Hello, Spybot found OPACHKI.RU also AVG anti virus has been detecting
two cookies when I start the Firefox browser. The cookies also come up sometimes when starting or updating other things. One of the cookies is called DEALTIME ?

Thank you very much !

My Hyjackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:30:02 PM, on 2/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dimension E 310\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\BILLPS~1\TASKCA~1\tasktrap.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) -
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://firepass.manh.com/vdesk/terminal/urTermProxy.cab#version=5500,0,50803,1
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193645868421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator) - https://firepass.manh.com/vdesk/terminal/ur5250x.cab#version=5500,0,0909,1
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://firepass.manh.com/vdesk/terminal/urxhost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hookdll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 13156 bytes

Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Failure to reply within 5 days will result in the topic being closed.
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly http://www.countingcows.de/laechel.gif

Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------



Download and Run RSIT

Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:

log.txt will be opened maximized.
info.txt will be opened minimized.

Please post the contents of both log.txt and info.txt.
( They can also be found in the C:\RSIT folder )



GMER Rootkit Detector

Please download GMER Rootkit Scanner from Here (http://www.gmer.net/gmer.zip) or Here (http://majorgeeks.com/downloadget.php?id=5198&file=15&evp=3f18075291813a665b2a25536a70b307)

***Please close any open programs ***
Extract the contents of the zip file to your desktop.
Disable your onboard Anti Virus and any other Active protection programs you have installed.
Double-click gmer.exe. The program will begin to run.

Note:- If GMER doesn't run, please Reboot and then rename gmer.exe to Look.exe and try again

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst


If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO,
Now use the following settings for a more complete scan..

http://i51.photobucket.com/albums/f387/Katana_1970/th_Gmer_initScan-1.gif (http://i51.photobucket.com/albums/f387/Katana_1970/Gmer_initScanfull.gif)
Click the image to enlarge it

In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.

Once the scan is complete, you may receive another notice about rootkit activity. If you recive it, click OK.

Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.


DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

Please post the results from the GMER scan in your reply.


----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.

RSIT Logs
GMER Log

Hi Katana,

Thanks for your help! Everything worked well with the " RSIT "
The scan with " GMER " went well with the first short scan, but the
second longer scan seemed to start out fine then slowed down. I let
it run 12 hours and it was still scanning but very slowly. I'll post the
RSIT log and try running the GMER again. Is it possible I did not disable
all of my security software or something ?


RSIT LOGS

info.txt logfile of random's system information tool 1.06 2010-03-04 13:07:19

======Uninstall list======

-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\InstallShield Installation Information\{2460923D-1AA6-47FE-A375-76308780D20F}\setup.exe -runfromtemp -l0x0009
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{684CB795-C157-4E15-93D4-E26015FEF1EA}\Setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->msiexec /qb /x {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Acrobat.com-->MsiExec.exe /I{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
AOL Coach Version 1.0(Build:20040229.1 en)-->C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe
AOLIcon-->MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft MediaConverter 2.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{638EBB3E-04BC-40DB-9176-DDEC2C5CB2BC}\Setup.exe" -l0x9
ArcSoft MediaImpression-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18472E28-FCA0-421F-BDAC-AC65012E29F2}\Setup.exe" -l0x9
ArcSoft PhotoImpression 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64A3CFFC-C4CC-41C4-91EC-402002D93FDC}\setup.exe" -l0x9
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1AlbumPage
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Calendar
ArcSoft Print Creations - Photo Prints-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1PhotoPrint
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E8B84D19-125A-4F62-879D-CD4D642CA109}\Setup.exe" -l0x9
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C82E335E-2D1A-49B4-814B-0C60769F0C2A}\setup.exe" -l0x9
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon Camera Access Library-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CIF USB CAMERA-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\DC3110.txt
Conexant D850 56K V.9x DFVc Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Corel Photo Album 6-->MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console-->"C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digimax Master-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe" -l0x9 -removeonly
Digital Content Portal-->MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Digital Video-->C:\Program Files\InstallShield Installation Information\{C833C7B6-1140-471D-932B-391B5CA66D7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Documentation & Support Launcher-->MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EducateU-->MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon-->MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
ffdshow [rev 1692] [2007-12-09]-->"C:\Program Files\ffdshow\unins000.exe"
fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
Games, Music, & Photos Launcher-->MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
Get High Speed Internet!-->MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
getPlus(R)_ocx-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Dimension E 310\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
HP LaserJet P1000 series-->C:\Program Files\Avago-HP\{a756a063-9b0e-4240-8c51-a05f759fecbb}\uninstall.exe SYSTEMHORNET "C:\Program Files\Avago-HP\{a756a063-9b0e-4240-8c51-a05f759fecbb}"
HPCarePackCore-->MsiExec.exe /I{7B02BF60-796D-4616-908B-B31A63CFDEFB}
HPCarePackProducts-->MsiExec.exe /I{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}
HPSSupply-->MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet for Wired Connections-->MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher-->MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
interneTIFF 8.0-FREE (IE Browser)-->"C:\Program Files\InstallShield Installation Information\{21873256-A9DF-4F6B-8F37-6515B4A1989B}\setup.exe" -runfromtemp -l0x0009 -removeonly
iPhone Configuration Utility-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
iTunes-->MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_2b8386\Setup.exe /APR-REMOVE
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft VC9 runtime libraries-->MsiExec.exe /I{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MrvlUsgTracking-->MsiExec.exe /I{A82D052A-0806-42DF-80CD-1730A1AC0ED3}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Musicmatch for Windows Media Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}\setup.exe" -l0x9 remove
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
NetZeroInstallers-->MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Norton Ghost 10.0-->MsiExec.exe /X{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
Outpost Firewall 2009-->"C:\Program Files\Agnitum\Outpost Firewall\unins000.exe"
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Samsung USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe" anything
Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sophos Anti-Rootkit 1.5.0-->C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Task Catcher-->C:\WINDOWS\uninst.exe -f"C:\Program Files\BillP Studios\Task Catcher\DeIsL2.isu" -cC:\PROGRA~1\BILLPS~1\TASKCA~1\_ISREG32.DLL
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WebCyberCoach 3.2 Dell-->"C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar-->MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2009-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordPerfect Office 12-->MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

======Hosts File======

127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 banners.absolpublisher.com
127.0.0.1 tracking.absolstats.com

======Security center information======

AV: AVG Anti-Virus Free
FW: Outpost Firewall

======System event log======

Computer Name: D1Q826B1
Event Code: 7000
Message: The Zune Bus Enumerator Driver service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 78093
Source Name: Service Control Manager
Time Written: 20091231205037.000000-300
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting for a transaction response from the avg9wd service.

Record Number: 78085
Source Name: Service Control Manager
Time Written: 20091231130933.000000-300
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 7000
Message: The Zune Bus Enumerator Driver service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 78065
Source Name: Service Control Manager
Time Written: 20091231125411.000000-300
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 7000
Message: The Zune Bus Enumerator Driver service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 78036
Source Name: Service Control Manager
Time Written: 20091230214030.000000-300
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 7000
Message: The Zune Bus Enumerator Driver service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 78015
Source Name: Service Control Manager
Time Written: 20091230091151.000000-300
Event Type: error
User:

=====Application event log=====

Computer Name: D1Q826B1
Event Code: 1020
Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.

Record Number: 20034
Source Name: ASP.NET 1.1.4322.0
Time Written: 20091027160958.000000-240
Event Type: warning
User:

Computer Name: D1Q826B1
Event Code: 1
Message: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 2376 ,Logged:

Success:
C:\Program Files\Windows Installer Clean Up\msizap.exe TW! {B508B3F1-A24A-32C0-B310-85786919EF28}

Record Number: 20015
Source Name: VBRuntime
Time Written: 20091027153348.000000-240
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 1
Message: The VB Application identified by the event source logged this Application MSICUU: Thread ID: 2376 ,Logged:

Success:
C:\Program Files\Windows Installer Clean Up\msizap.exe TW! {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Record Number: 20014
Source Name: VBRuntime
Time Written: 20091027153312.000000-240
Event Type: error
User:

Computer Name: D1Q826B1
Event Code: 1023
Message: Product: Microsoft .NET Framework 3.0 Service Pack 1 - Update 'NET Framework WPF 2 x86 ' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\dd_NET_Framework30_Setup591D.txt.

Record Number: 19999
Source Name: MsiInstaller
Time Written: 20091027035651.000000-240
Event Type: error
User: D1Q826B1\Dimension E 310

Computer Name: D1Q826B1
Event Code: 1023
Message: Product: Microsoft .NET Framework 3.0 Service Pack 1 - Update 'NET Framework WPF 3' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\dd_NET_Framework30_Setup591D.txt.

Record Number: 19998
Source Name: MsiInstaller
Time Written: 20091027035651.000000-240
Event Type: error
User: D1Q826B1\Dimension E 310

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Common Files\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"tvdumpflags"=8
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

This is the second log. Hope I got it right as I do not know
much about computers.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Dimension E 310 at 2010-03-04 13:05:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 78 GB (71%) free of 110 GB
Total RAM: 502 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:07:10 PM, on 3/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dimension E 310\Local Settings\Temporary Internet Files\Content.IE5\4IS6O0Y1\RSIT[1].exe
C:\Documents and Settings\Dimension E 310\My Documents\Downloads\Dimension E 310.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Task Catcher] C:\PROGRA~1\BILLPS~1\TASKCA~1\tasktrap.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.uspto.gov
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) -
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://firepass.manh.com/vdesk/terminal/urTermProxy.cab#version=5500,0,50803,1
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193645868421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator) - https://firepass.manh.com/vdesk/terminal/ur5250x.cab#version=5500,0,0909,1
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://firepass.manh.com/vdesk/terminal/urxhost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hookdll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 12910 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\HP WEP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-09-08 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-12 1484056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe []
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2009-10-10 320832]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2009-12-31 2033432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Task Catcher"=C:\PROGRA~1\BILLPS~1\TASKCA~1\tasktrap.exe [2005-11-14 136760]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]
""= []
"hpbdfawep"=C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 954368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

C:\Documents and Settings\Dimension E 310\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hookdll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-11-03 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Common Files\AOL\1170479121\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1170479121\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1cefd58e-d133-11dd-b580-00038a000015}]
shell\AutoRun\command - J:\.\Vado\Vado.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 3 months======

2010-03-04 13:05:31 ----D---- C:\rsit
2010-03-03 17:15:07 ----A---- C:\WINDOWS\system32\tifftek32.dll
2010-03-03 17:15:07 ----A---- C:\WINDOWS\system32\TiffDLL50.dll
2010-03-03 17:15:07 ----A---- C:\WINDOWS\system32\tiff2pdf.dll
2010-03-03 17:15:07 ----A---- C:\WINDOWS\system32\iSED.dll
2010-03-03 17:15:06 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll
2010-03-03 17:15:06 ----A---- C:\WINDOWS\system32\LTKRN12N.DLL
2010-03-03 17:15:06 ----A---- C:\WINDOWS\system32\LFTIF12N.DLL
2010-03-03 17:15:06 ----A---- C:\WINDOWS\system32\LFFAX12N.DLL
2010-03-03 17:15:05 ----A---- C:\WINDOWS\system32\LTIMG12N.DLL
2010-03-03 17:15:05 ----A---- C:\WINDOWS\system32\LTFIL12N.DLL
2010-03-03 17:15:05 ----A---- C:\WINDOWS\system32\LTDLG12N.DLL
2010-03-03 17:15:05 ----A---- C:\WINDOWS\system32\LTDIS12n.dll
2010-03-03 17:15:04 ----D---- C:\Program Files\Innomage
2010-02-24 23:18:30 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2010-02-24 22:33:55 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2010-02-24 22:32:36 ----D---- C:\Program Files\HP
2010-02-24 22:32:13 ----A---- C:\WINDOWS\system32\WRes1200.txt
2010-02-24 22:32:12 ----A---- C:\WINDOWS\system32\W600dpi.txt
2010-02-24 22:32:12 ----A---- C:\WINDOWS\system32\HRes600.txt
2010-02-24 22:32:12 ----A---- C:\WINDOWS\system32\HRes1200.txt
2010-02-24 22:32:12 ----A---- C:\WINDOWS\system32\HPPLVS.dll
2010-02-24 22:32:12 ----A---- C:\WINDOWS\system32\HP1006LM.DLL
2010-02-24 22:29:38 ----HD---- C:\Program Files\Avago-HP
2010-02-24 22:22:08 ----SHD---- C:\WINDOWS\ftpcache
2010-02-24 08:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-13 01:25:58 ----D---- C:\Program Files\iTunes
2010-02-13 01:23:36 ----D---- C:\Program Files\QuickTime
2010-02-13 01:20:20 ----D---- C:\Program Files\Apple Software Update
2010-02-13 01:19:19 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2010-02-13 01:17:58 ----D---- C:\Program Files\Common Files\Apple
2010-02-10 14:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 14:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 13:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 13:55:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 13:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 13:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 13:55:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 13:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 13:54:14 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-01-26 23:25:40 ----D---- C:\Documents and Settings\Dimension E 310\Application Data\Mozilla
2010-01-26 23:25:00 ----D---- C:\Program Files\Mozilla Firefox
2010-01-26 22:58:21 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-01-26 22:57:10 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-26 22:57:10 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-26 22:57:10 ----A---- C:\WINDOWS\system32\java.exe
2010-01-14 21:36:52 ----D---- C:\Program Files\Xvid
2010-01-13 15:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-14 09:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-10 13:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-10 13:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-10 13:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-10 13:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-10 13:33:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 3 months======

