View Full Version : PrintSppol Removal Assistance Requested
webgurrl
2007-06-16, 16:23
Good Day:
I have Spybot SD (of course), AVG 7.5 (not using firewall) and Comodo for firewall. Using Mozilla, with controls on cookies and active X. However, i have a teenager with AIM. Since allowing that, have nasty printspool virus.
please help clean and advise on further protection.
HJT log follows.
Logfile of HijackThis v1.99.1
Scan saved at 9:08:04 AM, on 6/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Common Files\DriveCleaner Free\dnse.exe
C:\Program Files\Common Files\DriveCleaner Free\dcsm.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\bjnl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\Catroot\aol.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\Help\aolsw.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe
C:\WINDOWS\system32\yhk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [xyshherdapq] C:\WINDOWS\system32\xyshherdapq.exe
O4 - HKLM\..\Run: [lsssnxwmmx] C:\WINDOWS\system32\lsssnxwmmx.exe
O4 - HKLM\..\Run: [cxmr] C:\WINDOWS\system32\cxmr.exe
O4 - HKLM\..\Run: [rmuiduqegz] C:\WINDOWS\system32\rmuiduqegz.exe
O4 - HKLM\..\Run: [oysvokgsmonu] C:\WINDOWS\system32\oysvokgsmonu.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ggutas] C:\WINDOWS\system32\ggutas.exe
O4 - HKLM\..\Run: [nl] C:\WINDOWS\system32\nl.exe
O4 - HKLM\..\Run: [yxtwwsevanlm] C:\WINDOWS\system32\yxtwwsevanlm.exe
O4 - HKLM\..\Run: [ukajovfbz] C:\WINDOWS\system32\ukajovfbz.exe
O4 - HKLM\..\Run: [wmqz] C:\WINDOWS\system32\wmqz.exe
O4 - HKLM\..\Run: [ewdr] C:\WINDOWS\system32\ewdr.exe
O4 - HKLM\..\Run: [DriveCleaner Free] "C:\Program Files\DriveCleaner Free\UDC.exe" /min
O4 - HKLM\..\Run: [UDC6cw] "C:\Program Files\DriveCleaner Free\UDC6cw.exe" -c
O4 - HKLM\..\Run: [dnse] "C:\Program Files\Common Files\DriveCleaner Free\dnse.exe" -c
O4 - HKLM\..\Run: [dcsm] "C:\Program Files\Common Files\DriveCleaner Free\dcsm.exe"
O4 - HKLM\..\Run: [SecurityUpdate] rundll32.exe C:\WINDOWS\system32\mpoqhpe.dll,TurnOn2
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [sgdjvbcu] C:\WINDOWS\system32\sgdjvbcu.exe
O4 - HKLM\..\Run: [evnbyfo] C:\WINDOWS\system32\evnbyfo.exe
O4 - HKLM\..\Run: [qrwryce] C:\WINDOWS\system32\qrwryce.exe
O4 - HKLM\..\Run: [bjnl] C:\WINDOWS\system32\bjnl.exe
O4 - HKLM\..\Run: [etynnr] C:\WINDOWS\system32\etynnr.exe
O4 - HKLM\..\Run: [rzucdrliq] C:\WINDOWS\system32\rzucdrliq.exe
O4 - HKLM\..\Run: [yhk] C:\WINDOWS\system32\yhk.exe
O4 - HKLM\..\RunServices: [evnbyfo] C:\WINDOWS\system32\evnbyfo.exe
O4 - HKLM\..\RunServices: [qrwryce] C:\WINDOWS\system32\qrwryce.exe
O4 - HKLM\..\RunServices: [ggutas] C:\WINDOWS\system32\ggutas.exe
O4 - HKLM\..\RunServices: [bjnl] C:\WINDOWS\system32\bjnl.exe
O4 - HKLM\..\RunServices: [etynnr] C:\WINDOWS\system32\etynnr.exe
O4 - HKLM\..\RunServices: [rzucdrliq] C:\WINDOWS\system32\rzucdrliq.exe
O4 - HKLM\..\RunServices: [nl] C:\WINDOWS\system32\nl.exe
O4 - HKLM\..\RunServices: [ukajovfbz] C:\WINDOWS\system32\ukajovfbz.exe
O4 - HKLM\..\RunServices: [wmqz] C:\WINDOWS\system32\wmqz.exe
O4 - HKLM\..\RunServices: [yhk] C:\WINDOWS\system32\yhk.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Anti-Spyware Service (AOL-AntiSpySvc) - Unknown owner - C:\WINDOWS\pchealth\aolspy.exe (file missing)
O23 - Service: AOL Loading Service (AOL-MG_SV) - Unknown owner - C:\WINDOWS\System32\Catroot\aol.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe
O23 - Service: Print Spooler Service (ysdtnduioa) - Unknown owner - C:\WINDOWS\system32\etynnr.exe
shelf life
2007-06-17, 05:26
hi webgurrl,
thats quite a collection you have.
go to start>run and type in the box:
services.msc
windows service panel will open.
under the name column look for:
Print Spooler Service
there is a >legit< one called:
Print Spooler, this one is ok
right click on print spooler service;
select properties. under the general tab:
make sure that the service status is: Stopped
and the Startup type is: disabled
click apply, then OK
----------------------------
the rest of this i would copy/paste into notepad and save it somewhere so you can read it in safe mode, first we will use hjt then llok for and delete files.
ok to reach safe mode you would tap the f8 key during a computer reestart, chose the first option from the list; safe mode.
once in safe mode:
scan with HJT, put a checkmark beside the items below, close all windows and click fix checked.
