same Chinese web page everytime I searched a website with the search toolbar. I was able to reach select sites when I entered the web address directly.

2-I first removed the WinRar software and rebooted. This didn't help a thing.

3-I followed the posting instuctions and installed and ran Spybot & Anti-Malware and ran HiJack This! I finally got ActiveScan to run and it's 40% complete.

4-After running Spybot and Anti-Malware the 'intervalhehehe' pop-ups have gone away. The Chinese website/browser access problem still remains.

Please help me to remove the rest of this thing. This is my work computer, and I'm screwed if I don't eliminate this thing. I am terrified to use the internet; I don't know what spyware they have on my computer now :) I have posted the beginning of the Spybot log below. This message was too long, so the rest of the Spybot log and the other 2 logs will be in the next post. I will post the ActiveScan log once the scan is complete.

Thanks!!!

SpybotSD.Report log :

--- Search result list ---

Hint of the Day: Click the bar at the right of this to see more information! ()

WebTrends live: Tracking cookie (Internet Explorer: emarion) (Cookie, fixed)

DoubleClick: Tracking cookie (Internet Explorer: emarion) (Cookie, fixed)

Right Media: Tracking cookie (Internet Explorer: emarion) (Cookie, fixed)

CasaleMedia: Tracking cookie (Internet Explorer: emarion) (Cookie, fixed)

DoubleClick: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

WebTrends live: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

BurstMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

BurstMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

CasaleMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)

BurstMedia: Tracking cookie (Firefox: default) (Cookie, fixed)

Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)

Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

Adviva: Tracking cookie (Firefox: default) (Cookie, fixed)

Adviva: Tracking cookie (Firefox: default) (Cookie, fixed)

BlueStreak: Tracking cookie (Firefox: default) (Cookie, fixed)

CoreMetrics: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

DoubleClick: Tracking cookie (Firefox: default) (Cookie, fixed)

Zedo: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)

Statcounter: Tracking cookie (Firefox: default) (Cookie, fixed)

HitBox: Tracking cookie (Firefox: default) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)

2008-07-07 SDFiles.exe (1.6.0.4)

2008-07-07 SDMain.exe (1.0.0.6)

2008-07-07 SDShred.exe (1.0.2.3)

2008-07-07 SDUpdate.exe (1.6.0.8)

2008-07-07 SDWinSec.exe (1.0.0.12)

2008-07-07 SpybotSD.exe (1.6.0.30)

2008-09-16 TeaTimer.exe (1.6.3.25)

2008-12-05 unins000.exe (51.49.0.0)

2008-07-07 Update.exe (1.6.0.7)

2008-10-22 advcheck.dll (1.6.2.13)

2007-04-02 aports.dll (2.1.0.0)

2008-06-14 DelZip179.dll (1.79.11.1)

2008-09-15 SDHelper.dll (1.6.2.14)

2008-06-19 sqlite3.dll

2008-10-22 Tools.dll (2.1.6.8)

2008-11-04 Includes\Adware.sbi (*)

2008-11-25 Includes\AdwareC.sbi (*)

2008-06-03 Includes\Cookies.sbi (*)

2008-09-02 Includes\Dialer.sbi (*)

2008-09-09 Includes\DialerC.sbi (*)

2008-07-23 Includes\HeavyDuty.sbi (*)

2008-11-18 Includes\Hijackers.sbi (*)

2008-11-18 Includes\HijackersC.sbi (*)

2008-09-09 Includes\Keyloggers.sbi (*)

2008-11-18 Includes\KeyloggersC.sbi (*)

2004-11-29 Includes\LSP.sbi (*)

2008-11-18 Includes\Malware.sbi (*)

2008-12-03 Includes\MalwareC.sbi (*)

2008-11-03 Includes\PUPS.sbi (*)

2008-12-02 Includes\PUPSC.sbi (*)

2007-11-07 Includes\Revision.sbi (*)

2008-06-18 Includes\Security.sbi (*)

2008-12-02 Includes\SecurityC.sbi (*)

2008-06-03 Includes\Spybots.sbi (*)

2008-06-03 Includes\SpybotsC.sbi (*)

2008-11-04 Includes\Spyware.sbi (*)

2008-12-02 Includes\SpywareC.sbi (*)

2008-06-03 Includes\Tracks.uti

2008-11-04 Includes\Trojans.sbi (*)

2008-12-02 Includes\TrojansC.sbi (*)

2008-03-04 Plugins\Chai.dll

2008-03-05 Plugins\Fennel.dll

2008-02-26 Plugins\Mate.dll

2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---

Windows XP (Build: 2600) Service Pack 3 (5.1.2600)

/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)

/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)

/ MSXML4SP2: Security update for MSXML4 SP2 (KB954430)

/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)

/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs

/ Windows / SP1: Microsoft National Language Support Downlevel APIs

/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)

/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)

/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)

/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB954154)

/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)

/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB936782)

/ Windows XP: Security Update for Windows XP (KB923689)

/ Windows XP: Security Update for Windows XP (KB941569)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB944533)

/ Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)

/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB956390)

/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP

/ Windows XP / SP3: Windows XP Service Pack 3

/ Windows XP / SP4: Hotfix for Windows XP (KB915800-v4)

/ Windows XP / SP4: Security Update for Windows XP (KB938464)

/ Windows XP / SP4: Security Update for Windows XP (KB946648)

/ Windows XP / SP4: Security Update for Windows XP (KB950760)

/ Windows XP / SP4: Security Update for Windows XP (KB950762)

/ Windows XP / SP4: Security Update for Windows XP (KB950974)

/ Windows XP / SP4: Security Update for Windows XP (KB951066)

/ Windows XP / SP4: Update for Windows XP (KB951072-v2)

/ Windows XP / SP4: Security Update for Windows XP (KB951376)

/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)

/ Windows XP / SP4: Security Update for Windows XP (KB951698)

/ Windows XP / SP4: Security Update for Windows XP (KB951748)

/ Windows XP / SP4: Update for Windows XP (KB951978)

/ Windows XP / SP4: Hotfix for Windows XP (KB952287)

/ Windows XP / SP4: Security Update for Windows XP (KB952954)

/ Windows XP / SP4: Security Update for Windows XP (KB953839)

/ Windows XP / SP4: Security Update for Windows XP (KB954211)

/ Windows XP / SP4: Security Update for Windows XP (KB954459)

/ Windows XP / SP4: Security Update for Windows XP (KB955069)

/ Windows XP / SP4: Security Update for Windows XP (KB956391)

/ Windows XP / SP4: Security Update for Windows XP (KB956803)

/ Windows XP / SP4: Security Update for Windows XP (KB956841)

/ Windows XP / SP4: Security Update for Windows XP (KB957095)

/ Windows XP / SP4: Security Update for Windows XP (KB957097)

/ Windows XP / SP4: Security Update for Windows XP (KB958644)

/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221

--- Startup entries list ---

Located: HK_LM:Run,

command:

file:

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: HK_LM:Run, AdaptecDirectCD

command: "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

file: C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

size: 684032

MD5: BE3238A165AFB321F1696CC1FF9EF271

Located: HK_LM:Run, Apoint

command: C:\Program Files\Apoint\Apoint.exe

file: C:\Program Files\Apoint\Apoint.exe

size: 176128

MD5: BDF765B33972A95AE8B5C5262D5E1325

Located: HK_LM:Run, ArcSoft Connection Service

command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

size: 72192

MD5: 87F6894CA0E2F847EBDD230F0256985B

Located: HK_LM:Run, Dell QuickSet

command: C:\Program Files\Dell\QuickSet\quickset.exe

file: C:\Program Files\Dell\QuickSet\quickset.exe

size: 1191936

MD5: CD21DF800F7701A61A49817E62E64049

Located: HK_LM:Run, Document Manager

command: C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe

file: C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe

size: 102400

MD5: 82D11A29DCE51859A9556C9A732089BB

Located: HK_LM:Run, IntelWireless

command: "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

file: C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

size: 696320

MD5: 4E984DF322DBEEFBD92A54C03DA43C37

Located: HK_LM:Run, IntelZeroConfig

command: "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

file: C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

size: 802816

MD5: 8EDB7E5FEB26EA4E2BE78053831F32DC

Located: HK_LM:Run, McAfeeUpdaterUI

command: "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey

file: C:\Program Files\McAfee\Common Framework\UdaterUI.exe

size: 136768

MD5: 12AA9837BF1479FAF703A7B7A2617498

Located: HK_LM:Run, NvCplDaemon

command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

file: C:\WINDOWS\system32\NvCpl.dll

size: 7401472

MD5: F9BF123790ED9B0491147D7B8191CBEB

Located: HK_LM:Run, NVHotkey

command: rundll32.exe nvHotkey.dll,Start

file: C:\WINDOWS\system32\nvHotkey.dll

size: 73728

MD5: 0EA63EBB1D375217B96768463548DF6B

Located: HK_LM:Run, nwiz

command: nwiz.exe /installquiet

file: C:\WINDOWS\system32\nwiz.exe

size: 1519616

MD5: AE0A7905C97BA30211C700C3E12DFD83

Located: HK_LM:Run, PDVDDXSrv

command: "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

file: C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

size: 118784

MD5: BF67A8F7CC0E83D226FED8B4E27F8C33

Located: HK_LM:Run, RoxWatchTray

command: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

file: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

size: 236016

MD5: B1FB1C4396A9D0FB074D8E90369F5129

Located: HK_LM:Run, ShStatEXE

command: "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

file: C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

size: 112216

MD5: A3EA189BE290F6CF1A9F4C2630554E74

Located: HK_LM:Run, SigmatelSysTrayApp

command: stsystra.exe

file: C:\WINDOWS\stsystra.exe

size: 282624

MD5: AD2506958DE1937C16C553C0A1BE0572

Located: HK_CU:Run, ctfmon.exe

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: C:\WINDOWS\system32\ctfmon.exe

file: C:\WINDOWS\system32\ctfmon.exe

size: 15360

MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, EPSON Stylus CX9400Fax Series

