Jump to content


Photo

Torpig Infection


  • This topic is locked This topic is locked
6 replies to this topic

#1 zubbs1

zubbs1

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts

Posted 07 May 2007 - 11:09 PM

Adaware didn't find anything, but avg finds a torpig trojan. Here is the adaware logfile and a hijack this. I would really appreciate if you could help me figure out what is going on.


Ad-Aware SE Build 1.06r1
Logfile Created on:Monday, May 07, 2007 4:56:36 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R168 30.04.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):20 total references
Tracking Cookie(TAC index:3):13 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-7-2007 4:56:36 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Katherine Sims\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Katherine Sims\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1578078129-486625505-4268621875-1006\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 472
ThreadCreationTime : 5-7-2007 8:14:41 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 612
ThreadCreationTime : 5-7-2007 8:14:44 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1076
ThreadCreationTime : 5-7-2007 8:14:53 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1124
ThreadCreationTime : 5-7-2007 8:14:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1136
ThreadCreationTime : 5-7-2007 8:14:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 5-7-2007 8:14:55 PM
BasePriority : Normal
FileVersion : 6.14.10.4107
ProductVersion : 6.14.10.4107.05
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1320
ThreadCreationTime : 5-7-2007 8:14:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1432
ThreadCreationTime : 5-7-2007 8:14:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1588
ThreadCreationTime : 5-7-2007 8:14:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [evteng.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1636
ThreadCreationTime : 5-7-2007 8:14:55 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 12
ProductVersion : 9, 0, 0, 0
ProductName : EvtEng Module
CompanyName : Intel Corporation
FileDescription : EvtEng Module
InternalName : EvtEng
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : EvtEng.EXE

#:11 [s24evmon.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1764
ThreadCreationTime : 5-7-2007 8:14:56 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 41
ProductVersion : 9, 0, 0, 0
ProductName : Mobile Unit Support Service
CompanyName : Intel Corporation
FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
InternalName : S24EvMon
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : S24EvMon.exe

#:12 [zcfgsvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1808
ThreadCreationTime : 5-7-2007 8:14:57 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 45
ProductVersion : 1, 0, 0, 2
ProductName : ZeroCfgSvc Application
CompanyName : Intel Corporation
FileDescription : ZeroCfgSvc MFC Application
InternalName : ZeroCfgSvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : ZeroCfgSvc.EXE

#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1876
ThreadCreationTime : 5-7-2007 8:15:00 PM
BasePriority : Normal
FileVersion : 6.14.10.4107
ProductVersion : 6.14.10.4107.05
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:14 [wlkeeper.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1960
ThreadCreationTime : 5-7-2007 8:15:01 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 14
ProductVersion : 1, 0, 0, 1
ProductName : SSOFSet Service
CompanyName : Intel® Corporation
FileDescription : WLKEEPER
InternalName : WLKEEPER
LegalCopyright : Copyright © 2004
OriginalFilename : WLKEEPER.exe

#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1996
ThreadCreationTime : 5-7-2007 8:15:01 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:16 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 240
ThreadCreationTime : 5-7-2007 8:15:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:17 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 424
ThreadCreationTime : 5-7-2007 8:15:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:18 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 924
ThreadCreationTime : 5-7-2007 8:15:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:19 [guard.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 196
ThreadCreationTime : 5-7-2007 8:15:17 PM
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:20 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 260
ThreadCreationTime : 5-7-2007 8:15:17 PM
BasePriority : Normal
FileVersion : 7.5.0.453
ProductVersion : 7.5.0.453
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:21 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 388
ThreadCreationTime : 5-7-2007 8:15:20 PM
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:22 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 536
ThreadCreationTime : 5-7-2007 8:15:21 PM
BasePriority : Normal
FileVersion : 7.5.0.460
ProductVersion : 7.5.0.460
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:23 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 708
ThreadCreationTime : 5-7-2007 8:15:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:24 [nicconfigsvc.exe]
FilePath : C:\Program Files\Dell\NICCONFIGSVC\
ProcessID : 764
ThreadCreationTime : 5-7-2007 8:15:25 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NicConfigSvc
CompanyName : Dell Inc.
FileDescription : Internal Network Card Power Management Service
InternalName : TestMFCAppWiz
LegalCopyright : Copyright © 2004 Dell Inc.
OriginalFilename : NicConfigSvc.EXE

#:25 [regsrvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 616
ThreadCreationTime : 5-7-2007 8:15:30 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 10
ProductVersion : 9, 0, 0, 0
ProductName : RegSrvc Module
CompanyName : Intel Corporation
FileDescription : RegSrvc Module
InternalName : RegSrvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : RegSrvc.EXE
Comments : Registry Interface for Intel Wireless Products

#:26 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1480
ThreadCreationTime : 5-7-2007 8:15:32 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:27 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1784
ThreadCreationTime : 5-7-2007 8:15:32 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:28 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 1552
ThreadCreationTime : 5-7-2007 8:15:47 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:29 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2096
ThreadCreationTime : 5-7-2007 8:15:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:30 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3296
ThreadCreationTime : 5-7-2007 8:40:24 PM
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:31 [apoint.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 2560
ThreadCreationTime : 5-7-2007 8:40:37 PM
BasePriority : Normal
FileVersion : 5.5.101.141
ProductVersion : 5.5.101.141
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2004 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe

#:32 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.6.0_01\bin\
ProcessID : 2740
ThreadCreationTime : 5-7-2007 8:40:38 PM
BasePriority : Normal


#:33 [ifrmewrk.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 3504
ThreadCreationTime : 5-7-2007 8:40:42 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 19
ProductVersion : 9, 0, 0, 0
ProductName : Intel PROSet/Wireless
CompanyName : Intel Corporation
FileDescription : Intel Framework MFC Application
InternalName : Framework
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : iFramewrk.exe

#:34 [pcmservice.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 3524
ThreadCreationTime : 5-7-2007 8:40:44 PM
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:35 [quickset.exe]
FilePath : C:\Program Files\Dell\QuickSet\
ProcessID : 3628
ThreadCreationTime : 5-7-2007 8:40:46 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : QuickSet Application
FileDescription : QuickSet MFC Application
InternalName : direct
LegalCopyright : Copyright © 2001
OriginalFilename : direct.EXE

#:36 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 3548
ThreadCreationTime : 5-7-2007 8:40:49 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:37 [realplay.exe]
FilePath : C:\Program Files\Real\RealPlayer\
ProcessID : 3732
ThreadCreationTime : 5-7-2007 8:40:54 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:38 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 3768
ThreadCreationTime : 5-7-2007 8:41:03 PM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:39 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 3928
ThreadCreationTime : 5-7-2007 8:41:07 PM
BasePriority : Normal
FileVersion : 3, 10, 100, 1155
ProductVersion : 3, 10
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe

#:40 [logi_mwx.exe]
FilePath : C:\WINDOWS\
ProcessID : 3856
ThreadCreationTime : 5-7-2007 8:41:09 PM
BasePriority : Normal
FileVersion : 9.79.016
ProductVersion : 9.79.016
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Launcher Application
InternalName : Logi_MWX
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Logi_MWX.exe
Comments : Created by the MouseWare team

#:41 [hpcmpmgr.exe]
FilePath : C:\Program Files\HP\hpcoretech\
ProcessID : 3184
ThreadCreationTime : 5-7-2007 8:41:12 PM
BasePriority : Normal
FileVersion : 2.1.1.0
ProductVersion : 2.1.4
ProductName : hp coretech (COmponent REuse TECHnology)
CompanyName : Hewlett-Packard Company
FileDescription : HP Framework Component Manager Service
InternalName : HPComponentManagerService module
LegalCopyright : Copyright © Hewlett-Packard. 2002-2003
OriginalFilename : HpCmpMgr.exe

#:42 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 912
ThreadCreationTime : 5-7-2007 8:41:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:43 [1xconfig.exe]
FilePath : C:\PROGRA~1\Intel\Wireless\Bin\
ProcessID : 980
ThreadCreationTime : 5-7-2007 8:41:15 PM
BasePriority : Normal
FileVersion : 9, 0, 1, 33
ProductVersion : 9, 0, 0, 0
ProductName : 8021XConfig Module
CompanyName : Intel
FileDescription : 8021XConfig Module
InternalName : 8021XConfig
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : 1XConfig.EXE
Comments : Wrapper for MH. (Service COM)

#:44 [apntex.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 212
ThreadCreationTime : 5-7-2007 8:41:18 PM
BasePriority : Normal
FileVersion : 5.5.1.19
ProductVersion : 5.5.1.19
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2004 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe

#:45 [hpwuschd2.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\
ProcessID : 1040
ThreadCreationTime : 5-7-2007 8:41:19 PM
BasePriority : Normal
FileVersion : 50.0.146.000
ProductVersion : 050.000.146.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:46 [smbssldp.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1472
ThreadCreationTime : 5-7-2007 8:41:27 PM
BasePriority : Normal


#:47 [itsdde.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2072
ThreadCreationTime : 5-7-2007 8:41:29 PM
BasePriority : Normal


#:48 [dlmmsers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2168
ThreadCreationTime : 5-7-2007 8:41:29 PM
BasePriority : Normal


#:49 [dcpavss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 500
ThreadCreationTime : 5-7-2007 8:41:30 PM
BasePriority : Normal


#:50 [netuknqp.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2144
ThreadCreationTime : 5-7-2007 8:41:30 PM
BasePriority : Normal


#:51 [sdmvproc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2156
ThreadCreationTime : 5-7-2007 8:41:31 PM
BasePriority : Normal


#:52 [concszcl.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2248
ThreadCreationTime : 5-7-2007 8:41:31 PM
BasePriority : Normal


#:53 [dsagnt.exe]
FilePath : C:\Program Files\DellSupport\
ProcessID : 2200
ThreadCreationTime : 5-7-2007 8:41:32 PM
BasePriority : Below Normal
FileVersion : 3, 0, 0, 197
ProductVersion : 3, 0, 0, 197
ProductName : Dell Support
CompanyName : Gteko Ltd.
FileDescription : Dell Support
InternalName : AUAgent
LegalCopyright : Copyright © 2000 - 2007 Gteko Ltd.
OriginalFilename : AUAgent.exe

#:54 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2500
ThreadCreationTime : 5-7-2007 8:41:32 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:55 [mmdiag.exe]
FilePath : C:\PROGRA~1\MUSICM~1\MUSICM~3\
ProcessID : 984
ThreadCreationTime : 5-7-2007 8:41:39 PM
BasePriority : Normal
FileVersion : 10.00.3058
ProductVersion : 10.00.3058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE

#:56 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
ProcessID : 2404
ThreadCreationTime : 5-7-2007 8:41:41 PM
BasePriority : Normal
FileVersion : 1, 2, 1128, 5462
ProductVersion : 1, 2, 1128, 5462
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:57 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ProcessID : 3616
ThreadCreationTime : 5-7-2007 8:42:08 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : BVRP Software TestLine
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
LegalCopyright : Copyright © 2003
OriginalFilename : TestLine.exe

#:58 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\
ProcessID : 3864
ThreadCreationTime : 5-7-2007 8:42:13 PM
BasePriority : Normal
FileVersion : 10.00.3058
ProductVersion : 10.00.3058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe

#:59 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 748
ThreadCreationTime : 5-7-2007 9:31:26 PM
BasePriority : Normal
FileVersion : 7.00.6000.16414 (vista_gdr.070108-1520)
ProductVersion : 7.00.6000.16414
ProductName : Windows® Internet Explorer
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:60 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 6108
ThreadCreationTime : 5-7-2007 9:35:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE

#:61 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 4560
ThreadCreationTime : 5-7-2007 9:51:18 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:62 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 848
ThreadCreationTime : 5-7-2007 9:55:50 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 20


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 20


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 20


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@trafficmp[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:katherine sims@trafficmp.com/
Expires : 5-5-2008 7:25:04 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@revsci[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:katherine sims@revsci.net/
Expires : 5-1-2027 7:27:30 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:katherine sims@tribalfusion.com/
Expires : 5-6-2008 3:04:32 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:katherine sims@tacoda.net/
Expires : 5-6-2008 3:48:42 PM
LastSync : Hits:17
UseCount : 0
Hits : 17

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:katherine sims@atdmt.com/
Expires : 5-4-2012 7:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@adopt.euroclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:katherine sims@adopt.euroclick.com/
Expires : 5-3-2017 10:21:54 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:katherine sims@2o7.net/
Expires : 5-5-2012 2:31:10 PM
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:katherine sims@ads.pointroll.com/
Expires : 12-31-2009 7:00:00 PM
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@live365[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:katherine sims@live365.com/
Expires : 5-10-2012 6:11:12 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:katherine sims@msnportal.112.2o7.net/
Expires : 5-5-2012 2:05:34 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@specificclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:52
Value : Cookie:katherine sims@specificclick.net/
Expires : 5-6-2008 2:30:32 PM
LastSync : Hits:52
UseCount : 0
Hits : 52

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:katherine sims@advertising.com/
Expires : 5-4-2012 9:59:08 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : katherine_sims@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:katherine sims@doubleclick.net/
Expires : 5-7-2007 4:48:46 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 13
Objects found so far: 33



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 33


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
137 entries scanned.
New critical objects:0
Objects found so far: 33




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 33

5:16:53 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:17.32
Objects scanned:221667
Objects identified:13
Objects ignored:0
New critical objects:13



Logfile of HijackThis v1.99.1
Scan saved at 5:33:20 PM, on 5/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\smbssldp.exe
C:\WINDOWS\system32\itsdde.exe
C:\WINDOWS\system32\dlmmsers.exe
C:\WINDOWS\system32\dcpavss.exe
C:\WINDOWS\system32\netuknqp.exe
C:\WINDOWS\system32\sdmvproc.exe
C:\WINDOWS\system32\concszcl.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Documents and Settings\Katherine Sims\Desktop\hijackthis\HJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {15FAC292-47E3-43DC-B097-C479F9D32DC3} - C:\WINDOWS\system32\xxyaxwu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WindowsHive] C:\WINDOWS\system32\rpcc.exe
O4 - HKLM\..\Run: [msdlstat] C:\WINDOWS\system32\smbssldp.exe
O4 - HKLM\..\Run: [ascdps] C:\WINDOWS\system32\itsdde.exe
O4 - HKLM\..\Run: [drmconns] C:\WINDOWS\system32\dlmmsers.exe
O4 - HKLM\..\Run: [dlcipscl] C:\WINDOWS\system32\dcpavss.exe
O4 - HKLM\..\Run: [oplstmb] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [net2mudl] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [ncsysproc] C:\WINDOWS\system32\sdmvproc.exe
O4 - HKLM\..\Run: [rsalibz] C:\WINDOWS\system32\concszcl.exe
O4 - HKLM\..\Run: [mstatdsa] C:\WINDOWS\system32\concszcl.exe
O4 - HKLM\..\Run: [qsvcopl] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [nvipctl] C:\WINDOWS\system32\concszcl.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot\SpybotSD.exe" /autocheck /autofix
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msdlstat] C:\WINDOWS\system32\smbssldp.exe
O4 - HKCU\..\Run: [ascdps] C:\WINDOWS\system32\itsdde.exe
O4 - HKCU\..\Run: [drmconns] C:\WINDOWS\system32\dlmmsers.exe
O4 - HKCU\..\Run: [dlcipscl] C:\WINDOWS\system32\dcpavss.exe
O4 - HKCU\..\Run: [ncsysproc] C:\WINDOWS\system32\sdmvproc.exe
O4 - HKCU\..\Run: [rsalibz] C:\WINDOWS\system32\concszcl.exe
O4 - HKCU\..\Run: [mstatdsa] C:\WINDOWS\system32\concszcl.exe
O4 - HKCU\..\Run: [nvipctl] C:\WINDOWS\system32\concszcl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay10...es/MsnPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.co...clean_micro.exe
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.bigfishga...h2.1.0.0.48.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161215957075
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicr...scan/as4web.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.game...aploader_v6.cab
O16 - DPF: {E4C29FDC-F547-4219-ACFD-571F2A7A564A} (WebCamTest Class) - http://awbeta.net-nu...ATES/winwcd.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E4F25E-E08E-4A67-820D-404EED86642C}: NameServer = 68.87.72.130,68.87.77.130
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrge32 - C:\WINDOWS\SYSTEM32\winrge32.dll
O20 - Winlogon Notify: xxyaxwu - C:\WINDOWS\SYSTEM32\xxyaxwu.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

#2 miekiemoes

miekiemoes

    Malware Killer Dog

  • Volunteer Security Advisor
  • PipPipPip
  • 4092 posts

Posted 11 May 2007 - 11:51 AM

Yuck! This is a nasty log. :)
Your system is terribly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.
Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.
So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts.


Do next please...