O4 - HKLM\..\Run: [xyshherdapq] C:\WINDOWS\system32\xyshherdapq.exe
O4 - HKLM\..\Run: [lsssnxwmmx] C:\WINDOWS\system32\lsssnxwmmx.exe
O4 - HKLM\..\Run: [cxmr] C:\WINDOWS\system32\cxmr.exe
O4 - HKLM\..\Run: [rmuiduqegz] C:\WINDOWS\system32\rmuiduqegz.exe
O4 - HKLM\..\Run: [oysvokgsmonu] C:\WINDOWS\system32\oysvokgsmonu.exe
O4 - HKLM\..\Run: [nl] C:\WINDOWS\system32\nl.exe
O4 - HKLM\..\Run: [yxtwwsevanlm] C:\WINDOWS\system32\yxtwwsevanlm.exe
O4 - HKLM\..\Run: [ukajovfbz] C:\WINDOWS\system32\ukajovfbz.exe
O4 - HKLM\..\Run: [wmqz] C:\WINDOWS\system32\wmqz.exe
O4 - HKLM\..\Run: [ewdr] C:\WINDOWS\system32\ewdr.exe
O4 - HKLM\..\Run: [DriveCleaner Free] "C:\Program Files\DriveCleaner Free\UDC.exe" /min
O4 - HKLM\..\Run: [UDC6cw] "C:\Program Files\DriveCleaner Free\UDC6cw.exe" -c
O4 - HKLM\..\Run: [dnse] "C:\Program Files\Common Files\DriveCleaner Free\dnse.exe" -c
O4 - HKLM\..\Run: [dcsm] "C:\Program Files\Common Files\DriveCleaner Free\dcsm.exe"
O4 - HKLM\..\Run: [SecurityUpdate] rundll32.exe C:\WINDOWS\system32\mpoqhpe.dll,TurnOn2
O4 - HKLM\..\Run: [sgdjvbcu] C:\WINDOWS\system32\sgdjvbcu.exe
O4 - HKLM\..\Run: [evnbyfo] C:\WINDOWS\system32\evnbyfo.exe
O4 - HKLM\..\Run: [qrwryce] C:\WINDOWS\system32\qrwryce.exe
O4 - HKLM\..\Run: [bjnl] C:\WINDOWS\system32\bjnl.exe
O4 - HKLM\..\Run: [etynnr] C:\WINDOWS\system32\etynnr.exe
O4 - HKLM\..\Run: [rzucdrliq] C:\WINDOWS\system32\rzucdrliq.exe
O4 - HKLM\..\Run: [yhk] C:\WINDOWS\system32\yhk.exe
O4 - HKLM\..\RunServices: [evnbyfo] C:\WINDOWS\system32\evnbyfo.exe
O4 - HKLM\..\RunServices: [qrwryce] C:\WINDOWS\system32\qrwryce.exe
O4 - HKLM\..\RunServices: [ggutas] C:\WINDOWS\system32\ggutas.exe
O4 - HKLM\..\RunServices: [bjnl] C:\WINDOWS\system32\bjnl.exe
O4 - HKLM\..\RunServices: [etynnr] C:\WINDOWS\system32\etynnr.exe
O4 - HKLM\..\RunServices: [rzucdrliq] C:\WINDOWS\system32\rzucdrliq.exe
O4 - HKLM\..\RunServices: [nl] C:\WINDOWS\system32\nl.exe
O4 - HKLM\..\RunServices: [ukajovfbz] C:\WINDOWS\system32\ukajovfbz.exe
O4 - HKLM\..\RunServices: [wmqz] C:\WINDOWS\system32\wmqz.exe
O4 - HKLM\..\RunServices: [yhk] C:\WINDOWS\system32\yhk.exe
also in safe mode do this:
using explorer(right click on start>explore) drill down to these >>> you want to delete whats >inside< the folder, not the folder itself<<
C:\Windows\Temp\
C:\Documents and Settings\-Your Profile-\Local Settings\Temporary Internet Files\ (will dump all your cached internet content including cookies)
C:\Documents and Settings\-Your Profile-\Local Settings\Temp\
C:\Documents and Settings\-Any other users Profile-\Local Settings\Temporary Internet Files\
C:\Documents and Settings\-Any other users Profile-\Local Settings\Temp\
-------------------------------------
still in safe mode, run spybot once
uninstall ewido via the add/remove programs panel. it looks like it hasnt been updated in awhile? ewido is now called avg antispyware, which we will download and run after a reboot.
----------------------------------------
reboot computer normally, first stop is to get avg antispyware:
download, install, update and scan:
http://free.grisoft.com/doc/20/lng/us/tpl/v5
---------------
is spybot up to date?
after you run avg antispyware, please rescan with hjt and post a new log.
shelf life
webgurrl
2007-06-17, 20:50
Thanks, ShelfLife.
I will follow steps and get back to you.
FYI, I have up-to-date S&D, AVG free 7.5, also up-to-date. But I use Comodo for the firewall bit, not AVG.
I usually scan in safe mode, pretty much daily. However, I found that since teenager hit the computer lately, i have to scan in safe and when logged in.
Not sure why all this stuff is getting past Comodo, though. it's got a good reputation. May have to go get Kaspersky.
Thanks.
webgurrl.
shelf life
2007-06-18, 00:43
hi webgurrl,
ok thanks for all the info.
this line in the log shows you have ewido antimalware installed?
C:\Program Files\ewido anti-malware\ewidoctrl.exe
-------------------------
this link i provided is for avg antispyware:
http://free.grisoft.com/doc/20/lng/us/tpl/v5
its AVG's antispyware scanner not AVG's antivirus scanner which you have.
they both do different things, ones for malware the others for virus.
---------------------------
a firewall only alerts you to traffic leaving your computer in which case the malware is already on your computer
--------------------------
look in add/remove programs panel and uninstall ewido if present, reboot then get avg antispyware from the link above to see what it can dig up.
shelf life
webgurrl
2007-06-18, 03:36
Thanks, Shelf Life.
I thought the AVG 7.5 anti-malware plus S&D plus the firewall would have been enough. So i need two spyware plus one malware plus the firewall.