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFA.EXE /FU "C:\WINDOWS\TEMP\E_S2D8.tmp" /EF "HKCU"

file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFA.EXE

size: 182272

MD5: F08F3B9F7C4C89DE9153587C4CA27F36

Located: HK_CU:Run, GoToMeeting

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: C:\Program Files\Citrix\GoToMeeting\198\g2mstart.exe "/Trigger RunAtLogon"

file: C:\Program Files\Citrix\GoToMeeting\198\g2mstart.exe

size: 31816

MD5: E8522F0DFFB6D407D6174062DD7FC963

Located: HK_CU:Run, ModemOnHold

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: C:\Program Files\NetWaiting\netWaiting.exe

file: C:\Program Files\NetWaiting\netWaiting.exe

size: 20480

MD5: 676B1D0BFA5EF8005395AB43F33DE1F1

Located: HK_CU:Run, MSMSGS

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: "C:\Program Files\Messenger\msmsgs.exe" /background

file: C:\Program Files\Messenger\msmsgs.exe

size: 1695232

MD5: 3E930C641079443D4DE036167A69CAA2

Located: HK_CU:Run, swg

where: S-1-5-21-2132901703-890977859-62196372-5258...

command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

size: 68856

MD5: E616A6A6E91B0A86F2F6217CDE835FFE

Located: Startup (common), Cisco Systems VPN Client.lnk

where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...

command: C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

file: C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

size: 1445904

MD5: 899B69DCB77B7C4833473EA46D9F0ECA

Located: Startup (common), Digital Line Detect.lnk

where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...

command: C:\Program Files\Digital Line Detect\DLG.exe

file: C:\Program Files\Digital Line Detect\DLG.exe

size: 24576

MD5: B66E56733E2CD6A10FDA5919625FBF46

Located: Startup (common), Printkey.lnk

where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...

command: C:\Program Files\Misc_software\Printkey.exe

file: C:\Program Files\Misc_software\Printkey.exe

size: 455680

MD5: AD65D2A0EEA8291F6DAA2749042D4401

Located: Startup (common), Windows Search.lnk

where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...

command: C:\Program Files\Windows Desktop Search\WindowsSearch.exe

file: C:\Program Files\Windows Desktop Search\WindowsSearch.exe

size: 123904

MD5: B5C9F63C01FCFEC3F64EC6A0940A1825

Located: WinLogon, crypt32chain

command: crypt32.dll

file: crypt32.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, cryptnet

command: cryptnet.dll

file: cryptnet.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, cscdll

command: cscdll.dll

file: cscdll.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, dimsntfy

command: %SystemRoot%\System32\dimsntfy.dll

file: %SystemRoot%\System32\dimsntfy.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, ScCertProp

command: wlnotify.dll

file: wlnotify.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, Schedule

command: wlnotify.dll

file: wlnotify.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, sclgntfy

command: sclgntfy.dll

file: sclgntfy.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, SensLogn

command: WlNotify.dll

file: WlNotify.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, termsrv

command: wlnotify.dll

file: wlnotify.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, WgaLogon

command: WgaLogon.dll

file: WgaLogon.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

Located: WinLogon, wlballoon

command: wlnotify.dll

file: wlnotify.dll

size: 0

MD5: D41D8CD98F00B204E9800998ECF8427E

Warning: if the file is actually larger than 0 bytes,

the checksum could not be properly calculated!

--- Browser helper object list ---

{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name:

CLSID name: Spybot-S&D IE Protection

description: Spybot-S&D IE Browser plugin

classification: Legitimate

known filename: SDhelper.dll

info link: http://spybot.eon.net.au/

info source: Patrick M. Kolla

Path: C:\PROGRA~1\SPYBOT~1\

Long name: SDHelper.dll

Short name:

Date (created): 12/5/2008 1:45:04 PM

Date (last access): 12/5/2008 1:51:10 PM

Date (last write): 9/15/2008 2:25:44 PM

Filesize: 1562960

Attributes: readonly hidden sysfile archive

MD5: 35F73F1936BDE91F1B6995510A61E7A8

CRC32: BE6A5D15

Version: 1.6.2.14

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name:

CLSID name: SSVHelper Class

Path: C:\Program Files\Java\jre1.5.0_06\bin\

Long name: ssv.dll

Short name:

Date (created): 3/2/2006 1:53:00 PM

Date (last access): 12/5/2008 1:54:10 PM

Date (last write): 11/10/2005 1:22:12 PM

Filesize: 184423

Attributes: archive

MD5: F01726F7CA8538FDD4663C9DB8FEAEDC

CRC32: 0111B892

Version: 5.0.60.5

{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} (AOL Toolbar Launcher)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name: AOL Toolbar Launcher

CLSID name: AOL Toolbar Launcher

Path: C:\Program Files\AOL\AOL Toolbar 5.0\

Long name: aoltb.dll

Short name:

Date (created): 3/23/2007 3:35:32 PM

Date (last access): 12/5/2008 1:54:10 PM

Date (last write): 3/23/2007 3:35:32 PM

Filesize: 1025584

Attributes: archive

MD5: 011F8C5B56074CA0262824C709C0CD5A

CRC32: C1DC388E

Version: 5.0.17.1

{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name: scriptproxy

CLSID name: scriptproxy

Path: C:\Program Files\McAfee\VirusScan Enterprise\

Long name: ScriptCl.dll

Short name:

Date (created): 11/30/2006 7:50:00 AM

Date (last access): 12/5/2008 1:54:06 PM

Date (last write): 11/30/2006 7:50:00 AM

Filesize: 67136

Attributes: archive

MD5: 3B15913A9F57A041A3924275DB53BD1F

CRC32: 7132ED0A

Version: 13.3.1.100

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name:

CLSID name: Google Toolbar Helper

description: Google toolbar

classification: Open for discussion

known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll

info link: http://toolbar.google.com/

info source: TonyKlein

Path: c:\program files\google\

Long name: GoogleToolbar1.dll

Short name: GOOGLE~1.DLL

Date (created): 12/17/2007 1:50:26 PM

Date (last access): 12/5/2008 1:54:10 PM

Date (last write): 12/17/2007 1:50:26 PM

Filesize: 3253368

Attributes: readonly archive

MD5: F859836CD16AD80C1B0A082A74BB2696

CRC32: 7D910F3A

Version: 5.0.1112.3348

{AE7CD045-E861-484f-8273-0445EE161910} (Adobe PDF Conversion Toolbar Helper)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name:

CLSID name: Adobe PDF Conversion Toolbar Helper

description: Adobe Acrobat

classification: Legitimate

known filename: AcroIEFavClient.dll

info link: http://www.adobe.com/products/acrobatpro/main.html

info source: TonyKlein

Path: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\

Long name: AcroIEFavClient.dll

Short name: ACROIE~1.DLL

Date (created): 9/20/2007 1:06:00 PM

Date (last access): 12/5/2008 1:54:10 PM

Date (last write): 5/10/2007 9:47:04 PM

Filesize: 321120

Attributes: archive

MD5: FF29E3FB75E7726EE002B65A9F2D4A6E

CRC32: 1831F50E

Version: 8.1.0.0

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name:

CLSID name: Google Toolbar Notifier BHO

Path: C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\

Long name: swg.dll

Short name:

Date (created): 9/11/2008 11:42:38 PM

Date (last access): 12/5/2008 1:54:08 PM

Date (last write): 9/11/2008 11:42:38 PM

Filesize: 737776

Attributes: archive

MD5: AB32387A8F8C696A0739768B6B913714

CRC32: F4E76414

Version: 3.1.807.1746

{CA6319C0-31B7-401E-A518-A07C3DB8F777} (Browser Address Error Redirector)

location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

BHO name: Browser Address Error Redirector

CLSID name: CBrowserHelperObject Object

Path: C:\Program Files\BAE\

Long name: BAE.dll

Short name:

Date (created): 9/11/2007 8:43:30 AM

Date (last access): 12/5/2008 1:54:10 PM

Date (last write): 1/26/2007 9:07:42 AM

Filesize: 98304

Attributes: archive

MD5: 28E1B808DD272CBD8F5667959DEB61C1

CRC32: 1ED1D667

Version: 1.2.0.2

--- ActiveX list ---

{1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic)

DPF name: MeadCo ScriptX Basic

CLSID name: MeadCo ScriptX

Installer: C:\WINDOWS\Downloaded Program Files\ScriptX.inf

Codebase: http://proeserver/tenterprise/download/ScriptX.cab

description:

classification: Legitimate

known filename: MCSCRIPX.DLL

info link:

info source: Safer Networking Ltd.

Path: C:\WINDOWS\system32\

Long name: MCScripX.dll

Short name:

Date (created): 6/6/2003 5:07:04 PM

Date (last access): 12/5/2008 1:56:34 PM

Date (last write): 6/6/2003 5:07:04 PM

Filesize: 93696

Attributes: archive

MD5: EB208F78349EDAC0A244544E7F018928

CRC32: 9F1B723C

Version: 6.1.430.5

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)

DPF name: Java Runtime Environment 1.5.0

CLSID name: Java Plug-in 1.5.0_06

Installer:

Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab

description: Sun Java

classification: Legitimate

known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll

info link:

info source: Patrick M. Kolla

Path: C:\Program Files\Java\jre1.5.0_06\bin\

Long name: NPJPI150_06.dll

Short name: NPJPI1~1.DLL

Date (created): 3/2/2006 1:52:58 PM

Date (last access): 11/14/2008 12:00:48 PM

Date (last write): 11/10/2005 1:22:12 PM

Filesize: 69746

Attributes: archive

MD5: D2CF6BB5E9020E6707B62575F8083954

CRC32: 7F39DC54

Version: 5.0.60.5

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)

DPF name: Java Runtime Environment 1.5.0

CLSID name: Java Plug-in 1.5.0_06

Installer:

Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab

description:

classification: Legitimate

known filename: npjpi150_06.dll

info link:

info source: Safer Networking Ltd.

