Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rogue Anti Spyware Problem When Opening Internet Explorer


  • This topic is locked This topic is locked
3 replies to this topic

#1 tharmon03

tharmon03

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 17 June 2008 - 12:16 PM

When clicking links on IE7, pop up says that trojan horse is detected and to download software to remove it. I've used trusted Spyware removal programs and still the problem persists.

MAIN:

Deckard's System Scanner v20071014.68
Run by Travis on 2008-06-17 11:55:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
21: 2008-06-17 16:36:57 UTC - RP490 - Removed Steam
20: 2008-06-17 16:09:11 UTC - RP489 - Spyware Terminator - restore point
19: 2008-06-17 14:41:01 UTC - RP487 - Windows Update
18: 2008-06-16 21:26:08 UTC - RP486 - Device Driver Package Install: Microsoft Mice and other pointing devices
17: 2008-06-16 21:24:13 UTC - RP485 - Device Driver Package Install: Microsoft Human Interface Devices


-- First Restore Point --
1: 2008-06-10 06:24:35 UTC - RP468 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1022 MiB (1024 MiB recommended).
System Drive C: has 9.8 GiB (less than 15%) free.


-- HijackThis (run as Travis.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:11 PM, on 6/17/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\WDBtnMgr.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
C:\Program Files\RDS\RMClient\MplHDDisp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\RDS\RMClient\PMJobCliMsg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Travis\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Travis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.caddoclerk.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Atlanta_Braves toolbar - {59b69dba-fa12-4a55-9b87-8ea71bc03108} - C:\Program Files\Atlanta_Braves\tbAtla.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: Atlanta_Braves toolbar - {59b69dba-fa12-4a55-9b87-8ea71bc03108} - C:\Program Files\Atlanta_Braves\tbAtla.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: BhoApp Class - {BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56} - C:\Windows\system32\pupdfim.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Atlanta_Braves toolbar - {59b69dba-fa12-4a55-9b87-8ea71bc03108} - C:\Program Files\Atlanta_Braves\tbAtla.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: MLB.TV NexDef Plug-in.lnk = C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = ?
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: *.line6.net
O16 - DPF: {4592C0F5-3382-44C6-9F79-BEA2CCBDA2EA} (OBXWebDocumentSelect Control) - http://obwebserver.caddoclerk.com/onbasene...BXWebSelect.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {F5876F16-5217-4B38-96F3-C2BB80215302} (OBXWebViewer Control) - http://obwebserver.caddoclerk.com/onbasene...BXWebViewer.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Audio Pack Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\APLicensing.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PMObserv - RICOH COMPANY,LTD. - C:\Windows\system32\PMObserv.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13835 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - "regedit.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 dsunidrv - \??\c:\program files\dellsupport\drivers\dsunidrv.sys
R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

S3 UsbDiag (LGE CDMA USB Serial Port) - c:\windows\system32\drivers\lgusbdiag.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Diagnostics Driver>
S3 USBModem (LGE CDMA USB Modem) - c:\windows\system32\drivers\lgusbmodem.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Modem Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 Creative Audio Pack Licensing Service - "c:\program files\common files\creative labs shared\service\aplicensing.exe" <Not Verified; Creative Labs; Creative Audio Pack Licensing Service>
R2 Creative Labs Licensing Service - "c:\program files\common files\creative labs shared\service\creativelicensing.exe" <Not Verified; Creative Labs; Creative Labs Licensing Service>
R2 CTAudSvcService (Creative Audio Service) - c:\program files\creative\shared files\ctaudsvc.exe <Not Verified; Creative Technology Ltd; Creative Audio Service>
R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
R2 sprtsvc_dellsupportcenter (SupportSoft Sprocket Service (dellsupportcenter)) - c:\program files\dell support center\bin\sprtsvc.exe /service /p dellsupportcenter
R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
R3 PMObserv - c:\windows\system32\pmobserv.exe <Not Verified; RICOH COMPANY,LTD.; PMObserv>