Right, probably didn't properly clean before changing to comodo. I found some old crud lurking in system32 that pre-dated my firewall change.
i have included hjt log from safe mode, admin, teen profiles. disabled print spool services, ran s&d several times, hjt, rebooted, rinsed, repeated. still have some stuff re-appearing.
suggestions?
webgurrl
shelf life
2007-06-18, 04:01
hi webgurrl
I thought the AVG 7.5 anti-malware plus S&D plus the firewall would have been enough. So i need two spyware plus one malware plus the firewall
you dont have AVG 7.5 antimalware. you have AVG 7.5 antivirus
they are two different things, in any case dont worry about it. one antivirus, one antispyware, and a firewall is enough.
(spyware can be another term for malware)
------------------------
copied/pasted one of the logs for easier viewing:
Logfile of HijackThis v1.99.1
Scan saved at 8:24:08 PM, on 6/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [xeixk] C:\WINDOWS\system32\xeixk.exe
O4 - HKLM\..\RunServices: [xeixk] C:\WINDOWS\system32\xeixk.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
---------------------------------
scan with HJT, put a checkmark beside the items below, close all windows and click fix checked
O4 - HKLM\..\Run: [xeixk] C:\WINDOWS\system32\xeixk.exe
O4 - HKLM\..\RunServices: [xeixk] C:\WINDOWS\system32\xeixk.exe
--------------------------
look in the system32 dir and see if you can find and delete xeixk.exe
reboot, post another hjt log. please copy/paste the log in, makes it easier.
shelf life
webgurrl
2007-06-18, 05:25
Well, Shelf Life, we may finally be cleaned up here. How's it look to you?
webgurrl
Logfile of HijackThis v1.99.1
Scan saved at 10:21:40 PM, on 6/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\Catroot\aol.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\Help\aolsw.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\hijackthis\HijackThis.exe
C:\WINDOWS\System32\svchost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Anti-Spyware Service (AOL-AntiSpySvc) - Unknown owner - C:\WINDOWS\pchealth\aolspy.exe (file missing)
O23 - Service: AOL Loading Service (AOL-MG_SV) - Unknown owner - C:\WINDOWS\System32\Catroot\aol.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: AOL Spy Watch (LD-AOL-Spy_Watchv1) - Unknown owner - C:\WINDOWS\Help\aolsw.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Skyhook Wireless - C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe
webgurrl
2007-06-18, 05:44
Actually, S&D still finds the PrintSpool trojan.
ideas?
webgurrl
shelf life
2007-06-19, 00:29
hi webgurrl,
we may finally be cleaned up here. How's it look to you
i think so, the log looks good anyway.
as for spybot, do a scan-- when its done right click in the result window and select "copy results to clipboard" open notepad and plaste the results in. name it something, save it and post that in the next reply.
iam pretty sure its copy result to clipboard and not the other option copy full report to clip board. we only want what spybot is finding after the scan.
cant check now, in linux.
shelf life
webgurrl
2007-06-23, 19:23
Hi, Shelf Life:
S&D report attached. Sorry for the delay. had some health issues.
seems that whenever printspool comes up, the print spool service service (the phony one) is still disabled, so i'm not sure this is causing any harm.
have had a BHO and a downloader.zlob.bqu get past firewall this week, but it cleaned easily enough.
webgurrl
--- Search result list ---
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Security Update for Microsoft Data Access Components
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB912812
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB916281
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918439
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Outlook Express 6 / SP1: Windows XP Hotfix - KB911567
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 828026
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows Media Player 8: Security Update for Windows Media Player 8 (KB917734)
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB917734)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925454)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Update for Windows XP (KB927891)
/ Windows XP / SP3: Security Update for Windows XP (KB928090)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Security Update for Windows XP (KB929123)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931768)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP / SP3: Security Update for Windows XP (KB933566)
/ Windows XP / SP3: Security Update for Windows XP (KB935839)
/ Windows XP / SP3: Security Update for Windows XP (KB935840)
webgurrl
2007-06-23, 19:24
--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: cc6bc45dd5a58158645e7fb2953604fe
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: 2200c98c049de1a7638ea0edba1c8882
Located: HK_LM:Run, BuildBU
command: c:\dell\bldbubg.exe
file:
Located: HK_LM:Run, COMODO Firewall Pro
command: "C:\Program Files\Comodo\Firewall\CPF.exe" /background
file: C:\Program Files\Comodo\Firewall\CPF.exe
size: 1115728
MD5: 1f5882037bad07e9926f47a3a32f0931
Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: 6a66b6a314f6ef30cd1cf82a17daad52
Located: HK_LM:Run, DwlClient
command: c:\Program Files\Common Files\Dell\EUSW\Support.exe
file: c:\Program Files\Common Files\Dell\EUSW\Support.exe
size: 323584
MD5: 27b68f137ed4c85ff92db98231bf11ed
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 118784
MD5: 66a5047df0c0cec911b95b5b1e24cebc
Located: HK_LM:Run, HP Software Update
command: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: ac116f16a7716a720a45d7ea47cfd983
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\System32\igfxtray.exe