2010-03-04 13:04:14 ----D---- C:\WINDOWS\Prefetch
2010-03-04 12:39:11 ----D---- C:\WINDOWS\Temp
2010-03-04 12:16:29 ----A---- C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
2010-03-04 12:10:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-04 11:21:28 ----SD---- C:\WINDOWS\Tasks
2010-03-04 11:11:08 ----D---- C:\WINDOWS
2010-03-04 11:10:43 ----D---- C:\WINDOWS\Registration
2010-03-04 02:13:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-03 20:52:32 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-03 17:15:07 ----D---- C:\WINDOWS\system32
2010-03-03 17:15:04 ----D---- C:\Program Files
2010-03-03 17:14:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-02 18:31:56 ----A---- C:\VETlog.txt
2010-03-02 18:31:30 ----A---- C:\WINDOWS\win.ini
2010-02-27 14:39:37 ----D---- C:\WINDOWS\ERDNT
2010-02-26 11:31:00 ----D---- C:\Program Files\SpywareBlaster
2010-02-25 16:11:26 ----SHD---- C:\WINDOWS\Installer
2010-02-24 23:11:59 ----HD---- C:\WINDOWS\inf
2010-02-24 23:11:47 ----D---- C:\WINDOWS\twain_32
2010-02-24 23:11:46 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-02-24 22:34:29 ----RSD---- C:\WINDOWS\assembly
2010-02-24 22:34:19 ----D---- C:\WINDOWS\WinSxS
2010-02-24 22:30:51 ----RD---- C:\WINDOWS\Fonts
2010-02-24 20:54:23 ----A---- C:\WINDOWS\lexstat.ini
2010-02-24 20:54:20 ----D---- C:\temp
2010-02-24 08:56:16 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-24 08:55:43 ----A---- C:\WINDOWS\imsins.BAK
2010-02-13 01:26:49 ----D---- C:\Program Files\iPod
2010-02-13 01:19:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-13 01:19:41 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-13 01:19:41 ----D---- C:\WINDOWS\system32\drivers
2010-02-13 01:17:58 ----D---- C:\Program Files\Common Files
2010-02-12 12:01:16 ----A---- C:\WINDOWS\dellstat.ini
2010-02-05 09:32:23 ----D---- C:\Program Files\Google
2010-02-01 14:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-26 22:58:15 ----D---- C:\Program Files\Common Files\Java
2010-01-26 22:57:02 ----D---- C:\Program Files\Java
2010-01-23 03:11:44 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-01-22 15:13:16 ----D---- C:\Program Files\Internet Explorer
2010-01-22 12:30:19 ----D---- C:\WINDOWS\ie8updates
2010-01-19 11:04:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-01-19 11:04:05 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-18 02:34:26 ----D---- C:\Program Files\Common Files\Adobe
2010-01-18 02:34:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-18 02:32:59 ----D---- C:\Program Files\Adobe
2010-01-18 02:09:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-14 22:39:27 ----D---- C:\Documents and Settings\Dimension E 310\Application Data\ArcSoft
2010-01-14 21:39:55 ----D---- C:\Program Files\ArcSoft
2009-12-24 22:22:35 ----D---- C:\Documents and Settings\Dimension E 310\Application Data\Apple Computer
2009-12-21 14:14:05 ----A---- C:\WINDOWS\system32\wininet.dll
2009-12-21 14:14:05 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-12-21 14:14:04 ----A---- C:\WINDOWS\system32\occache.dll
2009-12-21 14:14:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-12-21 14:14:03 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-12-21 14:14:03 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-12-21 14:14:03 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-12-21 14:14:03 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-12-21 14:14:03 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-12-21 14:14:02 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-12-21 14:14:01 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-12-21 08:19:18 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-12-17 17:14:00 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-16 13:43:27 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-14 09:42:29 ----D---- C:\WINDOWS\AppPatch
2009-12-14 09:24:22 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-12-14 02:08:23 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-12-13 21:56:39 ----D---- C:\WINDOWS\Minidump
2009-12-13 00:13:34 ----D---- C:\WINDOWS\network diagnostic
2009-12-10 13:47:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 00:53:44 ----A---- C:\WINDOWS\system32\jscript.dll
2009-12-08 14:26:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-12-08 13:43:51 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-12-08 04:23:28 ----A---- C:\WINDOWS\system32\shlwapi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-03 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-03 28424]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-10 360584]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 V2IMount;V2IMount; C:\WINDOWS\system32\drivers\V2IMount.sys [2005-12-07 56240]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-17 1042432]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-11-17 212224]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 SoC PC-Camera Service;CIF USB CAMERA; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-02-10 127692]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-17 680704]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys []
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CoachUsb;Coach Digital Camera on USB; C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-01-22 46944]
S3 CoachVc;Coach Video Capture; C:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 44256]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\57A.tmp []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2009-11-03 906520]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-03 285392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2007-01-09 198248]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2007-01-09 181864]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2005-12-07 53248]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-05 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2007-01-09 79464]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 Norton Ghost;Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2005-12-07 2066072]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2006-06-19 822424]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

There is no obvious sign of any problems in your log, but we will look a bit deeper.

One thing to note, I see you have WinPatrol and TeaTimer running. You only need one of those active as they perform similar functions.


----------------------------------------------------------------------------------------
Step 1

Spybot Report
Please retrieve the last scan that you did with Spybot

Open Spybot S&D
Click Mode (on the top bar)
Put a check next to Advanced. Click Yes at the prompt.
Click Tools (left hand column near the bottom)
Click View Report (left hand column near the top)
Put a tick next to
Include results of last check in report
Include ActiveX list in report
Include startup list in report
Include uninstall list in report
(make sure that the rest are unchecked)
Click View Report (top of page)
Click Export (top of page)
Save the report to your desktop

Please post this report in your reply

----------------------------------------------------------------------------------------
Step 2

Malwarebytes' Anti-Malware
I notice that you have MBAM installed, please do the following

Start MalwareBytes AntiMalware

Update Malwarebytes' Anti-Malware
Select the Update tab
Click Update

When the update is complete, select the Scanner tab
Select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If you accidently close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.

Spybot Log
MalwareBytes Log

Hello Katana,

Im not sure why I could not get the GMER to work, it did the same thing as before. The first scan ran fine but the second one started out fast then slowed to a stop ? Malwarebytes never seems to detect anything. Spybot does ( this time I did not do a fix ) and AVG.I was wondering when do you do a fix when you get a notice of a cookie,malware,virus or spyware ect... and when do you have a problem looked at? These are the logs from SPYBOT & MALWAREBYTES. I am trying to figure out how to use Winpatrol to delay some start up programs,but I didn't know they did about the same things.




--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---

2008-08-14 blindman.exe (1.0.0.8)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-08-14 SDFiles.exe (1.6.0.4)
2008-08-14 SDMain.exe (1.0.0.6)
2008-08-14 SDShred.exe (1.0.2.3)
2008-08-14 SDUpdate.exe (1.6.0.9)
2008-08-14 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-02-27 unins000.exe (51.49.0.0)
2008-08-14 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2010-02-17 Includes\Adware.sbi
2010-03-02 Includes\AdwareC.sbi
2010-01-25 Includes\Cookies.sbi
2009-11-03 Includes\Dialer.sbi
2010-03-02 Includes\DialerC.sbi
2010-01-25 Includes\HeavyDuty.sbi
2009-05-26 Includes\Hijackers.sbi
2010-03-02 Includes\HijackersC.sbi
2010-01-20 Includes\Keyloggers.sbi
2010-03-02 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2010-03-02 Includes\Malware.sbi
2010-03-02 Includes\MalwareC.sbi
2009-03-25 Includes\PUPS.sbi
2010-03-02 Includes\PUPSC.sbi
2010-01-25 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2010-03-02 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2010-03-02 Includes\Spyware.sbi
2010-03-02 Includes\SpywareC.sbi
2009-06-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi
2010-03-03 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll


--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Adobe ARM
command: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
file: C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
size: 948672
MD5: 73BB442A717B9BB0097C243374C14A3E

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 35760
MD5: 466CE40EAA865752F4930A472563E4E1

Located: HK_LM:Run, AVG9_TRAY
command: C:\PROGRA~1\AVG\AVG9\avgtray.exe
file: C:\PROGRA~1\AVG\AVG9\avgtray.exe
size: 2033432
MD5: 72A7A352072EB6EC4953F9F580463B0D

Located: HK_LM:Run, DellSupportCenter
command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
size: 206064
MD5: 3917664C26B4344768C288BBA6FEFCB6

Located: HK_LM:Run, DLA
command: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
file: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
size: 122940
MD5: CEFD0E35B35AFD9D1C2FEC9AF81AFDB8

Located: HK_LM:Run, DMXLauncher
command: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
file: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, ehTray
command: C:\WINDOWS\ehome\ehtray.exe
file: C:\WINDOWS\ehome\ehtray.exe
size: 67584
MD5: 7E48B4958C131E9643DDCD2E7CA3FE9F

Located: HK_LM:Run, hpbdfawep
command: C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
file: C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe
size: 954368
MD5: E98CFB0C92E3A8E5C6F530D28D3DBD80

Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 82ADC58B63E069AC4641A33EA9841E54

Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: A0E2FFB7B0FCE82AA3BCC3105306C45C

Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 94208
MD5: 5656D65A9A9F1E3D68D64A350CFF1732

Located: HK_LM:Run, ISUSPM Startup
command: "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
file: C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
size: 249856
MD5: 9E109B03018763FDCB075CE74547BE22

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 583B7D111304BE63D7D9CB65482D2187

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 141608
MD5: 8DC7685764B22DB97891012026FA7ED1

Located: HK_LM:Run, OutpostFeedBack
command: "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
file: C:\Program Files\Agnitum\Outpost Firewall\feedback.exe
size: 428032
MD5: 43129B804AC901F45DFDF3D3153B882D

Located: HK_LM:Run, OutpostMonitor
command: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
file: C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
size: 2374464
MD5: B4A1F482599FB41878B4EF8363282A4D

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
file: C:\Program Files\Common Files\Java\Java Update\jusched.exe
size: 246504
MD5: E0D6538B62C79FCBF0B27F95FAF3208B

Located: HK_LM:Run, Task Catcher
command: C:\PROGRA~1\BILLPS~1\TASKCA~1\tasktrap.exe
file: C:\PROGRA~1\BILLPS~1\TASKCA~1\tasktrap.exe
size: 136760
MD5: BE869F82F392E53AFBCC3592B1226E3C

Located: HK_LM:Run, WinPatrol
command: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
file: C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
size: 320832
MD5: 5F53750CEA64C8D5882D808718A7074A

Located: HK_CU:Run, DellSupport
where: PE_C_ADMINISTRATOR...
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: B75FDBF14073D72C50624CC8338DD534

Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-1420787331-2628367206-2861657422-1005...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3

Located: HK_CU:Run, DellSupport
where: S-1-5-21-1420787331-2628367206-2861657422-1005...
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: B75FDBF14073D72C50624CC8338DD534

Located: HK_CU:Run, DellSupportCenter
where: S-1-5-21-1420787331-2628367206-2861657422-1005...
command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
size: 206064
MD5: 3917664C26B4344768C288BBA6FEFCB6

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1420787331-2628367206-2861657422-1005...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 2260480
MD5: 390679F7A217A5E73D756276C40AE887

Located: Startup (common), Digital Line Detect.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46

Located: Startup (user), ERUNT AutoBackup.lnk
where: C:\Documents and Settings\Dimension E 310\Start Menu\Programs\Startup...
command: C:\Program Files\ERUNT\AUTOBACK.EXE
file: C:\Program Files\ERUNT\AUTOBACK.EXE
size: 38912
MD5: E00DE20F0F6BED5CD2160247DDC9443B

Located: WinLogon, avgrsstarter
command: avgrsstx.dll
file: avgrsstx.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!



--- ActiveX list ---
{22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher)
DPF name:
CLSID name: F-Secure Online Scanner Launcher
Installer: C:\WINDOWS\Downloaded Program Files\fslauncher.inf
Codebase: http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
Path: C:\WINDOWS\DOWNLO~1\
Long name: fslauncher.dll
Short name: FSLAUN~1.DLL
Date (created): 10/19/2009 5:27:20 PM
Date (last access): 3/6/2010 5:00:40 PM
Date (last write): 10/19/2009 5:27:20 PM
Filesize: 401008
Attributes: archive
MD5: 4161F5E93ECFC6222002D02BFED46EE4
CRC32: 1C2E3279
Version: 1.0.0.1

{2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner)
DPF name:
CLSID name: F5 Networks CacheCleaner
Installer: C:\WINDOWS\Downloaded Program Files\cachecleaner.inf
Codebase:
description:
classification: Open for discussion
known filename: cachecleaner.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: cachecleaner.dll
Short name: CACHEC~1.DLL
Date (created): 2/2/2007 10:56:02 PM
Date (last access): 2/27/2010 8:04:24 PM
Date (last write): 9/21/2005 3:38:28 PM
Filesize: 108400
Attributes: archive
MD5: B08E3F1175B64B343A4E6F3152646207
CRC32: 1FE02115
Version: 5500.0.50921.1

{44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class)
DPF name:
CLSID name: Symantec Script Runner Class
Installer: C:\WINDOWS\Downloaded Program Files\tgctlsr.inf
Codebase: https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
description:
classification: Legitimate
known filename: tgctlsr.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: tgctlsr.dll
Short name:
Date (created): 3/26/2009 3:48:46 PM
Date (last access): 3/6/2010 5:00:42 PM
Date (last write): 3/26/2009 3:48:46 PM
Filesize: 583104
Attributes: archive
MD5: 5CE55F303C27B9D7150347CA099881D9
CRC32: 6478A04C
Version: 6.9.2894.0

{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Installer: C:\WINDOWS\Downloaded Program Files\MsnPUpld.inf
Codebase: http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
description:
classification: Legitimate
known filename: MsnPUpld.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnPUpld.dll
Short name:
Date (created): 6/20/2006 2:44:04 PM
Date (last access): 2/27/2010 8:04:28 PM
Date (last write): 6/20/2006 2:44:04 PM
Filesize: 379704
Attributes: archive
MD5: D2FB109C3F0DAAAA4A73E5921656DB3E
CRC32: A13093E8
Version: 10.0.913.0

{6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel)
DPF name:
CLSID name: F5 Networks SSLTunnel
Installer: C:\WINDOWS\Downloaded Program Files\urTermProxy.inf
Codebase: https://firepass.manh.com/vdesk/terminal/urTermProxy.cab#version=5500,0,50803,1
description:
classification: Legitimate
known filename: urTermProxy.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: urTermProxy.dll
Short name: URTERM~1.DLL
Date (created): 2/2/2007 11:00:48 PM
Date (last access): 2/27/2010 8:04:28 PM
Date (last write): 8/3/2005 1:22:12 PM
Filesize: 835968
Attributes: archive
MD5: E8ADFE0783BC6F86048DABA76056A66C
CRC32: 17113456
Version: 5500.0.50803.1