Path: C:\Program Files\Java\jre1.5.0_06\bin\

Long name: NPJPI150_06.dll

Short name: NPJPI1~1.DLL

Date (created): 3/2/2006 1:52:58 PM

Date (last access): 12/5/2008 2:44:48 PM

Date (last write): 11/10/2005 1:22:12 PM

Filesize: 69746

Attributes: archive

MD5: D2CF6BB5E9020E6707B62575F8083954

CRC32: 7F39DC54

Version: 5.0.60.5

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)

DPF name: Java Runtime Environment 1.5.0

CLSID name: Java Plug-in 1.5.0_06

Installer:

Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab

description:

classification: Legitimate

known filename: npjpi150_06.dll

info link:

info source: Safer Networking Ltd.

Path: C:\Program Files\Java\jre1.5.0_06\bin\

Long name: NPJPI150_06.dll

Short name: NPJPI1~1.DLL

Date (created): 3/2/2006 1:52:58 PM

Date (last access): 12/5/2008 2:44:48 PM

Date (last write): 11/10/2005 1:22:12 PM

Filesize: 69746

Attributes: archive

MD5: D2CF6BB5E9020E6707B62575F8083954

CRC32: 7F39DC54

Version: 5.0.60.5

--- Process list ---

PID: 0 ( 0) [system]

PID: 1244 ( 4) \SystemRoot\System32\smss.exe

size: 50688

PID: 1348 (1244) \??\C:\WINDOWS\system32\csrss.exe

size: 6144

PID: 1376 (1244) \??\C:\WINDOWS\system32\winlogon.exe

size: 507904

PID: 1420 (1376) C:\WINDOWS\system32\services.exe

size: 108544

MD5: 0E776ED5F7CC9F94299E70461B7B8185

PID: 1432 (1376) C:\WINDOWS\system32\lsass.exe

size: 13312

MD5: BF2466B3E18E970D8A976FB95FC1CA85

PID: 1628 (1420) C:\WINDOWS\system32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 1676 (1420) C:\WINDOWS\system32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 2028 (1420) C:\WINDOWS\System32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 280 (1420) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

size: 434176

MD5: 788C72B145C75A7EE5F5D6A32542D912

PID: 384 (1420) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

size: 946176

MD5: C17C3A529CE14012F9731A6E264C1911

PID: 424 (1420) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

size: 290816

MD5: 22516ED8E0D89323D4E0D9CCC2848819

PID: 648 (1420) C:\WINDOWS\system32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 936 (1420) C:\WINDOWS\system32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 1080 (1420) C:\WINDOWS\system32\spoolsv.exe

size: 57856

MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B

PID: 1128 (1420) C:\WINDOWS\System32\SCardSvr.exe

size: 95744

MD5: 86D007E7A654B9A71D1D7D856B104353

PID: 1924 (1420) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

size: 109056

MD5: 3DCFC0BE78AC654C6EBC877DFB657F6A

PID: 1988 (1420) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

size: 1445912

MD5: 7E1A89338D8B7E1FDE676FC2DF0B399F

PID: 2012 (1420) C:\Program Files\Wave Systems Corp\Common\DataServer.exe

size: 315392

MD5: C8D3143D5D4049651517BFCE10AC6777

PID: 180 (1420) C:\Program Files\McAfee\Common Framework\FrameworkService.exe

size: 104000

MD5: D73D8FFEEF7711C79C54284D928AC135

PID: 260 (1420) C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

size: 144960

MD5: B74CEBEF7F2126F68CDC060C855E5AAB

PID: 412 (1628) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

size: 136768

MD5: 36A6DB6F559D7930C2F3DC4A89589D2C

PID: 632 (1420) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

size: 54872

MD5: A7AF906D9F480A5B60F70C499B91A983

PID: 880 (1420) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

size: 335872

MD5: 7CF1B716372B89568AE4C0FE769F5869

PID: 1312 (1420) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

size: 475136

MD5: 7E175BE4FD8B6EC68A35181B98431477

PID: 1328 (1420) C:\WINDOWS\system32\nvsvc32.exe

size: 143428

MD5: F99A2F3A79E8E37D6B4AE2A269AEFEEA

PID: 1356 (1420) C:\WINDOWS\system32\HPZipm12.exe

size: 69632

MD5: D31F88C5F19EEFA366A415D6BC5F2ABC

PID: 1516 (1420) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

size: 327680

MD5: D8894ACEFE1A607DE7D0E628285BFFF4

PID: 860 (1420) C:\WINDOWS\system32\rpcnet.exe

size: 47104

MD5: 2DCDB0A4166FAE9EED0040A7535FD38E

PID: 1032 (1420) C:\WINDOWS\System32\snmp.exe

size: 33280

MD5: 60C377BE6B3CC83F6A8584934B181D2E

PID: 1036 (1420) C:\WINDOWS\system32\svchost.exe

size: 14336

MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18

PID: 1720 (1420) C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe

size: 180224

MD5: 1AA9DBC8B58C4A610BFDD6F3884936C9

PID: 2124 (1420) C:\WINDOWS\system32\SearchIndexer.exe

size: 439808

MD5: 7778BDFA3F6F6FBA0E75B9594098F737

PID: 2452 (1628) C:\WINDOWS\system32\wbem\wmiprvse.exe

size: 218112

MD5: 0FFAE66E6D5B1C87CBD22D1F3B6079FD

PID: 3216 (1420) C:\WINDOWS\System32\alg.exe

size: 44544

MD5: 8C515081584A38AA007909CD02020B3D

PID: 3372 (3288) C:\WINDOWS\Explorer.EXE

size: 1033728

MD5: 12896823FB95BFB3DC9B46BCAEDC9923

PID: 2728 (3372) C:\WINDOWS\system32\ctfmon.exe

size: 15360

MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

PID: 2832 (3372) C:\Program Files\Apoint\Apoint.exe

size: 176128

MD5: BDF765B33972A95AE8B5C5262D5E1325

PID: 3116 (3372) C:\WINDOWS\system32\rundll32.exe

size: 33280

MD5: 037B1E7798960E0420003D05BB577EE6

PID: 3492 (3372) C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

size: 802816

MD5: 8EDB7E5FEB26EA4E2BE78053831F32DC

PID: 3508 (3372) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

size: 696320

MD5: 4E984DF322DBEEFBD92A54C03DA43C37

PID: 3520 (3372) C:\WINDOWS\stsystra.exe

size: 282624

MD5: AD2506958DE1937C16C553C0A1BE0572

PID: 3588 (2832) C:\Program Files\Apoint\HidFind.exe

size: 45056

MD5: DFCB0A7BCBC97922F2EE24FE11318C6C

PID: 3604 (3580) C:\Program Files\Apoint\Apntex.exe

size: 45056

MD5: 4C737FE32049AF0547827C3EB49AC3C0

PID: 3612 (3372) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe

size: 102400

MD5: 82D11A29DCE51859A9556C9A732089BB

PID: 3568 (3372) C:\Program Files\Dell\QuickSet\quickset.exe

size: 1191936

MD5: CD21DF800F7701A61A49817E62E64049

PID: 3700 (3372) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

size: 118784

MD5: BF67A8F7CC0E83D226FED8B4E27F8C33

PID: 3708 (3372) C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

size: 112216

MD5: A3EA189BE290F6CF1A9F4C2630554E74

PID: 3716 (3372) C:\Program Files\McAfee\Common Framework\UdaterUI.exe

size: 136768

MD5: 12AA9837BF1479FAF703A7B7A2617498

PID: 3884 (3372) C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

size: 684032

MD5: BE3238A165AFB321F1696CC1FF9EF271

PID: 3968 (3372) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

size: 72192

MD5: 87F6894CA0E2F847EBDD230F0256985B

PID: 576 (4028) C:\WINDOWS\system32\rundll32.exe

size: 33280

MD5: 037B1E7798960E0420003D05BB577EE6

PID: 1816 (3372) C:\Program Files\NetWaiting\netWaiting.exe

size: 20480

MD5: 676B1D0BFA5EF8005395AB43F33DE1F1

PID: 392 (3716) C:\Program Files\McAfee\Common Framework\McTray.exe

size: 86016

MD5: F01DE4E2D6DF141628BAB697B7B43057

PID: 2384 (3372) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

size: 68856

MD5: E616A6A6E91B0A86F2F6217CDE835FFE

PID: 2836 (3372) C:\Program Files\Citrix\GoToMeeting\198\g2mstart.exe

size: 31816

MD5: E8522F0DFFB6D407D6174062DD7FC963

PID: 3096 (3372) C:\Program Files\Digital Line Detect\DLG.exe

size: 24576

MD5: B66E56733E2CD6A10FDA5919625FBF46

PID: 3104 (3372) C:\Program Files\Misc_software\Printkey.exe

size: 455680

MD5: AD65D2A0EEA8291F6DAA2749042D4401

PID: 3112 (3372) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

size: 123904

MD5: B5C9F63C01FCFEC3F64EC6A0940A1825

PID: 3240 (2836) C:\Program Files\Citrix\GoToMeeting\198\g2mcomm.exe

size: 31816

MD5: E8522F0DFFB6D407D6174062DD7FC963

PID: 3304 (3240) C:\Program Files\Citrix\GoToMeeting\198\g2mlauncher.exe

size: 31816

MD5: E8522F0DFFB6D407D6174062DD7FC963

PID: 3052 (3372) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

size: 4891472

MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855

PID: 3640 (3372) C:\Program Files\Mozilla Firefox\firefox.exe

size: 307712

MD5: BAC6F7DE724D7F30EBD78648C86B4617

PID: 4 ( 0) System

--- Browser start & search pages list ---

Spybot - Search & Destroy browser pages report, 12/5/2008 2:44:48 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