S2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Intel® Wireless WiFi Link 4965AGN
Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11208086&REV_61\4&2AADF185&0&00E0
Manufacturer: Intel Corporation
Name: Intel® Wireless WiFi Link 4965AGN
PNP Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11208086&REV_61\4&2AADF185&0&00E0
Service: NETw4v32

Class GUID: {4d36e97b-e325-11ce-bfc1-08002be10318}
Description: Virtual CloneDrive
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer: Elaborate Bytes AG
Name: Virtual CloneDrive
PNP Device ID: ROOT\SCSIADAPTER\0000
Service: VClone


-- Scheduled Tasks -------------------------------------------------------------

2008-06-16 21:00:25 420 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{62763F6E-FC9C-4D9E-A1E8-4F053BBF943B}.job
2008-06-15 01:00:00 366 --a------ C:\Windows\Tasks\McDefragTask.job
2008-06-01 01:00:00 368 --a------ C:\Windows\Tasks\McQcTask.job


-- Files created between 2008-05-17 and 2008-06-17 -----------------------------

2008-06-17 10:18:32 141312 --a------ C:\Windows\system32\drivers\sp_rsdrv2.sys
2008-06-17 10:18:31 0 d-------- C:\Users\All Users\Spyware Terminator
2008-06-17 10:18:27 0 d-------- C:\Program Files\Spyware Terminator
2008-06-17 08:33:54 13312 --a------ C:\Windows\system32\pupdfim.dll
2008-06-17 08:24:07 13312 --a------ C:\Windows\system32\tapdfan.dll
2008-06-17 08:21:40 13312 --a------ C:\Windows\system32\taplso.dll
2008-06-16 16:25:32 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-06-16 16:22:07 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2008-06-13 15:08:30 106496 --a------ C:\Windows\_PMCMisc.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Navi>
2008-06-13 15:07:48 45056 --a------ C:\Windows\system32\rpnvmon.dll <Not Verified; ???; ??? rpnvmon>
2008-06-13 15:07:48 45056 --a------ C:\Windows\system32\ippmon.dll <Not Verified; ???; ??? ippmon>
2008-06-13 15:07:47 45056 --a------ C:\Windows\system32\ricnmon.dll <Not Verified; ???; ??? ricnmon>
2008-06-13 15:07:41 0 d-------- C:\Windows\NAVITEMP
2008-06-13 15:07:35 45162 --a------ C:\Windows\system32\_RPNV2IN.DLL <Not Verified; RICOH COMPANY,LTD.; Rpnv2in>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobsv.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobpt.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobpl.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobno.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobnl.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobit.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobhu.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobfr.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobfi.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJobes.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 24576 --a------ C:\Windows\RFJoben.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:33 532480 --a------ C:\Windows\PMInet.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO for Internet Module>
2008-06-13 15:07:33 106496 --a------ C:\Windows\PMFtpW.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO>
2008-06-13 15:07:33 778240 --a------ C:\Windows\PMFtpUtW.dll <Not Verified; RICOH COMPANY,LTD.; Peripheral Manager>
2008-06-13 15:07:33 24576 --a------ C:\Windows\PMCommon.dll <Not Verified; RICOH CO., LTD.; RICOH PMCommon>
2008-06-13 15:07:32 20480 --a------ C:\Windows\RFJobTW.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 24576 --a------ C:\Windows\RFJobde.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 24576 --a------ C:\Windows\RFJobda.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 24576 --a------ C:\Windows\RFJobcs.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 20480 --a------ C:\Windows\RFJobCN.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 221184 --a------ C:\Windows\PMShTW.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShsv.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShpt.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShpl.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 180224 --a------ C:\Windows\PMShno.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShnl.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMbleep.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShhu.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShfr.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 180224 --a------ C:\Windows\PMShfi.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShes.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 180224 --a------ C:\Windows\PMShen.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShde.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 180224 --a------ C:\Windows\PMShda.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 184320 --a------ C:\Windows\PMShcs.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:32 221184 --a------ C:\Windows\PMShCN.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApisv.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApipt.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApipl.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApino.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApinl.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApiit.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApihu.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApifr.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApifi.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApies.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:31 28672 --a------ C:\Windows\PMApien.dll <Not Verified; RICOH COMPANY,LTD.; %s>
2008-06-13 15:07:30 126976 --a------ C:\Windows\RCPrnJob.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:30 20480 --a------ C:\Windows\PMApiTW.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:30 28672 --a------ C:\Windows\PMApide.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:30 28672 --a------ C:\Windows\PMApida.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:30 28672 --a------ C:\Windows\PMApics.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:30 20480 --a------ C:\Windows\PMApiCN.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor>
2008-06-13 15:07:29 163840 --a------ C:\Windows\RCFaxJob.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:29 753664 --a------ C:\Windows\PMCSHEx.DLL <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Admin/Navi>
2008-06-13 15:07:29 106496 --a------ C:\Windows\PMCMisc.dll <Not Verified; RICOH COMPANY,LTD.; Ridoc IO Navi>
2008-06-13 15:07:29 413696 --a------ C:\Windows\PMCCom.dll <Not Verified; RICOH COMPANY,LTD.; SmartDeviceMonitor for Client>
2008-06-13 15:07:29 94208 --a------ C:\Windows\PMCCmd.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin>
2008-06-13 15:07:29 1183744 --a------ C:\Windows\PMCApi.dll <Not Verified; RICOH COMPANY,LTD.; SmartDeviceMonitor for Navi>
2008-06-13 15:07:26 741490 --a------ C:\Windows\system32\rpmsend.dll <Not Verified; RICOH COMPANY,LTD.; rpmsend>
2008-06-13 15:07:26 573542 --a------ C:\Windows\system32\rpmjobs.dll <Not Verified; RICOH COMPANY,LTD.; rpmjobs>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\rpmjbTW.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbsv.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbpt.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbpl.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbno.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbnl.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbit.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbhu.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbfr.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbfi.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbes.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJben.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\RpmJbde.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:26 12288 --a------ C:\Windows\system32\rpmjbCN.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:25 12288 --a------ C:\Windows\system32\RpmJbda.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:25 12288 --a------ C:\Windows\system32\RpmJbcs.dll <Not Verified; RICOH COMPANY,LTD.; SmartNetMonitor for Admin/Client>
2008-06-13 15:07:18 0 d-------- C:\Program Files\Common Files\RDPrint
2008-06-13 15:07:13 31232 --a------ C:\Windows\PmAddin.dll <Not Verified; RICOH COMPANY,LTD.; Aficio Manager for Admin>
2008-06-13 15:07:10 274546 --a------ C:\Windows\system32\rtcpf.dll <Not Verified; RICOH COMPANY,LTD.; rtcpf>
2008-06-13 15:07:10 598133 --a------ C:\Windows\system32\rpnv2ui.dll <Not Verified; RICOH COMPANY,LTD.; rpnv2ui>
2008-06-13 15:07:10 90112 --a------ C:\Windows\system32\rnetb.dll <Not Verified; RICOH; RICOH rnetb>
2008-06-13 15:07:10 237668 --a------ C:\Windows\system32\RLPR.dll <Not Verified; RICOH COMPANY,LTD.; RLPR>
2008-06-13 15:07:10 127084 --a------ C:\Windows\system32\ripp.dll <Not Verified; RICOH COMPANY,LTD.; ripp>