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193645868421
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 7/30/2007 6:18:34 PM
Date (last access): 3/6/2010 5:05:30 PM
Date (last write): 8/6/2009 6:23:46 PM
Filesize: 215920
Attributes: archive
MD5: A1350D646EF6E57E8F4F33EBE7320D08
CRC32: AB3CA24F
Version: 7.4.7600.226

{7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control)
DPF name:
CLSID name: OnlineScanner Control
Installer: C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf
Codebase: http://download.eset.com/special/eos/OnlineScanner.cab
Path: C:\PROGRA~1\ESET\ESETON~1\
Long name: OnlineScanner.ocx
Short name: ONLINE~1.OCX
Date (created): 11/8/2009 8:42:12 PM
Date (last access): 3/6/2010 5:00:42 PM
Date (last write): 10/26/2009 3:45:44 PM
Filesize: 3356232
Attributes: archive
MD5: B933ED3DB918479B8AB39BDD445DB37B
CRC32: 7376E693
Version: 1.0.0.6211

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_18
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_18.dll
Short name: NPJPI1~1.DLL
Date (created): 12/17/2009 3:02:50 PM
Date (last access): 2/27/2010 7:47:10 PM
Date (last write): 12/17/2009 5:14:02 PM
Filesize: 136992
Attributes: archive
MD5: FD681B5B1CEC8B3181E63A3CC9A8C5EF
CRC32: 23BC9EDD
Version: 6.0.180.7

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{B8693DEF-98AC-43FC-AA00-E7D728334C80} (F5 Networks 5250 Terminal emulator)
DPF name:
CLSID name: F5 Networks 5250 Terminal emulator
Installer: C:\WINDOWS\Downloaded Program Files\ur5250x.inf
Codebase: https://firepass.manh.com/vdesk/terminal/ur5250x.cab#version=5500,0,0909,1
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ur5250x.dll
Short name:
Date (created): 2/2/2007 10:59:34 PM
Date (last access): 2/27/2010 8:04:28 PM
Date (last write): 9/9/2005 8:06:32 PM
Filesize: 181120
Attributes: archive
MD5: 4D7A9B893013E61B869FA6ACDD6B87B8
CRC32: 47507FF9
Version: 5500.0.909.1

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name:
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ()
DPF name:
CLSID name:
Installer:
Codebase:

{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_18
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_18.dll
Short name: NPJPI1~1.DLL
Date (created): 12/17/2009 3:02:50 PM
Date (last access): 3/6/2010 5:41:58 PM
Date (last write): 12/17/2009 5:14:02 PM
Filesize: 136992
Attributes: archive
MD5: FD681B5B1CEC8B3181E63A3CC9A8C5EF
CRC32: 23BC9EDD
Version: 6.0.180.7

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_18
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre6\bin\
Long name: npjpi160_18.dll
Short name: NPJPI1~1.DLL
Date (created): 12/17/2009 3:02:50 PM
Date (last access): 3/6/2010 5:41:58 PM
Date (last write): 12/17/2009 5:14:02 PM
Filesize: 136992
Attributes: archive
MD5: FD681B5B1CEC8B3181E63A3CC9A8C5EF
CRC32: 23BC9EDD
Version: 6.0.180.7

{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class)
DPF name:
CLSID name: get_atlcom Class
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://www.adobe.com/products/acrobat/nos/gp.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash10e.ocx
Short name:
Date (created): 1/26/2010 7:58:36 PM
Date (last access): 3/6/2010 5:00:44 PM
Date (last write): 1/26/2010 7:58:36 PM
Filesize: 3981080
Attributes: readonly archive
MD5: C06E6E160F34CE092301BD2B29067F3F
CRC32: D922F8F5
Version: 10.0.45.2

{E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control)
DPF name:
CLSID name: F5 Networks Host Control
Installer: C:\WINDOWS\Downloaded Program Files\urxhost.inf
Codebase: https://firepass.manh.com/vdesk/terminal/urxhost.cab
description:
classification: Open for discussion
known filename: urxhost.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: urxhost.dll
Short name:
Date (created): 9/28/2005 2:02:14 PM
Date (last access): 2/27/2010 8:04:28 PM
Date (last write): 9/28/2005 2:02:14 PM
Filesize: 363376
Attributes: archive
MD5: B6E4CC6C5ECEEC468BCB99A4B72CAC6F
CRC32: 67ECA82D
Version: 5500.0.50928.1

{E2883E8F-472F-4FB0-9522-AC9BF37916A7} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

(MobileOptionPack)

Canon MovieEdit Task for ZoomBrowser EX 2.2.0.13 (MovieEditTask)
install location: C:\Program Files\Canon\ZoomBrowser EX\Program
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"

Mozilla Firefox (3.6) 3.6 (en-US) (Mozilla Firefox (3.6))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

(MPlayer2)

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20091103
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087

MSN (MSNINST)
uninstall cmd: C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

(MSVC9RT Redist package_N)

(NetMeeting)

Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20070115
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Canon Utilities PhotoStitch 3.1.17.41 (PhotoStitch)
install location: C:\Program Files\Canon\PhotoStitch
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"

Intel(R) PRO Network Connections Drivers (PROSet)
uninstall cmd: Prounstl.exe

Canon RAW Image Task for ZoomBrowser EX 2.3.0.11 (RAW Image Task)
install location: C:\Program Files\Canon\RAW Image Task
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
install location: C:\Program Files\Real\RealPlayer\realplay.exe
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
publisher: RealNetworks
comments: Play, Save, and Organize your music and videos, Burn a CD, or simply take your music with you.
contact: RealNetworks

Canon RemoteCapture Task for ZoomBrowser EX 1.5.0.5 (RemoteCaptureTask)
install location: C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"

(SchedulingAgent)

Secunia PSI (Secunia PSI)
uninstall cmd: "C:\Program Files\Secunia\PSI\uninstall.exe"

Sophos Anti-Rootkit 1.5.0 1.5.0 (Sophos-AntiRootkit)
uninstall cmd: C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
publisher: Sophos Plc
help link: http://www.sophos.com/

SpywareBlaster 4.2 4.2.0 (SpywareBlaster_is1)
install date: 20090910
install location: C:\Program Files\SpywareBlaster\
uninstall cmd: "C:\Program Files\SpywareBlaster\unins000.exe"
publisher: Javacool Software LLC

Learn2 Player (Uninstall Only) (StreetPlugin)
uninstall cmd: C:\Program Files\Learn2.com\StRunner\stuninst.exe

Task Catcher (Task Catcher)
uninstall cmd: C:\WINDOWS\uninst.exe -f"C:\Program Files\BillP Studios\Task Catcher\DeIsL2.isu" -cC:\PROGRA~1\BILLPS~1\TASKCA~1\_ISREG32.DLL

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

(Wdf01000)

(Wdf01001)

(Wdf01005)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Wdf01007)
install date: 20080618
uninstall cmd: "C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

WebCyberCoach 3.2 Dell (WebCyberCoach_wtrb)
uninstall cmd: "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"

Windows Genuine Advantage Validation Tool (KB892130) 1.7.0069.2 (WGA)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130

Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
install date: 20070328
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

(WIC)

Windows Live Toolbar 03.01.0146 (Windows Live Toolbar)
uninstall cmd: "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
publisher: Microsoft Corporation

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 3 20080414.031525 (Windows XP Service Pack)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=936929

WinPatrol 2009 17.0.2010.0 (WinPatrol)
version (major): 17
install date: 2009-11-12 12:30:44
install location: C:\Program Files\BillP Studios\WinPatrol
install source: C:\Documents and Settings\Dimension E 310\Local Settings\Temporary Internet Files\Content.IE5\6UQ5XFNY
uninstall cmd: C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
publisher: BillP Studios
contact: support@winpatrol.com
help link: http://www.winpatrol.com

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20080618
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20091103
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20080618
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

Xvid 1.1.3 final uninstall 1.1 (Xvid_is1)
install location: C:\Program Files\Xvid\
uninstall cmd: "C:\Program Files\Xvid\unins000.exe"
publisher: Xvid team (Koepi)
help link: http://forum.doom9.org/forumdisplay.php?f=52

Canon Utilities ZoomBrowser EX 5.6.0.27 (ZoomBrowser EX)
install location: C:\Program Files\Canon\ZoomBrowser EX\Program
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 9.0.30729.4148 ({002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C})
version: 151025673
version (major): 9
estimated size: 149
install date: 20090728
install source: c:\d962ddc0a7dff71545fd\
uninstall cmd: MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
publisher: Microsoft Corporation

ArcSoft Print Creations - Slimline Card ({007B37D9-0C45-4202-834B-DD5FAAE99D63})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\PhotoCard
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Slimline
publisher: ArcSoft

VC 9.0 Runtime 1.0.0 ({02E89EFC-7B07-4D5A-AA03-9EC0902914EE})
version: 16777216
version (major): 1
estimated size: 3158
install date: 20090609
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\060909180103\
uninstall cmd: MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
publisher: Check Point Software Technologies Ltd

kgchlwn 5.03.0000.0002 ({03EDED24-8375-407D-A721-4643D9768BE1})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 209
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgchlwn\
uninstall cmd: MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Bonjour 1.0.106 ({07287123-B8AC-41CE-8346-3D777245C35B})
version: 16777322
version (major): 1
estimated size: 493
install date: 20090615
install location: C:\Program Files\Bonjour\
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

ESSSONIC 6.4.0000.0001 ({073F22CE-9A5B-4A40-A604-C7270AC6BF34})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 4041
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sonic\
uninstall cmd: MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Roxio RecordNow Data 2.0.4 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554436
version (major): 2
install date: 20060619
uninstall cmd: MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Roxio

OpenOffice.org Installer 1.0 1.0.9221 ({0D499481-22C6-4B25-8AC2-6D3F6C885FB9})
version: 16786437
version (major): 1
estimated size: 2450
install date: 20081112
install location: C:\Program Files\Sun\OpenOffice.org Installer 1.0\
install source: http://javadl-esd.sun.com/update/1.6.0/sp-1.6.0_07/sp3/
uninstall cmd: MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
publisher: Sun Microsystems
comments: OpenOffice.org Installer 1.0 (en-US) (OOG680m5(Build:9221))[CWS:c18v001]
help link: http://www.sun.com/getopenoffice

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20060619
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20071029
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

kgchday 5.03.0000.0002 ({11F3F858-4131-4FFA-A560-3FE282933B6E})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 5965
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgchday\
uninstall cmd: MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Roxio DLA 5.2.0 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 84017152
version (major): 5
version (minor): 2
install date: 20060619
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Roxio
help link: http://support.sonic.com/

Windows Installer Clean Up 3.00.00.0000 ({121634B0-2F4B-11D3-ADA3-00C04F52DD52})
version: 50331648
version (major): 3
estimated size: 305
install date: 20091027
install source: C:\Program Files\MSECACHE\WICU3\
uninstall cmd: MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
publisher: Microsoft Corporation

MarketResearch 90.0.142.000 ({13F00518-807A-4B3A-83B0-A7CD90F3A398})
version: 1509949582
version (major): 90
estimated size: 3655
install date: 20100224
install source: E:\
publisher: Hewlett-Packard

QuickTime 7.65.17.80 ({1451DE6B-ABE1-4F62-BE9A-B363A17588A2})
version: 121700369
version (major): 7
version (minor): 65
estimated size: 79173
install date: 20100213
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP193.TMP\
uninstall cmd: MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

ESSPCD 6.04.0000.0001 ({14D4ED84-6A9A-45A0-96F6-1753768C3CB5})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 205
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\ESSpcd\
uninstall cmd: MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
publisher: EASTMAN KODAK Company
comments: _
contact: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _

ArcSoft MediaImpression ({18472E28-FCA0-421F-BDAC-AC65012E29F2})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18472E28-FCA0-421F-BDAC-AC65012E29F2}\Setup.exe" -l0x9
publisher: ArcSoft

interneTIFF 8.0-FREE (IE Browser) 8.00.00.0 ({21873256-A9DF-4F6B-8F37-6515B4A1989B})
version: 134217728
install date: 20100303
install location: C:\Program Files\Innomage\interneTIFFX
install source: C:\Documents and Settings\Dimension E 310\Local Settings\Temporary Internet Files\Content.IE5\R3BHV7RM\itiff-XF-8[1].exe
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{21873256-A9DF-4F6B-8F37-6515B4A1989B}\setup.exe" -runfromtemp -l0x0009 -removeonly
publisher: Innomage
help link: http://www.internetiff.com

Windows Live Sign-in Assistant 4.000.249.1 ({22B3CC30-77B8-419C-AA4B-F571FDF5D66D})
version: 67109113
version (major): 4
estimated size: 1112
install date: 20070101
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
publisher: Microsoft Corporation

1.0.0.0 ({2460923D-1AA6-47FE-A375-76308780D20F})
version: 16777216
install date: 20081225
install location: C:\Program Files\ffdshow
install source: E:\ffdshow\ffdshow.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{2460923D-1AA6-47FE-A375-76308780D20F}\setup.exe -runfromtemp -l0x0009

({26A24AE4-039D-4CA4-87B4-2F83216015FB})

Java(TM) 6 Update 18 6.0.180 ({26A24AE4-039D-4CA4-87B4-2F83216017FF})
version: 100663466
version (major): 6
estimated size: 93224
install date: 20091104
install location: C:\Program Files\Java\jre6\
install source: C:\Documents and Settings\Dimension E 310\Application Data\Sun\Java\jre1.6.0_17\
uninstall cmd: MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre6\README.txt

({26A24AE4-039D-4CA4-87B4-2F83216018FB})

hppusgP1000 000.000.00003 ({2767DEDE-EA9D-4FCE-A06A-40F4DD293330})
version: 3
estimated size: 546
install date: 20100224
install source: E:\hppusgP1000\
publisher: Hewlett-Packard

essvatgt 6.04.0000.0001 ({2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 137
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSvatgt\
uninstall cmd: MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
publisher: EASTMAN KODAK Company
contact: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _

Google Earth 5.1.7938.4346 ({2EAF7E61-068E-11DF-953C-005056806466})
version: 83959554
version (major): 5
version (minor): 1
estimated size: 71243
install date: 20100205
install location: C:\Program Files\Google\Google Earth\
install source: C:\WINDOWS\TEMP\7ZipSfx.000\
uninstall cmd: MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466}
publisher: Google

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
install date: 20060619
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

Norton Ghost 10.0 10.0.0.9528 ({32F720F5-2D0D-4245-A2B0-9EB3CECF8101})
version: 167772160
version (major): 10
estimated size: 87793
install date: 20060619
install location: C:\Program Files\Norton Ghost\
install source: C:\dell\GF010\
uninstall cmd: MsiExec.exe /X{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}
publisher: Symantec
comments: Symantec Inc.
contact: Customer Support Department
help link: http://www.symantec.com/support
help telephone:
readme: "C:\Program Files\Norton Ghost\SHARED\Readme.txt"

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20060619
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=9647

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2472
install date: 20050816
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

NetZeroInstallers 1.0.0 ({352310C3-E46B-42D3-8F32-54721FDD72D9})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
publisher: NetZero, Inc.
contact: NetZero, Inc.