C:\WINDOWS\system32\blank.htm

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

http://www.google.com/hws/sb/dell-usuk-rel...html?channel=us

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

http://www.google.com/hws/sb/dell-usuk-rel...html?channel=us

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

http://www.google.com

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1070911

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant

http://www.google.com/ie

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@

http://www.google.com/search?q=%s

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

%SystemRoot%\system32\blank.htm

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

http://go.microsoft.com/fwlink/?LinkId=54896

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page

http://go.microsoft.com/fwlink/?LinkId=69157

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

http://go.microsoft.com/fwlink/?LinkId=69157

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

http://go.microsoft.com/fwlink/?LinkId=54896

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

http://www.google.com/hws/sb/dell-usuk-rel...html?channel=us

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

--- Winsock Layered Service Provider list ---

Protocol 0: MSAFD Tcpip [TCP/IP]

GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP IP protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [uDP/IP]

GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP IP protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]

GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP IP protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider

GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}

Filename: %SystemRoot%\system32\rsvpsp.dll

Description: Microsoft Windows NT/2k/XP RVSP

DB filename: %SystemRoot%\system32\rsvpsp.dll

DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider

GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}

Filename: %SystemRoot%\system32\rsvpsp.dll

Description: Microsoft Windows NT/2k/XP RVSP

DB filename: %SystemRoot%\system32\rsvpsp.dll

DB protocol: RSVP * Service Provider

Protocol 5: MSAFD nwlnkipx [iPX]

GUID: {11058240-BE47-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP Novell Netware UPX protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD nwlnkipx *

Protocol 6: MSAFD nwlnkspx [sPX]

GUID: {11058241-BE47-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD nwlnkspx *

Protocol 7: MSAFD nwlnkspx [sPX] [Pseudo Stream]

GUID: {11058241-BE47-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD nwlnkspx *

Protocol 8: MSAFD nwlnkspx [sPX II]

GUID: {11058241-BE47-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD nwlnkspx *

Protocol 9: MSAFD nwlnkspx [sPX II] [Pseudo Stream]

GUID: {11058241-BE47-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP Novell Netware SPX protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD nwlnkspx *

Protocol 10: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 6

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 6

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{31BB63A3-DF17-4386-985E-D0B8AECEEA50}] SEQPACKET 10

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{31BB63A3-DF17-4386-985E-D0B8AECEEA50}] DATAGRAM 10

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2D0025D0-DC42-4625-B328-D0E85BE93C77}] SEQPACKET 9

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2D0025D0-DC42-4625-B328-D0E85BE93C77}] DATAGRAM 9

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{20D63C1F-800E-4C9C-9644-7984A3F6B6C1}] SEQPACKET 5

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{20D63C1F-800E-4C9C-9644-7984A3F6B6C1}] DATAGRAM 5

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07B599C6-2E1A-46AE-BE75-3D2DC8300EEA}] SEQPACKET 4

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{07B599C6-2E1A-46AE-BE75-3D2DC8300EEA}] DATAGRAM 4

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CB09A30E-F62C-4E63-AE69-C445C2C33BC6}] SEQPACKET 3

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CB09A30E-F62C-4E63-AE69-C445C2C33BC6}] DATAGRAM 3

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{240A6AA0-785E-4612-9E09-B9831E941CA9}] SEQPACKET 0

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{240A6AA0-785E-4612-9E09-B9831E941CA9}] DATAGRAM 0

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA219350-B25F-4304-B0A7-CA6C15D25C3F}] SEQPACKET 1

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA219350-B25F-4304-B0A7-CA6C15D25C3F}] DATAGRAM 1

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8FB8631-14EB-4BD0-9EBA-74664FE3AF1E}] SEQPACKET 2

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8FB8631-14EB-4BD0-9EBA-74664FE3AF1E}] DATAGRAM 2

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B6EB9146-E03F-4F4A-A566-43FF29E265CB}] SEQPACKET 7

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B6EB9146-E03F-4F4A-A566-43FF29E265CB}] DATAGRAM 7

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip_{676233C8-9872-4FD0-BC71-ABF6BD45C336}] SEQPACKET 8

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip_{676233C8-9872-4FD0-BC71-ABF6BD45C336}] DATAGRAM 8

GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}

Filename: %SystemRoot%\system32\mswsock.dll

Description: Microsoft Windows NT/2k/XP NetBios protocol

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip

GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}

Filename: %SystemRoot%\System32\mswsock.dll

Description: Microsoft Windows NT/2k/XP TCP/IP name space provider

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: TCP/IP

Namespace Provider 1: NTDS

GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}

Filename: %SystemRoot%\System32\winrnr.dll

Description: Microsoft Windows NT/2k/XP name space provider

DB filename: %SystemRoot%\system32\winrnr.dll

DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace

GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}

Filename: %SystemRoot%\System32\mswsock.dll

Description: Microsoft Windows NT/2k/XP name space provider

DB filename: %SystemRoot%\system32\mswsock.dll

DB protocol: NLA-Namespace

Namespace Provider 3: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol

GUID: {E02DAAF0-7E9F-11CF-AE5A-00AA00A7112B}

Filename: %SystemRoot%\System32\nwprovau.dll

Description: Microsoft Windows NT/2k/XP Novell Netware name space provider

DB filename: %SystemRoot%\system32\nwprovau.dll

DB protocol: NWLink IPX/SPX/NetBIOS*

--- Uninstall list ---

(AddressBook)

Adobe Acrobat 8.1.2 Standard 8.1.2 (Adobe Acrobat 8 Standard)

version (major): 8

install date: 9/20/2007

install location: C:\Program Files\Adobe\Acrobat 8.0\

uninstall cmd: msiexec /I {AC76BA86-1033-0000-BA7E-000000000003}

publisher: Adobe Systems

contact: Customer Support

help link: http://www.adobe.com/support/main.html

help telephone:

readme: [iNSTALLDIR]Readme.htm

Adobe Flash Player Plugin 9.0.124.0 (Adobe Flash Player Plugin)

uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

publisher: Adobe Systems Incorporated

AOL Toolbar 5.0 (AOL Toolbar)

uninstall cmd: "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"

(AOL Toolbar 5.0)

uninstall cmd: "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"

ASNA Deployment Installation (ASNA Deployment Installation)

uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Common Files\ASNA Shared\Uninst.isu"

BlackBerry Desktop Software 4.3 4.3.0.17 (BlackBerry_{3AE87269-BD57-4A58-B13D-FC67664BCFB8})

version: 67108864

version (major): 4

install location: C:\Program Files\Research In Motion\BlackBerry\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\

uninstall cmd: MsiExec.exe /i{3AE87269-BD57-4A58-B13D-FC67664BCFB8}

publisher: Research In Motion Ltd.

(Branding)

Conexant HDA D110 MDC V.92 Modem (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3)

uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

EPSON Printer Software (EPSON Printer and Utilities)

uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

publisher: SEIKO EPSON Corporation

EPSON Scan (EPSON Scanner)

uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r

(Fontcore)

HP Imaging Device Functions 7.0 7.0 (HP Imaging Device Functions)

uninstall cmd: C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

publisher: HP

help link: http://www.hp.com/support

HP Solution Center 7.0 7.0 (HP Solution Center & Imaging Support Tools)

uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

publisher: HP

help link: http://www.hp.com/support

HP Customer Participation Program 7.0 7.0 (HPExtendedCapabilities)

uninstall cmd: C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat

publisher: HP

help link: http://www.hp.com/support

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)

install date: 20080106

uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20070813.185237 (ie7)

install date: 20080106

publisher: Microsoft Corporation

help link: http://www.microsoft.com/ie

(IEData)

(InstallShield Uninstall Information)

Wave Support Software 05.02.01.000 (InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE})

version: 84017153

version (major): 5

version (minor): 2

estimated size: 160

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Wave Support Software\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{07D618CD-B016-438A-ADC9-A75BD23F85CE} /l1033

publisher: Wave Systems Corp

Private Information Manager 05.02.00.016 (InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809})

version: 84017152

version (major): 5

version (minor): 2

estimated size: 4992

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Private Information Manager\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{0B0A2153-58A6-4244-B458-25EDF5FCD809} /l1033

publisher: Your Company Name

Document Manager Lite 05.03.00.014 (InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2})

version: 84082688

version (major): 5

version (minor): 3

estimated size: 5230

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Document Manager Lite\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2} /l1033

publisher: Your Company Name

ETS Upgrade 02.00.00.008 (InstallShield_{72FECEA1-E87F-4192-89FA-D0FBF92885BB})

version: 33554432

version (major): 2

estimated size: 728

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\ETS Upgrade\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{72FECEA1-E87F-4192-89FA-D0FBF92885BB}

publisher: Wave Systems Corp

Secure Update 05.03.00.002 (InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50})

version: 84082688

version (major): 5

version (minor): 3

estimated size: 3149

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Secure Update\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D1E829E9-88B8-47C6-A75E-0D40E2C09D50} /l1033

publisher: Your Company Name

ETS Launch Pad 01.02.00.011 (InstallShield_{DD41AC25-61B2-4FC9-90AA-672F32139AC3})

version: 16908288

version (major): 1

version (minor): 2

estimated size: 5928

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\ETS Launch Pad\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{DD41AC25-61B2-4FC9-90AA-672F32139AC3} /l1033

publisher: Your Company Name

Security Wizards 01.03.00.007 (InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4})

version: 16973824

version (major): 1

version (minor): 3

estimated size: 4531

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Security Wizards\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4} /l1033

publisher: Your Company Name

EMBASSY Security Center 02.02.00.016 (InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88})

version: 33685504

version (major): 2

version (minor): 2

estimated size: 13778

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\EMBASSY Security Center\

uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EEAFE1E5-076B-430A-96D9-B567792AFA88}

publisher: Wave Systems Corp

IrfanView (remove only) (IrfanView)

uninstall cmd: C:\Program Files\IrfanView\iv_uninstall.exe

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)

uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=KB835221

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

(KB888656)

(KB889858)

