I’m infected with sfonditalia.
Seems to have affected Microsoft Office and caused some error in Norton. Adaware can’t get rid of it. Spybot picks it up but can’t deal with it; says “some problems can’t be fixed; the reason could be that the files are in use (memory)”. But it still can’t fix the problem if you let it run at Start up (as suggested). I also have a problem with my broadband internet – opens up “page not displayed”, but dial-up ok, I’m not sure if this is related.
I think I had this infection before but did not deal with it fully. It seems to have come back since I installed wi-fi broadband and the problems with Norton started. Got an error message from Norton saying “does not support the Repair feature”. I uninstalled and tried to reinstalled Norton, but it is not working properly.
I installed Windows service pack 2 some time ago (but perhaps after I got this infection….)
Any help appreciated.
Eiwdo got rid of some stuff but not sfonditalia. See below.
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 08:02:30, 05/05/2006
+ Report-Checksum: 4ABC7320
+ Scan result:
C:\Documents and Settings\Ailis\Cookies\ailis@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Ailis\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ailis\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ailis\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Tom\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\System Volume Information\_restore{9B539E66-D85A-41E7-ACFD-AE0F6CD9DCE9}\RP144\A0018658.dll -> Downloader.Delf.acp : Cleaned with backup
C:\winstall.exe.tcf -> Not-A-Virus.Hoax.Win32.Renos.aj : Cleaned with backup
::Report End
Hijack this log below.
Logfile of HijackThis v1.99.1
Scan saved at 08:29:43, on 05/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Aladdin Systems\Internet Cleanup\NetBlockadeMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\DrvMon.exe
C:\Program Files\Dell\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\regedit.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ailis\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ICHlprObj Class - {1f0c8547-2639-4c91-b8aa-c7eca24c3163} - C:\PROGRA~1\ALADDI~1\INTERN~1\ic3hlpr.dll
O2 - BHO: PopupFilter Class - {1F2E844B-8211-46ff-8262-772F03295CF4} - C:\PROGRA~1\ALADDI~1\INTERN~1\PopFiltr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: C:\WINDOWS\system32\st3d.dll - {86AA461F-2A5B-4889-B543-E1BBA6746D61} - C:\WINDOWS\system32\st3d.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [bascstray] BascsTray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinFSG] "C:\Program Files\Aladdin Systems\Internet Cleanup\MSFG.exe"
O4 - HKLM\..\Run: [NBMonitor] "C:\Program Files\Aladdin Systems\Internet Cleanup\NetBlockadeMonitor.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\System32\DrvMon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Dell\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.hsbc.co.uk
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager...unttracking.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll
O20 - Winlogon Notify: st3d - C:\WINDOWS\system32\st3d.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
Here is the report from Spybot, which picked up but doesn't seem able to fix Sfonditalia.
--- Search result list ---
Sfonditalia: Settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-4183801464-4201813899-2684764476-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\archiviosex.net\www\*!=W=4
Sfonditalia: Settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-4183801464-4201813899-2684764476-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\skymasters.biz\www\*!=W=4
Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-12-28 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-04-21 Includes\Cookies.sbi (*)
2006-04-21 Includes\Dialer.sbi (*)
2006-04-21 Includes\Hijackers.sbi (*)
2006-04-21 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-04-21 Includes\Malware.sbi (*)
2006-04-21 Includes\PUPS.sbi (*)
2006-04-21 Includes\Revision.sbi (*)
2006-04-21 Includes\Security.sbi (*)
2006-04-21 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-04-21 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB905915
/ Outlook Express 6 / SP1: Windows XP Hotfix - KB897715
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 828026
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
--- Startup entries list ---
Located: HK_LM:Run, AdaptecDirectCD
command: "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
file: C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
size: 684032
MD5: be3238a165afb321f1696cc1ff9ef271
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 155648
MD5: f50c447c15a25dc960a8c8bb86a3b2b4
Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: c4708c52ac71338b49334c972de96682
Located: HK_LM:Run, bascstray
command: BascsTray.exe
file:
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 58992
MD5: 84ec0b55bcbe872f999acdce58e3f67d
Located: HK_LM:Run, Dell QuickSet
command: C:\Program Files\Dell\QuickSet\quickset.exe
file: C:\Program Files\Dell\QuickSet\quickset.exe
size: 528384
MD5: 845c700420d3a58b88e9e9bda8cc2208
Located: HK_LM:Run, DVDSentry
command: C:\WINDOWS\System32\DSentry.exe
file: C:\WINDOWS\System32\DSentry.exe
size: 28672
MD5: b434b19e717a4e6e8de708008b55b7f9
Located: HK_LM:Run, gcasServ