* Please download the OTMoveIt by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt.exe to run it.
  • Where it says: "Paste List of Files/Folders to be Moved", copy and paste next bold part into that Window:

    C:\WINDOWS\system32\smbssldp.exe
    C:\WINDOWS\system32\itsdde.exe
    C:\WINDOWS\system32\dlmmsers.exe
    C:\WINDOWS\system32\dcpavss.exe
    C:\WINDOWS\system32\netuknqp.exe
    C:\WINDOWS\system32\sdmvproc.exe
    C:\WINDOWS\system32\concszcl.exe
    C:\WINDOWS\system32\xxyaxwu.dll
    C:\WINDOWS\system32\rpcc.exe
    C:\WINDOWS\SYSTEM32\winrge32.dll



  • Then click the red Moveit! button below.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.. Then it will reboot your computer.

Then, after reboot (in case it asked to reboot)

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

O2 - BHO: (no name) - {15FAC292-47E3-43DC-B097-C479F9D32DC3} - C:\WINDOWS\system32\xxyaxwu.dll
O4 - HKLM\..\Run: [WindowsHive] C:\WINDOWS\system32\rpcc.exe
O4 - HKLM\..\Run: [msdlstat] C:\WINDOWS\system32\smbssldp.exe
O4 - HKLM\..\Run: [ascdps] C:\WINDOWS\system32\itsdde.exe
O4 - HKLM\..\Run: [drmconns] C:\WINDOWS\system32\dlmmsers.exe
O4 - HKLM\..\Run: [dlcipscl] C:\WINDOWS\system32\dcpavss.exe
O4 - HKLM\..\Run: [oplstmb] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [net2mudl] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [ncsysproc] C:\WINDOWS\system32\sdmvproc.exe
O4 - HKLM\..\Run: [rsalibz] C:\WINDOWS\system32\concszcl.exe
O4 - HKLM\..\Run: [mstatdsa] C:\WINDOWS\system32\concszcl.exe
O4 - HKLM\..\Run: [qsvcopl] C:\WINDOWS\system32\netuknqp.exe
O4 - HKLM\..\Run: [nvipctl] C:\WINDOWS\system32\concszcl.exe
O4 - HKCU\..\Run: [msdlstat] C:\WINDOWS\system32\smbssldp.exe
O4 - HKCU\..\Run: [ascdps] C:\WINDOWS\system32\itsdde.exe
O4 - HKCU\..\Run: [drmconns] C:\WINDOWS\system32\dlmmsers.exe
O4 - HKCU\..\Run: [dlcipscl] C:\WINDOWS\system32\dcpavss.exe
O4 - HKCU\..\Run: [ncsysproc] C:\WINDOWS\system32\sdmvproc.exe
O4 - HKCU\..\Run: [rsalibz] C:\WINDOWS\system32\concszcl.exe
O4 - HKCU\..\Run: [mstatdsa] C:\WINDOWS\system32\concszcl.exe
O4 - HKCU\..\Run: [nvipctl] C:\WINDOWS\system32\concszcl.exe
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.bigfishga...h2.1.0.0.48.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.game...aploader_v6.cab
O16 - DPF: {E4C29FDC-F547-4219-ACFD-571F2A7A564A} (WebCamTest Class) - http://awbeta.net-nu...ATES/winwcd.cab
O20 - Winlogon Notify: winrge32 - C:\WINDOWS\SYSTEM32\winrge32.dll
O20 - Winlogon Notify: xxyaxwu - C:\WINDOWS\SYSTEM32\xxyaxwu.dll


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

* Download Combofix to your desktop.
Doubleclick combofix.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.
DO NOT POST your problem or log in someone elses thread, even though you are having the same problems. This to avoid confusion. Start a new thread instead and someone will help you asap.
Bumping your thread won't help to receive help in a faster way, this since we always look at the posts with 0 replies first. If you bump your thread, we assume that someone is already helping you, so your thread may be ignored.

#3 zubbs1

zubbs1

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts

Posted 12 May 2007 - 07:10 PM

Thank you so much for helping out. I am willing to give it a try. I followed the instructions you gave. Here are the logfiles:


"Katherine Sims" - 2007-05-12 13:31:13 Service Pack 2
ComboFix 07-05.09.V - Running from: "C:\Documents and Settings\Katherine Sims\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\Common Files\microsoft shared\web folders\ibm00003.dll
C:\Program Files\Common Files\microsoft shared\web folders\ibm00004.dll
C:\Program Files\ipwins\popABB.tmp
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\dinerdash2.exe
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\playfirstlogo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\strings.xml
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\dirty_dishes.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\foodtray.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\heart3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\menu_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\menu_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\mop_prop.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\accessories\ticket.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\mainmenumusic.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a3.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\music\cafe\cafe_music_a4.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\baby_cry.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\chef_cook1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\closing_time.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\customer_ditch.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_down.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\dialog_up.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\drink_table.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\expert.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_deliver.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\highchair_pickup.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\keystroke2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\level_lose.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\level_win.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\menu_click.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\menu_rollover.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\mop_pickup.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\mop_spill.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_bring_check_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_dropoff_drinks_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_food_ready_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_gain_heart_1.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_menu_down.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pencil_write_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\sfx_seat_people_snd.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\spill.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\table_drink.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\audio\sfx\tip_2.ogg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\flo_lose.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\flo_win.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\fullscreendialog.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\high_score_menu_bg.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelintro.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\levelover.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\longdialog.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\mainmenu_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\popup.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\popup.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\textfield.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\backgrounds\upgrade_lines.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowdown_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\arrowup_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\checkbox_rotated_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_highlight.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_normal.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\decor_selected.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_large_3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\dialog_button_a_small_3.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\left_arrow_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button1_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\main_menu_button2_mask.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\map_button_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\right_arrow_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_down.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_over.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\upgrade_up.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\buttons\welcome_player.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\actionpoints.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\career.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\customer.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\endless.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\global.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\config\powerups.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cook\stove.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\arrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\click.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\click2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\grab.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\cursor\open.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\dad_male\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\kid_male\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\baby.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_baby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red_baby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\mom_female\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\anim.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\anim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\blue_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\legs.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\customers\young_female\red_legs.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\idle.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\idle.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\lower.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\lower.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\upper.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\flo\upper.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\fonts\mercurius.mvec
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\bench.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\bench.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\blue_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\chair.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\chair.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dirt2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dirt4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dishcart.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\dishcart.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\green_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchairbaby.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\highchair_prop_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\luxury_bench.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\mop_station_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium_heart.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\podium_heart.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\purple_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\radio.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\red_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\spill.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\spill.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\stereo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\ticketstation.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\ticketstation.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\furniture\yellow_highchairbaby.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\family.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_colormatch1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_colormatch2.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_noise.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help1_score.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_cleardishes.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_givecheck.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_pickupfood.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_servefood.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help2_takeorder.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\help\help_dividerline.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\hiscore\local-hs-bb.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\hiscore\p1icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_1.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_2.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_3.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_4.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_5.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\career_1_6.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_a.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_b.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\layouts\endless_1_1_c.bin
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\tableshadow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\background.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrades.xml
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\blue.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\green.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\grey.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\chairs\red.pal
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\cup1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\food\food.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_0.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\frames\2_1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\furniture\drinkstation1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\people\cook.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\props\cup_prop1.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\2top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\tables\4top.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_0.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\restaurants\cafe\upgrade_icons\cafe_icon_2_1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\careerupgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\choosedifficulty.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\closeconfirm.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\entername.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\game.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\getmoregames.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\help1.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\help2.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscore.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscoreinfo.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\hiscoresubmit.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\levelintro.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\levelover.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\loading.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\mainloop.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\mainmenu.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\ok.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\pause.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\style.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\upgrade.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\upsell.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\scripts\yesno.lua
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\splash\aol_logo.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\splash\playfirst_logo.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\angersmoke.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\angersmoke.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\chairflags.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\chairflags.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\check.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\checkmark.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\closed.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\coinflip.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\coinflip.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\decor_lines.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\dollar.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\expert.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\foodpoof.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\foodpoof.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\heartgrow.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\heartgrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\jar.anm
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\jar.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\lives_icon.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\noisering.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tablenumber_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tablenumber_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\traynumber.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tutorialarrow.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\tutorialbox.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_base.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_hand.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_timer_off.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\ui_timer_on.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgradeanim.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_bubble.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_mop.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\bubbles\request_rejectmeal.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_d.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_e.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\notes\music_boost_f.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_bench_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_drink_station1_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_luxury_bench_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_oven_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_podium_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_powerbars_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_radio_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_stereo_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_a.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_b.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_c.png
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd1.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd2.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd3.jpg
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48\assets\upsell\dd4.jpg
C:\WINDOWS\wpcjmd.log
C:\Program Files\ipwins
C:\WINDOWS\system32\components
C:\WINDOWS\DOWNLO~1.\DinerDash2.1.0.0.48
C:\Program Files\Common Files\{3CB9A~1
C:\Program Files\Common Files\{ECB9A~1
C:\Program Files\Common Files\{ECB9A~2


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_CMDSERVICE
-------\LEGACY_GB
-------\LEGACY_NETWORK_MONITOR
-------\gb


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-12 ))))))))))))))))))))))))))))))))))


2007-05-06 09:43 71,951 --a------ C:\WINDOWS\kuyrgregre.exe
2007-05-06 09:43 70,202 --a------ C:\WINDOWS\trdgrre.exe
2007-05-05 16:23 <DIR> d-------- C:\DOCUME~1\KATHER~1\APPLIC~1\Yahoo!
2007-05-05 16:12 71,667 --a------ C:\WINDOWS\efwfergvfsdgjh.exe
2007-04-29 20:34 <DIR> d--h----- C:\DOCUME~1\KATHER~1\APPLIC~1\Move Networks


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-05-07 20:08:54 -------- d-----w C:\Program Files\Games
2007-05-06 17:53:32 -------- d-----w C:\Program Files\Spybot
2007-05-06 17:49:19 -------- d-----w C:\Program Files\STOPzilla!
2007-04-20 00:21:39 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-09 23:16:08 -------- d--h--w C:\DOCUME~1\KATHER~1\APPLIC~1\Gtek
2007-04-09 22:58:32 -------- d-----w C:\Program Files\DellSupport
2007-04-06 23:09:23 -------- d-----w C:\Program Files\Nancy Drew
2007-04-04 01:28:52 -------- d-----w C:\DOCUME~1\KATHER~1\APPLIC~1\Magic Academy
2007-04-01 03:14:36 -------- d-----w C:\DOCUME~1\KATHER~1\APPLIC~1\MysteryStudio
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-16 00:55:59 42 ----a-w C:\WINDOWS\popcinfo.dat
2007-03-10 04:37:08 -------- d-----w C:\Program Files\Google
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2007-02-17 03:02:25 0 ----a-w C:\WINDOWS\PowerReg.dat
2007-02-13 19:59:08 1,105,666 ----a-w C:\WINDOWS\Mall Tycoon 2 Uninstaller.exe
2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"="C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll"
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"="C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll"
"{53707962-6F74-2D53-2644-206D7942484F}"="C:\PROGRA~1\Spybot\SDHelper.dll"
"{5CA3D70E-1895-11CF-8E15-001234567890}"="C:\WINDOWS\system32\dla\tfswshx.dll"
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"="C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll"
"{AA58ED58-01DD-4d91-8333-CF10577473F7}"="c:\program files\google\googletoolbar2.dll"
"{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"="C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll"
"{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}"="C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"IntelWireless"="C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless"
"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
"Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"Logitech Utility"="Logi_MwX.Exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~3\\mimboot.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"DellSupport"="\"C:\\Program Files\\DellSupport\\DSAgnt.exe\" /startup"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll"


HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyaxwu

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages msv1_0\
Security Packages kerberosmsv1_0schannelwdigest\
Notification Packages scecli\




[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter HTTPFilter\
LocalService AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV\
NetworkService DnsCache\
DcomLaunch DcomLaunchTermService\
rpcss RpcSs\
imgsvc StiSvc\
termsvcs TermService\

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-12 13:40:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 2007-05-12 13:45:32 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-12 13:45



Here is the hijack this:



Logfile of HijackThis v1.99.1
Scan saved at 1:49:50 PM, on 5/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Katherine Sims\Desktop\hijackthis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay10...es/MsnPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.co...clean_micro.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161215957075
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicr...scan/as4web.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E4F25E-E08E-4A67-820D-404EED86642C}: NameServer = 68.87.72.130,68.87.77.130
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: xxyaxwu - xxyaxwu.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

#4 miekiemoes

miekiemoes

    Malware Killer Dog

  • Volunteer Security Advisor
  • PipPipPip
  • 4092 posts

Posted 12 May 2007 - 08:18 PM

Hi,

Let's deal with leftovers now...

Check and fix next leftover in HijackThis:

O20 - Winlogon Notify: xxyaxwu - xxyaxwu.dll (file missing)

Delete next files:

C:\WINDOWS\kuyrgregre.exe
C:\WINDOWS\trdgrre.exe
C:\WINDOWS\efwfergvfsdgjh.exe

* Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click "Delete".
  • Click "Delete Files", "Delete cookies" and "Delete history"
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
* Open OTMoveIt and click the CleanUp! button on top.
In the left pane, it will display a list of tools and other related files which you may have downloaded/used during our cleanup + backup folders that were created with the bad files present. They are not needed anymore, so OtMoveIt will delete them.
Do not edit anything in that Window!
Don't worry if it displays some tools you didn't download/use.
Click Yes when it asks to Begin cleanup process.
Then reboot your computer.

Let me know in your next reply how things are now.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.
DO NOT POST your problem or log in someone elses thread, even though you are having the same problems. This to avoid confusion. Start a new thread instead and someone will help you asap.
Bumping your thread won't help to receive help in a faster way, this since we always look at the posts with 0 replies first. If you bump your thread, we assume that someone is already helping you, so your thread may be ignored.

#5 zubbs1

zubbs1

    Advanced Member

  • Members
  • PipPipPip
  • 49 posts

Posted 13 May 2007 - 06:27 PM

Things seem to be much better in terms of speed of applications opening, and stability of windows. I ran adaware, avg, and spybot scans on the system. Adaware and avg find nothing, but spybot found four cookies. After telling it to fix them, and rebooting and running another scan, they persist.

Here is a logfile for the spybot search, and another hijack this:


--- Search result list ---
Advertising.com: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-10-16 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-09 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-05-09 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-05-09 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-05-09 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-05-09 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-05-09 Includes\PUPSC.sbi (*)
2007-05-09 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-05-09 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-05-09 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-05-02 Includes\Trojans.sbi (*)
2007-05-09 Includes\TrojansC.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Windows XP Hotfix - KB892627
/ Windows XP / SP3: Windows XP Hotfix - KB893056
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)


--- Startup entries list ---
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 155648
MD5: a0b4823c28ad825728550796042c68a4

Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 416256
MD5: 2200c98c049de1a7638ea0edba1c8882

Located: HK_LM:Run, Dell QuickSet
command: C:\Program Files\Dell\QuickSet\quickset.exe
file: C:\Program Files\Dell\QuickSet\quickset.exe
size: 606208
MD5: c67c916b6b43b4b092adeaf7adf285bf

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2ca827ba68d0cdb5437c40c6f53d7f20

Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: b3e3c57fd22e71ce20389372d972c6dc

Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: b75b654ee1da99876461b24597ae3ff3

Located: HK_LM:Run, HP Software Update
command: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821f73b833c4daebc33c1a9a4b16bb5a

Located: HK_LM:Run, HPDJ Taskbar Utility
command: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
file: C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
size: 172032
MD5: fd32127449af0b96ebeca3caab74e423

Located: HK_LM:Run, IntelWireless
command: C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
file:

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: fb9e5c251cf6c37749f296bacb34a69b

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763dab43bdab27316dbf3373192823d7

Located: HK_LM:Run, Logitech Utility
command: Logi_MwX.Exe
file: C:\WINDOWS\Logi_MwX.Exe
size: 19968
MD5: 47f4c8707de00f5f18f6cd524df02879

Located: HK_LM:Run, MimBoot
command: C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
file: C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
size: 11776
MD5: d7bac36b6dea03513e04bcae60bab4a1

Located: HK_LM:Run, PCMService
command: "C:\Program Files\Dell\Media Experience\PCMService.exe"
file: C:\Program Files\Dell\Media Experience\PCMService.exe
size: 290816
MD5: e02c0e78e5cfb01bf9d1866dba18b456

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: c341ccfbe98bc7df6e0b856bb9fc265a

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
size: 83608
MD5: 9c1c80bbf8e6044980890e2d2d91091c

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, DellSupport
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: b75fdbf14073d72c50624cc8338dd534

Located: HK_CU:Run, swg
command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

Located: HK_CU:Run, updateMgr
command: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
size: 313472
MD5: 43f3f6d33c793089a7c32b45da16094b

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: b66e56733e2cd6a10fda5919625fbf46

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, IntelWireless
command: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
file: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
size: 110592
MD5: e0305040e70be2ae657987ce0d7d14df