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2sv.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2pt.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2pl.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2no.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2nl.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 2093175 --a------ C:\Windows\system32\rpnv2mon.dll <Not Verified; RICOH COMPANY,LTD.; rpnv2mon>
2008-06-13 15:07:09 557175 --a------ C:\Windows\system32\rpnv2job.dll <Not Verified; RICOH COMPANY,LTD.; rpnv2job>
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2it.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2hu.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2fr.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2fi.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:09 69632 --a------ C:\Windows\system32\rpnv2es.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:08 61440 --a------ C:\Windows\system32\rpnv2TW.dll <Not Verified; RICOH COMPANY, LTD.; SmartDeviceMonitor>
2008-06-13 15:07:08 69632 --a------ C:\Windows\system32\rpnv2en.dll <Not Verified; RICOH COMPANY, LTD.; %s>
2008-06-13 15:07:08 69632 --a------ C:\Windows\system32\rpnv2de.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:08 69632 --a------ C:\Windows\system32\rpnv2da.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:08 69632 --a------ C:\Windows\system32\rpnv2cs.dll <Not Verified; RICOH COMPANY, LTD.; >
2008-06-13 15:07:08 61440 --a------ C:\Windows\system32\rpnv2CN.dll <Not Verified; RICOH COMPANY, LTD.; SmartDeviceMonitor>
2008-06-13 15:07:08 77925 --a------ C:\Windows\system32\PopReg.dll <Not Verified; RICOH COMPANY,LTD.; PopReg>
2008-06-13 15:07:08 208997 --a------ C:\Windows\system32\CheckAcc.dll <Not Verified; RICOH COMPANY,LTD.; CheckAcc>
2008-06-13 15:07:03 82031 --a------ C:\Windows\system32\JobHisEn.dll <Not Verified; RICOH COMPANY,LTD.; JobHisEn>
2008-06-13 15:07:03 45056 --a------ C:\Windows\system32\CheckDcom.dll <Not Verified; RICOH COMPANY, LTD.; CheckDcom>
2008-06-13 15:07:02 372736 --a------ C:\Windows\PMCOMRES.dll <Not Verified; RICOH COMPANY,LTD.; PMComRes>
2008-06-13 15:07:00 12288 --a------ C:\Windows\system32\rpnv2isv.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:07:00 12288 --a------ C:\Windows\system32\rpnv2ipt.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:07:00 12288 --a------ C:\Windows\system32\rpnv2ipl.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2iTW.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ino.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2inl.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 45162 --a------ C:\Windows\system32\rpnv2in.dll <Not Verified; RICOH COMPANY,LTD.; Rpnv2in>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2iit.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ihu.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ifr.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ifi.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ies.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ien.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ide.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ida.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2ics.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:59 12288 --a------ C:\Windows\system32\rpnv2iCN.dll <Not Verified; RICOH CO.,LTD.; RPNV2IN>
2008-06-13 15:06:53 20589 --a------ C:\Windows\system32\PMObsOn.exe <Not Verified; RICOH COMPANY,LTD.; PMObsOn>
2008-06-13 15:06:53 24576 --a------ C:\Windows\system32\PMObservps.dll
2008-06-13 15:06:53 258178 --a------ C:\Windows\system32\PMObservINP.dll <Not Verified; RICOH COMPANY,LTD.; PMObservINP>
2008-06-13 15:06:53 245886 --a------ C:\Windows\system32\PMObserv.exe <Not Verified; RICOH COMPANY,LTD.; PMObserv>
2008-06-13 15:06:49 303202 --a------ C:\Windows\system32\RMPNInf.dll <Not Verified; RICOH COMPANY,LTD.; RMPNInf>
2008-06-13 15:06:47 2255 --a------ C:\Windows\PmData.Dat
2008-06-13 15:06:47 90207 --a------ C:\Windows\PMDAT.DLL <Not Verified; RICOH COMPANY,LTD.; PMDat>
2008-06-13 15:06:17 0 d-------- C:\Program Files\RDS
2008-05-24 13:38:42 41664 --a------ C:\Windows\system32\drivers\lgusbmodem.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Modem Driver>
2008-05-24 13:38:42 39136 --a------ C:\Windows\system32\drivers\lgUsbDiag.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Diagnostics Driver>
2008-05-24 13:38:42 0 d-------- C:\Program Files\LG Electronics
2008-05-24 13:36:41 0 d-------- C:\Program Files\BitPim