command: "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
file: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
size: 469824
MD5: 70c5a9c9cf9e65a9073a2a43da822841
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: a8cf3f60099eaa123db72611ce7be271
Located: HK_LM:Run, NBMonitor
command: "C:\Program Files\Aladdin Systems\Internet Cleanup\NetBlockadeMonitor.exe"
file: C:\Program Files\Aladdin Systems\Internet Cleanup\NetBlockadeMonitor.exe
size: 376832
MD5: 09f78db03a7709739c12801ae79c0855
Located: HK_LM:Run, PRONoMgr.exe
command: C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
file: C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
size: 86016
MD5: 22a59cf7f88fe86cf0d4dfd4d627759f
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: c74c7963eec07af49dce44d64819b2bf
Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3
Located: HK_LM:Run, THGuard
command: "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
file: C:\Program Files\TrojanHunter 4.2\THGuard.exe
size: 1089024
MD5: edb3dca0b1f57ac8d915c8ad0830b27c
Located: HK_LM:Run, WinFSG
command: "C:\Program Files\Aladdin Systems\Internet Cleanup\MSFG.exe"
file: C:\Program Files\Aladdin Systems\Internet Cleanup\MSFG.exe
size: 98304
MD5: 820d97eb60337050638c290ee7c2c573
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: HK_CU:Run, DrvMon.exe
command: C:\WINDOWS\System32\DrvMon.exe
file: C:\WINDOWS\System32\DrvMon.exe
size: 53248
MD5: 3fe1176e7ce7cd4fc8a30c72e28212ef
Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0
Located: Startup (common), BTTray.lnk
command: C:\Program Files\Dell\Bluetooth Software\BTTray.exe
file: C:\Program Files\Dell\Bluetooth Software\BTTray.exe
size: 561213
MD5: 61a40822a5a7797d0ecb5945190c61cd
Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: b66e56733e2cd6a10fda5919625fbf46
Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, Sebring
command: C:\WINDOWS\System32\LgNotify.dll
file: C:\WINDOWS\System32\LgNotify.dll
size: 110592
MD5: e20f45bc3bbeeca44f6cfca1675cea6e
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, st3d
command: C:\WINDOWS\system32\st3d.dll
file: C:\WINDOWS\system32\st3d.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
--- Browser helper object list ---
{86AA461F-2A5B-4889-B543-E1BBA6746D61} (C:\WINDOWS\system32\st3d.dll)
BHO name:
CLSID name: C:\WINDOWS\system32\st3d.dll
Path: C:\WINDOWS\system32\
Long name: st3d.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 25/02/2006 16:33:02
Date (last access): 05/05/2006 08:11:22
Date (last write): 14/02/2006 21:05:30
Filesize: 1191424
Attributes: readonly archive
MD5: 677C42CD9FE9C13B4B7B601A2E4065B0
CRC32: 58231F90
Version: 3.0.131.0
--- ActiveX list ---
{4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class)
DPF name:
CLSID name: AccountTracking Profile Manager Class
Installer:
Codebase: https://moneymanager...unttracking.cab
description:
classification: Open for discussion
known filename: accounttracking.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: accounttracking.dll
Short name: ACCOUN~1.DLL
Date (created): 22/08/2002 10:24:06
Date (last access): 05/05/2006 08:10:08
Date (last write): 22/08/2002 10:24:06
Filesize: 249936
Attributes: archive
MD5: 0B2B910088DB6C781F4AA44BDEE49311
CRC32: 13EA9CEF
Version: 3.0.0.1
{56336BCB-3D8A-11D6-A00B-0050DA18DE71} ()
DPF name:
CLSID name:
Installer:
Codebase: http://software-dl.r...ip/RdxIE601.cab
description: Netster
classification: Confirmed as malware
known filename:
info link:
info source:
--- Process list ---
PID: 0 ( 0) [System]
PID: 624 ( 4) \SystemRoot\System32\smss.exe
PID: 840 ( 624) \??\C:\WINDOWS\system32\csrss.exe
PID: 864 ( 624) \??\C:\WINDOWS\system32\winlogon.exe
PID: 908 ( 864) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 920 ( 864) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1080 ( 908) C:\WINDOWS\System32\Ati2evxx.exe
size: 376832
MD5: 5CCA7DF290D82D1048F217E3C6272384
PID: 1092 ( 908) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1148 ( 908) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1204 ( 908) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1240 ( 908) C:\WINDOWS\System32\S24EvMon.exe
size: 303171
MD5: A5B13D2230ED95F58A8C4660703E75F2
PID: 1296 ( 908) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1376 ( 908) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1672 ( 908) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 165488
MD5: BB98479C3135C05291D54DEBD7B310D5
PID: 1684 ( 908) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
size: 206048
MD5: 62A1A3DA43A806C6A43537F262619F30
PID: 1744 ( 908) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 198256
MD5: 69637EB41F3467DDA6CCCEBA7C320E0A
PID: 1952 ( 908) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 2000 ( 908) C:\WINDOWS\System32\SCardSvr.exe
size: 95744
MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
PID: 184 ( 908) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 1B58EE9929BAB30D06092E584F7D899F
PID: 192 ( 908) C:\WINDOWS\System32\basfipm.exe
size: 77824
MD5: 6292F19B7199A8B4B8C5BD07F390AED6
PID: 224 ( 908) C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
size: 163840
MD5: DBEE423D9CFAD0DA8F7DAC48EC87B8CE
PID: 288 ( 908) C:\Program Files\ewido anti-malware\ewidoctrl.exe
size: 13888
MD5: 26830B750372AB1BF29C95DEEBEB802F