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20070108
install source: c:\9cdb7cf2ee3eb4e6d0df64bd88\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

NetWaiting 2.5.12 ({3F92ABBB-6BBF-11D5-B229-002078017FBF})
version (major): 2
version (minor): 5
install location: C:\Program Files\NetWaiting
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc

Apple Application Support 1.1.0 ({3FA365DF-2D68-45ED-8F83-8C8A33E65143})
version: 16842752
version (major): 1
version (minor): 1
estimated size: 34868
install date: 20100213
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP193.TMP\
uninstall cmd: MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

8.00.0005 ({403EF592-953B-4794-BCEF-ECAB835C2095})
version: 134217733
version (major): 8
install date: 20060619
install source: C:\dell\PD428\
uninstall cmd: MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

ESScore 6.04.0000.0003 ({42938595-0D83-404D-9F73-F8177FDD531A})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 20772
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESScore\
uninstall cmd: MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
publisher: EASTMAN KODAK Company
comments:
contact:
help link: http://www.kodak.com/go/easysharesupport
help telephone:

Dell CinePlayer 3.0 ({43CAC9A1-1993-4F65-9096-7C9AFC2BBF54})
version: 50331648
version (major): 3
install date: 20060619
uninstall cmd: MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
publisher: Dell

netbrdg 6.04.0000.0001 ({4537EA4B-F603-4181-89FB-2953FC695AB1})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 114
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\netbrdg\
uninstall cmd: MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

ELIcon 1.00.0000 ({4667B940-BB01-428B-986E-A0CC46497BF7})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

Java Auto Updater 2.0.1.2 ({4A03706F-666A-4037-7777-5F2748764D10})
version: 33554433
version (major): 2
estimated size: 1193
install date: 20100126
install source: C:\Documents and Settings\Dimension E 310\Application Data\Sun\Java\AU\
publisher: Sun Microsystems, Inc.

skin0001 6.04.0000.0004 ({5316DFC9-CE99-4458-9AB3-E8726EDE0210})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 11425
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\SKIN0001\
uninstall cmd: MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

ArcSoft Print Creations - Photo Book ({56589DFE-0C29-4DFE-8E42-887B771ECD23})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\PhotoBook
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1PhotoBook
publisher: ArcSoft

Windows Live Messenger 8.1.0178.00 ({571700F0-DB9D-4B3A-B03D-35A14BB5939F})
version: 134283442
version (major): 8
version (minor): 1
estimated size: 31835
install date: 20081001
install source: C:\WINDOWS\Installer\MSN Messenger 8.1.0178\
uninstall cmd: MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
publisher: Microsoft Corporation

hppMSRedist 1.00.0000 ({58ECE031-9AAD-4011-B34A-BC78E77527E2})
version: 16777216
version (major): 1
estimated size: 2868
install date: 20100224
install source: E:\
publisher: Hewlett-Packard

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20060619
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

Sonic Activation Module 1.0 ({5B6BE547-21E2-49CA-B2E2-6A5F470593B1})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
publisher: Sonic Solutions

SHASTA 6.04.0000.0001 ({605A4E39-613C-4A12-B56F-DEFBE6757237})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 3857
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\SHASTA\
uninstall cmd: MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
publisher: EASTMAN KODAK Company
comments: _
contact: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _

fflink 6.02.1001.0001 ({608D2A3C-6889-4C11-9B54-A42F45ACBFDB})
version: 100795369
version (major): 6
version (minor): 2
estimated size: 209
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\fflink\
uninstall cmd: MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

AOLIcon 1.00.0000 ({62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C})
version: 16777216
version (major): 1
estimated size: 648
install date: 20060619
install source: C:\dell\KC999\
uninstall cmd: MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

ArcSoft MediaConverter 2.5 ({638EBB3E-04BC-40DB-9176-DDEC2C5CB2BC})
version (major): 2
install location: C:\Program Files\ArcSoft\MediaConverter 2.5
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{638EBB3E-04BC-40DB-9176-DDEC2C5CB2BC}\Setup.exe" -l0x9
publisher: ArcSoft

ESSBrwr 6.04.0000.0001 ({643EAE81-920C-4931-9F0B-4B343B225CA6})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 264
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Essbrwr\
uninstall cmd: MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
publisher: EASTMAN KODAK Company
comments: _
contact: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _

ArcSoft PhotoImpression 5 ({64A3CFFC-C4CC-41C4-91EC-402002D93FDC})
version (major): 5
install location: C:\Program Files\ArcSoft\PhotoImpression 5
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64A3CFFC-C4CC-41C4-91EC-402002D93FDC}\setup.exe" -l0x9
publisher: ArcSoft

({684CB795-C157-4E15-93D4-E26015FEF1EA})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{684CB795-C157-4E15-93D4-E26015FEF1EA}\Setup.exe" -l0x9

kgckids 6.03.0001.0001 ({693C08A7-9E76-43FF-B11E-9A58175474C4})
version: 100859905
version (major): 6
version (minor): 3
estimated size: 1129
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgckids\
uninstall cmd: MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Apple Software Update 2.1.1.116 ({6956856F-B6B3-4BE0-BA0B-8F495BE32033})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 2208
install date: 20100213
install location: C:\Program Files\Apple Software Update\
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP193.TMP\
uninstall cmd: MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Digital Content Portal 1.00.0000 ({6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
publisher: Dell
comments: Dell Download Center
contact: Customer Support Department
help link: http://support.dell.com/
help telephone: http://support.dell.com/

Acrobat.com 1.7.186 ({6D8D64BE-F500-55B6-705D-DFD08AFE0624})
version: 17236154
version (major): 1
version (minor): 7
estimated size: 1663
install date: 20090909
install location: C:\Program Files\Adobe\Acrobat.com
install source: C:\Documents and Settings\Dimension E 310\Local Settings\Temp\fla59F.tmp\
uninstall cmd: MsiExec.exe /I{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
publisher: Adobe Systems Incorporated

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20060619
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20060619
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 8.0.50727.4053 ({770657D0-A123-3C07-8E44-1C83EC895118})
version: 134268455
version (major): 8
estimated size: 109
install date: 20090728
install source: c:\5303859faf81e63557d8cb44\
uninstall cmd: MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
publisher: Microsoft Corporation

HPSSupply 2.1.1.0000 ({7902E313-FF0F-4493-ACB1-A8147B78DCD0})
version: 33619969
version (major): 2
version (minor): 1
estimated size: 987
install date: 20100224
install location: C:\Program Files\HP\HPSSUPPLY\
install source: E:\DTSS\
uninstall cmd: MsiExec.exe /X{7902E313-FF0F-4493-ACB1-A8147B78DCD0}
publisher: Hewlett Packard Development Company L.P.
help link: http://www.hp.com/go/support

Microsoft VC9 runtime libraries 1.0.0 ({797EE0CA-8165-405C-B5CE-F11EC20F1BB0})
version: 16777216
version (major): 1
estimated size: 1439
install date: 20090118
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\
uninstall cmd: MsiExec.exe /I{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}
publisher: AOL LLC
comments: MSVC 9 Runtime libraries
contact: AOL LLC

Get High Speed Internet! 1.00.0000 ({7A3F0566-5E05-4919-9C98-456F6B5CF831})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: http://support.dell.com/

HPCarePackCore 10.0.0.1 ({7B02BF60-796D-4616-908B-B31A63CFDEFB})
version: 167772160
version (major): 10
estimated size: 4289
install date: 20100224
install source: E:\
uninstall cmd: MsiExec.exe /I{7B02BF60-796D-4616-908B-B31A63CFDEFB}
publisher: Hewlett-Packard
help link: http://www.hp.com
readme: 0

DellSupport 6.0.3062 ({7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D})
version: 100666358
version (major): 6
estimated size: 15145
install date: 20070418
install location: C:\Program Files\DellSupport\
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\gac110.tmp.dir\Release_01_3062\
uninstall cmd: MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
publisher: Dell
comments: .
contact: .
help link: http://support.dell.com/support/topics/global.aspx/support/kb/en/document?dn=1091989
help telephone: .

Modem Helper 2.40 ({7F142D56-3326-11D5-B229-002078017FBF})
install location: C:\Program Files\Modem Helper
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software

Microsoft Visual C++ 2005 Redistributable 8.0.59193 ({837b34e3-7c30-493c-8f6a-2b0f04e2912c})
version: 134276921
version (major): 8
estimated size: 5380
install date: 20091103
install source: C:\Documents and Settings\All Users\Application Data\Temp\AVG\
uninstall cmd: MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
publisher: Microsoft Corporation

Intel(R) PROSet for Wired Connections 9.20.0000 ({83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA})
version: 152305664
version (major): 9
version (minor): 20
estimated size: 14669
install date: 20060619
install source: C:\dell\PD428\
uninstall cmd: MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
publisher: Dell
comments: Intel(R) PROSet installation package
contact: Dell Customer Support
help link: http://support.dell.com

Musicmatch® Jukebox 10.10.0097 ({85D3CC30-8859-481A-9654-FD9B74310BEF})
version: 168427617
install location: C:\Program Files\Musicmatch\Musicmatch Jukebox
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst

MSXML 4.0 SP2 (KB954430) 4.20.9870.0 ({86493ADD-824D-4B8E-BD72-8C5DCDC52A71})
version: 68429454
version (major): 4
version (minor): 20
estimated size: 2729
install date: 20081114
install source: c:\a8bebb3afbdfbbdfb4\
uninstall cmd: MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/954430

Samsung USB Driver ({86D6A20D-3910-4441-A3E5-EB6977251C86})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe" anything

staticcr 6.04.0000.0005 ({8943CE61-53BD-475E-90E1-A580869E98A2})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 21
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\static\
uninstall cmd: MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

ESSTOOLS 5.00.0000.0004 ({8A502E38-29C9-49FA-BCFA-D727CA062589})
version: 83886080
version (major): 5
estimated size: 1573
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSTOOLS\
uninstall cmd: MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Intel(R) Graphics Media Accelerator Driver 6.14.10.4410 ({8A708DD8-A5E6-11D4-A706-000629E95E20})
uninstall cmd: RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582

kgcvday 5.03.0000.0002 ({8A8664E1-84C8-4936-891C-BC1F07797549})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 2693
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgcvday\
uninstall cmd: MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Corel Photo Album 6 6.33 ({8A9B8148-DDD7-448F-BD6C-358386D32354})
version: 102825984
version (major): 6
version (minor): 33
estimated size: 91036
install date: 20060619
uninstall cmd: MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
publisher: Corel, Inc.
comments: Installs Corel Photo Album 6
contact: Corel Customer Service
help link: http://www.corel.com/support
help telephone: U.S. 1-800-772-6735 Outside U.S. +441628 581601, UK: 0870 774 0202

ESSini 6.04.0000.0001 ({8E92D746-CD9F-4B90-9668-42B74C14F765})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 73
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSini\
uninstall cmd: MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
publisher: EASTMAN KODAK Company
comments:
contact:
help link: http://www.kodak.com/go/easysharesupport
help telephone:

ESSgui 6.04.0000.0001 ({91517631-A9F3-4B7C-B482-43E0068FD55A})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 7898
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\ESSgui\
uninstall cmd: MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
publisher: EASTMAN KODAK Company
comments:
contact:
help link: http://www.kodak.com/go/easysharesupport
help telephone:

ArcSoft Print Creations ({948A3F91-22EE-4E24-B4E0-BADB972357F4})
version (major): 2
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9
publisher: ArcSoft

Microsoft Application Error Reporting 12.0.6012.5000 ({95120000-00B9-0409-0000-0000000FF1CE})
version: 201332604
version (major): 12
estimated size: 8935
install date: 20080618
install source: C:\WINDOWS\SoftwareDistribution\Download\bd29afd3f639530bf85ce5815b193bba\img\
publisher: Microsoft Corporation
help link: http://support.microsoft.com

ArcSoft Print Creations - Funhouse ({9591C049-5CAE-4E89-A8D9-191F1899628B})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\Funhouse
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Funhouse
publisher: ArcSoft

ArcSoft Print Creations - Photo Prints ({95F875CC-1B85-43E6-B3E0-13EA04F3D995})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\PhotoPrint
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1PhotoPrint
publisher: ArcSoft

Sonic Encoders 1.00 ({9941F0AA-B903-4AF4-A055-83A9815CC011})
version: 16777216
version (major): 1
estimated size: 4037
install date: 20050816
install source: d:\OEM\CONTENT\Extras\Sonic\
uninstall cmd: MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
publisher: Sonic Solutions

VPRINTOL 6.04.0000.0001 ({999D43F4-9709-4887-9B1A-83EBB15A8370})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 281
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\VPRINTOL\
uninstall cmd: MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729 ({9A25302D-30C0-39D9-BD6F-21E6EC160475})
version: 151025673
version (major): 9
estimated size: 10524
install date: 20090627
install source: c:\fca671dac9007822499079ed4d\
uninstall cmd: MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
publisher: Microsoft Corporation

kgcinvt 5.03.0000.0003 ({9BD54685-1496-46A5-AB62-357CD140ED8B})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 2625
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgcinvt\
uninstall cmd: MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

kgcmove 6.03.0001.0001 ({A1588373-1D86-4D44-86C9-78ABD190F9CC})
version: 100859905
version (major): 6
version (minor): 3
estimated size: 261
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgcmove\
uninstall cmd: MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Adobe AIR 1.5.3.9120 ({A2BCA9F1-566C-4805-97D1-7FDC93386723})
version: 17104899
version (major): 1
version (minor): 5
estimated size: 31395
install date: 20091214
install location: c:\Program Files\Common Files\Adobe AIR\
install source: c:\docume~1\dimens~1\locals~1\temp\air3a.tmp\
uninstall cmd: MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
publisher: Adobe Systems Inc.