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (&Yahoo! Toolbar Helper)
BHO name:
CLSID name: &Yahoo! Toolbar Helper
description: Yahoo Companion!
classification: Legitimate
known filename: Ycomp*_*_*_*.dll
info link: http://companion.yahoo.com/
info source: TonyKlein
Path: C:\Program Files\Yahoo!\Companion\Installs\cpn3\
Long name: yt.dll
Short name:
Date (created): 3/20/2007 4:39:26 PM
Date (last access): 5/13/2007 12:15:20 PM
Date (last write): 3/20/2007 4:39:26 PM
Filesize: 803864
Attributes: archive
MD5: 839BC91F49F8ADA29F3E3B8366057016
CRC32: E8D1E607
Version: 2007.3.20.1

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
BHO name:
CLSID name: Adobe PDF Reader Link Helper
description: Adobe Acrobat reader
classification: Legitimate
known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
info link: http://www.adobe.com.../readstep2.html
info source: TonyKlein
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\
Long name: AcroIEHelper.dll
Short name: ACROIE~1.DLL
Date (created): 12/14/2004 1:56:50 AM
Date (last access): 5/13/2007 12:49:30 PM
Date (last write): 1/12/2006 9:38:22 PM
Filesize: 63128
Attributes: archive
MD5: F17B2B264072B921FC66A0BE16626BAB
CRC32: 5184CFEA
Version: 7.0.7.142

{53707962-6F74-2D53-2644-206D7942484F} ()
BHO name:
CLSID name:
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\Spybot\
Long name: SDHelper.dll
Short name:
Date (created): 10/16/2006 7:44:52 AM
Date (last access): 5/13/2007 12:14:24 PM
Date (last write): 5/31/2005 1:04:00 AM
Filesize: 853672
Attributes: archive
MD5: 250D787A5712D7768DDC133B3E477759
CRC32: D4589A41
Version: 1.4.0.0

{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 6/6/2005 11:19:50 PM
Date (last access): 5/13/2007 12:49:32 PM
Date (last write): 12/6/2004 1:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 37943B990D318145D1EFCBEEF8F9566A
CRC32: C6D87067
Version: 1.4.8.0

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_01\bin\
Long name: ssv.dll
Short name:
Date (created): 5/1/2007 10:59:50 AM
Date (last access): 5/13/2007 11:53:14 AM
Date (last write): 3/14/2007 3:43:40 AM
Filesize: 501400
Attributes: archive
MD5: 70FD57D6EDBED8D80C1995257C99D27E
CRC32: 3CE654AC
Version: 6.0.10.6

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~1.DLL
Date (created): 3/9/2007 11:37:06 PM
Date (last access): 5/13/2007 12:49:36 PM
Date (last write): 1/20/2007 12:55:32 AM
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (MSN Search Toolbar Helper)
BHO name:
CLSID name: MSN Search Toolbar Helper
Path: C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\
Long name: msntb.dll
Short name:
Date (created): 9/20/2005 6:12:10 PM
Date (last access): 5/13/2007 12:11:46 PM
Date (last write): 9/20/2005 6:12:10 PM
Filesize: 577744
Attributes: archive
MD5: E1610BCC07C6B6D9332485B52DD5042E
CRC32: EA40FB0B
Version: 2.5.1.1119

{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
BHO name:
CLSID name: EpsonToolBandKicker Class
Path: C:\Program Files\EPSON\EPSON Web-To-Page\
Long name: EPSON Web-To-Page.dll
Short name: EPSONW~1.DLL
Date (created): 12/31/2005 4:28:46 PM
Date (last access): 5/13/2007 12:49:40 PM
Date (last write): 2/22/2005 2:50:34 PM
Filesize: 368640
Attributes: archive
MD5: 01319CF4030B3740BA8261E7024ACAD1
CRC32: D484DB79
Version: 1.1.0.0



--- ActiveX list ---
{14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zon...nt.cab31267.cab
description:
classification: Legitimate
known filename: MessengerStatsPAClient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MessengerStatsPAClient.dll
Short name: MESSEN~1.DLL
Date (created): 4/6/2004 7:03:54 PM
Date (last access): 5/13/2007 12:45:30 PM
Date (last write): 4/6/2004 7:03:54 PM
Filesize: 172072
Attributes: archive
MD5: 94D1773AEAA2197AFEE3A6F8404FE4E9
CRC32: 76C3823D
Version: 9.2.7513.1

{166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control)
DPF name:
CLSID name: Shockwave ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.ma...director/sw.cab
description: Macromedia ShockWave Flash Player 7
classification: Legitimate
known filename: SWDIR.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\macromed\Director\
Long name: SwDir.dll
Short name:
Date (created): 6/20/2005 8:21:22 PM
Date (last access): 5/11/2007 2:44:50 PM
Date (last write): 9/4/2006 12:10:30 AM
Filesize: 54960
Attributes: archive
MD5: EB271B21EA6104B7C6946EF32D558C91
CRC32: CEC4E0C2
Version: 10.1.4.20

{4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
DPF name:
CLSID name: MSN Photo Upload Tool
Installer: C:\WINDOWS\Downloaded Program Files\MSNPupld.inf
Codebase: http://by108fd.bay10...es/MsnPUpld.cab
description:
classification: Legitimate
known filename: MsnPUpld.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: MsnPUpld.dll
Short name:
Date (created): 10/8/2004 4:01:22 PM
Date (last access): 5/13/2007 12:45:30 PM
Date (last write): 10/8/2004 4:01:22 PM
Filesize: 372736
Attributes: archive
MD5: D2ED523BB0FE94F8F492BEFE1C336040
CRC32: C4677625
Version: 10.0.910.0

{556DDE35-E955-11D0-A707-000000521957} ()
DPF name:
CLSID name:
Installer:
Codebase: http://www.xblock.co...clean_micro.exe
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.micros...b?1161215957075
description:
classification: Legitimate
known filename: muweb.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 4:19:32 AM
Date (last access): 5/13/2007 12:58:08 PM
Date (last write): 5/26/2005 4:19:32 AM
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_01\bin\
Long name: npjpi160_01.dll
Short name: NPJPI1~1.DLL
Date (created): 3/14/2007 2:04:46 AM
Date (last access): 5/13/2007 11:53:14 AM
Date (last write): 3/14/2007 3:43:42 AM
Filesize: 132760
Attributes: archive
MD5: F112FB2FD2EF66D439799E3F834DF000
CRC32: D2B09219
Version: 6.0.0.6

{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)
DPF name:
CLSID name: MessengerStatsClient Class
Installer:
Codebase: http://messenger.zon...nt.cab31267.cab
description:
classification: Legitimate
known filename: messengerstatsclient.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: messengerstatsclient.dll
Short name: MESSEN~2.DLL
Date (created): 5/29/2003 3:00:20 PM
Date (last access): 5/13/2007 12:45:30 PM
Date (last write): 5/29/2003 3:00:20 PM
Filesize: 160864
Attributes: archive
MD5: B069B555A00AA026F657AA4FD13AE154
CRC32: 89BB01E1
Version: 7.1.9502.1

{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase: http://acs.pandasoft...free/asinst.cab
description:
classification: Legitimate
known filename: ASINST.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 8/24/2006 8:28:54 AM
Date (last access): 5/13/2007 12:45:28 PM
Date (last write): 8/24/2006 8:28:54 AM
Filesize: 141424
Attributes: archive
MD5: CB0EBD772D7D003BD11A999FF515A89A
CRC32: 3CFE74C1
Version: 58.6.0.0

{B1826A9F-4AA0-4510-BA77-9013E74E4B9B} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\SpyMD.inf
Codebase: http://www.trendmicr...scan/as4web.cab

{B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class)
DPF name:
CLSID name: ZoneIntro Class
Installer:
Codebase: http://messenger.zon...ro.cab47946.cab
description:
classification: Legitimate
known filename: ZIntro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ZIntro.ocx
Short name:
Date (created): 2/1/2005 12:26:46 AM
Date (last access): 5/13/2007 12:45:30 PM
Date (last write): 7/18/2006 2:35:06 PM
Filesize: 151080
Attributes: archive
MD5: 62E2EB8AAF9800D6CB9983B0D32BF781
CRC32: D5CAAEA6
Version: 9.4.7946.1

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description:
classification: Legitimate
known filename: npjpi142_03.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 5:48:18 PM
Date (last access): 5/13/2007 11:40:58 AM
Date (last write): 11/19/2003 5:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_06
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_06\bin\
Long name: NPJPI150_06.dll
Short name: NPJPI1~1.DLL
Date (created): 3/2/2006 1:52:58 PM
Date (last access): 5/13/2007 11:44:18 AM
Date (last write): 11/10/2005 1:22:12 PM
Filesize: 69746
Attributes: archive
MD5: D2CF6BB5E9020E6707B62575F8083954
CRC32: 7F39DC54
Version: 5.0.60.5

{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description:
classification: Legitimate
known filename: NPJPI150_09.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 10/12/2006 4:10:58 AM
Date (last access): 5/13/2007 11:48:46 AM
Date (last write): 10/12/2006 4:25:44 AM
Filesize: 69746
Attributes: archive
MD5: A3CDEB59B6B8C2EA81B9ED2D3EF4C95E
CRC32: 2A32A9A2
Version: 5.0.90.3

{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_01\bin\
Long name: npjpi160_01.dll
Short name: NPJPI1~1.DLL
Date (created): 3/14/2007 2:04:46 AM
Date (last access): 5/13/2007 12:59:46 PM
Date (last write): 3/14/2007 3:43:42 AM
Filesize: 132760
Attributes: archive
MD5: F112FB2FD2EF66D439799E3F834DF000
CRC32: D2B09219
Version: 6.0.0.6

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_01
Installer:
Codebase: http://java.sun.com/...indows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_01\bin\
Long name: npjpi160_01.dll
Short name: NPJPI1~1.DLL
Date (created): 3/14/2007 2:04:46 AM
Date (last access): 5/13/2007 12:59:46 PM
Date (last write): 3/14/2007 3:43:42 AM
Filesize: 132760
Attributes: archive
MD5: F112FB2FD2EF66D439799E3F834DF000
CRC32: D2B09219
Version: 6.0.0.6

{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload2.m...ash/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9b.ocx
Short name:
Date (created): 11/9/2006 3:46:28 PM
Date (last access): 5/13/2007 12:50:18 PM
Date (last write): 11/9/2006 3:46:28 PM
Filesize: 2262648
Attributes: readonly archive
MD5: F3B3EE66CA76C94510555ABE9D00A353
CRC32: A51F3CB4
Version: 9.0.28.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 480 ( 4) \SystemRoot\System32\smss.exe
PID: 620 ( 480) \??\C:\WINDOWS\system32\csrss.exe
PID: 1076 ( 480) \??\C:\WINDOWS\system32\winlogon.exe
PID: 1124 (1076) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 1136 (1076) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1312 (1124) C:\WINDOWS\system32\Ati2evxx.exe
size: 405504
MD5: E63498B8F5260A3775DA5C79CA82D624
PID: 1324 (1124) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1436 (1124) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1596 (1124) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1632 (1124) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
size: 86016
MD5: D335183519E6814DFAB4ED3DD806A943
PID: 1764 (1124) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
size: 360521
MD5: 79A647519CA3E700E9738153F788FB7D
PID: 1808 (1076) C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
size: 389120
MD5: 17F5221A41F70386CD352AEE30CEA56F
PID: 1868 (1076) C:\WINDOWS\system32\Ati2evxx.exe
size: 405504
MD5: E63498B8F5260A3775DA5C79CA82D624
PID: 1936 (1900) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1944 (1124) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
size: 225353
MD5: 43ED73F10DE96E0A23244BD9CF04F5C2
PID: 200 (1124) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 528 (1124) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 748 (1124) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1692 (1324) C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
size: 245760
MD5: 16525F9337737D6EBCC5EA2BA296147B
PID: 380 (1124) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 204800
MD5: E8FBDCC8D618D1BB84B828F247A6244B
PID: 392 (1124) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 353280
MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
PID: 412 (1124) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 49664
MD5: 30A14F65DB477DC00A64A5A24E96919C
PID: 424 (1124) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 351744
MD5: C6A162BEDAA82DBE9EBF8C7EEBD2929B
PID: 632 (1124) C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
size: 356352
MD5: F24BCFEFE471F4D34A5786B7FCB9235C
PID: 968 (1124) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
size: 139264
MD5: 15BA3BCEEB32C4279B27F5C3389E4847
PID: 1036 (1124) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1368 (1124) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 2584 (1124) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2592 (1324) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 3088 (1936) C:\Program Files\Apoint\Apoint.exe
size: 155648
MD5: A0B4823C28AD825728550796042C68A4
PID: 3096 (1936) C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
size: 83608
MD5: 9C1C80BBF8E6044980890E2D2D91091C
PID: 3104 (1936) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
size: 385024
MD5: C2DCBCE29ECB74F8BFE89BFF149A4D97
PID: 3116 (1936) C:\Program Files\Dell\Media Experience\PCMService.exe
size: 290816
MD5: E02C0E78E5CFB01BF9D1866DBA18B456
PID: 3124 (1936) C:\Program Files\Dell\QuickSet\quickset.exe
size: 606208
MD5: C67C916B6B43B4B092ADEAF7ADF285BF
PID: 3148 (1936) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 53248
MD5: B3E3C57FD22E71CE20389372D972C6DC
PID: 3192 (1936) C:\Program Files\Real\RealPlayer\RealPlay.exe
size: 26112
MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 3276 (1936) C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3300 (1936) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20
PID: 3540 (1936) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763DAB43BDAB27316DBF3373192823D7
PID: 3620 (1936) C:\WINDOWS\Logi_MwX.Exe
size: 19968
MD5: 47F4C8707DE00F5F18F6CD524DF02879
PID: 256 (1936) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: B75B654EE1DA99876461B24597AE3FF3
PID: 896 (1936) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
size: 172032
MD5: FD32127449AF0B96EBECA3CAAB74E423
PID: 388 ( 296) C:\Program Files\Apoint\Apntex.exe
size: 45056
MD5: 0AA31DE4E40861EAF259D194A58D4317
PID: 668 (1936) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A
PID: 912 (1936) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 416256
MD5: 2200C98C049DE1A7638EA0EDBA1C8882
PID: 876 ( 696) C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
size: 102400
MD5: 3D955D21FDBF9D42BBAC5763590AE559
PID: 940 (1936) C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: B75FDBF14073D72C50624CC8338DD534
PID: 992 (1936) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 928 (1936) C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A
PID: 2316 (1324) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
size: 403456
MD5: E25F124E8674CAAE31AB6F3EF9D6CE66
PID: 2496 (1124) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2360 (1936) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 1508 ( 912) C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
size: 145920
MD5: 736A6ED03365EC50815FF8ED6B2E2147
PID: 3400 (1596) C:\WINDOWS\system32\wuauclt.exe
size: 124184
MD5: EBF1AB7E4FC05CABF2F4680D2A45F827
PID: 1904 (1936) C:\Program Files\Spybot\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 5/13/2007 1:00:32 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...amp;ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.msn.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft....k/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
about:blank
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft....k/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft....k/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8E4F25E-E08E-4A67-820D-404EED86642C}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8E4F25E-E08E-4A67-820D-404EED86642C}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7AF48DF2-842E-4CC1-99BF-D788A29328BA}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7AF48DF2-842E-4CC1-99BF-D788A29328BA}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB368E6A-119F-4584-8DFB-DDC81B5A2B92}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB368E6A-119F-4584-8DFB-DDC81B5A2B92}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A3FE088-CFE5-433E-8431-D3A5C00A7E28}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8A3FE088-CFE5-433E-8431-D3A5C00A7E28}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace



--- Uninstall list ---
GameHouse Games Collection: Academy of Magic (Academy of Magic)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ACADEM~1\Install.log

Microsoft ActiveX Control Pad (ActiveXControlPad)
uninstall cmd: C:\Program Files\ActiveX Control Pad\Setup\Remove.exe

Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Shockwave Player 10.1.4.20 (Adobe Shockwave Player)
uninstall cmd: C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
publisher: Adobe Systems, Inc.
help link: http://www.adobe.com/support/shockwave

GameHouse Games Collection: Adventure Inlay (Adventure Inlay)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ADVENT~1\Install.log

GameHouse Games Collection: Adventure Inlay - Safari Edition (Adventure Inlay - Safari Edition)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ADVENT~2\Install.log

GameHouse Games Collection: Air Strike 3D (Air Strike 3D)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\AIRSTR~1\Install.log

Alchemy 1.2 (Alchemy 1.2)
uninstall cmd: C:\Program Files\Games\UnGins.exe "C:\Program Files\Games\install.log"

GameHouse Games Collection: Alien Sky (Alien Sky)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ALIENS~1\Install.log

GameHouse Games Collection: Aloha Solitaire (Aloha Solitaire)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ALOHAS~1\Install.log

GameHouse Games Collection: Aloha TriPeaks (Aloha TriPeaks)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ALOHAT~1\Install.log