PID: 328 ( 908) C:\Program Files\ewido anti-malware\ewidoguard.exe
size: 151616
MD5: 34A50717AD686900F078F5208F8E908E
PID: 444 ( 908) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 456 ( 908) C:\Program Files\Norton AntiVirus\navapsvc.exe
size: 177264
MD5: EAD98778AFDE3F53137A498E0D425B08
PID: 496 ( 908) C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
size: 46704
MD5: 61FFD9F472D702A773AFD5D62EB33A31
PID: 532 ( 908) C:\WINDOWS\System32\RegSrvc.exe
size: 122880
MD5: E6CEF7B8F9695951F17B3AC32CA467F0
PID: 416 ( 908) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 822424
MD5: B6BF7DD619D045D0F999310882551B7D
PID: 692 ( 908) C:\Program Files\Inventel\Gateway\wlancfg.exe
size: 1486848
MD5: 07B3552CD5B7AF55C3E90C0CE8FD3740
PID: 1812 ( 864) C:\WINDOWS\system32\ZCfgSvc.exe
size: 360448
MD5: B982C2FB580EAA5F9B9FEF5E24A847A2
PID: 2208 ( 864) C:\WINDOWS\system32\Ati2evxx.exe
size: 376832
MD5: 5CCA7DF290D82D1048F217E3C6272384
PID: 2416 (2300) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 2576 ( 908) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2584 (1092) C:\WINDOWS\System32\1XConfig.exe
size: 184320
MD5: 363000FEE0A70DFA819E30764B0A020B
PID: 3392 (2416) C:\Program Files\Apoint\Apoint.exe
size: 155648
MD5: F50C447C15A25DC960A8C8BB86A3B2B4
PID: 3412 (2416) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 3972 (2416) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: C4708C52AC71338B49334C972DE96682
PID: 4068 (4044) C:\Program Files\Apoint\Apntex.exe
size: 45056
MD5: 0AA31DE4E40861EAF259D194A58D4317
PID: 2780 (2416) C:\Program Files\Dell\QuickSet\quickset.exe
size: 528384
MD5: 845C700420D3A58B88E9E9BDA8CC2208
PID: 2880 (2416) C:\WINDOWS\System32\DSentry.exe
size: 28672
MD5: B434B19E717A4E6E8DE708008B55B7F9
PID: 3216 (2416) C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
size: 684032
MD5: BE3238A165AFB321F1696CC1FF9EF271
PID: 3676 (2416) C:\Program Files\Aladdin Systems\Internet Cleanup\NetBlockadeMonitor.exe
size: 376832
MD5: 09F78DB03A7709739C12801AE79C0855
PID: 3900 (2416) C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: A8CF3F60099EAA123DB72611CE7BE271
PID: 3944 (2416) C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: C74C7963EEC07AF49DCE44D64819B2BF
PID: 3988 ( 908) C:\Program Files\iPod\bin\iPodService.exe
size: 323584
MD5: EDA049739349F0E837D4F55E8879D665
PID: 588 (1092) C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
size: 748352
MD5: 255CA546F8E187C41EBED2AABBEEE07C
PID: 316 (2416) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 58992
MD5: 84EC0B55BCBE872F999ACDCE58E3F67D
PID: 3500 (2416) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 112 (2416) C:\WINDOWS\System32\DrvMon.exe
size: 53248
MD5: 3FE1176E7CE7CD4FC8A30C72E28212EF
PID: 3608 (2416) C:\Program Files\Dell\Bluetooth Software\BTTray.exe
size: 561213
MD5: 61A40822A5A7797D0ECB5945190C61CD
PID: 3224 (2416) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 3332 (2416) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 2528 (2416) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
size: 12037688
MD5: 1EEA7DD2F1EA6EFEF380B99A90228D2F
PID: 824 (3332) C:\WINDOWS\regedit.exe
size: 146432
MD5: 783AFC80383C176B22DBF8333343992D
PID: 4 ( 0) System
PID: 3960 (2416) THGuard.exe
PID: 2792 (1092) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 05/05/2006 08:28:25
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.co.uk/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.euro.dell.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.euro.dell.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft...er=6&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft...=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn...st/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn...st/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: ODI IC3->MSAFD Tcpip [TCP/IP]
GUID: {62B15561-D4EE-4529-B591-7A185550B8B4}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
Protocol 1: ODI IC3->MSAFD Tcpip [UDP/IP]
GUID: {1CD78C06-C32D-4646-88CD-BE2C982E3411}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
Protocol 2: ODI IC3->MSAFD Tcpip [RAW/IP]
GUID: {5B83D823-9614-430B-A71E-E83749452990}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
Protocol 3: ODI IC3->RSVP UDP Service Provider
GUID: {F84785CB-3702-4AE0-90B8-BF31260D3F2D}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
Protocol 4: ODI IC3->RSVP TCP Service Provider
GUID: {83681572-E581-4360-87F9-F24159431E51}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
Protocol 10: Aladdin Systems AdBlocker LSP
GUID: {46DB2863-9CE2-408A-B68C-190B3C99F829}
Filename: C:\Program Files\Aladdin Systems\Internet Cleanup\adlsp.dll
--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com
(AddressBook)
Adobe Download Manager 2.0 (Remove Only) 2.0 (AdobeESD)
uninstall cmd: "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
ATI Display Driver 8.03-040610a-015973C-Dell (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
(Branding)
Conexant D480 MDC V.9x Modem (CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
(Connection Manager)
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
ewido anti-malware (ewidoantimalware)
install location: C:\Program Files\ewido anti-malware
uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Ailis\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