Microsoft .NET Framework 3.0 Service Pack 2 3.2.30729 ({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7})
version: 50493449
version (major): 3
version (minor): 2
estimated size: 87528
install date: 20091029
install source: c:\24c9ce4e054cf2507c3481adc4\dotnetfx30\
uninstall cmd: MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=98075

({A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483)

EducateU 1.00.0000 ({A683A2C0-821C-486F-858C-FA634DB5E864})
version: 16777216
version (major): 1
install date: 20060619
uninstall cmd: MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: http://support.dell.com

MrvlUsgTracking 1.0.7 ({A82D052A-0806-42DF-80CD-1730A1AC0ED3})
version: 16777223
version (major): 1
estimated size: 144
install date: 20100224
install source: E:\
uninstall cmd: MsiExec.exe /I{A82D052A-0806-42DF-80CD-1730A1AC0ED3}
publisher: Marvell
contact: Marvell

Google Update Helper 1.2.183.17 ({A92DAB39-4E2C-4304-9AB6-BC44E68B55E2})
version: 16908471
version (major): 1
version (minor): 2
estimated size: 28
install date: 20100225
install source: C:\Program Files\Google\Update\1.2.183.17\
uninstall cmd: MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
publisher: Google Inc.

Apple Mobile Device Support 2.6.0.32 ({AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE})
version: 33947648
version (major): 2
version (minor): 6
estimated size: 43037
install date: 20100213
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP193.TMP\
uninstall cmd: MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

Roxio RecordNow Audio 2.0.4 ({AB708C9B-97C8-4AC9-899B-DBF226AC9382})
version: 33554436
version (major): 2
install date: 20060619
uninstall cmd: MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
publisher: Roxio

Adobe Reader 9.3.1 9.3.1 ({AC76BA86-7AD7-1033-7B44-A93000000001})
version: 151191553
version (major): 9
version (minor): 3
estimated size: 221951
install date: 20100219
install source: C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
readme: C:\Program Files\Adobe\Reader 9.0\Readme.htm

ESSCDBK 6.04.0000.0001 ({AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 457
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\Esscdbk\
uninstall cmd: MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
publisher: EASTMAN KODAK Company
comments: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _

Digimax Master 1.0.24 ({AEC0CEBC-0FC7-4716-8222-1C4A742719B1})
version: 16777240
install date: 20061231
install location: C:\Program Files\Samsung\Digimax Master
install source: E:\Digimax Master\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe" -l0x9 -removeonly
publisher: Samsung

WordPerfect Office 12 12.01 ({AF19F291-F22F-4798-9662-525305AE9E48})
version: 201392128
version (major): 12
version (minor): 1
install date: 20060619
install location: C:\Program Files\WordPerfect Office 12\
uninstall cmd: MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
publisher: Corel Corporation
comments: Installs WordPerfect Office 12
contact: Corel Customer Service
help link: http://www.corel.com/support
readme: file:///C:\Program Files\WordPerfect Office 12\Programs\ReadMe.htm

ArcSoft Print Creations - Scrapbook ({B0D83FCD-9D42-43ED-8315-250326AADA02})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\ScrapBook
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1ScrapBook
publisher: ArcSoft

Documentation & Support Launcher 1.00.0000 ({B0DF58A2-40DF-4465-AA56-38623EC9938C})
version: 16777216
version (major): 1
install date: 20060619
install location: C:\Program Files\Dell\Launcher\DS\
uninstall cmd: MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
publisher: Dell Inc.

Roxio RecordNow Copy 2.0.4 ({B12665F4-4E93-4AB4-B7FC-37053B524629})
version: 33554436
version (major): 2
install date: 20060619
uninstall cmd: MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
publisher: Roxio

OfotoXMI 6.04.0000.0001 ({B162D0A6-9A1D-4B7C-91A5-88FB48113C45})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 1037
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\Sysext\OFOTOXMI\
uninstall cmd: MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
publisher: EASTMAN KODAK Company
comments: _
contact: _
help link: http://www.kodak.com/go/easysharesupport
help telephone: _
readme: _

Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20090227
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

CCScore 6.02.1001.0001 ({B4B44FE7-41FF-4DAD-8C0A-E406DDA72992})
version: 100795369
version (major): 6
version (minor): 2
estimated size: 649
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ccs\
uninstall cmd: MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
publisher: EASTMAN KODAK Company
comments:
contact:
help link: http://www.kodak.com/go/easysharesupport
help telephone:
readme:

Games, Music, & Photos Launcher 1.00.0000 ({B6884A07-0305-47AE-9969-8F26FADC17DE})
version: 16777216
version (major): 1
install date: 20060619
install location: C:\Program Files\Dell\Launcher\GMP\
uninstall cmd: MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
publisher: Dell Inc.

({BB8B979E-E336-47E7-96BC-1031C1B94561})

MSXML 4.0 SP2 (KB936181) 4.20.9848.0 ({C04E32E0-0416-434D-AFB9-6969D703A9EF})
version: 68429432
version (major): 4
version (minor): 20
estimated size: 2680
install date: 20070817
install source: c:\e9f1551ceb44d46cc186\
uninstall cmd: MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/936181

Microsoft .NET Framework 2.0 Service Pack 2 2.2.30729 ({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F})
version: 33716233
version (major): 2
version (minor): 2
estimated size: 187784
install date: 20091029
install source: c:\24c9ce4e054cf2507c3481adc4\dotnetfx20\
uninstall cmd: MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=98073

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043)

({C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417)

ArcSoft VideoImpression 2 ({C82E335E-2D1A-49B4-814B-0C60769F0C2A})
version (major): 2
install location: C:\Program Files\ArcSoft\VideoImpression 2
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C82E335E-2D1A-49B4-814B-0C60769F0C2A}\setup.exe" -l0x9
publisher: ArcSoft

Digital Video 1.00.000 ({C833C7B6-1140-471D-932B-391B5CA66D7D})
version: 16777216
install date: 20081225
install location: C:\Program Files\Digital Video
install source: E:\Setup\Setup.exe
uninstall cmd: C:\Program Files\InstallShield Installation Information\{C833C7B6-1140-471D-932B-391B5CA66D7D}\setup.exe -runfromtemp -l0x0009 -removeonly

ArcSoft Print Creations - Photo Calendar ({CA9ED5E4-1548-485B-A293-417840060158})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\Calendar
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1Calendar
publisher: ArcSoft

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 72169
install date: 20091029
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 SP1 3.5.30729 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9})
version: 50690057
version (major): 3
version (minor): 5
estimated size: 33216
install date: 20091029
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP07B92.tmp\dotnetfx35\x86\
uninstall cmd: MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
publisher: Microsoft Corporation

({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/953595.
help link: http://support.microsoft.com/kb/953595

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This hotfix is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/958484.
help link: http://support.microsoft.com/kb/958484

({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 1 ({CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
publisher: Microsoft Corporation
comments: This update is for Microsoft .NET Framework 3.5 SP1.
If you later install a more recent service pack, this update will be uninstalled automatically.
For more information, visit http://support.microsoft.com/kb/963707.
help link: http://support.microsoft.com/kb/963707

MCU 1.00.0000 ({D2988E9B-C73F-422C-AD4B-A66EBE257120})
version: 16777216
version (major): 1
estimated size: 624
install date: 20060619
install source: C:\dell\M8192\
uninstall cmd: MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: http://support.dell.com/

Kodak EasyShare software ({D32470A1-B10C-4059-BA53-CF0486F68EBC})
uninstall cmd: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_2b8386\Setup.exe /APR-REMOVE
publisher: Eastman Kodak Company

Windows Live Toolbar 03.01.0146 ({D5A145FC-D00C-4F1A-9119-EB4D9D659750})
version: 50397330
version (major): 3
version (minor): 1
estimated size: 9486
install date: 20071202
install source: C:\WINDOWS\SoftwareDistribution\Download\c9b6705345e53bd29f6fdc752500ef99\img\
uninstall cmd: MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
publisher: Microsoft Corporation

SFR 6.04.0000.0001 ({DB02F716-6275-42E9-B8D2-83BA2BF5100B})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 6013
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\SysFiles\Sfr1\
uninstall cmd: MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
publisher: Eastman Kodak Company
comments: _
contact: _
help link: _
help telephone: _

kgcbaby 5.03.0000.0002 ({E18B549C-5D15-45DA-8D8F-8FD2BD946344})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 2709
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgcbaby\
uninstall cmd: MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

Dell Support Center (Support Software) 2.2.08335 ({E3BFEE55-39E2-4BE0-B966-89FE583822C1})
version: 33693839
version (major): 2
version (minor): 2
estimated size: 39188
install date: 20090226
install source: C:\Documents and Settings\All Users\Application Data\Dell\DSC20Upgrade\
uninstall cmd: MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
publisher: Dell

Internet Service Offers Launcher 1.00.0000 ({E42BD75A-FC23-4E3F-9F91-2658334C644F})
version: 16777216
version (major): 1
install date: 20060619
install location: C:\Program Files\Dell\Launcher\ISP\
uninstall cmd: MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
publisher: Dell Inc.

Digital Line Detect 1.10 ({E646DCF0-5A68-11D5-B229-002078017FBF})
version (major): 1
version (minor): 10
install location: C:\Program Files\Digital Line Detect
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
publisher: BVRP Software, Inc

ArcSoft Print Creations - Album Page ({E6B4117F-AC59-4B13-9274-EB136E8897EE})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\AlbumPage
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1AlbumPage
publisher: ArcSoft

tooltips 6.04.0000.0001 ({E79987F0-0E34-42CC-B8FF-6C860AEEB26A})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 1293
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\tooltips\
uninstall cmd: MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport
help telephone: 1-555-555-4505

ArcSoft Software Suite ({E8B84D19-125A-4F62-879D-CD4D642CA109})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E8B84D19-125A-4F62-879D-CD4D642CA109}\Setup.exe" -l0x9

Musicmatch for Windows Media Player 0.00.000 ({E93E5EF6-D361-481E-849D-F16EF5C78EBC})
install location: C:\Program Files\Musicmatch\MUSICMATCH Music Services
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}\setup.exe" -l0x9 remove

HPCarePackProducts 1.0.0.1 ({ECA31632-C2AD-4774-A3CA-2813D47E4DD0})
version: 16777216
version (major): 1
estimated size: 248
install date: 20100224
install source: E:\
uninstall cmd: MsiExec.exe /I{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}
publisher: HP
comments: Your Comments

ArcSoft Print Creations - Greeting Card ({F04F9557-81A9-4293-BC49-2C216FA325A7})
version (major): 1
install location: C:\Program Files\ArcSoft\MediaImpression\Print Creations\Contents\GreetingCard
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{948A3F91-22EE-4E24-B4E0-BADB972357F4}\Setup.exe" -l0x9 -1GreetingCard
publisher: ArcSoft

Smart Menus (Windows Live Toolbar) 03.01.0146 ({F084395C-40FB-4DB3-981C-B51E74E1E83D})
version: 50397330
version (major): 3
version (minor): 1
estimated size: 679
install date: 20071202
install source: C:\WINDOWS\SoftwareDistribution\Download\5e9319890eb24b78ffaf0887019a0742\img\
uninstall cmd: MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
publisher: Microsoft Corporation

kgcbase 5.03.0000.0004 ({F22C222C-3CE2-4A4B-A83F-AF4681371ABE})
version: 84082688
version (major): 5
version (minor): 3
estimated size: 6893
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\creative\kgcbase\
uninstall cmd: MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

iTunes 9.0.3.15 ({F439D7AF-03F3-4F8E-AEC4-571BFE977C61})
version: 150994947
version (major): 9
estimated size: 149847
install date: 20100213
install location: C:\Program Files\iTunes\
install source: C:\DOCUME~1\DIMENS~1\LOCALS~1\Temp\IXP193.TMP\
uninstall cmd: MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

FaxTools 5.10 ({F45298E5-0083-426F-A668-1A2C5F04B8A0})
version (major): 5
version (minor): 10
install location: C:\Program Files\FaxTools
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software
help link: http://www.bvrp.com

SKINXSDK 6.02.1001.0001 ({F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F})
version: 100795369
version (major): 6
version (minor): 2
estimated size: 6661
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\SKINXSDK\
uninstall cmd: MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

MSXML 4.0 SP2 (KB973688) 4.20.9876.0 ({F662A8E6-F4DC-41A2-901E-8C11F044BDEC})
version: 68429460
version (major): 4
version (minor): 20
estimated size: 2833
install date: 20091125
install source: c:\3f7e3e8e802171b812814d9db465249e\
uninstall cmd: MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/973688

({F90DA605-4E92-11D4-A319-00104BCAB4AB})

WIRELESS 6.04.0000.0001 ({F9593CFB-D836-49BC-BFF1-0E669A411D9F})
version: 100925440
version (major): 6
version (minor): 4
estimated size: 249
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\WIRELESS\
uninstall cmd: MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
publisher: EASTMAN KODAK Company
help link: http://www.kodak.com/go/easysharesupport

iPhone Configuration Utility 2.1.0.163 ({FA54AFB1-5745-4389-B8C1-9F7509672ED1})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 22987
install date: 20090914
install source: C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple\Apple Software Update\
uninstall cmd: MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
publisher: Apple Inc.
contact: AppleCare Support
help link: http://www.apple.com/support/
help telephone: 1-800-275-2273

ESSPDock 6.03.0001.0004 ({FCDB1C92-03C6-4C76-8625-371224256091})
version: 100859905
version (major): 6
version (minor): 3
estimated size: 9781
install date: 20090103
install source: C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\KDEVICES\PDock\
uninstall cmd: MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
publisher: EASTMAN KODAK Company
comments:
contact:
help link: http://www.kodak.com/go/easysharesupport
help telephone:

Malwarebytes' Anti-Malware 1.44
Database version: 3830
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/6/2010 7:24:50 PM
mbam-log-2010-03-06 (19-24-50).txt

Scan type: Full Scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Objects scanned: 228043
Time elapsed: 1 hour(s), 16 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Thank alot for your help!