-- Find3M Report ---------------------------------------------------------------

2008-06-17 11:42:48 0 d-------- C:\Users\Travis\AppData\Roaming\Spyware Terminator
2008-06-17 11:38:18 0 d-------- C:\Program Files\Common Files
2008-06-17 11:29:34 1323 --a------ C:\Users\Travis\AppData\Roaming\autobahn.log
2008-06-17 11:27:31 88952 --a------ C:\Users\Travis\AppData\Roaming\nvModes.dat
2008-06-17 11:27:30 88952 --a------ C:\Users\Travis\AppData\Roaming\nvModes.001
2008-06-17 11:24:27 0 d-------- C:\Program Files\McAfee
2008-06-17 11:21:39 7413 --a------ C:\Windows\bthservsdp.dat
2008-06-17 08:22:14 0 d-------- C:\Users\Travis\AppData\Roaming\uTorrent
2008-06-17 08:10:00 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-13 15:06:48 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-30 21:45:53 0 d-------- C:\Users\Travis\AppData\Roaming\dvdcss
2008-05-23 17:17:03 0 d-------- C:\Program Files\Motorola Phone Tools
2008-05-23 17:17:03 0 d-------- C:\Program Files\Avanquest update
2008-04-19 13:59:45 0 d-------- C:\Program Files\Apple Software Update


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
09/19/2007 06:15 AM 329032 --a------ C:\Program Files\McAfee\MSK\mcapbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{59b69dba-fa12-4a55-9b87-8ea71bc03108}]
07/17/2007 03:59 PM 1379352 --a------ C:\Program Files\Atlanta_Braves\tbAtla.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}]
06/17/2008 08:33 AM 13312 --a------ C:\Windows\system32\pupdfim.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{59B69DBA-FA12-4A55-9B87-8EA71BC03108}"= C:\Program Files\Atlanta_Braves\tbAtla.dll [07/17/2007 03:59 PM 1379352]

[-HKEY_CLASSES_ROOT\CLSID\{59B69DBA-FA12-4A55-9B87-8EA71BC03108}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/02/2006 07:34 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/17/2006 06:52 PM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [12/13/2006 06:16 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12/13/2006 06:16 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [12/13/2006 06:16 PM]
"UpdReg"="C:\Windows\UpdReg.EXE" [05/11/2000 01:00 AM]
"SigmatelSysTrayApp"="sttray.exe" [02/08/2007 12:11 AM C:\Windows\sttray.exe]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe" []
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 11:37 AM]
"@"="" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [05/10/2007 02:37 PM]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [11/17/2006 04:19 PM]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [10/13/2006 11:31 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 11:35 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/16/2007 08:24 PM]
"WD Button Manager"="WDBtnMgr.exe" [02/07/2008 01:34 PM C:\Windows\System32\WDBtnMgr.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [12/10/2006 09:52 PM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/04/2007 02:33 AM]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [02/28/2007 05:50 PM]
"SPIRunE"="SPIRunE.dll" [02/15/2007 07:33 PM C:\Windows\System32\SpiRunE.dll]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 10:24 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [11/15/2007 10:23 AM]
"JobHisInit"="C:\Program Files\RDS\RMClient\JobHisInit.exe" [08/30/2007 03:08 PM]
"MplSetUp"="C:\Program Files\RDS\RMClient\MplSetUp.exe" [08/30/2007 03:30 PM]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [08/31/2007 02:13 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [08/31/2007 02:01 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [11/12/2006 02:19 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 07:35 AM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 04:45 PM]
"Aim6"="" []
"Creative MediaSource Go"="C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" [11/09/2006 10:19 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/05/2007 05:14 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 07:36 AM]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [11/15/2007 10:23 AM]

C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MLB.TV NexDef Plug-in.lnk - C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe [3/30/2008 6:52:34 PM]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [11/3/2006 5:55:50 PM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [5/10/2007 2:18:18 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 9:40:10 PM]
QuickSet.lnk - C:\Windows\Installer\{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [5/10/2007 2:15:07 PM]
WD Backup Monitor.lnk - C:\Program Files\My Book\WD Backup\uBBMonitor.exe [7/9/2007 6:19:47 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{310c8e46-194f-11dc-bf1e-00197ee7a035}]
AutoRun\command- F:\setupSNK.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-17 12:02:11 ------------