Broadcom ASF Management Applications 3.16.1 (InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52})
version: 51380225
version (major): 3
version (minor): 16
install date: 20041213
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{25D24E84-64A9-40D2-85CF-540B1C4A6D52} /l1033
publisher: Broadcom
comments: ...
contact: Dell Customer Support
help link: http://www.support.dell.com
help telephone: ...
Internet Cleanup 4.00.0000 (InstallShield_{2FB1B854-F991-4204-B94D-88013ED8E82E})
version: 67108864
version (major): 4
estimated size: 48477
install date: 20051227
install source: C:\WINDOWS\Downloaded Installations\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2FB1B854-F991-4204-B94D-88013ED8E82E}
publisher: Aladdin Systems
comments: Aladdin Systems
contact: Customer Support Department
help link: http://www.aladdinsys.com/support
help telephone: 1-555-555-4505
readme: http://www.aladdinsys.com/support
iPod for Windows 2006-01-10 4.7.0 (InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 52536
install date: 20060220
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{CB6E9C5F-FCB5-4937-A4BF-6032D737110C}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.appl.../downloads.html
iPod for Windows 2005-03-23 3.8.0 (InstallShield_{44A537A5-859C-43A6-8285-C0668142A090})
version: 50855936
version (major): 3
version (minor): 8
estimated size: 47950
install date: 20050726
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{988A90CD-20C7-49F5-AFA6-AD738D228603}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44A537A5-859C-43A6-8285-C0668142A090} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
iTunes 6.0.2.23 (InstallShield_{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5})
version: 100663298
version (major): 6
estimated size: 34690
install date: 20060220
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
Broadcom Advanced Control Suite 4.12.0000 (InstallShield_{89EE857B-8970-4F9F-AB58-A1C873AC72B3})
version: 67895296
version (major): 4
version (minor): 12
install date: 20041213
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{89EE857B-8970-4F9F-AB58-A1C873AC72B3} /l1033
publisher: Broadcom
comments: Broadcom Advanced Control Suite(BACS)
contact: Dell Customer Support
help link: http://www.support.dell.com
help telephone: ...
readme: C:\Program Files\Broadcom Advanced Control Suite\Readme.txt
QuickTime 7.0.4 (InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4})
version: 117440516
version (major): 7
estimated size: 66739
install date: 20060220
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\Tom\LOCALS~1\Temp\_is62\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273
Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.micro...m?kbid=KB870669
Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=873333
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=873339
(KB884016)
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885250
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885835
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=885836
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=886185
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887472
Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=887742
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888113
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=888302
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890046
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=890859
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=891781
Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893066
Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893086
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=893756
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft....k/?LinkId=42467
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896358
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896422
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060116
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896423
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896424
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=896428
Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050726
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=898461
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899587
Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20060117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899589
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=899591
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060427
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900485
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060220
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=900725
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060212
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901017
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20051010
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=901214
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060115
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=902400
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060308
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.micro...com?kbid=904706
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060117
uninstall cmd: "C:\WINDOWS\$NtUninstallKB9054