file: C:\WINDOWS\System32\igfxtray.exe
size: 155648
MD5: d24b9b36c06ca0acf7ca2c69d9bb25b5
Located: HK_LM:Run, IntelMeM
command: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
file: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: bc02e491e88492b02363ce1b384ff7a7
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 257088
MD5: f13a185cda7e3bcdccf6890d0807a1b2
Located: HK_LM:Run, PCMService
command: "C:\Program Files\Dell\Media Experience\PCMService.exe"
file: C:\Program Files\Dell\Media Experience\PCMService.exe
size: 290816
MD5: e02c0e78e5cfb01bf9d1866dba18b456
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 7fbe43046efdf24fc9375024e4d02ac9
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 1ac2c58b587c70de64582ad41ee79fba
Located: HK_LM:Run, UpdateManager
command: "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
size: 110592
MD5: 22fd4e58d69969a9165721c797d54931
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: HK_CU:Run, SpybotSD TeaTimer
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496eee0ddbe485f658693826f44d38
Located: HK_CU:Run, updateMgr
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 313472
MD5: 43f3f6d33c793089a7c32b45da16094b
webgurrl
2007-06-23, 19:25
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
BHO name:
CLSID name: AcroIEHlprObj Class
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com/products/acrobat/readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 1/12/2006 8:38:22 PM
Date (last access): 6/23/2007 11:55:16 AM
Date (last write): 1/12/2006 8:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142
--- ActiveX list ---
{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 6/19/2007 9:37:16 AM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi142_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 6:48:18 PM
Date (last access): 6/19/2007 9:37:16 AM
Date (last write): 11/19/2003 6:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 6/23/2007 12:15:36 PM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 6/23/2007 12:15:36 PM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9.ocx
Short name:
Date (created): 6/22/2006 1:44:22 PM
Date (last access): 6/23/2007 11:56:48 AM
Date (last write): 6/22/2006 1:44:22 PM
Filesize: 2201224
Attributes: readonly archive
MD5: 99F80CA1EBE95677668F54CAC6F4AD6D
CRC32: B7385E3B
Version: 9.0.16.0
webgurrl
2007-06-23, 19:27
--- Process list ---
PID: 0 ( 0) [System]
PID: 612 ( 4) \SystemRoot\System32\smss.exe
PID: 676 ( 612) \??\C:\WINDOWS\system32\csrss.exe
PID: 700 ( 612) \??\C:\WINDOWS\system32\winlogon.exe
PID: 744 ( 700) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 756 ( 700) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 936 ( 744) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1016 ( 744) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1108 ( 744) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 744) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1224 ( 744) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1508 ( 744) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1776 (1708) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1920 (1776) C:\WINDOWS\System32\hkcmd.exe
size: 118784
MD5: 66A5047DF0C0CEC911B95B5B1E24CEBC
PID: 1932 (1776) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
PID: 1944 (1776) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: 6A66B6A314F6EF30CD1CF82A17DAAD52
PID: 1952 (1776) C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: BC02E491E88492B02363CE1B384FF7A7
PID: 1960 (1776) C:\Program Files\Dell\Media Experience\PCMService.exe
size: 290816
MD5: E02C0E78E5CFB01BF9D1866DBA18B456
PID: 1992 (1776) C:\Program Files\Common Files\Dell\EUSW\Support.exe
size: 323584
MD5: 27B68F137ED4C85FF92DB98231BF11ED
PID: 2000 (1776) C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: 2200C98C049DE1A7638EA0EDBA1C8882
PID: 2012 (1776) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 1AC2C58B587C70DE64582AD41EE79FBA
PID: 2024 (1992) c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
size: 352256
MD5: 68D63D92D73146EF9A5EFD5E7F25611E
PID: 2032 (1776) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
PID: 2040 (1776) C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 7FBE43046EFDF24FC9375024E4D02AC9
PID: 132 (1776) C:\Program Files\iTunes\iTunesHelper.exe
size: 257088
MD5: F13A185CDA7E3BCDCCF6890D0807A1B2
PID: 172 (1776) C:\Program Files\Comodo\Firewall\CPF.exe
size: 1115728
MD5: 1F5882037BAD07E9926F47A3A32F0931
PID: 180 (1776) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE
PID: 424 ( 744) C:\WINDOWS\System32\Catroot\aol.exe
size: 89600
MD5: D169EC0EA8B128EC90608F009AB0E406
PID: 532 ( 744) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 312880
MD5: 5DCD235C061022BCDA9AA48670B64211
PID: 592 ( 744) C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
size: 353280
MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
PID: 820 ( 744) C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
size: 49664
MD5: 30A14F65DB477DC00A64A5A24E96919C
PID: 1084 ( 744) C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
size: 351744
MD5: C6A162BEDAA82DBE9EBF8C7EEBD2929B
PID: 1220 ( 744) C:\Program Files\Comodo\Firewall\cmdagent.exe
size: 361040
MD5: 2EDB74E72FEEB39C8906E4C8C54D91A5
PID: 1352 ( 744) C:\WINDOWS\Help\aolsw.exe
size: 84992
MD5: 140D8CFB2DA3B265AE58624CDAE4B224
PID: 1768 ( 744) C:\WINDOWS\system32\HPZipm12.exe
size: 69632
MD5: 9D84376931440F3679BEEF2A414FA493
PID: 1876 ( 744) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2084 ( 744) C:\Program Files\Viewpoint\Common\ViewpointService.exe
size: 24652
MD5: 5F974FDE801C73952770736BECDE11E7
PID: 2200 ( 744) C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe
size: 131072
MD5: B47785855FC5A92B1A49EE806F084611