EXTRA.TXT

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: Intel® Core™2 CPU T5600 @ 1.83GHz
Percentage of Memory in Use: 70%
Physical Memory (total/avail): 1021.82 MiB / 303.54 MiB
Pagefile Memory (total/avail): 2291.52 MiB / 1152.67 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1920.41 MiB

C: is Fixed (NTFS) - 99.74 GiB total, 9.8 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 5.36 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG HM120JI ATA Device - 111.79 GiB - 4 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 99.74 GiB - C:
\PARTITION3 - Extended w/Extended Int 13 - 2048 MiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Travis\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TRAVIS-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Travis
LOCALAPPDATA=C:\Users\Travis\AppData\Local
LOGONSERVER=\\TRAVIS-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\PROGRA~1\FileNET\IDM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Travis\AppData\Local\Temp
TMP=C:\Users\Travis\AppData\Local\Temp
USERDOMAIN=Travis-PC
USERNAME=Travis
USERPROFILE=C:\Users\Travis
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Travis


-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
--> "C:\Program Files\Dell Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\Dell Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\Dell Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\Dell Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\Dell Games\Dell Game Console\Uninstall.exe"
--> "C:\Program Files\Dell Games\Dell Media Center Game Console\Uninstall.exe"
--> "C:\Program Files\Dell Games\FATE\Uninstall.exe"
--> "C:\Program Files\Dell Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\Dell Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\Dell Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\Dell Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\Dell Games\SCRABBLE\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC406C89-7668-46AE-8EFE-75D199C055AB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC406C89-7668-46AE-8EFE-75D199C055AB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Acoustica Effects Pack --> C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Shockwave Player 11 --> C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AIO_Scan -->
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ASIO4ALL --> C:\Program Files\ASIO4ALL v2\uninstall.exe
Atlanta_Braves Toolbar --> C:\PROGRA~1\ATLANT~1\UNWISE.EXE C:\PROGRA~1\ATLANT~1\INSTALL.LOG
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Auto Gordian Knot 2.45 --> C:\Program Files\AutoGK\uninst.exe
AutoUpdate -->
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Banctec Service Agreement --> MsiExec.exe /X{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}
BitPim 1.0.5 --> "C:\Program Files\BitPim\unins000.exe"
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
BufferChm -->
C4200 -->
c4200_Help -->
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities Digital Photo Professional 2.2 --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CBL Data Recovery Software --> "C:\Windows\CBL Data Recovery Software\uninstall.exe" "/U:C:\Program Files\CBL\CBL Data Recovery Software3\Uninstall\uninstall.xml"
Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf
Copy -->
Corel Paint Shop Pro Photo XI --> MsiExec.exe /I{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Corel Snapfire Plus --> MsiExec.exe /I{7ADE3A47-B425-45E9-8FF6-11BE2B775645}
Creative Audio Pack --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9 /remove
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\Setup.exe" -l0x9 /remove
Creative Software AutoUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
CustomerResearchQFolder -->
Dell Games --> "C:\Program Files\Dell Games\Uninstall.exe"
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
DeskTopBinder - SmartDeviceMonitor for Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C138D676-4F0F-4FDE-8BE5-26CFD3566DCD}\SETUP.EXE" -l0x9 +REMOVE
Destinations -->
DeviceManagementQFolder -->
Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DocProc -->
DocProcQFolder -->
Documentation & Support Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
Drumsite 1.5 (demo) --> "C:\Program Files\Drumsite\Uninstall.exe" "C:\Program Files\Drumsite\install.log" -u
DVD Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EarthLink Setup Files --> MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
eSupportQFolder -->
FileNET Panagon Viewer 3.2 --> C:\Windows\IsUninst.exe -f"C:\Program Files\FileNET\IDM\UnView2.isu" -c"C:\Program Files\FileNET\IDM\idmr.dll"
Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}
GearBox 1.02 (Remove Only) --> C:\Program Files\Line6\GearBox\Uninstall.exe
GearBox 3.10 (Remove Only) --> C:\Program Files\Line6\GearBox\Uninstall.exe
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 8.0 --> C:\Program Files\HP\Digital Imaging\{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}\setup\hpzscr01.exe -datfile hposcr13.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Solution Center 8.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPProductAssistant -->
HPSSupply --> MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
IL Download Manager --> C:\Program Files\Image-Line\Downloader\uninstall.exe
Internet Service Offers Launcher --> MsiExec.exe /I{CCFF1E13-77A2-4032-8B12-7566982A27DF}
iPod Music Liberator 4.9.6 --> "C:\Program Files\iPod Music Liberator\unins000.exe"
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java™ SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
LG USB Modem driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9
Live 4.1.5 --> C:\PROGRA~1\Ableton\LIVE41~1.5\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE41~1.5\Install\INSTALL.LOG
MarketResearch -->
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
MediaDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x9 -cluninstall
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Modem Diagnostic Tool --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Motorola Driver Installation --> MsiExec.exe /I{75A0EB9D-2D1E-4FB7-BF61-498E33C73EB4}
Motorola Phone Tools --> C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe -runfromtemp -l0x0009 -removeonly
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
NetZeroInstallers --> MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OnBase Web ActiveX Install --> MsiExec.exe /I{A4B8D88C-C7AD-45B3-98DE-E78A299964EF}
OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
PS_AIO_ProductContext -->
PS_AIO_Software -->
PS_AIO_Software_min -->
QuickSet --> MsiExec.exe /I{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhythm Rascal --> MsiExec.exe /I{38F71F13-2431-4DE2-902D-A8B2968E20AD}
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Safari --> MsiExec.exe /I{0AFC9710-5DD6-4C6A-BA52-91AE992B2C9D}
SAMSUNG Mobile USB DRIVER(4.40.1.0) v1.0 -->
Scan -->
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
SolutionCenter -->
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Sound Blaster Audigy ADVANCED MB --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}\Setup.exe" -l0x9 /remove
Sound Blaster X-Fi --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A88F2CDC-E615-4C3E-BD14-0936B59F8481}\SETUP.EXE" -l0x9 /remove
Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe"
Status -->
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Toolbox -->
TrayApp -->
UnloadSupport -->
Update for Office 2007 (KB932080) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WD Backup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A351224F-533A-4EED-89F4-0BF3417FD31D}\setup.exe" -l0x9
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WebReg -->
WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.2 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
Yahoo! Music Jukebox --> MsiExec.exe /X{7C49EA42-5647-4051-84C2-E6404F25A931}


-- Application Event Log -------------------------------------------------------

Event Record #/Type16007 / Success
Event Submitted/Written: 06/17/2008 11:25:15 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type16006 / Success
Event Submitted/Written: 06/17/2008 11:25:11 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type15999 / Success
Event Submitted/Written: 06/17/2008 11:24:18 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type15979 / Error
Event Submitted/Written: 06/17/2008 11:18:13 AM
Event ID/Source: 1002 / Application Hang
Event Description:
The program Explorer.EXE version 6.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: bd4
Start Time: 01c8cd7bd54a72fc
Termination Time: 0

Event Record #/Type15975 / Error
Event Submitted/Written: 06/17/2008 11:09:08 AM
Event ID/Source: 8194 / VSS
Event Description:
Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8a5ebf9f-0d1c-4d14-947a-98dfe024849c}



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type112644 / Warning
Event Submitted/Written: 06/17/2008 00:00:38 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Travis-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Travis-PC27 can't undo changes that you allow.