Amazonia (Amazonia_is1)
install date: 20070503
install location: C:\Program Files\Games\Amazonia\Amazonia\
uninstall cmd: "C:\Program Files\Games\Amazonia\Amazonia\ReflexiveArcade\unins000.exe"

GameHouse Games Collection: Ancient Tri-Jong (Ancient Tri-Jong)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ANCIEN~1\Install.log

GameHouse Games Collection: Ancient Tripeaks (Ancient Tripeaks)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ANCIEN~2\Install.log

Ango´s Game Collection (Ango´s Game Collection)
uninstall cmd: C:\Program Files\Games\AnGo´s Game Collection\Uninst.exe

GameHouse Games Collection: Astrobatics (Astrobatics)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ASTROB~1\Install.log

ATI Display Driver 8.063.2.1-041203a-019752C-Dell (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

GameHouse Games Collection: Atlantis (Atlantis)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Atlantis\Install.log

GameHouse Games Collection: Atomaders (Atomaders)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ATOMAD~1\Install.log

(AudioPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com

B-Jigsaw 7 (B-Jigsaw_is1)
uninstall cmd: "C:\Program Files\Games\BJigsaw7\unins000.exe"

GameHouse Games Collection: Bejeweled 2 (Bejeweled 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\BEJEWE~1\Install.log

Belle`s Beauty Boutique (remove only) (Belle`s Beauty Boutique)
uninstall cmd: C:\Program Files\Games\Belle`s Beauty Boutique\Uninstall.exe

Betrapped (Betrapped_is1)
install date: 20070504
install location: C:\Program Files\Games\Betrapped\
uninstall cmd: "C:\Program Files\Games\Betrapped\ReflexiveArcade\unins000.exe"

GameHouse Games Collection: Bewitched (Bewitched)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\BEWITC~1\Install.log

GameHouse Games Collection: Big Kahuna Reef (Big Kahuna Reef)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\BIGKAH~1\Install.log

Big Money Deluxe 1.22 (Big Money Deluxe 1.22)
uninstall cmd: C:\Program Files\PopCap Games\Big Money Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Big Money Deluxe\Install.log

BitComet 0.70 0.70 (BitComet)
uninstall cmd: C:\Program Files\BitComet\uninst.exe
publisher: ~RnySmile~

GameHouse Games Collection: Boggle Supreme (Boggle Supreme)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\BOGGLE~1\Install.log

GameHouse Games Collection: Bounce Out Blitz (Bounce Out Blitz)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\BOUNCE~1\Install.log

(Branding)

Cake Mania (Cake Mania_is1)
install location: C:\Program Files\Cake Mania\
uninstall cmd: "C:\Program Files\Cake Mania\unins000.exe"

Carnival Cruise Lines Tycoon 2005 - Island Hopping (Carnival Cruise Lines Tycoon 2005 - Island Hopping)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"c:\program files\games\cruise tycoon\Uninst.isu"

Cash Cow (remove only) (Cash Cow)
uninstall cmd: C:\Program Files\Games\Cash Cow\Uninstall.exe

GameHouse Games Collection: Casino Island To Go (Casino Island To Go)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CASINO~1\Install.log

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

GameHouse Games Collection: Chainz (Chainz)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Chainz\Install.log

GameHouse Games Collection: Chainz 2 - Relinked (Chainz 2: Relinked)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CHAINZ~1\Install.log

GameHouse Games Collection: Charm Solitaire (Charm Solitaire)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CHARMS~1\Install.log

GameHouse Games Collection: Charm Tale (Charm Tale)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CHARMT~1\Install.log

Chicken Chase (remove only) (Chicken Chase)
uninstall cmd: C:\Program Files\Chicken Chase\Uninstall.exe

GameHouse Games Collection: Chicktionary (Chicktionary)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CHICKT~1\Install.log

GameHouse Games Collection: Chuzzle Deluxe (Chuzzle Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CHUZZL~1\Install.log

Ciao Bella (remove only) (Ciao Bella)
uninstall cmd: C:\Program Files\Ciao Bella\Uninstall.exe

Cinema Tycoon Gold (remove only) (Cinema Tycoon Gold)
uninstall cmd: C:\Program Files\Games\Cinema Tycoon Gold\Uninstall.exe

Conexant D110 MDC V.9x Modem (CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf

GameHouse Games Collection: Collapse! Crunch (Collapse! Crunch)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\COLLAP~1\Install.log

GameHouse Games Collection: Combo Chaos! (Combo Chaos!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\COMBOC~1\Install.log

(Connection Manager)

(CopyNow.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

Cradle of Rome (remove only) (Cradle of Rome)
uninstall cmd: C:\Program Files\Games\Cradle of Rome\Uninstall.exe

Crime Puzzle (Crime Puzzle)
uninstall cmd: C:\PROGRA~1\SHOCKW~1.COM\CRIMEP~1\UNWISE.EXE C:\PROGRA~1\SHOCKW~1.COM\CRIMEP~1\INSTALL.LOG

GameHouse Games Collection: Crystal Path (Crystal Path)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CRYSTA~1\Install.log

GameHouse Games Collection: Cubis Gold 2 (Cubis Gold 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\CUBISG~1\Install.log

(DataPlugin.dll)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

Delicious Deluxe (Delicious Deluxe)
uninstall cmd: C:\Program Files\Delicious Deluxe\Uninstal.exe

Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s

GameHouse Games Collection: Digby's Donuts (Digby's Donuts)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\DIGBY'~1\Install.log

GameHouse Games Collection: Diner Dash (Diner Dash)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\DINERD~1\Install.log

Diner Dash 2 (Diner Dash 2_is1)
install location: C:\Program Files\Diner Dash 2\
uninstall cmd: "C:\Program Files\Diner Dash 2\unins000.exe"

Diner Dash Flo on the Go (remove only) (Diner Dash Flo on the Go)
uninstall cmd: C:\Program Files\Diner Dash Flo on the Go\Uninstall.exe

(DirectAnimation)

(DirectDrawEx)

DirectX Media Runtime 5.1 (DirectXMediaRuntime)
uninstall cmd: RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DXM51.INF,Uninstall.NT

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

DNA (DNA_is1)
install date: 20070204
install location: C:\Program Files\Games\DNA\DNA\
uninstall cmd: "C:\Program Files\Games\DNA\DNA\ReflexiveArcade\unins000.exe"

Dream Day Wedding (Dream Day Wedding_is1)
install date: 20070210
install location: C:\Program Files\Games\Dream Day Wedding\
uninstall cmd: "C:\Program Files\Games\Dream Day Wedding\ReflexiveArcade\unins000.exe"

(DXM_Runtime)

EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan (EPSON Scanner)
uninstall cmd: C:\Program Files\epson\escndv\setup\setup.exe /r

Fairy Treasure (remove only) (Fairy Treasure)
uninstall cmd: C:\Program Files\Games\Fairy Treasure\Uninstall.exe

GameHouse Games Collection: Feeding Frenzy (Feeding Frenzy)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FEEDIN~1\Install.log

GameHouse Games Collection: Fiber Twig (Fiber Twig)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FIBERT~1\Install.log

GameHouse Games Collection: Five Card Deluxe (Five Card Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FIVECA~1\Install.log

GameHouse Games Collection: Flip Words (Flip Words)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FLIPWO~1\Install.log

GameHouse Games Collection: Flying Leo (Flying Leo)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FLYING~1\Install.log

(Fontcore)

GameHouse Games Collection: Fortune Tiles Gold (Fortune Tiles Gold)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FORTUN~1\Install.log

Four Houses (remove only) (Four Houses)
uninstall cmd: C:\Program Files\Games\Four Houses\Uninstall.exe

GameHouse Games Collection: Fresco Wizard (Fresco Wizard)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\FRESCO~1\Install.log

GameHouse Games Collection: GameHouse Sudoku (GameHouse Sudoku)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\GAMEHO~1\Install.log

GameHouse Games Collection: Gearz (Gearz)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Gearz\Install.log

GameHouse Games Collection: Granny in Paradise (Granny in Paradise)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\GRANNY~1\Install.log

GameHouse Games Collection: Gutterball (Gutterball)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\GUTTER~1\Install.log

GameHouse Games Collection: Gutterball 2 (Gutterball 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\GUTTER~2\Install.log

GameHouse Games Collection: Hamsterball (Hamsterball)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\HAMSTE~1\Install.log

GameHouse Games Collection: Hello! (Hello!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Hello!\Install.log

Hide And Secret (Hide And Secret)
uninstall cmd: "C:\WINDOWS\Hide And Secret\uninstall.exe" "/U:C:\Program Files\Games\Uninstall\uninstall.xml"
contact: Support Department

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Katherine Sims\Desktop\hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

GameHouse Games Collection: Holiday Express (Holiday Express)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\HOLIDA~1\Install.log

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20061210
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20061107.210142 (ie7)
install date: 20061210
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

GameHouse Games Collection: Iggle Pop! (Iggle Pop!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\IGGLEP~1\Install.log

GameHouse Games Collection: Incadia (Incadia)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Incadia\Install.log

GameHouse Games Collection: Incredible Ink (Incredible Ink)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\INCRED~1\Install.log

GameHouse Games Collection: Insaniquarium Deluxe (Insaniquarium Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\INSANI~1\Install.log

GameHouse Games Collection: Inspector Parker (Inspector Parker)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\INSPEC~1\Install.log

(InstallShield Uninstall Information)

GameHouse Games Collection: Invadazoid (Invadazoid)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\INVADA~1\Install.log

GameHouse Games Collection: Jewel Quest (Jewel Quest)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\JEWELQ~1\Install.log

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=834707

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=883939

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888302

Windows XP Hotfix - KB888310 20041027.095746 (KB888310)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888310

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890046

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890859

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=891781

Windows XP Hotfix - KB892627 20050201.181426 (KB892627)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=892627

Windows XP Hotfix - KB893056 20050126.164313 (KB893056)
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893056

Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893066

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893086

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=894391

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896428

Security Update for Windows XP (KB896688) 1 (KB896688)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896688

Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896727

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050629
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=898461

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899587

Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899588

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050810
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899591

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060427
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901017

Security Update for Windows XP (KB901190) 1 (KB901190)
install date: 20060629
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901190

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901214

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=902400

Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=903235

Security Update for Windows XP (KB904706) 1 (KB904706)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=904706

Update for Windows XP (KB904942) 2 (KB904942)
install date: 20061210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=904942

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20051015
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20051215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905915

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060111
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=908519

Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060418
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=908531

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20051215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=910437

Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060418
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=911562

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=911564

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060418
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=911567

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060418
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060106
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=913446

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060510
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=914389

Hotfix for Windows XP (KB914440) 12 (KB914440)
install date: 20061210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=914440

Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20061210
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=915865

Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=916281

Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=917159

Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=917344

Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=917422

Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=917734

Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=917953

Security Update for Windows XP (KB918118) 1 (KB918118)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=918118

Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=918439

Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=918899

Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=919007

Security Update for Windows XP (KB920213) 1 (KB920213)
install date: 20061117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920213

Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920214

Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920670

Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920683

Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920685

Update for Windows XP (KB920872) 1 (KB920872)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=920872

Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=921398

Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060809
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=921883

Update for Windows XP (KB922582) 1 (KB922582)
install date: 20060914
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=922582

Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=922616

Security Update for Windows XP (KB922760) 1 (KB922760)
install date: 20061117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=922760

Security Update for Windows XP (KB922819) 1 (KB922819)
install date: 20061011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=922819

Security Update for Windows XP (KB923191) 1 (KB923191)
install date: 20061011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923191

Security Update for Windows XP (KB923414) 1 (KB923414)
install date: 20061011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923414

Security Update for Windows XP (KB923689) (KB923689)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923689

Security Update for Windows XP (KB923694) 1 (KB923694)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923694

Security Update for Step By Step Interactive Training (KB923723) 20050502.101010 (KB923723)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/923723

Security Update for Windows XP (KB923980) 1 (KB923980)
install date: 20061117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=923980

Security Update for Windows XP (KB924191) 1 (KB924191)
install date: 20061011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=924191

Security Update for Windows XP (KB924270) 1 (KB924270)
install date: 20061117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=924270

Security Update for Windows XP (KB924496) 1 (KB924496)
install date: 20061011
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=924496

Security Update for Windows XP (KB924667) 1 (KB924667)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=924667

Security Update for Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...om/?kbid=925398

Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20060927
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=925486

Security Update for Windows XP (KB925902) 1 (KB925902)
install date: 20070404
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=925902

Security Update for Windows XP (KB926255) 1 (KB926255)
install date: 20061213
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=926255

Security Update for Windows XP (KB926436) 1 (KB926436)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=926436

Security Update for Windows XP (KB927779) 1 (KB927779)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=927779

Security Update for Windows XP (KB927802) 1 (KB927802)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=927802

Security Update for Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
install date: 20070216
uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=928090

Security Update for Windows XP (KB928255) 1 (KB928255)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=928255

Security Update for Windows XP (KB928843) 1 (KB928843)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=928843

Update for Windows XP (KB929338) 1 (KB929338)
install date: 20070316
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=929338

Security Update for Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
install date: 20070112
uninstall cmd: "C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=929969

Security Update for Windows XP (KB930178) 1 (KB930178)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=930178

Update for Windows XP (KB930916) 1 (KB930916)
install date: 20070512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=930916

Security Update for Windows XP (KB931261) 1 (KB931261)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931261

Security Update for Windows Internet Explorer 7 (KB931768) 1 (KB931768-IE7)
install date: 20070512
uninstall cmd: "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931768

Security Update for Windows XP (KB931784) 1 (KB931784)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931784

Update for Windows XP (KB931836) 1 (KB931836)
install date: 20070216
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931836

Security Update for CAPICOM (KB931906) 2.1.0.2 (KB931906)
uninstall cmd: MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=931906

Security Update for Windows XP (KB932168) 1 (KB932168)
install date: 20070411
uninstall cmd: "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=932168

Kudos (remove only) (Kudos)
uninstall cmd: "C:\Program Files\Yahoo! Games\Kudos\Uninstall.exe"

GameHouse Games Collection: Lemonade Tycoon (Lemonade Tycoon)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\LEMONA~1\Install.log

Logitech Resource Center (Logitech Resource Center)
uninstall cmd: C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG

GameHouse Games Collection: Luxor (Luxor)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Luxor\Install.log

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

GameHouse Games Collection: Mad Caps (Mad Caps)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MADCAP~1\Install.log

Magic Academy (remove only) (Magic Academy)
uninstall cmd: C:\Program Files\Games\Magic Academy\Uninstall.exe

GameHouse Games Collection: Magic Ball 2 (Magic Ball 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAGICB~2\Install.log

GameHouse Games Collection: Magic Ball 2 - New Worlds (Magic Ball 2 - New Worlds)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAGICB~3\Install.log

GameHouse Games Collection: Magic Ball (Magic Ball Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAGICB~1\Install.log

GameHouse Games Collection: Magic Inlay (Magic Inlay)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAGICI~1\Install.log

GameHouse Games Collection: Magic Vines (Magic Vines)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAGICV~1\Install.log

GameHouse Games Collection: Mah Jong Adventures (Mah Jong Adventures)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAHJON~1\Install.log

GameHouse Games Collection: Mah Jong Medley (Mah Jong Medley)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAHJON~2\Install.log

GameHouse Games Collection: Mah Jong Quest (Mah Jong Quest)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAHJON~3\Install.log

Mahjong Escape Ancient Japan (remove only) (Mahjong Escape Ancient Japan)
uninstall cmd: C:\Program Files\Games\Mahjong Escape\Mahjong Escape Ancient Japan\Uninstall.exe

GameHouse Games Collection: Mahjong Garden To Go (Mahjong Garden To Go)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAHJON~4\Install.log

GameHouse Games Collection: Mahjong Towers Eternity (Mahjong Towers Eternity)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MA32CC~1\Install.log

Mall Tycoon 2 1.00 (Mall Tycoon 2)
uninstall cmd: C:\WINDOWS\Mall Tycoon 2 Uninstaller.exe
publisher: Global Star Software

GameHouse Games Collection: Maui Wowee (Maui Wowee)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\MAUIWO~1\Install.log

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

Microsoft Minesweeper for Palm-size PC (Remove Only) (Microsoft Minesweeper for Palm-size PC)
uninstall cmd: C:\WINDOWS\uninst.exe -f.\Minesweeper\DeIsL1.isu

(MobileOptionPack)

Move Networks Player for Internet Explorer (Move Networks Player_is1)
install date: 20070429
install location: C:\Documents and Settings\Katherine Sims\Application Data\Move Networks\ie_bin\
uninstall cmd: "C:\Documents and Settings\Katherine Sims\Application Data\Move Networks\ie_bin\unins000.exe"
publisher: Move Networks
help link: http://www.movenetworks.com

(MPlayer2)

(MSC)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

Mystery Case Files - Prime Suspects (remove only) (Mystery Case Files - Prime Suspects)
uninstall cmd: C:\Program Files\Mystery Case Files - Prime Suspects\Uninstall.exe

Mystery Case Files - Ravenhearst (remove only) (Mystery Case Files - Ravenhearst)
uninstall cmd: C:\Program Files\Mystery Case Files - Ravenhearst\Uninstall.exe

Mystery Solitaire - Secret Island (remove only) (Mystery Solitaire - Secret Island)
uninstall cmd: C:\Program Files\Mystery Solitaire - Secret Island\Uninstall.exe

Mysteryville (Mysteryville)
uninstall cmd: "C:\WINDOWS\Mysteryville\uninstall.exe" "/U:C:\Program Files\Games\Uninstall\uninstall.xml"
contact: Support Department

(NetMeeting)

NingPo MahJong Deluxe 1.04 (NingPo MahJong Deluxe 1.04)
uninstall cmd: C:\Program Files\Games\UnGins.exe "C:\Program Files\Games\install.log"

Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20061210
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Oregon Trail II (Oregon Trail II)
uninstall cmd: C:\WINDOWS\uninst.exe -f"c:\program files\games\oregon trail\Oregon Trail II\DeIsL1.isu"

(OutlookExpress)

Panda ActiveScan (Panda ActiveScan)
uninstall cmd: C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
publisher: Panda Software S.L.