(KB891122)

(KB892313)

(KB893240)

(KB893241)

Windows Installer 3.1 (KB893803) (KB893803v2)

publisher: Microsoft Corporation

help link: http://go.microsoft.com/fwlink/?LinkId=42467

(KB895181)

(KB895316)

(KB895572)

(KB897586)

(KB898549)

(KB900399)

(KB902344)

(KB907658)

Security Update for Windows Media Player (KB911564) (KB911564)

install date: 20070911

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=911564

(KB911565)

(KB911854)

Hotfix for Windows XP (KB915800-v4) 4 (KB915800-v4)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=915800-v4

Security Update for Windows XP (KB923689) (KB923689)

install date: 20070911

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=923689

Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)

install date: 20070920

uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com/kb/923723

Security Update for Windows XP (KB923789) (KB923789)

uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=923789

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)

install date: 20070911

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=925398

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)

install date: 20080711

uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=929399

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)

uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=931906

Security Update for Windows Media Player 11 (KB936782) (KB936782_WMP11)

install date: 20080711

uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=936782

Security Update for Windows Media Player 9 (KB936782) (KB936782_WMP9)

install date: 20070920

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=936782

Security Update for Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7)

install date: 20080108

uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=938127

Security Update for Windows XP (KB938464) 1 (KB938464)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=938464

Hotfix for Windows Media Player 11 (KB939683) (KB939683)

install date: 20080718

uninstall cmd: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=939683

Windows Search 4.0 04.00.6001.503 (KB940157)

install date: 20080910

uninstall cmd: "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=940157

Security Update for Windows XP (KB941569) (KB941569)

install date: 20071212

uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=941569

Security Update for Windows Internet Explorer 7 (KB942615) 1 (KB942615-IE7)

install date: 20080108

uninstall cmd: "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=942615

Security Update for Windows Internet Explorer 7 (KB944533) 1 (KB944533-IE7)

install date: 20080214

uninstall cmd: "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=944533

Security Update for Windows XP (KB946648) 1 (KB946648)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=946648

Hotfix for Windows Internet Explorer 7 (KB947864) 1 (KB947864-IE7)

install date: 20080410

uninstall cmd: "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=947864

Security Update for Windows Internet Explorer 7 (KB950759) 1 (KB950759-IE7)

install date: 20080612

uninstall cmd: "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=950759

Security Update for Windows XP (KB950760) 1 (KB950760)

install date: 20080612

uninstall cmd: "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=950760

Security Update for Windows XP (KB950762) 1 (KB950762)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=950762

Security Update for Windows XP (KB950974) 1 (KB950974)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=950974

Security Update for Windows XP (KB951066) 1 (KB951066)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951066

Update for Windows XP (KB951072-v2) 2 (KB951072-v2)

install date: 20080814

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951072

Security Update for Windows XP (KB951376) 1 (KB951376)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951376

Security Update for Windows XP (KB951376-v2) 2 (KB951376-v2)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951376

Security Update for Windows XP (KB951698) 1 (KB951698)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951698

Security Update for Windows XP (KB951748) 1 (KB951748)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951748

Update for Windows XP (KB951978) 1 (KB951978)

install date: 20081010

uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=951978

Hotfix for Windows XP (KB952287) 1 (KB952287)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=952287

Security Update for Windows XP (KB952954) 1 (KB952954)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=952954

Security Update for Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7)

install date: 20080814

uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=953838

Security Update for Windows XP (KB953839) 1 (KB953839)

install date: 20080814

uninstall cmd: "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=953839

Security Update for Windows Media Player 11 (KB954154) (KB954154_WM11)

install date: 20080911

uninstall cmd: "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com/?kbid=954154

Security Update for Windows XP (KB954211) 1 (KB954211)

install date: 20081017

uninstall cmd: "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=954211

Security Update for Windows XP (KB954459) 1 (KB954459)

install date: 20081114

uninstall cmd: "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=954459

Security Update for Windows XP (KB955069) 1 (KB955069)

install date: 20081114

uninstall cmd: "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=955069

Security Update for Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7)

install date: 20081017

uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=956390

Security Update for Windows XP (KB956391) 1 (KB956391)

install date: 20081017

uninstall cmd: "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=956391

Security Update for Windows XP (KB956803) 1 (KB956803)

install date: 20081017

uninstall cmd: "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=956803

Security Update for Windows XP (KB956841) 1 (KB956841)

install date: 20081017

uninstall cmd: "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=956841

Security Update for Windows XP (KB957095) 1 (KB957095)

install date: 20081017

uninstall cmd: "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=957095

Security Update for Windows XP (KB957097) 1 (KB957097)

install date: 20081114

uninstall cmd: "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=957097

Security Update for Windows XP (KB958644) 1 (KB958644)

install date: 20081026

uninstall cmd: "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=958644

Link to post
Share on other sites

...and here is the rest of the Spybot log:

Microsoft .NET Framework 1.1 Hotfix (KB928366) (M928366)

uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)

install date: 20081205

install location: C:\Program Files\Malwarebytes' Anti-Malware\

uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

publisher: Malwarebytes Corporation

help link: http://www.malwarebytes.org

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))

uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(Microsoft Interactive Training)

uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

(MobileOptionPack)

Mozilla Firefox (3.0.4) 3.0.4 (en-US) (Mozilla Firefox (3.0.4))

install location: C:\Program Files\Mozilla Firefox

uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe

publisher: Mozilla

comments: Mozilla Firefox

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)

install date: 20080710

uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://go.microsoft.com/fwlink/?LinkId=74087

MSN (MSNINST)

uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

Mocha W32 TN5250 8.1 (mtn5250)

uninstall cmd: C:\WINDOWS\mtn5250uninstall.exe

(NetMeeting)

Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)

install date: 20080106

uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

NVIDIA Drivers (NVIDIA Drivers)

uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

(PCHealth)

uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Picasa 2 2.0 (Picasa2)

uninstall cmd: "C:\Program Files\Google\Picasa2\Uninstall.exe"

publisher: Google, Inc.

help link: http://www.picasa.com/

Intel® PROSet/Wireless Software 10.5.1.0 (ProInst)

install location: C:\WINDOWS\Installer\iProInst.exe

uninstall cmd: C:\WINDOWS\Installer\iProInst.exe

publisher: Intel Corporation

comments: Intel® PROSet/Wireless installation package

contact: Intel Customer Support

help link: http://support.intel.com

Microsoft Office Professional Plus 2007 12.0.6215.1000 (PROPLUS)

install location: C:\Program Files\Microsoft Office

uninstall cmd: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

publisher: Microsoft Corporation

QVT/Net (QvtNetDeinstKey)

uninstall cmd: C:\WINDOWS\uninst.exe -fc:\qvtnet5\DeIsL3.isu

(SchedulingAgent)

SearchAssist (SearchAssist)

uninstall cmd: C:\DELL\SearchAssist\UninstSA.bat

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)

uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q

publisher: Adobe Systems

help link: http://www.adobe.com/go/flashplayer_support/

EPSON CX9400 User's Guide (Silent Package Run-Time Sample)

uninstall cmd: C:\Program Files\epson\guide\cx9400_e\uninstall.exe

AAO Desk Top Application Setup Program (ST6UNST #1)

uninstall cmd: C:\WINDOWS\st6unst.exe -n "C:\Program Files\Project1\ST6UNST.LOG"

SyncBackSE (SyncBackSE_is1)

install location: C:\Program Files\2BrightSparks\SyncBackSE\

uninstall cmd: "C:\Program Files\2BrightSparks\SyncBackSE\unins000.exe"

publisher: 2BrightSparks

help link: http://www.SyncBackSE.com

TurboTax Deluxe 2007 (TurboTax Deluxe 2007)

uninstall cmd: C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui

Viewpoint Media Player (ViewpointMediaPlayer)

uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

Volleyball Playbook 010 (Volleyball Playbook 010_is1)

install date: 20070929

install location: C:\Program Files\Jes-Soft\Volleyball Playbook v010\

uninstall cmd: "C:\Program Files\Jes-Soft\Volleyball Playbook v010\unins000.exe"

publisher: Jes-Soft

VZAccess Manager 6.7.8 (VZAccess Manager)

uninstall cmd: C:\PROGRA~1\VERIZO~1\VZACCE~1\UNWISE.EXE C:\PROGRA~1\VERIZO~1\VZACCE~1\INSTALL.LOG

publisher: Smith Micro Software, Inc.

Windows Genuine Advantage Notifications (KB905474) 1.8.0031.9 (WgaNotify)

install date: 20081013

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=905474

(WIC)

Windows Media Format 11 runtime (Windows Media Format Runtime)

uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)

uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 3 20080414.031525 (Windows XP Service Pack)

install date: 20081008

uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http://support.microsoft.com?kbid=936929

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)

install date: 20080710

uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http:

Windows Media Player 11 (wmp11)

install date: 20080710

uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)

install date: 20080710

uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

publisher: Microsoft Corporation

comments: Build Number 5716

ArcSoft Print Creations - Slimline Card ({007B37D9-0C45-4202-834B-DD5FAAE99D63})

version (major): 1

install location: C:\PROGRA~1\ArcSoft\PRINTC~1

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Slimline

publisher: ArcSoft

F300 70.0.231.000 ({05C56753-F144-44BC-BA67-83CC5DBF395C})

version: 1174405351

version (major): 70

estimated size: 263

install date: 20071213

install source: C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\Product\

publisher: Hewlett-Packard

mSSO 7.20.0000 ({06BE8AFD-A8E2-4B63-BAE7-287016D16ACB})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 324