For more information please see the following:
%Travis-PC275

Scan ID: {C6568901-91B1-4CEB-8728-588BDC5E5FC0}

User: Travis-PC\Travis

Name: %Travis-PC271

ID: %Travis-PC272

Severity ID: %Travis-PC273

Category ID: %Travis-PC274

Path Found: %Travis-PC276

Alert Type: %Travis-PC278

Detection Type: 1.1.1505.02

Event Record #/Type112643 / Warning
Event Submitted/Written: 06/17/2008 00:00:38 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Travis-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Travis-PC27 can't undo changes that you allow.

For more information please see the following:
%Travis-PC275

Scan ID: {59A2BDAE-48BA-4B6E-8EDF-13FE896A3787}

User: Travis-PC\Travis

Name: %Travis-PC271

ID: %Travis-PC272

Severity ID: %Travis-PC273

Category ID: %Travis-PC274

Path Found: %Travis-PC276

Alert Type: %Travis-PC278

Detection Type: 1.1.1505.02

Event Record #/Type112642 / Warning
Event Submitted/Written: 06/17/2008 00:00:38 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Travis-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Travis-PC27 can't undo changes that you allow.

For more information please see the following:
%Travis-PC275

Scan ID: {405CA079-0F97-4ACA-945A-9CE19A78282B}

User: Travis-PC\Travis

Name: %Travis-PC271

ID: %Travis-PC272

Severity ID: %Travis-PC273

Category ID: %Travis-PC274

Path Found: %Travis-PC276

Alert Type: %Travis-PC278

Detection Type: 1.1.1505.02

Event Record #/Type112641 / Warning
Event Submitted/Written: 06/17/2008 00:00:38 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Travis-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Travis-PC27 can't undo changes that you allow.

For more information please see the following:
%Travis-PC275

Scan ID: {DDD8CACC-CC54-4041-8B63-EC8070E64571}

User: Travis-PC\Travis

Name: %Travis-PC271

ID: %Travis-PC272

Severity ID: %Travis-PC273

Category ID: %Travis-PC274

Path Found: %Travis-PC276

Alert Type: %Travis-PC278

Detection Type: 1.1.1505.02

Event Record #/Type112640 / Warning
Event Submitted/Written: 06/17/2008 00:00:38 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Travis-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Travis-PC27 can't undo changes that you allow.

For more information please see the following:
%Travis-PC275

Scan ID: {FB7AC340-9C97-4220-9F5F-7101D351ABF0}

User: Travis-PC\Travis

Name: %Travis-PC271

ID: %Travis-PC272

Severity ID: %Travis-PC273

Category ID: %Travis-PC274

Path Found: %Travis-PC276

Alert Type: %Travis-PC278

Detection Type: 1.1.1505.02



-- End of Deckard's System Scanner: finished at 2008-06-17 12:02:11 ------------

BC AdBot (Login to Remove)

 


#2 tharmon03

tharmon03
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 17 June 2008 - 04:37 PM

Okay, this problem seems to be fixed now, but if anyone sees anything in the logs that may be malicious or threatening, please help. Thanks

#3 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:38 PM

Posted 08 July 2008 - 07:35 PM

Hello tharmon03. :thumbsup: to BleepingComputer.com

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine)

We apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

If you still would like help, please follow the following instructions:

Please run Deckard's System Scanner again, this time using these instructions:
(In the event you lost your copy, you can download a new one from here: Deckard's System Scanner)
  • Click on Start, click on Run
  • Copy and paste the following in the open window and then click OK:
    "%userprofile%\desktop\dss.exe" /config
  • This will open up DSS configuration
  • Click on Check All.
  • Click Scan.
    DSS will now run again.
  • Please post back both logs that open in notepad.
    Main.txt and Extra.txt
Next
Please do an online scan with Kaspersky WebScanner.
  • Please visit the Kaspersky Online Scanner website.
    Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
In your next reply, please make sure the following reports are present:
  • The Kaspersky scan report
  • DSS's Main.txt
  • DSS's Extra.txt

Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image

#4 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:08:38 PM

Posted 15 July 2008 - 09:38 AM

Hello, tharmon03.
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please send me or another moderator a PM.

Everyone else please begin a new topic.

Billy3
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users