NevoSoft Pantheon (remove only) (pantheon)
uninstall cmd: "C:\Program Files\Pantheon\uninstall.exe"

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

GameHouse Games Collection: Phlinx To Go (Phlinx To Go)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PHLINX~1\Install.log

PhotoStreamer 2 (PhotoStreamer 2)
uninstall cmd: "C:\Documents and Settings\All Users\Application Data\{F139F51A-D9BA-4FC7-B3D2-6E4C3A345A8A}\PhotoStreamer2Setup.exe" REMOVE=TRUE MODIFY=FALSE
publisher: PhotoWorks, Inc.
comments: Copyright 2005-2006 All rights reserved
contact: CustomerCare@photoworks.com
help link: http://www.photoworks.com/

GameHouse Games Collection: Pin High Country Club Golf (Pin High Country Club Golf)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PINHIG~1\Install.log

GameHouse Games Collection: Pizza Frenzy (Pizza Frenzy)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PIZZAF~1\Install.log

GameHouse Games Collection: Platypus (Platypus)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Platypus\Install.log

GameHouse Games Collection: Poker Superstars (Poker Superstars)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\POKERS~1\Install.log

Intel® PROSet/Wireless Software 9.00.0000 (ProInst)
install location: C:\WINDOWS\Installer\iProInst.exe
uninstall cmd: C:\WINDOWS\Installer\iProInst.exe
publisher: Intel Corporation
comments: Intel® PROSet/Wireless installation package
contact: Dell Customer Support
help link: http://support.dell.com

GameHouse Games Collection: Puzzle Express (Puzzle Express)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PUZZLE~2\Install.log

GameHouse Games Collection: Puzzle Inlay (Puzzle Inlay)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PUZZLE~1\Install.log

GameHouse Games Collection: Puzzle Solitaire (Puzzle Solitaire)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\PUZZLE~3\Install.log

GameHouse Games Collection: QBz (QBz)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\QBz\Install.log

QuickTime (QuickTime)
uninstall cmd: C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log

GameHouse Games Collection: Reader's Digest Super Word Power (Reader's Digest Super Word Power)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\READER~1\Install.log

RealPlayer Basic (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0

Uniblue Registry Booster (Registry Booster_is1)
install location: C:\Documents and Settings\All Users\Desktop\Registry Booster\
uninstall cmd: "C:\Documents and Settings\All Users\Desktop\Registry Booster\unins000.exe"
publisher: Uniblue

GameHouse Games Collection: Ricochet (Ricochet)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Ricochet\Install.log

GameHouse Games Collection: Ricochet Lost Worlds (Ricochet Lost Worlds)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\RICOCH~1\Install.log

GameHouse Games Collection: Ricochet Lost Worlds - Recharged (Ricochet Lost Worlds: Recharged)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\RICOCH~2\Install.log

GameHouse Games Collection: Roller Rush (Roller Rush)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ROLLER~1\Install.log

GameHouse Games Collection: Saints & Sinners Bingo (Saints & Sinners Bingo)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SAINTS~1\Install.log

Sandlot Games Client Services (Sandlot Games Client Services_is1)
install location: C:\Program Files\Common Files\Sandlot Shared\
uninstall cmd: "C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
publisher: Sandlot Games
help link: http://www.sandlotgames.com

(SchedulingAgent)

GameHouse Games Collection: SCRABBLE (SCRABBLE)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SCRABBLE\Install.log

Seven Seas Deluxe 1.13 (Seven Seas Deluxe 1.13)
uninstall cmd: C:\Program Files\PopCap Games\Seven Seas Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\Seven Seas Deluxe\Install.log

GameHouse Games Collection: Shape Shifter (Shape Shifter)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SHAPES~1\Install.log

(Shockwave)

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems
help link: http://www.adobe.com...player_support/

(Silent Package Run-Time Sample)

Secure Game Player (SkillJam SecurePlayer)
uninstall cmd: C:\Program Files\SkillJam Technologies\Secure Player\Uninstall.exe

GameHouse Games Collection: Slingo Deluxe (Slingo Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SLINGO~1\Install.log

GameHouse Games Collection: Spelvin (Spelvin)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Spelvin\Install.log

GameHouse Games Collection: Splash (Splash)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\Splash\Install.log

GameHouse Games Collection: Spring Sprang Sprung (Spring Sprang Sprung)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SPRING~1\Install.log

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot\
uninstall cmd: "C:\Program Files\Spybot\unins000.exe"
publisher: Safer Networking Limited

Stand O`Food (remove only) (Stand O`Food)
uninstall cmd: C:\Program Files\Stand O`Food\Uninstall.exe

Stone-Jong (remove only) (Stone-Jong)
uninstall cmd: C:\Program Files\Games\Stone-Jong\Uninstall.exe

GameHouse Games Collection: Super 5-Line Slots (Super 5-Line Slots)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPER5~1\Install.log

GameHouse Games Collection: Super Blackjack! (Super Blackjack!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERB~1\Install.log

GameHouse Games Collection: Super Bounce Out! (Super Bounce Out!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERB~2\Install.log

GameHouse Games Collection: Super Candy Cruncher (Super Candy Cruncher)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERC~1\Install.log

GameHouse Games Collection: Super Collapse! (Super Collapse!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERC~2\Install.log

GameHouse Games Collection: Super Collapse! II (Super Collapse! II)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERC~3\Install.log

GameHouse Games Collection: Super Collapse! II Platinum (Super Collapse! II Platinum)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERC~4\Install.log

GameHouse Games Collection: Super Fruit Frolic (Super Fruit Frolic)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERF~1\Install.log

GameHouse Games Collection: Super GameHouse Solitaire Vol. 1 (Super GameHouse Solitaire Vol. 1)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERG~1.1\Install.log

GameHouse Games Collection: Super GameHouse Solitaire Vol. 2 (Super GameHouse Solitaire Vol. 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERG~1.2\Install.log

GameHouse Games Collection: Super GameHouse Solitaire Vol. 3 (Super GameHouse Solitaire Vol. 3)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERG~1.3\Install.log

GameHouse Games Collection: Super Gem Drop (Super Gem Drop)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERG~1\Install.log

GameHouse Games Collection: Super Glinx! (Super Glinx!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERG~2\Install.log

GameHouse Games Collection: Super Letter Linker (Super Letter Linker)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERL~1\Install.log

GameHouse Games Collection: Super Mah Jong Solitaire (Super Mah Jong Solitaire)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERM~1\Install.log

GameHouse Games Collection: Super Nisqually (Super Nisqually)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERN~1\Install.log

GameHouse Games Collection: Super PileUp! (Super PileUp!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERP~1\Install.log

GameHouse Games Collection: Super Pool (Super Pool)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERP~2\Install.log

GameHouse Games Collection: Super Pop & Drop! (Super Pop & Drop!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERP~3\Install.log

GameHouse Games Collection: Super Rumble Cube (Super Rumble Cube)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERR~1\Install.log

GameHouse Games Collection: Super SpongeBob Collapse! (Super SpongeBob Collapse!)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERS~1\Install.log

GameHouse Games Collection: Super TextTwist (Super TextTwist)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERT~1\Install.log

GameHouse Games Collection: Super WHATword (Super WHATword)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERW~1\Install.log

GameHouse Games Collection: Super Wild Wild Words (Super Wild Wild Words)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\SUPERW~2\Install.log

GameHouse Games Collection: Tap a Jam (Tap a Jam)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TAPAJA~1\Install.log

GameHouse Games Collection: Ten Pin Championship Bowling Pro (Ten Pin Championship Bowling Pro)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TENPIN~1\Install.log

GameHouse Games Collection: Tennis Titans (Tennis Titans)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TENNIS~1\Install.log

TipTop Deluxe 1.1 (TipTop Deluxe 1.1)
uninstall cmd: C:\Program Files\PopCap Games\TipTop Deluxe\PopUninstall.exe C:\Program Files\PopCap Games\TipTop Deluxe\Install.log

GameHouse Games Collection: Tradewinds 2 (Tradewinds 2)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TRADEW~1\Install.log

GameHouse Games Collection: Trivia Machine (Trivia Machine)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TRIVIA~1\Install.log

GameHouse Games Collection: Tropical Swaps (Tropical Swaps)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TROPIC~1\Install.log

GameHouse Games Collection: Tumblebugs (Tumblebugs)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TUMBLE~1\Install.log

GameHouse Games Collection: Turtle Bay (Turtle Bay)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TURTLE~1\Install.log

GameHouse Games Collection: Twistingo (Twistingo)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\TWISTI~1\Install.log

GameHouse Games Collection: Ultimate Dominoes (Ultimate Dominoes)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ULTIMA~1\Install.log

GameHouse Games Collection: Varmintz Deluxe (Varmintz Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\VARMIN~1\Install.log

Viewpoint Media Player (ViewpointMediaPlayer)
uninstall cmd: C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

Virtual Villagers (remove only) (Virtual Villagers)
uninstall cmd: C:\Program Files\Virtual Villagers\Uninstall.exe

GameHouse Games Collection: Walls of Jericho, The (Walls of Jericho, The)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\WALLSO~1\Install.log

Windows Genuine Advantage Notifications (KB905474) 1.5.0540.0 (WgaNotify)
install date: 20060727
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=905474

GameHouse Games Collection: Wheel of Fortune (Wheel of Fortune)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\WHEELO~1\Install.log

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinISO 5.3 (WinISO_is1)
uninstall cmd: "C:\Program Files\WinISO\unins000.exe"
publisher: WinISO Computing Inc.
help link: http://www.winiso.com

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

GameHouse Games Collection: Word Jolt (Word Jolt)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\WORDJO~1\Install.log

GameHouse Games Collection: Word Slinger (Word Slinger)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\WORDSL~1\Install.log

GameHouse Games Collection: WordJong To Go (WordJong To Go)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\WORDJO~2\Install.log

Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe

Yahoo! Toolbar (Yahoo! Toolbar)

Zoo Tycoon 2 1.0 (Zoo Tycoon 2)
version (major): 1
install location: C:\Program Files\Microsoft Games\Zoo Tycoon 2
uninstall cmd: "C:\Program Files\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE" /runtemp /uninstall
publisher: Microsoft
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Games\Zoo Tycoon 2\Readme.rtf

Zoo Tycoon 2 Patch (Zoo Tycoon 2 Patch)
uninstall cmd: "C:\Program Files\Microsoft Games\Zoo Tycoon 2\UNINSTPA.EXE" /runtemp /uninstall

Zoo Vet (remove only) (Zoo Vet)
uninstall cmd: "C:\Program Files\Legacy Interactive\Zoo Vet\Uninstall.exe"

GameHouse Games Collection: Zuma Deluxe (Zuma Deluxe)
uninstall cmd: C:\PROGRA~1\Games\GAMEHO~2\unwise.exe /U C:\PROGRA~1\Games\GAMEHO~2\ZUMADE~1\Install.log

Macromedia Flash Player 7.0.19.0 ({0456ebd7-5f67-4ab6-852e-63781e3f389c})
version: 117440531
version (major): 7
install date: 20050606
uninstall cmd: MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
publisher: Macromedia, Inc.

mSSO 1.19.0000 ({06BE8AFD-A8E2-4B63-BAE7-287016D16ACB})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 204
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Sonic RecordNow Data 2.0.0 ({075473F5-846A-448B-BCB3-104AA1760205})
version: 33554432
version (major): 2
install date: 20050606
uninstall cmd: MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
publisher: Sonic Solutions

Crazy Machines 1.14 ({09D4F215-8960-4E0E-A2CC-C5A062113503})
version: 17694720
install date: 20070419
install location: C:\Program Files\Games
install source: C:\Documents and Settings\Katherine Sims\Desktop\Games\Crazy Machines\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09D4F215-8960-4E0E-A2CC-C5A062113503}\SETUP.exe" -l0x9 -removeonly
publisher: FAKT Software GmbH

mLogView 1.19.0000 ({0E2B0B41-7E08-4F9F-B21F-41C4133F43B7})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 480
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Microsoft Plus! Photo Story 2 LE 1.1.0.3463 ({0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B})
version: 16842752
version (major): 1
version (minor): 1
install date: 20050606
uninstall cmd: MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
publisher: Microsoft Corporation
readme: C:\Program Files\Microsoft Plus! Photo Story 2 LE\Readme.htm

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20070512
install source: C:\WINDOWS\TEMP\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

Qualxserve Service Agreement 1.10.0000 ({0F756CD9-4A1E-409B-B101-601DDC4C03AA})
version: 17432576
version (major): 1
version (minor): 10
install date: 20050606
uninstall cmd: MsiExec.exe /X{0F756CD9-4A1E-409B-B101-601DDC4C03AA}
publisher: Dell
comments: Go to http://support.dell.com.
contact: Dell Support
help link: http://support.dell.com
help telephone: 0

Sonic DLA 4.95 ({1206EF92-2E83-4859-ACCB-2048C3CB7DA6})
version: 73334784
version (major): 4
version (minor): 95
install date: 20050606
uninstall cmd: MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
publisher: Sonic Solutions
help link: http://support.sonic.com/

HP Software Update 3.0.5.001 ({15EE79F4-4ED1-4267-9B0F-351009325D7D})
version: 50331653
version (major): 3
estimated size: 3882
install date: 20051014
install source: C:\WINDOWS\Hewlett-Packard\Setup Files\HP Software Update\{BB4EE741-CA46-4345-A3B7-1AECBFAB0AFE}\
uninstall cmd: MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
publisher: HEWLET~1|Hewlett-Packard
contact: http://www.hp.com/support

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

Internal Network Card Power Management 1.7.0 ({1F528948-0E80-4C96-B455-DE4167CB1DF7})
version: 17235968
install location: C:\Program Files\Dell\NicConfigSvc
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

mProSafe 9.00.0000 ({23FB368F-1399-4EAC-817C-4B83ECBE3D83})
version: 150994944
version (major): 9
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

Dell Media Experience ({2637C347-9DAD-11D6-9EA2-00055D0CA761})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall

Sonic Update Manager 3.0.0 ({30465B6C-B53F-49A1-9EBA-A3F187AD502E})
version: 50331648
version (major): 3
install date: 20050606
uninstall cmd: MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
publisher: Sonic Solutions

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 148501
install date: 20060815
install source: http://jdl.sun.com/w.../windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

J2SE Runtime Environment 5.0 Update 9 1.5.0.90 ({3248F0A8-6813-11D6-A77B-00B0D0150090})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 149061
install date: 20061110
install source: http://jdl.sun.com/w.../windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_09\README.txt

Java™ SE Runtime Environment 6 Update 1 1.6.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0160010})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 163726
install date: 20070501
install source: http://javadl.sun.co...6/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_01\README.txt

Windows Media Player 10 9.00.3636 ({33BB4982-DC52-4886-A03B-F4C5C80BEE89})
version: 150998580
version (major): 9
install date: 20050606
uninstall cmd: MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
publisher: Microsoft Corporation
help link: http://go.microsoft....nk/?LinkId=9647

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2456
install date: 20040810
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

Internet Explorer Default Page 1.00.03 ({35BDEFF1-A610-4956-A00D-15453C116395})
version: 16777219
version (major): 1
install date: 20050606
uninstall cmd: MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
publisher: Dell Inc.
comments: Your Comments
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 0

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061118
install source: c:\be61b66c81c2ea5936dd31ce1dd5c0\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

mIWA 1.19.0000 ({3E9D596A-61D4-4239-BD19-2DB984D2A16F})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 673
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Jasc Paint Shop Photo Album 5 5.21 ({4192EAC0-6B36-4723-B216-D0E86E7757AC})
version: 85262336
version (major): 5
version (minor): 21
install date: 20050606
uninstall cmd: MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
publisher: Jasc Software, Inc.
comments:
contact: Customer Support Department
help link: http://www.jasc.com
help telephone: (952) 930 - 9171
readme: readme.html

mHlpDell 1.19.0000 ({49D687E5-6784-431B-A0A2-2F23B8CC5A1B})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 236
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
publisher: Intel
comments: Help Files
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

Logitech MouseWare 9.79 ({5809E7CF-4DCF-11D4-9875-00105ACE7734})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL

Dell Driver Reset Tool 1.02.0000 ({5905F42D-3F5F-4916-ADA6-94A3646AEE76})
version: 16908288
version (major): 1
version (minor): 2
install date: 20050606
uninstall cmd: MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
publisher: Dell Inc.
comments:
contact: Customer Support Department
help link: http://support.dell.com
help telephone:

({62369F2F77534556AEF4C58152E3BDE5})

AOLIcon 1.00.0000 ({62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C})
version: 16777216
version (major): 1
install date: 20050606
install source: C:\dell\KC999\
uninstall cmd: MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
publisher: Dell
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

PowerDVD 5.5 ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

mCore 1.19.0000 ({6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 2919
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Microsoft Plus! Digital Media Edition Installer 1.1.0.3514 ({6E45BA47-383C-4C1E-8ED0-0D4845C293D7})
version: 16842752
version (major): 1
version (minor): 1
install date: 20050606
uninstall cmd: MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
publisher: Microsoft Corporation

mIWCA 1.19.0000 ({6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 276
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Java 2 Runtime Environment, SE v1.4.2_03 1.4.2_03 ({7148F0A8-6813-11D6-A77B-00B0D0142030})
version (major): 1
version (minor): 4
estimated size: 139992
install date: 20050606
install source: C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

RollerCoaster Tycoon 2 ({72DF62BD-FF36-424E-AA5F-D89BAFF2C249})
install location: C:\Program Files\games\RollerCoaster Tycoon 2\Roller Coaster Tycoon II
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\Setup.exe" -l0x9

Dell System Restore 2.00.0000 ({74F7662C-B1DB-489E-A8AC-07A06B24978B})
version: 33554432
version (major): 2
install date: 20050606
publisher: Dell Inc.
comments: N/A
contact: Customer Support Department
help link: http://support.dell.com
help telephone: 1-800-624-9896

DivX 6.0.3 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivXNetworks, Inc.