--- Uninstall list ---
GemMaster Mystic (12133444-BF36-4d4e-B7FB-A3424C645DE4)
uninstall cmd: "C:\Program Files\GemMaster\uninstallgemmaster.exe"

(ABBYY FineReader 5.0 Sprint)

(AddressBook)

Adobe AIR 1.5.3.9120 (Adobe AIR)
version (major): 1
version (minor): 5
install location: c:\Program Files\Common Files\Adobe AIR\
uninstall cmd: c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
publisher: Adobe Systems Inc.

Adobe Flash Player 10 ActiveX 10.0.45.2 (Adobe Flash Player ActiveX)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Flash Player 10 Plugin 10.0.45.2 (Adobe Flash Player Plugin)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

Outpost Firewall 2009 6.7 (Agnitum Outpost Firewall_is1)
install date: 20090627
install location: C:\Program Files\Agnitum\Outpost Firewall\
uninstall cmd: "C:\Program Files\Agnitum\Outpost Firewall\unins000.exe"
publisher: Agnitum, Ltd.
help link: http://www.agnitum.com/support/index.php

(AOL One-click Fix service_N)

AOL Toolbar 5.0 (AOL Toolbar)
uninstall cmd: "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"

(AOL Toolbar 5.0)
uninstall cmd: "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"

AOL Uninstaller (Choose which Products to Remove) (AOL Uninstaller)
uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe

AOL Coach Version 1.0(Build:20040229.1 en) (AOLCoach)
uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe

(AOLOCP_N)

(AOLOCP_Y)

(AudioPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

AVG Free 9.0 (AVG9Uninstall)
version (major): 9
install location: C:\Program Files\AVG\AVG9
uninstall cmd: C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
publisher: AVG Technologies

Otto (B3EE3001-DC24-4cd1-8743-5692C716659F)
uninstall cmd: "C:\Program Files\EnglishOtto\uninstallotto.exe"

(Branding)

Canon Camera Access Library 8.1.1.17 (CAL)
install location: C:\Program Files\Canon\CAL
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"

Canon Camera Window DC_DV 5 for ZoomBrowser EX 5.4.5.17 (CameraWindowDVC5)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowDVC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"

Canon Camera Window DC_DV 6 for ZoomBrowser EX 6.2.0.8 (CameraWindowDVC6)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowDVC6
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"

Canon Camera Window MC 6 for ZoomBrowser EX 6.1.0.7 (CameraWindowMC)
install location: C:\Program Files\Canon\CameraWindow\CameraWindowMC
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"

Canon G.726 WMP-Decoder 1.0.1.3 (Canon G.726 WMP-Decoder)
install location: C:\Program Files\Canon\G726Decoder
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"

CIF USB CAMERA (CIF USB CAMERA)
uninstall cmd: C:\WINDOWS\CleanDev.exe C:\WINDOWS\DC3110.txt

Conexant D850 56K V.9x DFVc Modem (CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf

Acrobat.com 1.7.186 (com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1)
install location: C:\Program Files\Adobe\Acrobat.com\
uninstall cmd: msiexec /qb /x {6D8D64BE-F500-55B6-705D-DFD08AFE0624}
publisher: Adobe Systems Incorporated

(Connection Manager)

(CopyNow.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

Canon Camera Support Core Library 7.3.1.6 (CSCLIB)
install location: C:\Program Files\Canon\CSCLIB
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"

(DataPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s

Dell Game Console (Dell Game Console)
install location: C:\Program Files\WildTangent\Apps\Dell Game Console
uninstall cmd: "C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
publisher: WildTangent
help link: http://support.wildgames.com

(DirectAnimation)

(DirectDrawEx)

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

(DXM_Runtime)

Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (EmeraldQFE2)
uninstall cmd: C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=2

Canon Utilities EOS Utility 1.0.3.17 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"

ERUNT 1.1j (ERUNT_is1)
install location: C:\Program Files\ERUNT\
uninstall cmd: "C:\Program Files\ERUNT\unins000.exe"
publisher: Lars Hederer
help link: http://www.larshederer.homepage.t-online.de/erunt

ESET Online Scanner v3 (ESET Online Scanner)
uninstall cmd: C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

ffdshow [rev 1692] [2007-12-09] 1.0 (ffdshow_is1)
install date: 20081225
install location: C:\Program Files\ffdshow\
uninstall cmd: "C:\Program Files\ffdshow\unins000.exe"

(Fontcore)

getPlus(R)_ocx (getPlus(R)_ocx)
uninstall cmd: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall

(Google Chrome)

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Documents and Settings\Dimension E 310\Desktop\HijackThis.exe" /uninstall
publisher: TrendMicro

HP LaserJet P1000 series (HP LaserJet P1000 series)
uninstall cmd: C:\Program Files\Avago-HP\{a756a063-9b0e-4240-8c51-a05f759fecbb}\uninstall.exe SYSTEMHORNET "C:\Program Files\Avago-HP\{a756a063-9b0e-4240-8c51-a05f759fecbb}"

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20070115
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20061107.210142 (ie7)
install date: 20070115
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

Windows Internet Explorer 8 20090308.140743 (ie8)
install date: 20090527
uninstall cmd: "C:\WINDOWS\ie8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

(InstallShield Uninstall Information)

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221

(KB884267)

(KB885353)

(KB886612)

(KB887078)

(KB887626)

(KB888656)

(KB889858)

(KB891122)

Windows Genuine Advantage Validation Tool (KB892130) (KB892130)
install date: 20071029
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=892130

(KB892313)

(KB893240)

(KB893241)

Windows Installer 3.1 (KB893803) (KB893803v2)
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

(KB895181)

(KB895316)

(KB895572)

(KB897586)

(KB898549)

Update Rollup 2 for Windows XP Media Center Edition 2005 (KB900325)
uninstall cmd: C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900325

(KB900399)

(KB902344)

Hotfix for Windows Media Player 10 (KB903157) (KB903157)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903157

(KB907658)

Windows XP Media Center Edition 2005 KB908246 (KB908246)
install date: 20060619
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908246

Update for Windows Media Player 10 (KB910393) (KB910393)
install date: 20060619
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=910393

(KB911565)

(KB911854)

Update for Windows Media Player 10 (KB913800) (KB913800)
install date: 20070108
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=913800

Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20070107
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734

Security Update for Windows XP (KB923561) 1 (KB923561)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923561

Security Update for Windows XP (KB923689) (KB923689)
install date: 20070107
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20070107
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398

Windows XP Media Center Edition 2005 KB925766 (KB925766)
install date: 20091103
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925766

Update for Windows Media Player 10 (KB926251) (KB926251)
install date: 20070109
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=926251

Security Update for Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
install date: 20070219
uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20080620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399

Security Update for Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
install date: 20070117
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969

Security Update for Windows Internet Explorer 7 (KB931768) 1 (KB931768-IE7)
install date: 20070512
uninstall cmd: "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931768

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)
uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931906

Security Update for Windows Internet Explorer 7 (KB933566) 1 (KB933566-IE7)
install date: 20070707
uninstall cmd: "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=933566

Security Update for Windows Media Player 10 (KB936782) (KB936782_WMP10)
install date: 20070817
uninstall cmd: "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=936782

Security Update for Windows Internet Explorer 7 (KB937143) 1 (KB937143-IE7)
install date: 20070817
uninstall cmd: "C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=937143

Security Update for Windows Internet Explorer 7 (KB938127) 1 (KB938127-IE7)
install date: 20070817
uninstall cmd: "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938127

Security Update for Windows XP (KB938464) 1 (KB938464)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938464

Security Update for Windows XP (KB938464-v2) 2 (KB938464-v2)
install date: 20090311
uninstall cmd: "C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=938464

Security Update for Windows Internet Explorer 7 (KB939653) 1 (KB939653-IE7)
install date: 20071013
uninstall cmd: "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=939653

Hotfix for Windows Media Player 11 (KB939683) (KB939683)
install date: 20091107
uninstall cmd: "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=939683

Security Update for Windows XP (KB941569) (KB941569)
install date: 20071215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=941569

Security Update for Windows Internet Explorer 7 (KB942615) 1 (KB942615-IE7)
install date: 20071215
uninstall cmd: "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=942615

Security Update for Windows Internet Explorer 7 (KB944533) 1 (KB944533-IE7)
install date: 20080217
uninstall cmd: "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=944533

Security Update for Windows XP (KB946648) 1 (KB946648)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=946648

Hotfix for Windows Internet Explorer 7 (KB947864) 1 (KB947864-IE7)
install date: 20080410
uninstall cmd: "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=947864

Security Update for Windows Internet Explorer 7 (KB950759) 1 (KB950759-IE7)
install date: 20080615
uninstall cmd: "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950759

Security Update for Windows XP (KB950760) 1 (KB950760)
install date: 20080612
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950760

Security Update for Windows XP (KB950762) 1 (KB950762)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950762

Security Update for Windows XP (KB950974) 1 (KB950974)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=950974

Security Update for Windows XP (KB951066) 1 (KB951066)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951066

Update for Windows XP (KB951072-v2) 2 (KB951072-v2)
install date: 20080813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951072

Security Update for Windows XP (KB951376) 1 (KB951376)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951376

Security Update for Windows XP (KB951376-v2) 2 (KB951376-v2)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951376

Security Update for Windows XP (KB951698) 1 (KB951698)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951698

Security Update for Windows XP (KB951748) 1 (KB951748)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951748

Update for Windows XP (KB951978) 1 (KB951978)
install date: 20081002
uninstall cmd: "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=951978

Security Update for Windows XP (KB952004) 1 (KB952004)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952004

Security Update for Windows Media Player (KB952069) (KB952069_WM9)
install date: 20081213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=952069

Hotfix for Windows XP (KB952287) 1 (KB952287)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952287

Security Update for Windows XP (KB952954) 1 (KB952954)
install date: 20081001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=952954

Microsoft .NET Framework 1.0 Hotfix (KB953295) (KB953295)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Security Update for Windows Internet Explorer 7 (KB953838) 1 (KB953838-IE7)
install date: 20080815
uninstall cmd: "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=953838

Security Update for Windows XP (KB953839) 1 (KB953839)
install date: 20080814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=953839

Security Update for Windows Media Player 11 (KB954154) (KB954154_WM11)
install date: 20091104
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=954154

Security Update for Windows Media Player (KB954155) (KB954155_WM9)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=954155

Security Update for Windows XP (KB954211) 1 (KB954211)
install date: 20081017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954211

Security Update for Windows XP (KB954459) 1 (KB954459)
install date: 20081113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954459

Hotfix for Windows XP (KB954550-v5) 5 (KB954550-v5)
install date: 20090821
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954550

Security Update for Windows XP (KB954600) 1 (KB954600)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=954600

Security Update for Windows XP (KB955069) 1 (KB955069)
install date: 20081113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=955069

Update for Windows XP (KB955759) 1 (KB955759)
install date: 20091214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=955759

Update for Windows XP (KB955839) 1 (KB955839)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=955839

Security Update for Windows Internet Explorer 7 (KB956390) 1 (KB956390-IE7)
install date: 20081017
uninstall cmd: "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956390

Security Update for Windows XP (KB956391) 1 (KB956391)
install date: 20081016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956391

Security Update for Windows XP (KB956572) 1 (KB956572)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956572

Security Update for Windows XP (KB956744) 1 (KB956744)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956744

Security Update for Windows XP (KB956802) 1 (KB956802)
install date: 20081211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956802

Security Update for Windows XP (KB956803) 1 (KB956803)
install date: 20081016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956803

Security Update for Windows XP (KB956841) 1 (KB956841)
install date: 20081017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956841

Security Update for Windows XP (KB956844) 1 (KB956844)
install date: 20090909
uninstall cmd: "C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=956844

Security Update for Windows XP (KB957095) 1 (KB957095)
install date: 20081016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=957095

Security Update for Windows XP (KB957097) 1 (KB957097)
install date: 20081113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=957097

Security Update for Windows Internet Explorer 7 (KB958215) 1 (KB958215-IE7)
install date: 20081214
uninstall cmd: "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958215

Security Update for Windows XP (KB958644) 1 (KB958644)
install date: 20081024
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958644

Security Update for Windows XP (KB958687) 1 (KB958687)
install date: 20090114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958687

Security Update for Windows XP (KB958690) 1 (KB958690)
install date: 20090312
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958690

Security Update for Windows XP (KB958869) 1 (KB958869)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=958869

Security Update for Windows XP (KB959426) 1 (KB959426)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=959426

Security Update for Windows XP (KB960225) 1 (KB960225)
install date: 20090311
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960225

Security Update for Windows Internet Explorer 7 (KB960714) 1 (KB960714-IE7)
install date: 20081218
uninstall cmd: "C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960714

Security Update for Windows XP (KB960715) 1 (KB960715)
install date: 20090211
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960715

Security Update for Windows XP (KB960803) 1 (KB960803)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960803

Security Update for Windows XP (KB960859) 1 (KB960859)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=960859

Hotfix for Windows XP (KB961118) 1 (KB961118)
install date: 20090822
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961118

Security Update for Windows Internet Explorer 7 (KB961260) 1 (KB961260-IE7)
install date: 20090214
uninstall cmd: "C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961260

Security Update for Windows XP (KB961371) 1 (KB961371)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961371

Security Update for Windows XP (KB961373) 1 (KB961373)
install date: 20090419
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961373

Security Update for Windows XP (KB961501) 1 (KB961501)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=961501