PID: 2720 ( 744) C:\Program Files\iPod\bin\iPodService.exe
size: 501312
MD5: F048791C5F488F60EA5033E66B197A9E
PID: 3192 ( 744) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3592 ( 744) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 4076 (2084) C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
size: 112336
MD5: 1FF94B386646925D2B153C8A083115C7
PID: 524 (1932) C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
size: 241775
MD5: AAFA64AB947B1B566FEA961ACB2BCD93
PID: 2704 ( 612) \??\C:\WINDOWS\system32\csrss.exe
PID: 2452 ( 612) \??\C:\WINDOWS\system32\winlogon.exe
PID: 3740 (2604) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 3972 (3740) C:\WINDOWS\System32\hkcmd.exe
size: 118784
MD5: 66A5047DF0C0CEC911B95B5B1E24CEBC
PID: 4024 (3740) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
PID: 3504 (3740) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: 6A66B6A314F6EF30CD1CF82A17DAAD52
PID: 224 (3740) C:\Program Files\Dell\Media Experience\PCMService.exe
size: 290816
MD5: E02C0E78E5CFB01BF9D1866DBA18B456
PID: 2272 (3740) C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
size: 110592
MD5: 22FD4E58D69969A9165721C797D54931
PID: 3984 (3740) C:\Program Files\Common Files\Dell\EUSW\Support.exe
size: 323584
MD5: 27B68F137ED4C85FF92DB98231BF11ED
PID: 192 (3740) C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
size: 416256
MD5: 2200C98C049DE1A7638EA0EDBA1C8882
PID: 3700 (3740) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 1AC2C58B587C70DE64582AD41EE79FBA
PID: 1116 (3740) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: AC116F16A7716A720A45D7EA47CFD983
PID: 2472 (3740) C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 7FBE43046EFDF24FC9375024E4D02AC9
PID: 460 (3740) C:\Program Files\iTunes\iTunesHelper.exe
size: 257088
MD5: F13A185CDA7E3BCDCCF6890D0807A1B2
PID: 1440 (2452) C:\WINDOWS\system32\wuauclt.exe
size: 53080
MD5: 3A83A45E7DD5276315AA20245E7C32BF
PID: 3280 (3740) C:\Program Files\Comodo\Firewall\CPF.exe
size: 1115728
MD5: 1F5882037BAD07E9926F47A3A32F0931
PID: 2116 (3740) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7209069
MD5: B8E1B08FD736DBAB8DBC850CC078E5CE
PID: 2544 (3740) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE
PID: 3816 (3740) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496EEE0DDBE485F658693826F44D38
PID: 2384 (3740) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 1560 (3740) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
webgurrl
2007-06-23, 19:28
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 6/23/2007 12:15:36 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://google.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EEB2A82D-9C7A-4957-89C1-1813BFCFE060}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EEB2A82D-9C7A-4957-89C1-1813BFCFE060}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F1107D55-F085-4820-81B9-4EF15C564736}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F1107D55-F085-4820-81B9-4EF15C564736}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA682C52-60A2-46E2-9E1C-4893C61441AB}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FA682C52-60A2-46E2-9E1C-4893C61441AB}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
--- Uninstall list ---
PopsMedia Site Adviser (2SearchMedia Site Adviser)
uninstall cmd: C:\Program Files\PopsMedia Site Adviser\vm5_killer.exe
(AddressBook)
Adobe Download Manager 2.0 (Remove Only) 2.0 (AdobeESD)
uninstall cmd: "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
AIM Location Plugin 0.1.0.40 0.1.0.40 (AIM Location Plugin)
uninstall cmd: C:\Program Files\LocationPlugin\aim_location_uninstall.exe
publisher: AOL LLC
AIM Music Link 1.0.0.4 1.0.0.4 (AIM Music Link 1.0.0.4)
uninstall cmd: C:\PROGRA~1\AIMMUS~1\UNWISE.EXE C:\PROGRA~1\AIMMUS~1\INSTALL.LOG
publisher: AOL, LLC
AIM 6 (AIM_6)
uninstall cmd: C:\Program Files\AIM6\uninst.exe
(AOLOCP_Y)
AVG 7.5 (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com
(Branding)
Buddy Icon Maker 1.0.0.1 1.0.0.1 (Buddy Icon Maker 1.0.0.1)
uninstall cmd: C:\PROGRA~1\BUDDYI~1\UNWISE.EXE C:\PROGRA~1\BUDDYI~1\INSTALL.LOG
publisher: AOL, LLC
Colorizer 1.0.0.1 1.0.0.1 (Colorizer 1.0.0.1)
uninstall cmd: C:\PROGRA~1\COLORI~1\UNWISE.EXE C:\PROGRA~1\COLORI~1\INSTALL.LOG
publisher: AOL, LLC
COMODO Firewall Pro 2.4.1.92 (COMODO Firewall Pro)
uninstall cmd: C:\Program Files\Comodo\Firewall\fwconfig.exe -uninstalln
publisher: COMODO
comments: A product from COMODO.
contact: personalfirewall@comodo.com
(Connection Manager)
Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
(DirectAnimation)
(DirectDrawEx)
(dlatray.exe)
uninstall cmd: C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
(DXM_Runtime)
EphPod (EphPod)
uninstall cmd: C:\PROGRA~1\EphPod\UNWISE.EXE C:\PROGRA~1\EphPod\INSTALL.LOG
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\DOCUME~1\Jo\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
HP Imaging Device Functions 5.3 5.3 (HP Imaging Device Functions)
uninstall cmd: C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
publisher: HP
help link: http://www.hp.com/support
HP Solution Center & Imaging Support Tools 5.3 5.3 (HP Solution Center & Imaging Support Tools)
uninstall cmd: C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
publisher: HP
help link: http://www.hp.com/support
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
Inspiration 8 IE (Inspiration 8 IE)
uninstall cmd: C:\WINDOWS\unvise32.exe C:\Program Files\Inspiration 8 IE\uninstal.log
Intel(R) 537EP V9x DF PCI Modem (Intel(R) 537EP V9x DF PCI Modem)
uninstall cmd: rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem"
Jabber Messenger (Jabber Messenger)
uninstall cmd: "C:\Program Files\Jabber\Messenger\setup.exe" /c:"setup.exe /u"
publisher: Jabber, Inc.