MSN Search Toolbar 02.05.0000.1082 ({7D1DCBBA-F6F5-42B4-B90B-F04ACE4DFD6C})
version: 33882112
version (major): 2
version (minor): 5
estimated size: 27332
install date: 20051011
install source: C:\Documents and Settings\All Users\Application Data\MSN Search Toolbar2.05.0000.1082\en-us\
uninstall cmd: MsiExec.exe /X{7D1DCBBA-F6F5-42B4-B90B-F04ACE4DFD6C}
publisher: Microsoft Corporation

DellSupport 6.0.3062 ({7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D})
version: 100666358
version (major): 6
estimated size: 15145
install date: 20070409
install location: C:\Program Files\DellSupport\
install source: C:\DOCUME~1\KATHER~1\LOCALS~1\Temp\gacE8.tmp.dir\Release_01_3062\
uninstall cmd: MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
publisher: Dell
comments: .
contact: .
help link: http://support.dell....ment?dn=1091989
help telephone: .

EPSON Web-To-Page ({7F14F68C-17FA-4F88-B3FD-7F449C1EBF32})
install location: C:\Program Files\EPSON\EPSON Web-To-Page
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\setup.exe" -l0x9 -anything

Inspector-Parker ({82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110002467})
install date: 12/08/2005
install location: C:\Program Files\MSN Games\Inspector-Parker
install source: C:\DOCUME~1\KATHER~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\WPABOT27
uninstall cmd: "C:\Program Files\MSN Games\Inspector-Parker\Uninstall.exe" "C:\Program Files\MSN Games\Inspector-Parker\install.log"
publisher: Oberon Media

Musicmatch® Jukebox 10.00.3030 ({85D3CC30-8859-481A-9654-FD9B74310BEF})
version: 167775190
install location: C:\Program Files\Musicmatch\Musicmatch Jukebox
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst

({8ADFC4160D694100B5B8A22DE9DCABD9})

mPfMgr 1.19.0000 ({8B928BA1-EDEC-4227-A2DA-DD83026C36F5})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 724
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Microsoft Office Professional Edition 2003 11.0.7969.0 ({90110409-6000-11D3-8CFE-0150048383C9})
version: 184557345
version (major): 11
estimated size: 750191
install date: 20070512
install source: C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1033\OFREADME.HTM

mPfWiz 1.19.0000 ({90B0D222-8C21-4B35-9262-53B042F18AF9})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 528
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

mZConfig 1.19.0000 ({94658027-9F16-4509-BBD7-A59FE57C3023})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 461
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

({99EDC7BF-A8F6-4986-8D9E-042979AEB80A})

mXML 1.19.0000 ({9CC89556-3578-48DD-8408-04E66EBEF401})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 28912
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

ALPS Touch Pad Driver ({9F72EF8B-AEC9-4CA5-B483-143980AFD6FD})
uninstall cmd: C:\Program Files\Apoint\Uninstap.exe ADDREMOVE

MSXML 4.0 SP2 (KB925672) 4.20.9839.0 ({A9CF9052-F4A0-475D-A00F-A8388C62DD63})
version: 68429423
version (major): 4
version (minor): 20
estimated size: 2617
install date: 20061018
install source: c:\58c9963cf7574e5b5e\
uninstall cmd: MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/925672

Sonic RecordNow Audio 2.0.0 ({AB708C9B-97C8-4AC9-899B-DBF226AC9382})
version: 33554432
version (major): 2
install date: 20050606
uninstall cmd: MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
publisher: Sonic Solutions

Adobe Reader 7.0.8 7.0.8 ({AC76BA86-7AD7-1033-7B44-A70000000000})
version: 117440520
version (major): 7
estimated size: 60831
install date: 20061209
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

Adobe Reader 7.0.5 Language Support 7.0.5 ({AC76BA86-7AD7-5464-3428-7050000000A7})
version: 117440517
version (major): 7
estimated size: 34373
install date: 20061210
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\SpellingDictionary\{E54EF49D-FCD5-4B3E-97B9-128D247834E1}\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
publisher: Adobe Systems
comments: This is a placeholder for ARP comments for Spelling Dictionaries for Adobe Reader 7.0
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone: 1-800-833-6687

Dell Picture Studio v3.0 3.0.0 ({AF06CAE4-C134-44B1-B699-14FBDB63BD37})
version: 50331648
version (major): 3
install date: 20050606
install location: C:\Program Files\Dell Inc.\Dell Picture Studio v3.0\
uninstall cmd: MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37}
publisher: Jasc Software, Inc.
comments:
contact:
help link: http://www.jasc.com
help telephone: (952) 930 - 9171

Sonic RecordNow Copy 2.0.0 ({B12665F4-4E93-4AB4-B7FC-37053B524629})
version: 33554432
version (major): 2
install date: 20050606
uninstall cmd: MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
publisher: Sonic Solutions

({B13A7C41581B411290FBC0395694E2A9})

ER 1.00.0000 ({C154CE55-1AEC-4917-B888-DFD22186E737})
version: 16777216
install date: 20061203
install location: C:\Program Files\Legacy Interactive
install source: C:\Program Files\Games\ER-Reloaded\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C154CE55-1AEC-4917-B888-DFD22186E737}\setup.exe" -l0x9 -removeonly
publisher: Legacy Interactive

QuickSet 3.9.4 ({C5074CC4-0E26-4716-A307-960272A90040})
version: 50921476
install location: C:\Program Files\Dell\QuickSet
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4 - ALL

mToolkit 1.19.0000 ({CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 340
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
publisher: Intel Corporation
comments: Toolkit Iinstallation
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 60747
install date: 20050620
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

MSN Messenger 7.5 7.5.0322.0 ({CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5})
version: 117768514
version (major): 7
version (minor): 5
estimated size: 148994
install date: 20060121
install source: C:\DOCUME~1\KATHER~1\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
publisher: Microsoft Corporation

EPSON PhotoCenter ({D21553E9-2EC5-4E8C-AB71-07AC07D50BBC})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D21553E9-2EC5-4E8C-AB71-07AC07D50BBC}\setup.exe" -l0x9 anything

({DCD74B0E-603A-4B71-B701-FA32DA69CABD})

PhotoStreamer 2 1.0.10 ({E0F1D3B6-F50E-49AE-A942-FFDFFA16F9A9})
version: 16777226
version (major): 1
estimated size: 1696
install date: 20070114
install source: C:\DOCUME~1\KATHER~1\LOCALS~1\Temp\mia1\
publisher: PhotoWorks

Digital Line Detect 1.14 ({E646DCF0-5A68-11D5-B229-002078017FBF})
version (major): 1
version (minor): 14
install location: C:\Program Files\Digital Line Detect
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
publisher: BVRP Software, Inc

Musicmatch for Windows Media Player 0.00.000 ({E93E5EF6-D361-481E-849D-F16EF5C78EBC})
install location: C:\Program Files\Musicmatch\MUSICMATCH Music Services
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}\setup.exe" -l0x9 remove

mMHouse 1.19.0000 ({F0BFC7EF-9CF8-44EE-91B0-158884CD87C5})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 1646
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

mDrWiFi 1.19.0000 ({F6090A17-0967-4A8A-B3C3-422A1B514D49})
version: 18022400
version (major): 1
version (minor): 19
estimated size: 274
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
publisher: Intel Corporation
comments: Your Comments
contact: Customer Support Department
help link: http://www.intel.com/support
help telephone: +1 (800) 538-3373

HP Deskjet 3740 1.00.0000 ({F901CA6D-A074-42D3-A11D-33AAE6FFD0C1})
version: 16777216
version (major): 1
estimated size: 37315
install date: 20050713
install source: D:\
uninstall cmd: msiexec /x{F901CA6D-A074-42D3-A11D-33AAE6FFD0C1}
publisher: Hewlett-Packard

mWlsSafe 9.00.0000 ({FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4})
version: 150994944
version (major): 9
install date: 20050606
install source: C:\WINDOWS\Installer\iprodata\
uninstall cmd: MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
publisher: Intel
comments: Pseudo NCS Install
contact: Customer Support Department
help link: http://www.intel.com
help telephone: 1-555-555-4505

({{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}})



--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Display name: abp480n5
Image path: \SystemRoot\system32\DRIVERS\ABP480N5.SYS
Start: 4
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: A10C7534F7223F4A73A948967D00E69B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Display name: adpu160m
Image path: \SystemRoot\system32\DRIVERS\adpu160m.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 1EE7B434BA961EF845DE136224C30FEC
Start: 3
Type: 1
Error Control: 1

Service (registry key): AegisP
Display name: AEGIS Protocol (IEEE 802.1x) v3.1.0.1
Description: AEGIS Protocol (IEEE 802.1x) v3.1.0.1
Image path: system32\DRIVERS\AegisP.sys
Image size: 17056
Image MD5: 076394A345EE5E9E3911FC0F058F4F38
Start: 2
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Intel AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\agp440.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): agpCPQ
Display name: Compaq AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\agpCPQ.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Aha154x
Display name: Aha154x
Image path: \SystemRoot\system32\DRIVERS\aha154x.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Display name: aic78u2
Image path: \SystemRoot\system32\DRIVERS\aic78u2.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Display name: aic78xx
Image path: \SystemRoot\system32\DRIVERS\aic78xx.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: F1958FBF86D5C004CF19A5951A9514B7
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Display name: AliIde
Image path: \SystemRoot\system32\DRIVERS\aliide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): alim1541
Display name: ALI AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\alim1541.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): amdagp
Display name: AMD AGP Bus Filter Driver
Image path: \SystemRoot\system32\DRIVERS\amdagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): amsint
Display name: amsint
Image path: \SystemRoot\system32\DRIVERS\amsint.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ApfiltrService
Display name: Alps Touch Pad Filter Driver for Windows 2000/XP
Image path: system32\DRIVERS\Apfiltr.sys
Image size: 108791
Image MD5: AEB775A2BAE0F392BA6ADC0BB706233A
Start: 3
Type: 1
Error Control: 0

Service (registry key): APPDRV
Display name: APPDRV
Image path: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
Start: 1
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): Arp1394
Display name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Image path: system32\DRIVERS\arp1394.sys
Image size: 60800
Image MD5: F0D692B0BFFB46E30EB3CEA168BBC49F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): asc
Display name: asc
Image path: \SystemRoot\system32\DRIVERS\asc.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3350p
Display name: asc3350p
Image path: \SystemRoot\system32\DRIVERS\asc3350p.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): asc3550
Display name: asc3550
Image path: \SystemRoot\system32\DRIVERS\asc3550.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ASCTRM
Display name: ASCTRM
Start: 2
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Image size: 32768
Image MD5: E1A1206A4FB19B675E947B29CCD25FBA
Start: 3
Type: 16
Error Control: 1

Service (registry key): AsyncMac
Display name: RAS Asynchronous Media Driver
Description: RAS Asynchronous Media Driver
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Standard IDE/ESDI Hard Disk Controller
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): Ati HotKey Poller
Object name: LocalSystem
Image path: %SystemRoot%\system32\Ati2evxx.exe
Image size: 405504
Image MD5: E63498B8F5260A3775DA5C79CA82D624
Start: 2
Type: 272
Error Control: 1

Service (registry key): ati2mtag
Image path: system32\DRIVERS\ati2mtag.sys
Image size: 800768
Image MD5: 5B75176663F88E90F14A87E57B8562A4
Start: 3
Type: 1
Error Control: 0

Service (registry key): Atmarpc
Display name: ATM ARP Client Protocol
Description: ATM ARP Client Protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Audio Stub Driver
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): AVG Anti-Spyware Driver
Display name: AVG Anti-Spyware Driver
Image path: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
Image size: 4096
Image MD5: 7D78B7FD0EBE00F177B053A08C78E35B
Start: 1
Type: 1
Error Control: 1

Service (registry key): AVG Anti-Spyware Guard
Display name: AVG Anti-Spyware Guard
Object name: LocalSystem
Image path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Image size: 204800
Image MD5: E8FBDCC8D618D1BB84B828F247A6244B
Start: 2
Type: 16
Error Control: 1

Service (registry key): Avg7Alrt
Display name: AVG7 Alert Manager Server
Object name: LocalSystem
Image path: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Image size: 353280
Image MD5: 5F4ED1DBA7E1EAECBA443A53DA176485
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): Avg7Core
Display name: AVG7 Kernel
Image path: \SystemRoot\System32\Drivers\avg7core.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7RsW
Display name: AVG7 Wrap Driver
Image path: \SystemRoot\System32\Drivers\avg7rsw.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7RsXP
Display name: AVG7 Resident Driver XP
Image path: \SystemRoot\System32\Drivers\avg7rsxp.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): Avg7UpdSvc
Display name: AVG7 Update Service
Object name: LocalSystem
Image path: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Image size: 49664
Image MD5: 30A14F65DB477DC00A64A5A24E96919C
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): AvgAsCln
Display name: AVG Anti-Spyware Clean Driver
Image path: System32\DRIVERS\AvgAsCln.sys
Image size: 3968
Image MD5: 6D4A1DA6E6D522B3EBBCBFF4A3589EC5
Start: 1
Type: 1
Error Control: 1
Depends On services: Ntfs

Service (registry key): AvgClean
Display name: AVG7 Clean Driver
Image path: \SystemRoot\System32\Drivers\avgclean.sys
Start: 1
Type: 1
Error Control: 1
Depends On services: Ntfs

Service (registry key): AVGEMS
Display name: AVG E-mail Scanner
Object name: LocalSystem
Image path: C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Image size: 351744
Image MD5: C6A162BEDAA82DBE9EBF8C7EEBD2929B
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): AvgTdi
Display name: AVG Network Redirector
Image path: \SystemRoot\System32\Drivers\avgtdi.sys
Start: 2
Type: 1
Error Control: 1

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): bcm4sbxp
Display name: Broadcom 440x 10/100 Integrated Controller XP Driver
Image path: system32\DRIVERS\bcm4sbxp.sys
Image size: 44928
Image MD5: 78123F44BE9E4768852A3A017E02D637
Start: 3
Type: 1
Error Control: 1

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): cbidf
Display name: cbidf
Image path: \SystemRoot\system32\DRIVERS\cbidf2k.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Display name: cd20xrnt
Image path: \SystemRoot\system32\DRIVERS\cd20xrnt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): CdaD10BA
Display name: CdaD10BA
Image path: \??\C:\WINDOWS\system32\drivers\CdaD10BA.SYS
Image size: 12464
Image MD5: 841CEFAB8228EE691705D059E7F21C47
Start: 2
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: CD-ROM Driver
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

Service (registry key): CiSvc
Display name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 3192BD04D032A9C4A85A3278C268A13A
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: C8DEC22C4137D7A90F8BDF41CA4B82AE
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): CmBatt
Display name: Microsoft ACPI Control Method Battery Driver
Image path: system32\DRIVERS\CmBatt.sys
Image size: 14080
Image MD5: 4266BE808F85826AEDF3C64C1E240203
Start: 3
Type: 1
Error Control: 1