Security Update for Windows Internet Explorer 7 (KB963027) 1 (KB963027-IE7)
install date: 20090501
uninstall cmd: "C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=963027

Update for Windows XP (KB967715) 1 (KB967715)
install date: 20090225
uninstall cmd: "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=967715

Update for Windows XP (KB968389) 1 (KB968389)
install date: 20090908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=968389

Security Update for Windows XP (KB968537) 1 (KB968537)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=968537

Security Update for Windows Media Player (KB968816) (KB968816_WM9)
install date: 20090909
uninstall cmd: "C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=968816

Security Update for Windows XP (KB969059) 1 (KB969059)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969059

Security Update for Windows Internet Explorer 8 (KB969897) 1 (KB969897-IE8)
install date: 20090610
uninstall cmd: "C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969897

Security Update for Windows XP (KB969898) 1 (KB969898)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969898

Security Update for Windows XP (KB969947) 1 (KB969947)
install date: 20091111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=969947

Security Update for Windows XP (KB970238) 1 (KB970238)
install date: 20090610
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=970238

Security Update for Windows XP (KB970430) 1 (KB970430)
install date: 20091210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=970430

Hotfix for Windows XP (KB970653-v3) 3 (KB970653-v3)
install date: 20090826
uninstall cmd: "C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=970653

Update for Windows Internet Explorer 8 (KB971180) 1 (KB971180-IE8)
install date: 20090527
uninstall cmd: "C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971180

Security Update for Windows XP (KB971468) 1 (KB971468)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971468

Security Update for Windows XP (KB971486) 1 (KB971486)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971486

Security Update for Windows XP (KB971557) 1 (KB971557)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971557

Security Update for Windows XP (KB971633) 1 (KB971633)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971633

Security Update for Windows XP (KB971657) 1 (KB971657)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971657

Update for Windows XP (KB971737) 1 (KB971737)
install date: 20091210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971737

Security Update for Windows Internet Explorer 8 (KB971961) 1 (KB971961-IE8)
install date: 20090909
uninstall cmd: "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=971961

Security Update for Windows Internet Explorer 8 (KB972260) 1 (KB972260-IE8)
install date: 20090728
uninstall cmd: "C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=972260

Security Update for Windows XP (KB972270) 1 (KB972270)
install date: 20100113
uninstall cmd: "C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=972270

Security Update for Windows XP (KB973346) 1 (KB973346)
install date: 20090715
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973346

Security Update for Windows XP (KB973354) 1 (KB973354)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973354

Security Update for Windows XP (KB973507) 1 (KB973507)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973507

Security Update for Windows XP (KB973525) 1 (KB973525)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973525

Security Update for Windows Media Player (KB973540) (KB973540_WM9)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=973540

Update for Windows XP (KB973687) 1 (KB973687)
install date: 20091125
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973687

Windows XP Media Center Edition 2005 KB973768 (KB973768)
install date: 20090909
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973768

Update for Windows XP (KB973815) 1 (KB973815)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973815

Security Update for Windows XP (KB973869) 1 (KB973869)
install date: 20090812
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973869

Security Update for Windows XP (KB973904) 1 (KB973904)
install date: 20091210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=973904

Security Update for Windows XP (KB974112) 1 (KB974112)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=974112

Security Update for Windows XP (KB974318) 1 (KB974318)
install date: 20091210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=974318

Security Update for Windows XP (KB974392) 1 (KB974392)
install date: 20091210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=974392

Security Update for Windows Internet Explorer 8 (KB974455) 1 (KB974455-IE8)
install date: 20091022
uninstall cmd: "C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=974455

Security Update for Windows XP (KB974571) 1 (KB974571)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=974571

Security Update for Windows XP (KB975025) 1 (KB975025)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=975025

Security Update for Windows XP (KB975467) 1 (KB975467)
install date: 20091016
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=975467

Security Update for Windows XP (KB975560) 1 (KB975560)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=975560

Security Update for Windows XP (KB975713) 1 (KB975713)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=975713

Hotfix for Windows XP (KB976098-v2) 2 (KB976098-v2)
install date: 20091125
uninstall cmd: "C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=976098

Security Update for Windows Internet Explorer 8 (KB976325) 1 (KB976325-IE8)
install date: 20091210
uninstall cmd: "C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=976325

Update for Windows Internet Explorer 8 (KB976662) 1 (KB976662-IE8)
install date: 20100224
uninstall cmd: "C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=976662

Update for Windows Internet Explorer 8 (KB976749) 1 (KB976749-IE8)
install date: 20091104
uninstall cmd: "C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=976749

Security Update for Windows XP (KB977165) 1 (KB977165)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=977165

Security Update for Windows XP (KB977914) 1 (KB977914)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=977914

Security Update for Windows XP (KB978037) 1 (KB978037)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=978037

Security Update for Windows Internet Explorer 8 (KB978207) 1 (KB978207-IE8)
install date: 20100122
uninstall cmd: "C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=978207

Security Update for Windows XP (KB978251) 1 (KB978251)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=978251

Security Update for Windows XP (KB978262) 1 (KB978262)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=978262

Security Update for Windows XP (KB978706) 1 (KB978706)
install date: 20100210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=978706

Hotfix for Windows XP (KB979306) 1 (KB979306)
install date: 20100224
uninstall cmd: "C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=979306

(KBKB895961)

LiveReg (Symantec Corporation) 3.1.0 (LiveReg)
install location: C:\Program Files\Common Files\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
publisher: Symantec Corporation

LiveUpdate 2.6 (Symantec Corporation) 2.6.14.0 (LiveUpdate)
install location: C:\Program Files\Symantec\LiveUpdate
uninstall cmd: C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
publisher: Symantec Corporation

Microsoft .NET Framework 1.1 Security Update (KB953297) (M953297)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"

Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
install date: 20100118
install location: C:\Program Files\Malwarebytes' Anti-Malware\
uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
publisher: Malwarebytes Corporation
help link: http://www.malwarebytes.org

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 3.5 SP1 (Microsoft .NET Framework 3.5 SP1)
install location: C:\WINDOWS\Microsoft.NET\Framework\v3.5\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=120337

Im not sure why I could not get the GMER to work, it did the same thing as before. The first scan ran fine but the second one started out fast then slowed to a stop ?GMER can be temperamental, so I wouldn't worry about that too much.


I was wondering when do you do a fix when you get a notice of a cookie,malware,virus or spyware ect... and when do you have a problem looked at?Generally, if you do a fix and the problem keeps coming back you should get a check up by us :)


I am trying to figure out how to use Winpatrol to delay some start up programs,Did you figure out how to use it, or would you like some help ?

Your log shows that you are using an outdated version of Spybot, I recommend that you download the latest, update it and run another scan.
http://www.safer-networking.org/en/mirrors/index.html
When you have updated and run a scan, please let me know if spybot is still finding a problem

HI,

How are you today ? Fine I hope. I installed the updated version of SPYBOT and ran a check - it came out ok ! I think it was about 3 or 4 months ago I had Opachki.ru pop up also. AVG doesn't show a cookie problem any longer. Yes I would like to learn how to use winpatrol. I would like to delay or prevent some programs from starting until I need to use them. If I understand correctly - it can also help detect bad programs that are trying to hide. Im still not sure how to use it safely.Thank You for offering !

If I understand correctly - it can also help detect bad programs that are trying to hide.

It depends what you mean by "trying to hide"
Winpatrol doesn't detect rootkits, but it will notify you of changes to certain areas of the registry.

To disable a program from startup with Winpatrol ....

Start Winpatrol, and when running click on the Startup Programs tab
Just click on an item you wish to disable then click Disable
(if the program is running, Winpatrol will ask if you wish to stop it)

To delay a program at startup with Winpatrol ....

Start Winpatrol, and when running click on the Startup Programs tab
Right click on an item you wish to delay then click Move to Delayed Start Program List
You can change the length of delay by clicking the Delayed Start tab and then right clicking the item and selecting Delay Start Options

Does that help ?
Are there any other problems now ?

Hi Katana,

Everything seems OK nothing shows up on any scans,what a relief ! As for WINPATROL it was saying something about Winlogin Userinit userinit.exe should not figure in my startup. Also if you stop something from running in the startup and it still shows up in active tasks "not had that problem yet" it may be a malicious program.... I have a little more reading to do.I think I need a second computer to experiment on - it would be so much easier to try something out on. I really appreciate the help you have given ! You guys are GREAT !

As for WINPATROL it was saying something about Winlogin Userinit userinit.exe should not figure in my startup.

When did it say this ?


----------------------------------------------------------------------------------------
Step 1

Please download DeFogger (http://www.jpshortstuff.247fixes.com/Defogger.exe) to your desktop. Double click DeFogger to run the tool.
The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue A 'Finished!' message will appear
Click OK DeFogger may ask to reboot the machine - click OK ( if Defogger doesn't ask for a reboot don't worry)

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
Do not re-enable these drivers until otherwise instructed.


----------------------------------------------------------------------------------------
Step 2

Please try to run GMER again

----------------------------------------------------------------------------------------
Step 3


Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log to post in your next reply
Re-enable all the programs that were disabled during the running of ComboFix..


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

For instructions on how to disable your security programs, please see this topic
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs (http://www.bleepingcomputer.com/forums/topic114351.html)


----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.

GMER Log
Combofix Log

Hi Katana,

I think I was looking at Winpatrol after Spybot had detected opachki.ru Winpatrol said Winlogin Userinit userinit.exe should not figure in msconfig/startup also it said something about ctfmon.exe command data description =added by the raidys trojan. Im not sure what I am looking at
half the time,if im reading or interpreting what im seeing correctly. Sorry it took so long to get back to you as it has been very busy. I will run the tests today. Thanks ...

Hi Katana,


I ran the DEFOGGER ,that went ok. The GMER still will not run. I renamed gmer.exe to look.exe ( I think I did it right ), but it still would not work properly.The combofix went fine.The only other problem I had BEFORE I tried to run the last tests, but may not be related was - I was trying to download a picture from a camera and the computer was acting funny.On top of that the AOL dialer and browser kept popping up. That's been happening for awhile so I decided to remove all of the AOL stuff ( thru add/remove ). After removing AOL the uninstaller said some files were corrupt...? then AVG kept asking for me to restart so AVG updates could be installed.After that when I would start the computer it would go to a screen asking me to choose how I wanted the computer to start -normally, safe mode,the last known good settings ect... It seems to be back to normal now. On the COMBOFIX log I did notice that two websites had access to a trusted zone ? Can I disallow them ? I really appreciate you taking time to help me !


ComboFix 10-03-19.06 - Dimension E 310 03/19/2010 19:03:43.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.178 [GMT -4:00]
Running from: c:\documents and settings\Dimension E 310\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Dimension E 310\My Documents\ZbThumbnail.info

.
((((((((((((((((((((((((( Files Created from 2010-02-19 to 2010-03-19 )))))))))))))))))))))))))))))))
.

2010-03-18 15:58 . 2010-03-18 15:58 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-03-11 23:50 . 2010-03-11 23:50 -------- d-----w- c:\documents and settings\Dimension E 310\tmp
2010-03-10 16:27 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-05 20:38 . 2010-03-05 20:38 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\AVG9
2010-03-04 18:05 . 2010-03-04 18:07 -------- d-----w- C:\rsit
2010-02-25 04:18 . 2010-02-25 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2010-02-25 03:33 . 2010-02-26 01:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2010-02-25 03:32 . 2010-02-25 03:36 -------- d-----w- c:\program files\HP
2010-02-25 03:32 . 2008-04-28 11:14 293888 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HP1006S.DLL
2010-02-25 03:32 . 2008-04-28 11:14 284160 ----a-w- c:\windows\system32\HP1006LM.DLL
2010-02-25 03:32 . 2008-02-21 04:44 65536 ----a-w- c:\windows\system32\HPPLVS.dll
2010-02-25 03:29 . 2010-02-25 03:32 -------- d--h--w- c:\program files\Avago-HP
2010-02-25 03:22 . 2010-02-25 03:22 -------- d-sh--w- c:\windows\ftpcache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-19 22:55 . 2009-09-10 09:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-18 15:17 . 2009-09-10 09:25 -------- d-----w- c:\program files\SpywareBlaster
2010-03-16 15:27 . 2010-03-16 15:27 360584 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys
2010-03-16 15:27 . 2010-03-16 15:27 333192 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys
2010-03-16 15:27 . 2010-03-16 15:27 28424 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgmfx86.sys
2010-03-16 15:25 . 2009-05-10 02:14 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-16 15:25 . 2009-05-10 02:14 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-16 15:20 . 2009-05-10 02:14 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-15 22:26 . 2006-06-19 11:23 -------- d-----w- c:\program files\Common Files\AOL
2010-03-15 22:26 . 2006-06-19 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-03-15 02:57 . 2007-01-04 10:58 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\AOL
2010-03-15 02:07 . 2006-06-19 11:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-15 02:07 . 2007-01-01 03:00 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\ArcSoft
2010-03-15 01:23 . 2007-01-02 23:21 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-03-12 22:56 . 2007-04-26 08:15 56 --sh--r- c:\windows\system32\0171F4F87F.sys
2010-03-09 02:34 . 2007-11-04 05:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-09 01:45 . 2007-11-04 05:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-03 22:15 . 2010-03-03 22:15 -------- d-----w- c:\program files\Innomage
2010-02-13 06:27 . 2010-02-13 06:25 -------- d-----w- c:\program files\iTunes
2010-02-13 06:26 . 2007-01-01 03:19 -------- d-----w- c:\program files\iPod
2010-02-13 06:26 . 2010-02-13 06:17 -------- d-----w- c:\program files\Common Files\Apple
2010-02-13 06:24 . 2010-02-13 06:23 -------- d-----w- c:\program files\QuickTime
2010-02-13 06:20 . 2010-02-13 06:20 -------- d-----w- c:\program files\Apple Software Update
2010-02-05 14:32 . 2007-07-10 09:26 -------- d-----w- c:\program files\Google
2010-01-27 03:58 . 2006-06-19 11:15 -------- d-----w- c:\program files\Common Files\Java
2010-01-27 03:58 . 2010-01-27 03:58 348160 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\msvcr71.dll
2010-01-27 03:58 . 2010-01-27 03:57 503808 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\msvcp71.dll
2010-01-27 03:57 . 2010-01-27 03:57 61440 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-365aaa35-n\decora-sse.dll
2010-01-27 03:57 . 2010-01-27 03:57 499712 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\jmc.dll
2010-01-27 03:57 . 2010-01-27 03:57 12800 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-365aaa35-n\decora-d3d.dll
2010-01-27 03:57 . 2006-06-19 11:15 -------- d-----w- c:\program files\Java
2010-01-23 00:51 . 2010-01-23 00:51 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-19 16:04 . 2009-09-09 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-01-18 07:25 . 2010-01-18 07:25 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-01-18 07:07 . 2009-09-11 05:48 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 21:07 . 2009-09-09 21:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2009-09-09 21:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 08:47 . 2010-01-03 08:47 33188 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-31 16:50 . 2006-06-19 10:57 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2005-08-16 08:18 916480 ----a-w- c:\windows\system32\wininet.dll
2007-01-07 13:02 . 2007-01-02 23:21 88 --sh--r- c:\windows\system32\85758317D1.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Task Catcher"="c:\progra~1\BILLPS~1\TASKCA~1\tasktrap.exe" [2005-11-14 136760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]

c:\documents and settings\Dimension E 310\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-6-19 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-03 19:11 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/9/2009 10:14 PM 216200]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/9/2009 10:14 PM 242696]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [6/27/2009 6:43 AM 704384]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [6/27/2009 6:41 AM 1195008]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [11/3/2009 3:11 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/3/2009 3:10 PM 285392]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [6/27/2009 6:42 AM 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [6/27/2009 6:43 AM 257432]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/5/2009 6:00 AM 133104]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\57A.tmp --> c:\windows\system32\57A.tmp [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [6/17/2009 8:20 AM 12648]
.
Contents of the 'Scheduled Tasks' folder