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

Wave Support Software 05.02.01.000 ({07D618CD-B016-438A-ADC9-A75BD23F85CE})

version: 84017153

version (major): 5

version (minor): 2

estimated size: 160

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Wave Support Software\

publisher: Wave Systems Corp

MSXML 6.0 Parser (KB933579) 6.10.1200.0 ({0A869A65-8C94-4F7C-A5C7-972D3C8CED9E})

version: 101319856

version (major): 6

version (minor): 10

estimated size: 1341

install date: 20070920

install source: c:\fc35d2c49431c71a563fd386b1\

uninstall cmd: MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

publisher: Microsoft Corporation

help link: http://support.microsoft.com/kb/933579

3.5.0 ({0ADEA8E1-B211-41B8-8DD4-D9A5FB04A5FA})

version: 50659328

version (major): 3

version (minor): 5

estimated size: 1259

install date: 20080807

install location: C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Audio\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\SR_MM\RCP_AUDIO_35\

uninstall cmd: MsiExec.exe /I{0ADEA8E1-B211-41B8-8DD4-D9A5FB04A5FA}

publisher: Roxio

Private Information Manager 05.02.00.016 ({0B0A2153-58A6-4244-B458-25EDF5FCD809})

version: 84017152

version (major): 5

version (minor): 2

estimated size: 4992

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Private Information Manager\

publisher: Your Company Name

NTRU Hybrid TSS v2.0.25 2.0.25 ({0BA2A0BA-7F4D-4B7B-AE94-5F0233AC8A5A})

version: 33554457

version (major): 2

estimated size: 1481

install date: 20070911

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\NTRU TCG Software Stack\

uninstall cmd: MsiExec.exe /I{0BA2A0BA-7F4D-4B7B-AE94-5F0233AC8A5A}

publisher: NTRU Cryptosystems

help link: http://www.ntru.com

help telephone: +1 978 844 5200

mLogView 7.20.0000 ({0E2B0B41-7E08-4F9F-B21F-41C4133F43B7})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 756

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})

version: 33619968

version (major): 2

version (minor): 1

estimated size: 770

install date: 20080911

install source: C:\WINDOWS\TEMP\IXP000.TMP\

uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

publisher: Microsoft Corporation

HP Software Update 3.0.5.001 ({15EE79F4-4ED1-4267-9B0F-351009325D7D})

version: 50331653

version (major): 3

estimated size: 3833

install date: 20070924

install source: d:\setup\HPSoftwareUpdate\

uninstall cmd: MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}

publisher: HEWLET~1|Hewlett-Packard

contact: http://www.hp.com/support

Mobile Broadband Drivers 2.01.07.10 ({190D0C6E-C8A7-4019-8FB5-FD041EC1F2D2})

version: 33619975

version (major): 2

version (minor): 1

estimated size: 2412

install date: 20070922

install location: C:\Program Files\Novatel Wireless\

install source: C:\WINDOWS\Downloaded Installations\{97E01F71-E28E-42F5-8A14-5E0B70A1DCE3}\

uninstall cmd: MsiExec.exe /X{190D0C6E-C8A7-4019-8FB5-FD041EC1F2D2}

publisher: Novatel Wireless

help link: www.nvtl.com

EPSON Stylus CX9400Fax Series Scanner Driver Update ({1CA2E5E4-F4FE-44B4-95E9-77523FB95838})

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}\Setup.exe" -l0x9

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})

uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

HPPhotoSmartExpress 70.0.170.000 ({2376813B-2E5A-4641-B7B3-A0D5ADB55229})

version: 1174405290

version (major): 70

estimated size: 10150

install date: 20071213

install source: D:\setup\HPPhotoSmartExpress\

publisher: Hewlett-Packard

mProSafe 7.20.0000 ({23FB368F-1399-4EAC-817C-4B83ECBE3D83})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 472

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}

publisher: Intel

comments: Pseudo NCS Install

contact: Customer Support Department

help link: http://www.intel.com

help telephone: 1-555-555-4505

3.5.0 ({267D350E-51AB-40B8-AF9F-DA7ED5687044})

version: 50659328

version (major): 3

version (minor): 5

estimated size: 857

install date: 20080807

install location: C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Data\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\SR_MM\RCP_DATA_35\

uninstall cmd: MsiExec.exe /I{267D350E-51AB-40B8-AF9F-DA7ED5687044}

publisher: Roxio

Broadcom Advanced Control Suite 8.68.05 ({26E1BFB0-E87E-4696-9F89-B467F01F81E5})

version: 138674181

version (major): 8

version (minor): 68

estimated size: 2818

install date: 20070911

install location: C:\Program Files\Broadcom\

install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_is151\

uninstall cmd: MsiExec.exe /X{26E1BFB0-E87E-4696-9F89-B467F01F81E5}

publisher: Broadcom Corporation

comments: Broadcom Advanced Control Suite 2 (BACS)

contact: Dell Customer Support

help link: http://www.support.dell.com

PowerDVD 7.0 ({281ECE39-F043-492B-8337-F2E546B5604A})

version: 117440512

install date: 20070911

install location: C:\Program Files\CyberLink\PowerDVD DX

install source: C:\dell\CT435\

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall

publisher: Dell

({2DE297D5-4479-4ADC-944C-765CADFA31C7})

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})

version: 17104896

version (major): 1

version (minor): 5

estimated size: 155929

install date: 20070911

install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}\

uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}

publisher: Sun Microsystems, Inc.

contact: http://java.com

help link: http://java.com

readme: C:\Program Files\Java\jre1.5.0_06\README.txt

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})

version: 154279267

version (major): 9

version (minor): 50

estimated size: 2472

install date: 20040811

install source: C:\WINDOWS\system32\

publisher: Microsoft Corporation

help link: http://www.microsoft.com/windows

Broadcom TPM Driver Installer 8.04.04 ({35748B06-FCFC-4700-8285-DAD41689E4FE})

version: 134479876

version (major): 8

version (minor): 4

estimated size: 49

install date: 20070911

install location: C:\Program Files\Broadcom\BTPMDrv\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Broadcom Trusted Platform Module\

uninstall cmd: MsiExec.exe /X{35748B06-FCFC-4700-8285-DAD41689E4FE}

publisher: Broadcom Corporation

McAfee VirusScan Enterprise 8.6.0 ({35C03C04-3F1F-42C2-A989-A757EE691F65})

version: 134610944

version (major): 8

version (minor): 6

estimated size: 39751

install date: 20070920

install location: C:\Program Files\McAfee\VirusScan Enterprise\

install source: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\

uninstall cmd: MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}

publisher: McAfee, Inc.

help link: https://mysupport.mcafee.com

help telephone: +1 (408) 988-3832

HP Deskjet 3900 series 5.0 ({3819891A-030B-4a4e-98ED-B28A649E48AB})

uninstall cmd: C:\Program Files\HP\Digital Imaging\{3819891A-030B-4a4e-98ED-B28A649E48AB}\setup\hpzscr01.exe -datfile hpfscr05.dat

publisher: HP

help link: http://www.hp.com/support

BlackBerry Desktop Software 4.3 4.3.0.17 ({3AE87269-BD57-4A58-B13D-FC67664BCFB8})

version: 67305472

version (major): 4

version (minor): 3

estimated size: 85139

install date: 20080807

install location: C:\Program Files\Research In Motion\BlackBerry\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\

uninstall cmd: MsiExec.exe /I{3AE87269-BD57-4A58-B13D-FC67664BCFB8}

publisher: Research In Motion Ltd.

mIWA 7.20.0000 ({3E9D596A-61D4-4239-BD19-2DB984D2A16F})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 1325

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

URL Assistant ({3EE33958-7381-4E7B-A4F3-6E43098E9E9C})

uninstall cmd: regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

NetWaiting 2.5.23 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})

version (major): 2

version (minor): 5

install location: C:\Program Files\NetWaiting

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

publisher: BVRP Software, Inc

HPDeskjet3900Series 1.00.0000 ({42F6BED9-41DD-40F1-85A8-8E0350493626})

version: 16777216

version (major): 1

estimated size: 20634

install date: 20070924

install source: d:\setup\DeskjetSoftware\

publisher: Hewlett-Packard

BufferChm 70.0.170.000 ({45B8A76B-57EC-4242-B019-066400CD8428})

version: 1174405290

version (major): 70

estimated size: 1657

install date: 20071213

install source: D:\setup\BufferChm\

publisher: Hewlett-Packard

mHlpDell 7.20.0000 ({49D687E5-6784-431B-A0A2-2F23B8CC5A1B})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 284

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}

publisher: Intel

comments: Help Files

contact: Customer Support Department

help link: http://www.intel.com

help telephone: 1-555-555-4505

HPProductAssistant 70.0.170.000 ({4EA684E9-5C81-4033-A696-3019EC57AC3A})

version: 1174405290

version (major): 70

estimated size: 4907

install date: 20071213

install source: D:\setup\hpproductassistant\

publisher: Hewlett-Packard

Microsoft SQL Server Native Client 9.00.2047.00 ({50A0893D-47D8-48E0-A7E8-44BCD7E4422E})

version: 150996991

version (major): 9

estimated size: 4264

install date: 20070911

install location: c:\Program Files\Microsoft SQL Server\

install source: c:\9009428b4e1e47605b\setup\

uninstall cmd: MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}

publisher: Microsoft Corporation

help link: http://go.microsoft.com/fwlink/?LinkId=52153

Document Manager Lite 05.03.00.014 ({51AE9E42-640D-4C14-A9B6-43F64AA4E3E2})

version: 84082688

version (major): 5

version (minor): 3

estimated size: 5230

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\Document Manager Lite\

publisher: Your Company Name

Microsoft SQL Server Setup Support Files (English) 9.00.2047.00 ({53F5C3EE-05ED-4830-994B-50B2F0D50FCE})

version: 150996991

version (major): 9

estimated size: 20562

install date: 20070911

install location: c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\

install source: c:\9009428b4e1e47605b\Setup\

uninstall cmd: MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}

publisher: Microsoft Corporation

help link: http://go.microsoft.com/fwlink/?LinkId=52154

VPN Client ({5624C000-B109-11D4-9DB4-00E0290FCAC5})