Service (registry key): CmdIde
Display name: CmdIde
Image path: \SystemRoot\system32\DRIVERS\cmdide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Compbatt
Display name: Microsoft Composite Battery Driver
Image path: system32\DRIVERS\compbatt.sys
Image size: 9344
Image MD5: DF1B1A24BF52D0EBC01ED4ECE8979F50
Start: 0
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Display name: Cpqarray
Image path: \SystemRoot\system32\DRIVERS\cpqarray.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): CryptSvc
Display name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Display name: dac2w2k
Image path: \SystemRoot\system32\DRIVERS\dac2w2k.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): dac960nt
Display name: dac960nt
Image path: \SystemRoot\system32\DRIVERS\dac960nt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Disk Driver
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 224768
Image MD5: 554C7CB178FE3BD12450B81AD63ADBC3
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 799744
Image MD5: C0FBB516E06E243F0CF31F597E7EBF7D
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Image path: System32\drivers\dmio.sys
Image size: 153344
Image MD5: F5E7B358A732D09F4BCF2824B88B9E28
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Microsoft Kernel DLS Syntheiszer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): dpti2o
Display name: dpti2o
Image path: \SystemRoot\system32\DRIVERS\dpti2o.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): drmkaud
Display name: Microsoft Kernel DRM Audio Descrambler
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
Start: 3
Type: 1
Error Control: 1

Service (registry key): drvmcdb
Image path: system32\drivers\drvmcdb.sys
Image size: 87488
Image MD5: E814854E6B246CCF498874839AB64D77
Start: 0
Type: 1
Error Control: 0

Service (registry key): drvncdb
Start: 0
Type: 0
Error Control: 0

Service (registry key): drvnddm
Image path: system32\drivers\drvnddm.sys
Image size: 40480
Image MD5: EE83A4EBAE70BC93CF14879D062F548B
Start: 2
Type: 2
Error Control: 0

Service (registry key): DSBrokerService
Display name: DSBrokerService
Object name: LocalSystem
Image path: "C:\Program Files\DellSupport\brkrsvc.exe"
Image size: 76848
Image MD5: FE80901578E7E3DA70299A5AEB2B7FBD
Start: 3
Type: 16
Error Control: 0

Service (registry key): DSproct
Display name: DSproct
Image path: \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
Image size: 4736
Image MD5: 413F2D5F9D802688242C23B38F767ECB
Start: 3
Type: 1
Error Control: 1

Service (registry key): dsunidrv
Display name: DellSupport UniDriver
Image path: system32\DRIVERS\dsunidrv.sys
Image size: 5376
Image MD5: DFEABB7CFFFADEA4A912AB95BDC3177A
Start: 2
Type: 1
Error Control: 0

Service (registry key): dtscsi
Image path: \SystemRoot\System32\Drivers\dtscsi.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): E100B
Display name: Intel® PRO Adapter Driver
Image path: system32\DRIVERS\e100b325.sys
Image size: 117760
Image MD5: 3FCA03CBCA11269F973B70FA483C88EF
Start: 3
Type: 1
Error Control: 1

Service (registry key): ERSvc
Display name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Eventlog
Display name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Display name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): EvtEng
Display name: EvtEng
Description: Intel Event Trace Manager
Object name: LocalSystem
Image path: C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
Image size: 86016
Image MD5: D335183519E6814DFAB4ED3DD806A943
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): Fastfat
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Display name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fax
Display name: Fax
Description: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
Object name: LocalSystem
Image path: %systemroot%\system32\fxssvc.exe
Image size: 267776
Image MD5: FCBD571FA0EE8DC238944AE5FAB74461
Start: 2
Type: 16
Error Control: 1
Depends On services: TapiSrv,RpcSs,PlugPlay,Spooler

Service (registry key): Fdc
Display name: Floppy Disk Controller Driver
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: CED2E8396A8838E59D8FD529C680E02C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fips
Start: 1
Type: 1
Error Control: 1

Service (registry key): Flpydisk
Display name: Floppy Disk Driver
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 0DD1DE43115B93F4D85E889D7A86F548
Start: 3
Type: 1
Error Control: 1

Service (registry key): FltMgr
Display name: FltMgr
Description: File System Filter Manager Driver
Image path: system32\DRIVERS\fltMgr.sys
Image size: 128896
Image MD5: 3D234FB6D6EE875EB009864A299BEA29
Start: 0
Type: 2
Error Control: 1

Service (registry key): Fs_Rec
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Display name: Volume Manager Driver
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125056
Image MD5: 6AC26732762483366C3969C9E4D2259D
Start: 0
Type: 1
Error Control: 1

Service (registry key): Gpc
Display name: Generic Packet Classifier
Description: Generic Packet Classifier
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: C0F1D4A21DE5A415DF8170616703DEBF
Start: 3
Type: 1
Error Control: 1

Service (registry key): gusvc
Display name: Google Updater Service
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 138168
Image MD5: 751C1D2CA2ABF4A9F5A6B8D7D45B907C
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): helpsvc
Display name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Display name: HID Input Service
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HidUsb
Display name: Microsoft HID Class Driver
Image path: system32\DRIVERS\hidusb.sys
Image size: 9600
Image MD5: 1DE6783B918F540149AA69943BDFEBA8
Start: 3
Type: 1
Error Control: 0

Service (registry key): hpn
Display name: hpn
Image path: \SystemRoot\system32\DRIVERS\hpn.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): HSFHWICH
Image path: system32\DRIVERS\HSFHWICH.sys
Image size: 200064
Image MD5: 140BA850417896B6B3322048DE280368
Start: 3
Type: 1
Error Control: 0

Service (registry key): HSF_DP
Image path: system32\DRIVERS\HSF_DP.sys
Image size: 1041536
Image MD5: B2DFC168D6F7512FAEA085253C5A37AD
Start: 3
Type: 1
Error Control: 0

Service (registry key): HTTP
Display name: HTTP
Description: This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start.
Image path: System32\Drivers\HTTP.sys
Image size: 262784
Image MD5: CB77BB47E67E84DEB17BA29632501730
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Display name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): i2omgmt
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Display name: i2omp
Image path: \SystemRoot\system32\DRIVERS\i2omp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): i8042prt
Display name: i8042 Keyboard and PS/2 Mouse Port Driver
Image path: system32\DRIVERS\i8042prt.sys
Image size: 52736
Image MD5: 5502B58EEF7486EE6F93F3F164DCB808
Start: 1
Type: 1
Error Control: 1

Service (registry key): Imapi
Display name: CD-Burning Filter Driver
Image path: system32\DRIVERS\imapi.sys
Image size: 41856
Image MD5: F8AA320C6A0409C0380E5D8A99D76EC6
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Display name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150016
Image MD5: FA788520BCAC0F5D9D5CDE5615C0D931
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Display name: ini910u
Image path: \SystemRoot\system32\DRIVERS\ini910u.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Inport
Start: 0
Type: 0
Error Control: 0

Service (registry key): IntelIde
Image path: system32\DRIVERS\intelide.sys
Image size: 5504
Image MD5: 2D722B2B54AB55B2FA475EB58D7B2AAD
Start: 0
Type: 1
Error Control: 1

Service (registry key): intelppm
Display name: Intel Processor Driver
Image path: system32\DRIVERS\intelppm.sys
Image size: 36096
Image MD5: 279FB78702454DFF2BB445F238C048D2
Start: 1
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Display name: IPv6 Windows Firewall Driver
Description: Provides intrusion prevention service for a home or small office network.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 29056
Image MD5: 4448006B6BC60E6C027932CFC38D6855
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: System32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20992
Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 134912
Image MD5: E2168CBC7098FFE963C6F23F472A3593
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IPSec
Display name: IPSEC driver
Description: IPSEC driver
Image path: system32\DRIVERS\ipsec.sys
Image size: 74752
Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Display name: IR Enumerator Service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Display name: PnP ISA/EISA Bus Driver
Image path: system32\DRIVERS\isapnp.sys
Image size: 35840
Image MD5: E504F706CCB699C2596E9A3DA1596E87
Start: 0
Type: 1
Error Control: 3

Service (registry key): IWCA
Display name: Intel Wireless Connection Agent Miniport for Win XP
Image path: system32\DRIVERS\iwca.sys
Image size: 234496
Image MD5: 872D090CA5C306F62D1982BCE6302376
Start: 3
Type: 1
Error Control: 1

Service (registry key): Kbdclass
Display name: Keyboard Class Driver
Image path: system32\DRIVERS\kbdclass.sys
Image size: 24576
Image MD5: EBDEE8A2EE5393890A1ACEE971C4C246
Start: 1
Type: 1
Error Control: 1

Service (registry key): kmixer
Display name: Microsoft Kernel Wave Audio Mixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: BA5DEDA4D934E6288C2F66CAF58D2562
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Start: 0
Type: 1
Error Control: 1

Service (registry key): lanmanserver
Display name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Display name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Start: 1
Type: 1
Error Control: 0

Service (registry key): ldap
Start: 0
Type: 0
Error Control: 0

Service (registry key): LHidFlt2
Display name: Logitech HID/USB Mouse Filter Driver
Image path: system32\DRIVERS\LHidFlt2.Sys
Image size: 25502
Image MD5: B97D05E656818572B6B04BA682D3AA8F
Start: 3
Type: 1
Error Control: 1

Service (registry key): LHidUsb
Display name: Logitech USB Receiver device driver
Description: Logitech USB Receiver
Image path: System32\Drivers\LHidUsb.Sys
Image size: 37884
Image MD5: 826AACB98A2CA5C51E982C748A60D645
Start: 3
Type: 1
Error Control: 0

Service (registry key): LicenseService
Start: 0
Type: 0
Error Control: 0

Service (registry key): LmHosts
Display name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): LMouFlt2
Display name: Logitech Mouse Class Filter Driver
Image path: system32\DRIVERS\LMouFlt2.Sys
Image size: 70798
Image MD5: B666F835C18974F392A387C6E863072F
Start: 3
Type: 1
Error Control: 1

Service (registry key): mdmxsdk
Image path: system32\DRIVERS\mdmxsdk.sys
Image size: 13059
Image MD5: 3C318B9CD391371BED62126581EE9961
Start: 2
Type: 1
Error Control: 0

Service (registry key): Messenger
Display name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): mnmdd
Start: 1
Type: 1
Error Control: 0

Service (registry key): mnmsrvc
Display name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: F6415361201915B9FE3896B0E4E724FF
Start: 3
Type: 272
Error Control: 1

Service (registry key): Modem
Start: 3
Type: 1
Error Control: 0

Service (registry key): Mouclass
Display name: Mouse Class Driver
Image path: system32\DRIVERS\mouclass.sys
Image size: 23040
Image MD5: 34E1F0031153E491910E12551400192C
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Display name: Mouse HID Driver
Image path: system32\DRIVERS\mouhid.sys
Image size: 12160
Image MD5: B1C303E17FB9D46E87A98E4BA6769685
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): mraid35x
Display name: mraid35x
Image path: \SystemRoot\system32\DRIVERS\mraid35x.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Display name: WebDav Client Redirector
Description: WebDav Client Redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 181248
Image MD5: 46EDCC8F2DB2F322C24F48785CB46366
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 453120
Image MD5: 025AF03CE51645C62F3B6907A7E2BE5E
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSDTC
Display name: Distributed Transaction Coordinator
Description: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: C7C3D89EB0A6F3DBA622EA737FA335B1
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): Msfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSIServer
Display name: Windows Installer
Description: Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Display name: Microsoft Streaming Service Proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: AE431A8DD3C1D0D0610CDBAC16057AD0
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Display name: Microsoft Streaming Clock Proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 13E75FEF9DFEB08EEDED9D0246E1F448
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Display name: Microsoft Streaming Quality Manager Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: 1988A33FF19242576C3D0EF9CE785DA7
Start: 3
Type: 1
Error Control: 1

Service (registry key): mssmbios
Display name: Microsoft System Management BIOS Driver
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: 469541F8BFD2B32659D5D463A6714BCE
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Display name: Mup
Start: 0
Type: 2
Error Control: 1

Service (registry key): NaiAvFilter1
Image path: system32\drivers\naiavf5x.sys
Image size: 114464
Image MD5: AFFD46144D763D9046673DD2D012CFF9
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDIS
Display name: NDIS System Driver
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Display name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Image path: system32\DRIVERS\ndistapi.sys
Image size: 9600
Image MD5: 08D43BBDACDF23F34D79E44ED35C1B4C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Display name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Image path: system32\DRIVERS\ndisuio.sys
Image size: 12928
Image MD5: 34D6CD56409DA9A7ED573E1C90A308BF
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Display name: Remote Access NDIS WAN Driver
Description: Remote Access NDIS WAN Driver
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91776
Image MD5: 0B90E255A9490166AB368CD55A529893
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Display name: NetBIOS Interface
Description: NetBIOS Interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34560
Image MD5: 3A2ACA8FC1D7786902CA434998D7CEB4
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 0C80E410CD2F47134407EE7DD19CC86B
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): NetDDE
Display name: Network DDE
Description: Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Service (registry key): NetDDEdsdm
Display name: Network DDE DSDM
Description: Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 111104
Image MD5: 05AFB5AD06462257BEA7495283C86D50
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Display name: Net Logon
Description: Supports pass-through authentication of account logon events for computers in a domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Display name: Network Connections
Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NIC1394
Display name: 1394 Net Driver
Image path: system32\DRIVERS\nic1394.sys
Image size: 61824
Image MD5: 5C5C53DB4FEF16CF87B9911C7E8C6FBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): NICCONFIGSVC
Display name: NICCONFIGSVC
Description: Configure your Internal Network Card power management settings.
Object name: LocalSystem
Image path: C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
Image size: 356352
Image MD5: F24BCFEFE471F4D34A5786B7FCB9235C
Start: 2
Type: 272
Error Control: 1

Service (registry key): Nla
Display name: Network Location Awareness (NLA)
Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): Npfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Display name: NT LM Security Support Provider
Description: Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Display name: Removable Storage
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 1897408
Image MD5: 2B298519EDBFCF451D43E0F1E8F1006D
Start: 3
Type: 1
Error Control: 0

Service (registry key): NwlnkFlt
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Start: 3
Type: 1
Error Control: 1

Service (registry key): ohci1394
Display name: OHCI Compliant IEEE 1394 Host Controller
Image path: system32\DRIVERS\ohci1394.sys
Image size: 61056
Image MD5: 0951DB8E5823EA366B0E408D71E1BA2A
Start: 0
Type: 1
Error Control: 1

Service (registry key): omci
Display name: OMCI WDM Device Driver
Image path: system32\DRIVERS\omci.sys
Image size: 17153
Image MD5: B17228142CEC9B3C222239FD935A37CA
Start: 1
Type: 1
Error Control: 1

Service (registry key): ose
Display name: Office Source Engine
Description: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 89136
Image MD5: 7A56CF3E3F12E8AF599963B16F50FB6A
Start: 3
Type: 16
Error Control: 1

Service (registry key): Outlook
Start: 0
Type: 0
Error Control: 0

Service (registry key): Parport
Display name: Parallel port driver
Image path: system32\DRIVERS\parport.sys
Image size: 80128
Image MD5: 29744EB4CE659DFE3B4122DEB45BC478
Start: 3
Type: 1
Error Control: 0

Service (registry key): PartMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCI
Display name: PCI Bus Driver
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: 8086D9979234B603AD5BC2F5D890B234
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: CCF5F451BB1A5A2A522A76E670000FF0
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Image path: system32\DRIVERS\pcmcia.sys
Image size: 119936
Image MD5: 82A087207DECEC8456FBE8537947D579
Start: 0
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Display name: perc2
Image path: \SystemRoot\system32\DRIVERS\perc2.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): perc2hib
Display name: perc2hib
Image path: \SystemRoot\system32\DRIVERS\perc2hib.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Start: 0
Type: 0
Error Control: 0

Service (registry key): pfc
Display name: Padus ASPI Shell
Image path: system32\drivers\pfc.sys
Image size: 21248
Image MD5: 6C1618A07B49E3873582B6449E744088
Start: 3
Type: 1
Error Control: 1

Service (registry key): PlugPlay
Display name: Plug and Play
Description: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108032
Image MD5: C6CE6EEC82F187615D1002BB3BB50ED4
Start: 2
Type: 32
Error Control: 1

Service (registry key): PolicyAgent
Display name: IPSEC Services
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Display name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: 1C5CC65AAC0783C344F16353E60B72AC
Start: 3
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Display name: Protected Storage
Description: Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Display name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 48671F327553DCF1D27F6197F622A668
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): Ptilink
Display name: Direct Parallel Link Driver
Description: Direct Parallel Link Driver
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 20576
Image MD5: 7C81AE3C9B82BA2DA437ED4D31BC56CF
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Display name: ql1080
Image path: \SystemRoot\system32\DRIVERS\ql1080.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Display name: Ql10wnt
Image path: \SystemRoot\system32\DRIVERS\ql10wnt.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql12160
Display name: ql12160
Image path: \SystemRoot\system32\DRIVERS\ql12160.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1240
Display name: ql1240
Image path: \SystemRoot\system32\DRIVERS\ql1240.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ql1280
Display name: ql1280
Image path: \SystemRoot\system32\DRIVERS\ql1280.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): RasAcd
Display name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Start: 1
Type: 1
Error Control: 1