help link: http://jabber.com
webgurrl
2007-06-23, 19:31
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339
(KB884016)
webgurrl
2007-06-23, 19:34
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428
Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587
Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060718
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519
Update for Windows XP (KB908531) 2 (KB908531)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437
Update for Windows XP (KB911280) 2 (KB911280)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060518
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564
Security Update for Windows Media Player 9 (KB911565) (KB911565)
install date: 20060718
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919
Security Update for Windows XP (KB913433) (KB913433)
uninstall cmd: C:\WINDOWS\System32\MacroMed\Flash\genuinst.exe C:\WINDOWS\System32\MacroMed\Flash\KB913433.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913433
Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446
Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580
Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388
Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389
Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281
Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595
Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344
Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422
Security Update for Windows Media Player 8 (KB917734) (KB917734_WMP8)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP8$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734
Security Update for Windows Media Player 9 (KB917734) (KB917734_WMP9)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734
Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060718
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953
Security Update for Windows XP (KB918118) 1 (KB918118)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118
Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899
Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007
Security Update for Windows XP (KB920213) 1 (KB920213)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213
Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214
Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670
Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683
Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685
Update for Windows XP (KB920872) 1 (KB920872)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872
Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398
Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883
Update for Windows XP (KB922582) 1 (KB922582)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582
Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616
Security Update for Windows XP (KB922760) 1 (KB922760)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922760
Security Update for Windows XP (KB922819) 1 (KB922819)
install date: 20061016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819
Security Update for Windows XP (KB923191) 1 (KB923191)
install date: 20061016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191
Security Update for Windows XP (KB923414) 1 (KB923414)
install date: 20061016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414
Security Update for Windows XP (KB923689) (KB923689)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689
Security Update for Windows XP (KB923694) 1 (KB923694)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923694
Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/923723
Security Update for Windows XP (KB923980) 1 (KB923980)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980
Security Update for Windows XP (KB924191) 1 (KB924191)
install date: 20061016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191
Security Update for Windows XP (KB924270) 1 (KB924270)
install date: 20061116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270
Security Update for Windows XP (KB924496) 1 (KB924496)
install date: 20061016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496
webgurrl
2007-06-23, 19:36
Security Update for Windows XP (KB924667) 1 (KB924667)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667
Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398
Security Update for Windows XP (KB925454) 1 (KB925454)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925454
Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20060927
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486
Security Update for Windows XP (KB925902) 1 (KB925902)
install date: 20070405
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925902
Security Update for Windows XP (KB926255) 1 (KB926255)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255
Security Update for Windows XP (KB926436) 1 (KB926436)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436
Security Update for Windows XP (KB927779) 1 (KB927779)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779
Security Update for Windows XP (KB927802) 1 (KB927802)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802
Update for Windows XP (KB927891) 3 (KB927891)
install date: 20070524
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927891
Security Update for Windows XP (KB928090) 1 (KB928090)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090
Security Update for Windows XP (KB928255) 1 (KB928255)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255
Security Update for Windows XP (KB928843) 1 (KB928843)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843
Security Update for Windows XP (KB929123) 1 (KB929123)
install date: 20070613
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929123
Update for Windows XP (KB929338) 1 (KB929338)
install date: 20070316
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338
Security Update for Windows XP (KB929969) 1 (KB929969)
install date: 20070113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969
Security Update for Windows XP (KB930178) 1 (KB930178)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930178
Update for Windows XP (KB930916) 1 (KB930916)
install date: 20070509
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930916
Security Update for Windows XP (KB931261) 1 (KB931261)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931261
Security Update for Windows XP (KB931768) 1 (KB931768)
install date: 20070509
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931768
Security Update for Windows XP (KB931784) 1 (KB931784)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931784
Update for Windows XP (KB931836) 1 (KB931836)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836
Security Update for Windows XP (KB932168) 1 (KB932168)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=932168
Security Update for Windows XP (KB933566) 1 (KB933566)
install date: 20070613
uninstall cmd: "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=933566
Security Update for Windows XP (KB935839) 1 (KB935839)
install date: 20070613
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935839
Security Update for Windows XP (KB935840) 1 (KB935840)
install date: 20070613
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935840
LWAway 1.0.0.1 1.0.0.1 (LWAway 1.0.0.1)
uninstall cmd: C:\PROGRA~1\LWAway\UNWISE.EXE C:\PROGRA~1\LWAway\INSTALL.LOG
publisher: AOL, LLC
Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Macromedia Shockwave Player 10.1.3.18 (Macromedia Shockwave Player)
uninstall cmd: C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
publisher: Macromedia, Inc.
help link: http://www.adobe.com/support/shockwave
Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
(Microsoft NetShow Player 2.0)
(MobileOptionPack)
Mozilla Firefox (1.5.0.4) 1.5.0.4 (en-US) (Mozilla Firefox (1.5.0.4))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.4 (en-US)"
publisher: Mozilla
(MPlayer2)
(MSI30-Beta1)
(MSI30-Beta2)
(MSI30-KB884016)
(MSI30-RC1)
(MSI30-RC2)
(MSI30a-KB884016)
(MSI31-Beta)
(MSI31-RC1)