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall

ArcSoft Print Creations - Photo Book ({56589DFE-0C29-4DFE-8E42-887B771ECD23})

version (major): 1

install location: C:\PROGRA~1\ArcSoft\PRINTC~1

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoBook

publisher: ArcSoft

Roxio Media Manager 9.4.007 ({5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1})

version: 151257095

version (major): 9

version (minor): 4

estimated size: 280575

install date: 20080807

install location: C:\Program Files\Roxio\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\SR_MM\

uninstall cmd: MsiExec.exe /X{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}

publisher: Roxio

comments: Master installer for The Digital Media Suite

contact: http://support.roxio.com

help link: http://support.roxio.com

readme: C:\Program Files\Roxio\RoxioEasyMediaCreatorSuiteReadMe.html

DeviceFunctionQFolder 1.00.0000 ({5F26311C-B135-4F7F-B11E-8E650F83651E})

version: 16777216

version (major): 1

estimated size: 124

install date: 20070924

install source: d:\setup\QFolder\

publisher: Hewlett-Packard

Easy CD Creator 5 Basic 5.3.4.21 ({609F7AC8-C510-11D4-A788-009027ABA5D0})

version: 83951616

version (major): 5

version (minor): 1

estimated size: 24126

install date: 20070920

install source: \\Osprey\SoftwareInstall\RoxioEZCD\

uninstall cmd: MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}

publisher: Roxio Inc

help link: http://www.roxio.com/en/support

help telephone:

mWMI 7.20.0000 ({63DB9CCD-2B56-4217-9A3D-507AC78320CA})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 452

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

WebReg 70.0.170.000 ({66910000-8B30-4973-A159-6371345AFFA5})

version: 1174405290

version (major): 70

estimated size: 525

install date: 20071213

install source: D:\setup\WebReg\

publisher: Hewlett-Packard

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7})

version: 134283266

version (major): 8

version (minor): 1

estimated size: 4368

install date: 20080703

install location: C:\Program Files\Adobe\Security Update\

install source: C:\Documents and Settings\emarion\Local Settings\Application Data\Adobe\Updater5\Install\acrobat8std-en_US\

uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

publisher: Adobe Systems, Inc

comments: Your Comments

contact: Customer Support Department

help link: http://www.Adobe.com

help telephone: 1-555-555-4505

AiOSoftwareNPI 70.0.231.000 ({68763C27-235D-4165-A961-FDEA228CE504})

version: 1174405351

version (major): 70

estimated size: 3366

install date: 20071213

install source: D:\setup\AiOSoftwarenpi\

publisher: Hewlett-Packard

Toolbox 70.0.170.000 ({6909F917-5499-482e-9AA1-FAD06A99F231})

version: 1174405290

version (major): 70

estimated size: 5709

install date: 20071213

install source: D:\setup\Toolbox\

publisher: Hewlett-Packard

HP Photosmart Essential 1.9.1.3 ({6994491D-D491-48F1-AE1F-E179C1FFFC2F})

version: 17367041

version (major): 1

version (minor): 9

estimated size: 9082

install date: 20071213

install location: C:\Program Files\HP\Photosmart Essential\

install source: D:\setup\ImageZoneExpress\

uninstall cmd: MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}

publisher: HP

ETS Upgrade 02.00.00.008 ({72FECEA1-E87F-4192-89FA-D0FBF92885BB})

version: 33554432

version (major): 2

estimated size: 728

install date: 20070911

install location: C:\Program Files\Wave Systems Corp\

install source: C:\Program Files\Dell\EMBASSY Trust Suite by Wave Systems\Embassy Trust Suite\ETS Upgrade\

publisher: Wave Systems Corp

Readme 70.0.231.000 ({736C803C-DD3B-4015-BC51-AFB9E67B9076})

version: 1174405351

version (major): 70

estimated size: 44

install date: 20071213

install source: D:\setup\readme\

publisher: Hewlett-Packard

1.0 ({7A9DC8F6-2466-4E04-BF51-BE499C5D02BD})

version: 16777216

version (major): 1

estimated size: 9316

install date: 20080807

install location: C:\Program Files\Common Files\Roxio Shared\DLLShared\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\SR_MM\ACTIVATION_103\

uninstall cmd: MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}

publisher: Roxio

AnswerWorks 4.0 Runtime - English 4.0.101 ({7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA})

version: 67108965

install date: 20080129

install location: C:\Program Files\Vantage Software Technologies\AnswerWorks 4.0 Runtime - English

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\bye19A.tmp\Disk1\

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly

publisher: Vantage Software Technologies

ProductContextNPI 70.0.231.000 ({7E7B7865-6C80-4373-8BC1-C2EB9431F9DE})

version: 1174405351

version (major): 70

estimated size: 128

install date: 20071213

install source: C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\

publisher: Hewlett-Packard

Modem Helper 3.02 ({7F142D56-3326-11D5-B229-002078017FBF})

install location: C:\Program Files\Modem Helper

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

publisher: BVRP Software

Status 70.0.170.000 ({8331C3EA-0C91-43AA-A4D4-27221C631139})

version: 1174405290

version (major): 70

estimated size: 3260

install date: 20071213

install source: D:\setup\Status\

publisher: Hewlett-Packard

3.5.0 ({85BD5F12-49EF-4B40-B1E0-77D85F6E99BF})

version: 50659328

version (major): 3

version (minor): 5

estimated size: 18538

install date: 20080807

install location: C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\WZSE0.TMP\SR_MM\RCP_CORE_35\

uninstall cmd: MsiExec.exe /I{85BD5F12-49EF-4B40-B1E0-77D85F6E99BF}

publisher: Roxio

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})

version: 68429454

version (major): 4

version (minor): 20

estimated size: 2729

install date: 20081114

install source: c:\3eb558a98862e0e9bcdb4be4650225\

uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

publisher: Microsoft Corporation

help link: http://support.microsoft.com/kb/954430

({8851E12C-0EF9-11D4-A788-009027ABA5D0})

Microsoft Silverlight 2.0.31005.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})

version: 33585437

version (major): 2

estimated size: 10644

install date: 20081023

install location: c:\Program Files\Microsoft Silverlight\

install source: c:\fc31dac50e849bbb393f0a4049\

uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

publisher: Microsoft Corporation

help link: http://go.microsoft.com/fwlink/?LinkID=91955

3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})

version: 50331655

version (major): 3

estimated size: 184

install date: 20071213

install source: D:\setup\HPSoftwareUpdate\

publisher: Hewlett-Packard

mPfMgr 7.20.0000 ({8B928BA1-EDEC-4227-A2DA-DD83026C36F5})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 1932

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

Microsoft Software Update for Web Folders (English) 12 12.0.6215.1000 ({90120000-0010-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 14675

install date: 20080909

install source: C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\

publisher: Microsoft Corporation

Microsoft Office Professional Plus 2007 12.0.6215.1000 ({90120000-0011-0000-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 1009009

install date: 20081114

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0011-0000-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

publisher: Microsoft Corporation

Update for Outlook 2007 Junk Email Filter (kb957829) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{07A1F6B6-4F1C-418C-A605-755A121C4A16})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}

publisher: Microsoft

help link: http://support.microsoft.com/kb/957829

Security Update for 2007 Microsoft Office System (KB955936) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1D94099C-2BBA-440E-BD5E-093BBDF8F028})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}

publisher: Microsoft

help link: http://support.microsoft.com/kb/955936

Update for Microsoft Office Outlook 2007 (KB952142) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{4AD3A076-427C-491F-A5B7-7D1DE788A756})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

publisher: Microsoft

help link: http://support.microsoft.com/kb/952142

Security Update for Microsoft Office PowerPoint 2007 (KB951338) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{558B709B-821B-4FC5-90FC-9A8890641E77})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

publisher: Microsoft

help link: http://support.microsoft.com/kb/951338

Security Update for Microsoft Office system 2007 (KB954326) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5F7F6FFF-395D-480E-8450-64F385D82C5F})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

publisher: Microsoft

help link: http://support.microsoft.com/kb/954326

Security Update for Microsoft Office Excel 2007 (KB955470) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E8637D8-10D6-4568-AA06-E2706F31685E})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}

publisher: Microsoft

help link: http://support.microsoft.com/kb/955470

Security Update for 2007 Microsoft Office System (KB951944) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{797AE457-BA17-4BBC-B501-25FB3A0103C7})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

publisher: Microsoft

help link: http://support.microsoft.com/kb/951944

Security Update for Microsoft Office system 2007 (KB951808) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

publisher: Microsoft

help link: http://support.microsoft.com/kb/951808

Update for Office 2007 (KB946691) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A420F522-7395-4872-9882-C591B4B92278})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

publisher: Microsoft

help link: http://support.microsoft.com/kb/946691

Security Update for Microsoft Office Word 2007 (KB950113) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD72BABE-C733-4FCF-9674-4314466191B9})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

publisher: Microsoft

help link: http://support.microsoft.com/kb/950113

Security Update for 2007 Microsoft Office System (KB951550) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B243E9A5-ED77-4F1B-B338-2486FD82DC85})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

publisher: Microsoft

help link: http://support.microsoft.com/kb/951550

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Security Update for Microsoft Office Publisher 2007 (KB950114) ({90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85})

uninstall cmd: msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

publisher: Microsoft

help link: http://support.microsoft.com/kb/950114

Microsoft Office Access MUI (English) 2007 12.0.6215.1000 ({90120000-0015-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 53384

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\Access.en-us\

uninstall cmd: MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Excel MUI (English) 2007 12.0.6215.1000 ({90120000-0016-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 16272

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office PowerPoint MUI (English) 2007 12.0.6215.1000 ({90120000-0018-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 15521

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Publisher MUI (English) 2007 12.0.6215.1000 ({90120000-0019-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 24282

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0019-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Outlook MUI (English) 2007 12.0.6215.1000 ({90120000-001A-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 22840

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-001A-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Word MUI (English) 2007 12.0.6215.1000 ({90120000-001B-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 18657