2010-03-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-03-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]

2010-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-05 09:59]

2010-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-05 09:59]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
Trusted Zone: uspto.gov
Trusted Zone: musicmatch.com\online
DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} - hxxps://firepass.manh.com/vdesk/terminal/ur5250x.cab#version=5500,0,0909,1
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Dimension E 310\Application Data\Mozilla\Firefox\Profiles\ahm05620.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\Dimension E 310\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-DMXLauncher - c:\program files\Dell\Media Experience\DMXLauncher.exe
AddRemove-HijackThis - c:\documents and settings\Dimension E 310\Desktop\HijackThis.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
AddRemove-{2460923D-1AA6-47FE-A375-76308780D20F} - c:\program files\InstallShield Installation Information\{2460923D-1AA6-47FE-A375-76308780D20F}\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-19 19:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\docume~1\DIMENS~1\LOCALS~1\Temp\Perflib_Perfdata_c44.dat 16384 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\57A.tmp"
.
Completion time: 2010-03-19 19:19:17
ComboFix-quarantined-files.txt 2010-03-19 23:19

Pre-Run: 83,781,627,904 bytes free
Post-Run: 83,841,916,928 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - C0AD6A7A39619053CE06567E43FC4F61

On the COMBOFIX log I did notice that two websites had access to a trusted zone ? Can I disallow them ?
Not a problem, let's do it now :)


Custom CFScript

Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:



DDS::
Trusted Zone: uspto.gov
Trusted Zone: musicmatch.com\online
Driver::
MEMSWEEP2
ADS::
Save this as CFScript.txt and place it on your desktop.


http://i51.photobucket.com/albums/f387/Katana_1970/CFScriptb.gif


Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.


CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


How are things running now, any problems still ?

Hi Katana,


I removed the items from the trusted zone.The computer seems to be running fine, The only problem I seem to be having is on startup it goes to a black screen with white lettering asking how do I want the computer to start-safe mode, best last known configuration ect... This happened after I removed AOL.In hindsight I should have waited.After Im done with the testing I may re-download AOL to see if it will overwrite the corrupted files and then try to uninstall it again leaving the new shared uncorrupted files behind.Im guessing anyway. Not sure why but I find the logs interesting to read thru and try to figure out. Hope your having a great day !


ComboFix 10-03-19.08 - Dimension E 310 03/20/2010 12:25:01.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.177 [GMT -4:00]
Running from: c:\documents and settings\Dimension E 310\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Dimension E 310\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MEMSWEEP2
-------\Service_MEMSWEEP2


((((((((((((((((((((((((( Files Created from 2010-02-20 to 2010-03-20 )))))))))))))))))))))))))))))))
.

2010-03-18 15:58 . 2010-03-18 15:58 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-03-11 23:50 . 2010-03-11 23:50 -------- d-----w- c:\documents and settings\Dimension E 310\tmp
2010-03-10 16:27 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-05 20:38 . 2010-03-05 20:38 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\AVG9
2010-03-04 18:05 . 2010-03-04 18:07 -------- d-----w- C:\rsit
2010-02-25 04:18 . 2010-02-25 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2010-02-25 03:33 . 2010-02-26 01:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2010-02-25 03:32 . 2010-02-25 03:36 -------- d-----w- c:\program files\HP
2010-02-25 03:32 . 2008-04-28 11:14 293888 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HP1006S.DLL
2010-02-25 03:32 . 2008-04-28 11:14 284160 ----a-w- c:\windows\system32\HP1006LM.DLL
2010-02-25 03:32 . 2008-02-21 04:44 65536 ----a-w- c:\windows\system32\HPPLVS.dll
2010-02-25 03:29 . 2010-02-25 03:32 -------- d--h--w- c:\program files\Avago-HP
2010-02-25 03:22 . 2010-02-25 03:22 -------- d-sh--w- c:\windows\ftpcache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-20 16:19 . 2009-09-10 09:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-18 15:17 . 2009-09-10 09:25 -------- d-----w- c:\program files\SpywareBlaster
2010-03-16 15:27 . 2010-03-16 15:27 360584 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys
2010-03-16 15:27 . 2010-03-16 15:27 333192 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys
2010-03-16 15:27 . 2010-03-16 15:27 28424 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgmfx86.sys
2010-03-16 15:25 . 2009-05-10 02:14 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-16 15:25 . 2009-05-10 02:14 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-16 15:20 . 2009-05-10 02:14 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-15 22:26 . 2006-06-19 11:23 -------- d-----w- c:\program files\Common Files\AOL
2010-03-15 22:26 . 2006-06-19 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2010-03-15 02:57 . 2007-01-04 10:58 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\AOL
2010-03-15 02:07 . 2006-06-19 11:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-15 02:07 . 2007-01-01 03:00 -------- d-----w- c:\documents and settings\Dimension E 310\Application Data\ArcSoft
2010-03-15 01:23 . 2007-01-02 23:21 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-03-12 22:56 . 2007-04-26 08:15 56 --sh--r- c:\windows\system32\0171F4F87F.sys
2010-03-09 02:34 . 2007-11-04 05:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-09 01:45 . 2007-11-04 05:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-03 22:15 . 2010-03-03 22:15 -------- d-----w- c:\program files\Innomage
2010-02-13 06:27 . 2010-02-13 06:25 -------- d-----w- c:\program files\iTunes
2010-02-13 06:26 . 2007-01-01 03:19 -------- d-----w- c:\program files\iPod
2010-02-13 06:26 . 2010-02-13 06:17 -------- d-----w- c:\program files\Common Files\Apple
2010-02-13 06:24 . 2010-02-13 06:23 -------- d-----w- c:\program files\QuickTime
2010-02-13 06:20 . 2010-02-13 06:20 -------- d-----w- c:\program files\Apple Software Update
2010-02-05 14:32 . 2007-07-10 09:26 -------- d-----w- c:\program files\Google
2010-01-27 03:58 . 2006-06-19 11:15 -------- d-----w- c:\program files\Common Files\Java
2010-01-27 03:58 . 2010-01-27 03:58 348160 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\msvcr71.dll
2010-01-27 03:58 . 2010-01-27 03:57 503808 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\msvcp71.dll
2010-01-27 03:57 . 2010-01-27 03:57 61440 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-365aaa35-n\decora-sse.dll
2010-01-27 03:57 . 2010-01-27 03:57 499712 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-44316bc5-n\jmc.dll
2010-01-27 03:57 . 2010-01-27 03:57 12800 ----a-w- c:\documents and settings\Dimension E 310\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-365aaa35-n\decora-d3d.dll
2010-01-27 03:57 . 2006-06-19 11:15 -------- d-----w- c:\program files\Java
2010-01-23 00:51 . 2010-01-23 00:51 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-18 07:25 . 2010-01-18 07:25 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-01-18 07:07 . 2009-09-11 05:48 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 21:07 . 2009-09-09 21:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2009-09-09 21:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 08:47 . 2010-01-03 08:47 33188 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-31 16:50 . 2006-06-19 10:57 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2005-08-16 08:18 916480 ------w- c:\windows\system32\wininet.dll
2007-01-07 13:02 . 2007-01-02 23:21 88 --sh--r- c:\windows\system32\85758317D1.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Task Catcher"="c:\progra~1\BILLPS~1\TASKCA~1\tasktrap.exe" [2005-11-14 136760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-10-10 320832]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]

c:\documents and settings\Dimension E 310\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-6-19 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-03 19:11 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/9/2009 10:14 PM 216200]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/9/2009 10:14 PM 242696]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [6/27/2009 6:43 AM 704384]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [6/27/2009 6:41 AM 1195008]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [11/3/2009 3:11 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/3/2009 3:10 PM 285392]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [6/27/2009 6:42 AM 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [6/27/2009 6:43 AM 257432]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/5/2009 6:00 AM 133104]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [6/17/2009 8:20 AM 12648]
.
Contents of the 'Scheduled Tasks' folder

2010-03-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-03-20 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]

2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-05 09:59]

2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-05 09:59]

2010-03-20 c:\windows\Tasks\HP WEP.job
- c:\program files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 19:28]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
DPF: {B8693DEF-98AC-43FC-AA00-E7D728334C80} - hxxps://firepass.manh.com/vdesk/terminal/ur5250x.cab#version=5500,0,0909,1
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Dimension E 310\Application Data\Mozilla\Firefox\Profiles\ahm05620.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\Dimension E 310\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-20 12:54
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(396)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\System32\GEARSec.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\fxssvc.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\windows\system32\dllhost.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-03-20 13:06:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-20 17:06
ComboFix2.txt 2010-03-19 23:19

Pre-Run: 83,850,616,832 bytes free
Post-Run: 83,679,637,504 bytes free

- - End Of File - - 1E0952B12FCFEC075B87E10ED44A7F9E

The only problem I seem to be having is on startup it goes to a black screen with white lettering asking how do I want the computer to start-safe mode, best last known configuration ect... This happened after I removed AOL.
It could well be related to AOL, there are few things harder to get rid of than AOL ;)
It could also be a faulty hard drive, or a corrrupted boot sector.
If reinstalling AOL doesn't help, I would recommend that you get assistance from a Tech forum. They will have better advice than I could give.

http://www.techsupportforum.com/
http://www.bleepingcomputer.com/forums/
http://forums.whatthetech.com/forums.html

All the forums above have good support for software/OS problems, and I'm sure they will be able to help.

----------------------------------------------------------------------------------------

Congratulations your logs look clean :)

Let's see if I can help you keep it that way

First lets tidy up

Uninstall Combofix
This will clear your System Volume Information restore points and remove all the infected files that were quarantined
Click START then RUN
Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the /U, it needs to be there.
http://neoshine.co.uk/mina/Katana/CFU.gif


You can also delete any logs we have produced and any other tools we have downloaded.

----------------------------------------------------------- -----------------------------------------------------------

The following is some info to help you stay safe and clean.


You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partner/71706/kavwebscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE (http://secunia.com/software_inspector/) for details

AntiSpyware
AntiSpyware is not the same thing as Antivirus.
Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
Most of the programs in this list have a free (for Home Users ) and paid versions,
it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
Spybot - Search & Destroy (http://www.safer-networking.org/) <<< A must have program It includes host protection and registry protection A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
MalwareBytes Anti-malware (http://www.malwarebytes.org/mbam.php) <<< A New and effective program
a-squared Free (http://www.emsisoft.com/en/software/free/) <<< A good "realtime" or "on demand" scanner
superantispyware (http://www.superantispyware.com/) <<< A good "realtime" or "on demand" scanner

Prevention
These programs don't detect malware, they help stop it getting on your machine in the first place.
Each does a different job, so you can have more than one
Winpatrol (http://www.winpatrol.com) An excellent startup manager and then some !! Notifies you if programs are added to startup Allows delayed startup A must have addition
SpywareBlaster 4.0 (http://www.javacoolsoftware.com/spywareblaster.html) SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
SpywareGuard 2.2 (http://www.javacoolsoftware.com/spywareguard.html) SpywareGuard provides real-time protection against spyware. Not required if you have other "realtime" antispyware or Winpatrol
ZonedOut (http://www.funkytoad.com/index.php?option=com_content&view=article&id=15&Itemid=33) Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.zip) This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial (http://www.mvps.org/winhelp2002/hosts.htm) by WinHelp2002. Not required if you are using other host file protections

Internet Browsers
Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
Using a different web browser can help stop malware getting on your machine.

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

If you are still using IE6 then either update, or get one of the following.
FireFox (http://www.mozilla.com/en-US/firefox/) With many addons available that make customization easy this is a very popular choice NoScript and AdBlockPlus addons are essential
Opera (http://www.opera.com/) Another popular alternative
Netscape (http://browser.netscape.com/addons) Another popular alternative Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies
Temporary Internet Files are mainly the files that are downloaded when you open a web page.
Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
It is a good idea to empty the Temporary Internet Files folder on a regular basis.

Tracking Cookies are files that websites use to monitor which sites you visit and how often.
A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

Both of these can be cleaned manually, but a quicker option is to use a program
ATF Cleaner (http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25) Free and very simple to use
CCleaner (http://www.ccleaner.com/) Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place (http://forum.malwareremoval.com/viewtopic.php?t=4959)

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'

Hi Katana,


Just wanted to say Thanks! Everything seems to be working fine....Im familiarizing myself with all of the new protection. I sure feel a lot better! I hope you have a Great Summer! THANKS AGAIN !