Microsoft Text-to-Speech Engine 4.0 (English) (MSTTS)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSa22.inf, Uninstall
(NetMeeting)
NuCalc 2.0 (NuCalc 2.0)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Pacific Tech\NuCalc 2.0\Uninst.isu"
(OutlookExpress)
(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
PodUtil 3.0.2 (PodUtil_is1)
install location: C:\Program Files\PodUtil\
uninstall cmd: "C:\Program Files\PodUtil\unins000.exe"
publisher: KennettNet Software Limited
help link: http://www.kennettnet.co.uk/
Intel(R) PRO Network Adapters and Drivers (PROSet)
uninstall cmd: Prounstl.exe
(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
(RecordNow.exe)
uninstall cmd: C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
(SchedulingAgent)
(SGTRAY.EXE)
uninstall cmd: C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
Shockwave (Shockwave)
uninstall cmd: C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
publisher: Adobe Systems
help link: http://www.adobe.com/go/flashplayer_support/
Skyhook Wireless Wi-Fi Service (Skyhook Wireless Wi-Fi Service)
uninstall cmd: C:\Program Files\Skyhook Wireless\Wi-Fi Service\svcsetup.exe -u
Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe
The Rise of Atlantis (remove only) (The Rise of Atlantis)
uninstall cmd: "C:\Program Files\AOL Games\The Rise of Atlantis\Uninstall.exe"
Viewpoint Manager (Remove Only) (Viewpoint Manager)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Genuine Advantage Notifications (KB905474) 1.5.0540.0 (WgaNotify)
install date: 20060718
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474
Windows XP Service Pack 2 20040803.231319 (Windows XP Service Pack)
uninstall cmd: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113
Microsoft Encarta Encyclopedia Standard 2004 2004 ({04410044-9149-45C6-A806-F2BF9CFCE762})
version (major): 2004
version (minor): 2004
install date: 20040804
install location: C:\Program Files\Microsoft Encarta\Encarta Encyclopedia Standard Edition 2004\encarta.exe
uninstall cmd: MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
publisher: Microsoft Corporation
help link: http://support.microsoft.com
CP_Package_Variety1 53.0.13.000 ({0611BD4E-4FE4-4a62-B0C0-18A4CC463428})
version: 889192461
version (major): 53
estimated size: 7401
install date: 20060921
install source: E:\setup\CP_Package_Variety1\
publisher: Hewlett-Packard
QuickTime 7.1.6.200 ({08094E03-AFE4-4853-9D31-6D0743DF5328})
version: 117506054
version (major): 7
version (minor): 1
estimated size: 72259
install date: 20070531
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\IXP197.TMP\
uninstall cmd: MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
Destinations 53.0.13.000 ({09984AEC-6B9F-4ca7-B78D-CB44D4771DA3})
version: 889192461
version (major): 53
estimated size: 16085
install date: 20060921
install source: E:\setup\Destinations\
publisher: Hewlett-Packard
Sonic Update Manager 2.9 ({09DA4F91-2A09-4232-AB8C-6BC740096DE3})
version: 34144256
version (major): 2
version (minor): 9
install date: 20040804
uninstall cmd: MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
publisher: Sonic Solutions
AiO_Scan 50.0.206.000 ({0B33B738-AD79-4E32-90C5-E67BFB10BBFF})
version: 838861006
version (major): 50
estimated size: 483
install date: 20060921
install source: E:\setup\AiO_Scan\
publisher: Hewlett-Packard
Dell Solution Center 1.00.0000 ({11F1920A-56A2-4642-B6E0-3B31A12C9288})
version: 16777216
version (major): 1
install date: 20040804
uninstall cmd: MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
publisher: Dell
help link: http://www.support.dell.com
help telephone: http://www.support.dell.com
Sonic DLA 4.90 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 73007104
version (major): 4
version (minor): 90
install date: 20040804
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Sonic Solutions
help link: http://support.sonic.com/
CP_Package_Variety3 53.0.13.000 ({1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A})
version: 889192461
version (major): 53
estimated size: 8617
install date: 20060921
install source: E:\setup\CP_Package_Variety3\
publisher: Hewlett-Packard
Microsoft Money 2004 12.0.50 ({1D643CD7-4DD6-11D7-A4E0-000874180BB3})
version: 201326642
version (major): 12
estimated size: 142507
install date: 20040804
install location: C:\Program Files\Microsoft Money\
install source: d:\
uninstall cmd: MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
publisher: Microsoft
comments: The Installation database contains the logic and data required to install Money 2004
help link: http://support.microsoft.com
help telephone: (800) 936-5700
5600 50.0.206.000 ({2466E904-7E48-4597-9321-722CF02930EB})
version: 838861006
version (major): 50
estimated size: 230
install date: 20060921
install source: C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\Product\
publisher: Hewlett-Packard
Dell Media Experience ({2637C347-9DAD-11D6-9EA2-00055D0CA761})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Unload 5.0.0 ({2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C})
version: 83886080
version (major): 5
estimated size: 7950
install date: 20060921
install source: E:\setup\UnloadIntent\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
TrayApp 53.0.13.000 ({30C19FF2-7FBA-4d09-B9DE-1659977F64F6})
version: 889192461
version (major): 53
estimated size: 698
install date: 20060921
install source: E:\setup\TrayApp\
publisher: Hewlett-Packard
J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060602
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06plus-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt
WebFldrs XP 9.50.6513 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2508
install date: 20040320
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows
Internet Explorer Default Page 1.00.03 ({35BDEFF1-A610-4956-A00D-15453C116395})
version: 16777219
version (major): 1
install date: 20040804
uninstall cmd: MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
publisher: Dell Inc.
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 0
MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061116
install source: c:\8dadcca8dcd0ff9435dd1b2a4bbb\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978
Modem On Hold 1.12 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version (major): 1
version (minor): 12
install location: C:\Program Files\Modem On Hold
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc
Dell Support 2.1.1.0 ({43FCA273-9534-40DB-B7C5-D7758875616A})
version: 33619969
version (major): 2
version (minor): 1
install date: 20040804
uninstall cmd: MsiExec.exe /X{43FCA273-9534-40DB-B7C5-D7758875616A}
publisher: Dell
comments: Go to http://support.dell.com
contact: http://support.dell.com
help link: http://support.dell.com
help telephone: 1-800-BUY-DELL
readme: 0
Banctec Service Agreement 1.00.0005 ({4B9F45E8-E3CE-40B4-9463-80A9B3481DEF})
version: 16777221
version (major): 1
install date: 20040804
publisher: Dell
comments: Go to http://support.dell.com.
contact: Dell Support
help link: http://support.dell.com
help telephone: 0
NewCopy 50.0.206.000 ({54E3707F-808E-4fd4-95C9-15D1AB077E5D})
version: 838861006
version (major): 50
estimated size: 2021
install date: 20060921
install source: E:\setup\newcopy\
publisher: Hewlett-Packard
WebReg 53.0.13.000 ({56F8AFC3-FA98-4ff1-9673-8A026CBF85BE})
version: 889192461
version (major): 53
estimated size: 529
install date: 20060921
install source: E:\setup\WebReg\
publisher: Hewlett-Packard
HP PSC & OfficeJet 5.3.B ({5B79CFD1-6845-4158-9D7D-6BE89DF2C135})
uninstall cmd: "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
publisher: HP
help link: http://www.hp.com/support
eSupportQFolder 1.00.0000 ({66E6CE0C-5A1E-430C-B40A-0C90FF1804A8})
version: 16777216
version (major): 1
estimated size: 124
install date: 20060921
install source: E:\setup\QFolder\
publisher: Hewlett-Packard
webgurrl
2007-06-23, 19:38
PowerDVD 5.1 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Dell Networking Guide 1.00.0001 ({68D60342-7686-45C9-B8EB-40EF843D0460})
version: 16777217
version (major): 1
install date: 20040804
publisher: Dell
comments: Go to http://support.dell.com.