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (English) 2007 12.0.6213.1000 ({90120000-001F-0409-0000-0000000FF1CE})

version: 201332805

version (major): 12

estimated size: 56807

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\

uninstall cmd: MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173})

uninstall cmd: msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (French) 2007 12.0.6213.1000 ({90120000-001F-040C-0000-0000000FF1CE})

version: 201332805

version (major): 12

estimated size: 23736

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\

uninstall cmd: MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C})

uninstall cmd: msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Proof (Spanish) 2007 12.0.6213.1000 ({90120000-001F-0C0A-0000-0000000FF1CE})

version: 201332805

version (major): 12

estimated size: 38517

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\

uninstall cmd: MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1})

uninstall cmd: msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Proofing (English) 2007 12.0.4518.1014 ({90120000-002C-0409-0000-0000000FF1CE})

version: 201331110

version (major): 12

estimated size: 506

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

Microsoft Office InfoPath MUI (English) 2007 12.0.6215.1000 ({90120000-0044-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 73514

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0044-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared MUI (English) 2007 12.0.6215.1000 ({90120000-006E-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 37126

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85})

uninstall cmd: msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Shared Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0115-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 494

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{FAD8A83E-9BAC-4179-9268-A35948034D85})

uninstall cmd: msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Access Setup Metadata MUI (English) 2007 12.0.6215.1000 ({90120000-0117-0409-0000-0000000FF1CE})

version: 201332807

version (major): 12

estimated size: 502

install date: 20080909

install location: C:\Program Files\Microsoft Office\

install source: C:\MSOCache\All Users\{90120000-0117-0409-0000-0000000FF1CE}-C\

uninstall cmd: MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

publisher: Microsoft Corporation

2007 Microsoft Office Suite Service Pack 1 (SP1) ({90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59})

uninstall cmd: msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

publisher: Microsoft

help link: http://support.microsoft.com/kb/936982

Microsoft Office Project Standard 2003 11.0.8173.0 ({903A0409-6000-11D3-8CFE-0150048383C9})

version: 184557549

version (major): 11

estimated size: 278009

install date: 20081114

install source: \\osprey\SoftwareInstall\MicrosoftProject2003Standard\

uninstall cmd: MsiExec.exe /I{903A0409-6000-11D3-8CFE-0150048383C9}

publisher: Microsoft Corporation

help link: http://www.microsoft.com/support

readme: C:\Program Files\Microsoft Office\OFFICE11\1033\PJREADME.HTM

Microsoft Office 2003 Web Components 11.0.8173.0 ({90A40409-6000-11D3-8CFE-0150048383C9})

version: 184557549

version (major): 11

estimated size: 6496

install date: 20080914

uninstall cmd: MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}

publisher: Microsoft Corporation

help link: http://www.microsoft.com/support

mPfWiz 7.20.0000 ({90B0D222-8C21-4B35-9262-53B042F18AF9})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 936

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

mDrWiFi 7.20.0000 ({90CC4231-94AC-45CD-991A-0253BFAC0650})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 1015

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

mZConfig 7.20.0000 ({94658027-9F16-4509-BBD7-A59FE57C3023})

version: 118751232

version (major): 7

version (minor): 20

estimated size: 758

install date: 20070911

install source: C:\WINDOWS\Installer\iprodata\

uninstall cmd: MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}

publisher: Intel Corporation

comments: Your Comments

contact: Customer Support Department

help link: http://www.intel.com/support

help telephone: +1 (800) 538-3373

ArcSoft Print Creations - Funhouse ({9591C049-5CAE-4E89-A8D9-191F1899628B})

version (major): 1

install location: C:\PROGRA~1\ArcSoft\PRINTC~1

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Funhouse

publisher: ArcSoft

ArcSoft Print Creations - Photo Prints ({95F875CC-1B85-43E6-B3E0-13EA04F3D995})

version (major): 1

install location: C:\PROGRA~1\ArcSoft\PRINTC~1

uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoPrint

publisher: ArcSoft

ScannerCopy 7.0.0.0 ({996512CF-F35B-48DE-9291-557FA5316967})

version: 117440512

version (major): 7

estimated size: 3202

install date: 20071213

install source: D:\setup\ScannerCopy\

publisher: Hewlett-Packard

comments: 0

contact: 0

help link: 0

help telephone: 0

readme: 0

SolidWorks eDrawings 2009 9.0.706 ({996B5285-F906-4C9C-AC02-2363AE0AEC5C})

version: 150995650

version (major): 9

estimated size: 83191

install date: 20081105

install location: C:\Program Files\Common Files\eDrawings2009\

install source: C:\DOCUME~1\emarion\LOCALS~1\Temp\pft50.tmp\

uninstall cmd: MsiExec.exe /I{996B5285-F906-4C9C-AC02-2363AE0AEC5C}

publisher: Dassault Syst

Link to post
Share on other sites

Thanks!!!

I completed the Active Scan. Afterwards, I updated Anti-Malware and re-ran the scan. I then reran HiJack THis!. All 3 logs are below:

Here's my ActiveScan log:

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-06 20:30:02

PROTECTIONS: 1

MALWARE: 3

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

McAfee VirusScan Enterprise 8.5.0.781 No Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\emarion\Cookies\emarion@atdmt[2].txt

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\emarion\Cookies\emarion@com[1].txt

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP331\A0108781.sys

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location }

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description }

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

I updated Anti-Malware. Here's the new MBAM log:

Malwarebytes' Anti-Malware 1.31

Database version: 1467

Windows 5.1.2600 Service Pack 3

12/6/2008 9:54:53 PM

mbam-log-2008-12-06 (21-54-53).txt

Scan type: Quick Scan

Objects scanned: 67609

Time elapsed: 7 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Here's my new HiJack THis! log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:06:05 PM, on 12/6/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Wave Systems Corp\Common\DataServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\Program Files\McAfee\Common Framework\naPrdMgr.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\rpcnet.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Apoint\HidFind.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\Program Files\McAfee\Common Framework\UdaterUI.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\NetWaiting\netWaiting.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Citrix\GoToMeeting\198\g2mstart.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Misc_software\Printkey.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Citrix\GoToMeeting\198\g2mcomm.exe

C:\Program Files\Citrix\GoToMeeting\198\g2mlauncher.exe

C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

c:\program files\aol\aol toolbar 5.0\AolTbServer.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\Documents and Settings\emarion\Desktop\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1070911

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.mcafee.com

O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://proeserver/tenterprise/download/ScriptX.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bcoenet.com

O17 - HKLM\Software\..\Telephony: DomainName = bcoenet.com

O17 - HKLM\System\CCS\Services\Tcpip\..\{240A6AA0-785E-4612-9E09-B9831E941CA9}: NameServer = 192.88.132.10,198.6.1.122,192.88.132.30

O17 - HKLM\System\CCS\Services\Tcpip\..\{676233C8-9872-4FD0-BC71-ABF6BD45C336}: NameServer = 166.181.191.17 166.181.127.17

O17 - HKLM\System\CCS\Services\Tcpip\..\{CB09A30E-F62C-4E63-AE69-C445C2C33BC6}: NameServer = 192.88.132.10,198.6.1.122,192.88.132.30

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bcoenet.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = bcoenet.com,bcoenet.com,bcoenet.com,bcoenet.com

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bcoenet.com

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = bcoenet.com,bcoenet.com,bcoenet.com,bcoenet.com

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = bcoenet.com,bcoenet.com,bcoenet.com,bcoenet.com

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Absolute Software Corp. - C:\WINDOWS\system32\rpcnet.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--

End of file - 18417 bytes

Link to post
Share on other sites

Open Hijackthis, Hit scan

Select all of these:

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.google.com

O1 - Hosts: 61.157.217.210 www.google.co.uk

O1 - Hosts: 61.157.217.210 www.myspace.com

O1 - Hosts: 61.157.217.210 www.youtube.com

O1 - Hosts: 61.157.217.210 www.facebook.com

O1 - Hosts: 61.157.217.210 www.antispy.com

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.yahoo.co.uk

O1 - Hosts: 61.157.217.210 www.antispyware.com

O1 - Hosts: 61.157.217.210 antispyware.com

O1 - Hosts: 61.157.217.210 antispy.com

O1 - Hosts: 61.157.217.210 www.msn.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.gg.com

O1 - Hosts: 123.251.143.110 www.ghfhj.com

O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com

O1 - Hosts: 123.251.143.110 www.1.com

O1 - Hosts: 123.251.143.110 www.3.com

O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com

O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfld.com

O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com

O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasndfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com

O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com

O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com

O1 - Hosts: 61.157.217.210 www.live.com

O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com

O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com

O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com

O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com

Hit fix.

close hijackthis, try surfing..

Hows your computer doing now?

Link to post
Share on other sites

Are you still with us? I will close this topic by 2pm Monday if I still see no reply.

Hi again. Yes, I am here. I was able to see your reply today, but it didn't show up until very early this morning. I am guessing this is because my browser has gotten more and more corrupted as I use it. Yesterday evening, it couldn't submit data in any search queries, and I was only looking up a store location with a zip code.

Anyways, yes, I did as you suggested and it seems to have worked! Google/gmail, yahoo, facebook, etc... all appear to work perfectly now. I will be online for a couple hours before heading on a plane for 16hrs. If I notice any fishy stuff, I will reply before the flight. Thanks so much for all your help!

Link to post
Share on other sites

Hi again. Yes, I am here. I was able to see your reply today, but it didn't show up until very early this morning. I am guessing this is because my browser has gotten more and more corrupted as I use it. Yesterday evening, it couldn't submit data in any search queries, and I was only looking up a store location with a zip code.

Anyways, yes, I did as you suggested and it seems to have worked! Google/gmail, yahoo, facebook, etc... all appear to work perfectly now. I will be online for a couple hours before heading on a plane for 16hrs. If I notice any fishy stuff, I will reply before the flight. Thanks so much for all your help!

Okay then. I will wait for you to reply back and we'll go from there.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.