Service (registry key): RasAuto
Display name: Remote Access Auto Connection Manager
Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Display name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Display name: Remote Access Connection Manager
Description: Creates a network connection.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Display name: Remote Access PPPOE Driver
Description: Remote Access PPPOE Driver
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 7306EEED8895454CBED4669BE9F79FAA
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 174592
Image MD5: 03B965B1CA47F6EF60EB5E51CB50E0AF
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Display name: Terminal Server Device Redirector Driver
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196864
Image MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Display name: Remote Desktop Help Session Manager
Description: Manages and controls Remote Assistance. If this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependencies tab of the Properties dialog box.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 140800
Image MD5: 729798E0933076B8FCFCD9934698F164
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Display name: Digital CD Audio Playback Filter Driver
Image path: system32\DRIVERS\redbook.sys
Image size: 57472
Image MD5: B31B4588E4086D8D84ADBF9845C2402B
Start: 1
Type: 1
Error Control: 1

Service (registry key): RegSrvc
Display name: RegSrvc
Description: Intel Registry Service
Object name: LocalSystem
Image path: C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
Image size: 139264
Image MD5: 15BA3BCEEB32C4279B27F5C3389E4847
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): RemoteAccess
Display name: Routing and Remote Access
Description: Offers routing services to businesses in local area and wide area network environments.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RpcLocator
Display name: Remote Procedure Call (RPC) Locator
Description: Manages the RPC name service database.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: 793F04A09B15E7C6C11DBDFFAF06C0AB
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Display name: Remote Procedure Call (RPC)
Description: Provides the endpoint mapper and other miscellaneous RPC services.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): RSGatherer
Start: 0
Type: 0
Error Control: 0

Service (registry key): RSGTHRSVC
Start: 0
Type: 0
Error Control: 0

Service (registry key): RSIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): RSSearch
Start: 0
Type: 0
Error Control: 0

Service (registry key): RSVP
Display name: QoS RSVP
Description: Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: 471B3F9741D762ABE75E9DEEA4787E47
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): S24EventMonitor
Display name: Spectrum24 Event Monitor
Description: Handles the Spectrum24 NDIS Traffic
Object name: LocalSystem
Image path: C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Image size: 360521
Image MD5: 79A647519CA3E700E9738153F788FB7D
Start: 2
Type: 272
Error Control: 1
Depends On services: s24trans,EvtEng

Service (registry key): s24trans
Display name: WLAN Transport
Description: WLAN Transport
Image path: system32\DRIVERS\s24trans.sys
Image size: 11354
Image MD5: 81AA6F0D6A2BE1C550F814B036215888
Start: 2
Type: 1
Error Control: 1

Service (registry key): SamSs
Display name: Security Accounts Manager
Description: Stores security information for local user accounts.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 84885F9B82F4D55C6146EBF6065D75D2
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Display name: Smart Card
Description: Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 95744
Image MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): Schedule
Display name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): sdbus
Image path: system32\DRIVERS\sdbus.sys
Image size: 67584
Image MD5: 02FC71B020EC8700EE8A46C58BC6F276
Start: 3
Type: 1
Error Control: 1

Service (registry key): Secdrv
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 27440
Image MD5: D26E26EA516450AF9D072635C60387F4
Start: 3
Type: 1
Error Control: 1

Service (registry key): seclogon
Display name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 288
Error Control: 0

Service (registry key): SENS
Display name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): serenum
Display name: Serenum Filter Driver
Image path: system32\DRIVERS\serenum.sys
Image size: 15488
Image MD5: A2D868AEEFF612E70E213C451A70CAFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Display name: Serial port driver
Image path: system32\DRIVERS\serial.sys
Image size: 64896
Image MD5: CD9404D115A00D249F70A371B46D5A26
Start: 1
Type: 1
Error Control: 0

Service (registry key): Sfloppy
Display name: High-Capacity Floppy Disk Drive
Image path: system32\DRIVERS\sfloppy.sys
Image size: 11392
Image MD5: 0D13B6DF6E9E101013A7AFB0CE629FE0
Start: 3
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Display name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Display name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Start: 4
Type: 1
Error Control: 1

Service (registry key): sisagp
Display name: SIS AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\sisagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): SONYPVU1
Display name: Sony USB Filter Driver (SONYPVU1)
Image path: system32\DRIVERS\SONYPVU1.SYS
Image size: 7552
Image MD5: A1ECEEAA5C5E74B2499EB51D38185B84
Start: 3
Type: 1
Error Control: 1

Service (registry key): Sparrow
Display name: Sparrow
Image path: \SystemRoot\system32\DRIVERS\sparrow.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): splitter
Display name: Microsoft Kernel Audio Splitter
Image path: system32\drivers\splitter.sys
Image size: 6400
Image MD5: 0CE218578FFF5F4F7E4201539C45C78F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Display name: Print Spooler
Description: Loads files to memory for later printing.
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sptd
Image path: System32\Drivers\sptd.sys
Start: 0
Type: 1
Error Control: 1

Service (registry key): sr
Display name: System Restore Filter Driver
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: E41B6D037D6CD08461470AF04500DC24
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Display name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Srv
Display name: Srv
Description: Srv
Image path: system32\DRIVERS\srv.sys
Image size: 332928
Image MD5: EA554A3FFC3F536FE8320EB38F5E4843
Start: 3
Type: 2
Error Control: 1

Service (registry key): sscdbhk5
Image path: system32\drivers\sscdbhk5.sys
Image size: 5627
Image MD5: D7968049BE0ADBB6A57CEE3960320911
Start: 1
Type: 2
Error Control: 0

Service (registry key): SSDPSRV
Display name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): ssrtln
Image path: system32\drivers\ssrtln.sys
Image size: 23545
Image MD5: C3FFD65ABFB6441E7606CF74F1155273
Start: 1
Type: 2
Error Control: 0

Service (registry key): STAC97
Display name: SigmaTel C-Major Audio
Image path: system32\drivers\STAC97.sys
Image size: 271704
Image MD5: 25068674E358FD74BFA612F175C6721B
Start: 3
Type: 1
Error Control: 1

Service (registry key): stisvc
Display name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): swenum
Display name: Software Bus Driver
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 03C1BAE4766E2450219D20B993D6E046
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Display name: Microsoft Kernel GS Wavetable Synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 54272
Image MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Display name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{A445BD1E-49EE-4607-B370-5CCA447377C4}
Image size: 5120
Image MD5: DD87DB7387B9EB441C5674888A0D840C
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): symc810
Display name: symc810
Image path: \SystemRoot\system32\DRIVERS\symc810.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): symc8xx
Display name: symc8xx
Image path: \SystemRoot\system32\DRIVERS\symc8xx.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_hi
Display name: sym_hi
Image path: \SystemRoot\system32\DRIVERS\sym_hi.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): sym_u3
Display name: sym_u3
Image path: \SystemRoot\system32\DRIVERS\sym_u3.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): sysaudio
Display name: Microsoft Kernel System Audio Device
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 650AD082D46BAC0E64C9C0E0928492FD
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Display name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 89600
Image MD5: 8B54AA346D1B1B113FFAA75501B8B1B2
Start: 3
Type: 16
Error Control: 1

Service (registry key): szkg
Display name: szkg
Image path: system32\DRIVERS\szkg.sys
Start: 0
Type: 1
Error Control: 1

Service (registry key): TapiSrv
Display name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Display name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Image path: system32\DRIVERS\tcpip.sys
Image size: 359808
Image MD5: 1DBF125862891817F374F407626967F4
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

Service (registry key): TDPIPE
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Display name: Terminal Device Driver
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: A540A99C281D933F3D69D55E48727F47
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Display name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): tfsnboio
Image path: system32\dla\tfsnboio.sys
Image size: 25883
Image MD5: 30698355067D07DA5F9EB81132C9FDD6
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsncofs
Image path: system32\dla\tfsncofs.sys
Image size: 34843
Image MD5: FB9D825BB4A2ABDF24600F7505050E2B
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndrct
Image path: system32\dla\tfsndrct.sys
Image size: 4123
Image MD5: CAFD8CCA11AA1E8B6D2EA1BA8F70EC33
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsndres
Image path: system32\dla\tfsndres.sys
Image size: 2239
Image MD5: 8DB1E78FBF7C426D8EC3D8F1A33D6485
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnifs
Image path: system32\dla\tfsnifs.sys
Image size: 86586
Image MD5: B92F67A71CC8176F331B8AA8D9F555AD
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnopio
Image path: system32\dla\tfsnopio.sys
Image size: 15227
Image MD5: 85985FAA9A71E2358FCC2EDEFC2A3C5C
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnpool
Image path: system32\dla\tfsnpool.sys
Image size: 6363
Image MD5: BBA22094F0F7C210567EFDAF11F64495
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudf
Image path: system32\dla\tfsnudf.sys
Image size: 98714
Image MD5: 81340BEF80B9811E98CE64611E67E3FF
Start: 2
Type: 2
Error Control: 0

Service (registry key): tfsnudfa
Image path: system32\dla\tfsnudfa.sys
Image size: 100603
Image MD5: C035FD116224CCC8325F384776B6A8BB
Start: 2
Type: 2
Error Control: 0

Service (registry key): Themes
Display name: Themes
Description: Provides user experience theme management.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): TosIde
Display name: TosIde
Image path: \SystemRoot\system32\DRIVERS\toside.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): TrkWks
Display name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): Udfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): ultra
Display name: ultra
Image path: \SystemRoot\system32\DRIVERS\ultra.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): UMWdf
Display name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Object name: NT AUTHORITY\LocalService
Image path: C:\WINDOWS\system32\wdfmgr.exe
Image size: 38912
Image MD5: C81B8635DEE0D3EF5F64B3DD643023A5
Start: 2
Type: 16
Error Control: 1
Depends On services: RpcSs

Service (registry key): Update
Display name: Microcode Update Driver
Image path: system32\DRIVERS\update.sys
Image size: 209408
Image MD5: AFF2E5045961BBC0A602BB6F95EB1345
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Display name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Display name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Object name: LocalSystem
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 3F5DF65B0758675F95A2D43918A740A3
Start: 3
Type: 16
Error Control: 1

Service (registry key): usbccgp
Display name: Microsoft USB Generic Parent Driver
Image path: system32\DRIVERS\usbccgp.sys
Image size: 31616
Image MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbehci
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 26624
Image MD5: 15E993BA2F6946B2BFBBFCD30398621E
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 57600
Image MD5: C72F40947F92CEA56A8FB532EDF025F1
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbprint
Display name: Microsoft USB PRINTER Class
Image path: system32\DRIVERS\usbprint.sys
Image size: 25856
Image MD5: A42369B7CD8886CD7C70F33DA6FCBCF5
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbscan
Display name: USB Scanner Driver
Image path: system32\DRIVERS\usbscan.sys
Image size: 15104
Image MD5: A6BC71402F4F7DD5B77FD7F4A8DDBA85
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Display name: USB Mass Storage Driver
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26496
Image MD5: 6CD7B22193718F1D17A47A1CD6D37E75
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20480
Image MD5: F8FD1400092E23C8F2F31406EF06167B
Start: 3
Type: 1
Error Control: 1

Service (registry key): VgaSave
Image path: \SystemRoot\System32\drivers\vga.sys
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Display name: VIA AGP Bus Filter
Image path: \SystemRoot\system32\DRIVERS\viaagp.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): ViaIde
Display name: ViaIde
Image path: \SystemRoot\system32\DRIVERS\viaide.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): VolSnap
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Display name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 289792
Image MD5: 3EE00364AE0FD8D604F46CBAF512838A
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): vxd
Start: 0
Type: 0
Error Control: 0

Service (registry key): w29n51
Display name: Intel® PRO/Wireless 2200BG Network Connection Driver for Windows XP
Image path: system32\DRIVERS\w29n51.sys
Image size: 3210496
Image MD5: F0F902220910C4FBE42A51964BD33599
Start: 3
Type: 1
Error Control: 1

Service (registry key): w32time
Display name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wanarp
Display name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: 984EF0B9788ABF89974CFED4BFBAACBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): wanatw
Display name: WAN Miniport (ATW)
Image path: system32\DRIVERS\wanatw4.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Display name: Microsoft WINMM WDM Audio Compatibility Driver
Image path: system32\drivers\wdmaud.sys
Image size: 82944
Image MD5: EFD235CA22B57C81118C1AEB4798F1C1
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Display name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): winachsf
Image path: system32\DRIVERS\HSF_CNXT.sys
Image size: 685056
Image MD5: 2DC7C0B6175A0A8ED84A4F70199C93B5
Start: 3
Type: 1
Error Control: 0

Service (registry key): winmgmt
Display name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): Winsock
Start: 3
Type: 4
Error Control: 1

Service (registry key): Winsock - Google Desktop Search Backup Before First Install
Start: 3
Type: 4
Error Control: 1

Service (registry key): Winsock - Google Desktop Search Backup Before Last Install
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Start: 0
Type: 0
Error Control: 0

Service (registry key): Winsock2 - Google Desktop Search Backup Before First Instal
Start: 0
Type: 0
Error Control: 0

Service (registry key): Winsock2 - Google Desktop Search Backup Before Last Install
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Start: 0
Type: 0
Error Control: 0

Service (registry key): WLANKEEPER
Display name: WLANKEEPER
Description: Provides Profile Switching Service for SSO Feature Set
Object name: LocalSystem
Image path: C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Image size: 225353
Image MD5: 43ED73F10DE96E0A23244BD9CF04F5C2
Start: 2
Type: 272
Error Control: 1
Depends On services: S24EventMonitor,RpcSs,EvtEng

Service (registry key): WmdmPmSN
Display name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Display name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: BA8CECC3E813E1F7C441B20393D4F86C
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WS2IFSL
Display name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Image path: \SystemRoot\System32\drivers\ws2ifsl.sys
Start: 4
Type: 1
Error Control: 1

Service (registry key): wscsvc
Display name: Security Center
Description: Monitors system security settings and configurations.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): wuauserv
Display name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1

Service (registry key): WZCSVC
Display name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Display name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): {7AF48DF2-842E-4CC1-99BF-D788A29328BA}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {8A3FE088-CFE5-433E-8431-D3A5C00A7E28}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {A8E4F25E-E08E-4A67-820D-404EED86642C}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {DB368E6A-119F-4584-8DFB-DDC81B5A2B92}
Start: 0
Type: 0
Error Control: 0




Logfile of HijackThis v1.99.1
Scan saved at 1:09:52 PM, on 5/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Katherine Sims\Desktop\hijackthis\HJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB2.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay10...es/MsnPUpld.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.co...clean_micro.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161215957075
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicr...scan/as4web.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab47946.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E4F25E-E08E-4A67-820D-404EED86642C}: NameServer = 68.87.72.130,68.87.77.130
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe



#6 miekiemoes

miekiemoes

    Malware Killer Dog

  • Volunteer Security Advisor
  • PipPipPip
  • 4092 posts

Posted 13 May 2007 - 06:54 PM

Hi,

but spybot found four cookies, After telling it to fix them, and rebooting and running another scan, they persist.

--- Search result list ---
Advertising.com: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Katherine Sims) (Cookie, nothing done)

Please do NOT worry about cookies, they will always come back. This all depends what sites you visit. Above cookies are actually present on A LOT of sites - even the MSN page, Yahoo page etc...
So you can safely ignore these cookies. There's nothing to worry about here.

Your HijackThislog still looks clean.
As a sidenote, I see you have a HUGE amount of games installed. Keep in mind that they use a lot of space and because of this, your disk will be full in no time. The fuller your disk, the slower your computer. So I suggest you uninstall the games you don't play anymore (guess most are trials anyway from GameHouse)

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.

Happy Surfing again!
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.
DO NOT POST your problem or log in someone elses thread, even though you are having the same problems. This to avoid confusion. Start a new thread instead and someone will help you asap.
Bumping your thread won't help to receive help in a faster way, this since we always look at the posts with 0 replies first. If you bump your thread, we assume that someone is already helping you, so your thread may be ignored.

#7 miekiemoes

miekiemoes

    Malware Killer Dog

  • Volunteer Security Advisor
  • PipPipPip
  • 4092 posts

Posted 20 May 2007 - 01:22 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.
DO NOT POST your problem or log in someone elses thread, even though you are having the same problems. This to avoid confusion. Start a new thread instead and someone will help you asap.
Bumping your thread won't help to receive help in a faster way, this since we always look at the posts with 0 replies first. If you bump your thread, we assume that someone is already helping you, so your thread may be ignored.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users