contact: Dell Support
help link: http://support.dell.com
help telephone: 0
readme: 0
HP Photosmart Essential 1.9.1.3 ({6994491D-D491-48F1-AE1F-E179C1FFFC2F})
version: 17367041
version (major): 1
version (minor): 9
estimated size: 9329
install date: 20070330
install location: C:\Program Files\HP\Photosmart Essential\
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
publisher: HP
DocProc 5.2.0.0 ({6BB6627C-694F-4FDC-A3E5-C7F4BED4C724})
version: 84017152
version (major): 5
version (minor): 2
estimated size: 76186
install date: 20060921
install source: E:\setup\DocProc\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
iTunes 7.2.0.34 ({6E93572D-F31E-496F-8B2F-F400B3A2BC4E})
version: 117571584
version (major): 7
version (minor): 2
estimated size: 52014
install date: 20070531
install location: C:\Program Files\iTunes\
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\IXP197.TMP\
uninstall cmd: MsiExec.exe /I{6E93572D-F31E-496F-8B2F-F400B3A2BC4E}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030})
version (major): 1
version (minor): 4
estimated size: 140020
install date: 20040804
install source: C:\Documents and Settings\Administrator\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt
AiOSoftware 50.0.206.000 ({7850A6D2-CBEA-4728-9877-F1BEDEA9F619})
version: 838861006
version (major): 50
estimated size: 5187
install date: 20060921
install source: E:\setup\AiOSoftware\
publisher: Hewlett-Packard
Modem Event Monitor ({7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9
ProductContext 50.0.206.000 ({7C9B95B7-B598-4398-B30F-7F6827192E6C})
version: 838861006
version (major): 50
estimated size: 3765
install date: 20060921
install source: C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\
publisher: Hewlett-Packard
Modem Helper 2.25 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software
Jasc Paint Shop Pro 8 Dell Edition 8.10.0000 ({81A34902-9D0B-4920-A25C-4CDC5D14B328})
version: 134873088
version (major): 8
version (minor): 10
install date: 20040804
uninstall cmd: MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
publisher: Jasc Software Inc
comments: Jasc Software Inc Paint Shop Pro 8
contact: Customer Support Department
help link: http://www.jasc.com/support2.asp
help telephone: (952) 930-9171
Intel(R) Extreme Graphics 2 Driver ({8A708DD8-A5E6-11D4-A706-000629E95E20})
uninstall cmd: RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})
version: 50331655
version (major): 3
estimated size: 192
install date: 20070330
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\pftC9.tmp\
publisher: Hewlett-Packard
HP Update 4.000.005.007 ({8C6027FD-53DC-446D-BB75-CACD7028A134})
version: 67108869
version (major): 4
estimated size: 3597
install date: 20070330
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\pftC9.tmp\
uninstall cmd: MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
publisher: Hewlett-Packard
contact: http://www.hp.com/support
Microsoft Money 2004 System Pack 12.0.80 ({8C64E145-54BA-11D6-91B1-00500462BE80})
version: 201326672
version (major): 12
estimated size: 2304
install date: 20040804
install location: C:\WINDOWS\System32\
install source: d:\
uninstall cmd: MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
publisher: Microsoft
comments: Installs system components used by Microsoft Money 2004.
help link: http://support.microsoft.com
help telephone: (800) 936-5700
Help and Support Customization 1.00.0000 ({90D55A3F-1D99-4C94-A77E-46DC14F0BF08})
version: 16777216
version (major): 1
install date: 20040804
publisher: Dell
contact: http://www.support.dell.com
help link: http://www.support.dell.com
help telephone: http://www.support.dell.com
readme: 0
Readme 50.0.206.000 ({923A7F5A-1E8C-4FBE-8DF6-85940A60A79F})
version: 838861006
version (major): 50
estimated size: 56
install date: 20060921
install source: E:\setup\readme\
publisher: Hewlett-Packard
Sonic RecordNow! 7.10 ({9541FED0-327F-4DF0-8B96-EF57EF622F19})
version: 118095872
version (major): 7
version (minor): 10
install date: 20040804
uninstall cmd: MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
publisher: Sonic Solutions
help link: http://support.sonic.com/
ScannerCopy 5.2.0.0 ({A195B13E-A5E3-4BAF-A995-7F70F445CD06})
version: 84017152
version (major): 5
version (minor): 2
estimated size: 5017
install date: 20060921
install source: E:\setup\ScannerCopy\
publisher: Hewlett-Packard
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Apple Software Update 1.1.0.3 ({A260B422-70E1-41E2-957D-F76FA21266D5})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 2472
install date: 20070310
install location: C:\Program Files\Apple Software Update\
install source: C:\DOCUME~1\Isaac\LOCALS~1\Temp\IXP345.TMP\
uninstall cmd: MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273
Intel(R) PROSet 6.05.2001 ({A790BEB1-BCCF-4EC6-807B-5708B36E8A79})
version: 100992977
version (major): 6
version (minor): 5
install date: 20040804
uninstall cmd: MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
publisher: Intel
comments: Intel(R) PROSet installation package
contact: Intel Customer Support
help link: http://support.intel.com
TI Connect 1.6 1.6 ({A8B94669-8654-4126-BD28-D0