Solved Google search result links redirecting to other websites & multiple IE processes

Halfday24 · Feb 26, 2011

Our computer seems to be infected with several issues. We have been experiencing multiple iexplorer processes running in the task manager and the CPU usage would spike to 100%, freezing the browser windows. We would "end Process" for ie and open Internet Explorer again. If we choose to restore the previous session, about a dozen windows would pop open. If we chose default, it only opened the normal 4 tabs, and seemed to work better. I downloaded the free Malwarebytes' Anti-Malware software, and it discovered several instances of advBHO and it quarantined them. After this, the internet seemed to be running much faster and we thought the problem had been resolved.

However, now when we conduct a Google search and click on a link, we are redirected to an unwanted site, and do not get to the desired location unless we copy and paste the url into the address line.

During my research, I discovered your site, and have followed your 8 step Malware removal procedure, and am posting my logs here to request your assistance in deciphering the results.

Your assistance is greatly appreciated.
_____

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5886

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/26/2011 8:07:23 PM
mbam-log-2011-02-26 (20-07-23).txt

Scan type: Quick scan
Objects scanned: 140077
Time elapsed: 2 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

________
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-02-26 20:15:35
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 ST3160318AS rev.HP34
Running: 5kt4lwfo.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kfdiyfog.sys

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sectors 312581647 (+160): rootkit-like behavior;

---- System - GMER 1.0.15 ----

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xB9EAF0E0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xB9EAF0F4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9EAF120]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9EAF176]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xB9EAF0CC]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9EAF0A4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9EAF0B8]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9EAF10A]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9EAF14C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xB9EAF136]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9EAF1A0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB9EAF18C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9EAF160]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8A771AF1
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8A771AF1
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort2 8A771AF1
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort3 8A771AF1
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-12 8A771AF1

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)

Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3160318AS_____________________________HP34____#5639325951424357202020202020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

---- EOF - GMER 1.0.15 ----

__________
I also have the DDS.txt and Attach.txt files, but they are extremely long and don't know if you want me to paste them in here or not. Please let me know how you would like to view those files.

I hope I've submitted this request properly.
Thank you again.

Broni · Feb 26, 2011

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=======================================================================

and don't know if you want me to paste them in here or not

Yes.

Halfday24 · Feb 27, 2011

DDS - part 1 of 2:

DDS (Ver_10-12-12.02) - NTFSx86
Run by Administrator at 20:20:05.84 on Sat 02/26/2011
internet explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1620 [GMT -6:00]

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files\Lexmark 2600 Series\ezprint.exe
svchost.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\lxdncoms.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Running Processes ===============

C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files\Lexmark 2600 Series\ezprint.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\lxdncoms.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc

============== Pseudo HJT Report ===============

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_CURRENT_USER\software\microsoft\internet explorer\main
NoUpdateCheck REG_DWORD 1 (0x1)
NoJITSetup REG_DWORD 1 (0x1)
Disable Script Debugger REG_SZ yes
Show_ChannelBand REG_SZ No
Anchor Underline REG_SZ yes
Cache_Update_Frequency REG_SZ Once_Per_Session
Display Inline Images REG_SZ yes
Do404Search REG_BINARY 01000000
Save_Session_History_On_Exit REG_SZ no
Show_FullURL REG_SZ no
Show_StatusBar REG_SZ yes
Show_ToolBar REG_SZ yes
Show_URLinStatusBar REG_SZ yes
Show_URLToolBar REG_SZ yes
Start Page REG_SZ http://webmail.aol.com/
Use_DlgBox_Colors REG_SZ yes
XMLHTTP REG_DWORD 1 (0x1)
UseClearType REG_SZ yes
Enable Browser Extensions REG_SZ yes
Play_Background_Sounds REG_SZ yes
Play_Animations REG_SZ yes
CompatibilityFlags REG_DWORD 0 (0x0)
FullScreen REG_SZ no
Window_Placement REG_BINARY 2c0000000200000003000000ffffffffffffffffffffffffffffffffc20000004a000000a9050000f1030000
IE8RunOnceLastShown REG_DWORD 1 (0x1)
IE8RunOnceLastShown_TIMESTAMP REG_BINARY 5457bb25dad5cb01
IE8TourShown REG_DWORD 1 (0x1)
IE8TourShownTime REG_BINARY dab86760af56ca01
FormSuggest PW Ask REG_SZ no
NotifyDownloadComplete REG_SZ no
Secondary Start Pages REG_MULTI_SZ http://www.google.com/\0https://webmail.wi.rr.com/\0http://milwaukee.craigslist.org/\0\0
Use FormSuggest REG_SZ yes
IE8RunOncePerInstallCompleted REG_DWORD 1 (0x1)
IE8RunOnceCompletionTime REG_BINARY 0625b371dad5cb01
FormSuggest Passwords REG_SZ yes
StatusBarOther REG_DWORD 1 (0x1)
AutoHide REG_SZ yes
Save Directory REG_SZ c:\Lorrie\Sewing Projectse\
Enable_MyPics_Hoverbar REG_SZ no
SearchControlWidth REG_DWORD 300 (0x12c)
Expand Alt Text REG_SZ no
Move System Caret REG_SZ no
NscSingleExpand REG_DWORD 0 (0x0)
DisableScriptDebuggerIE REG_SZ yes
Error Dlg Displayed On Every Error REG_SZ no
Page_Transitions REG_DWORD 1 (0x1)
UseThemes REG_DWORD 1 (0x1)
EnableSearchPane REG_DWORD 0 (0x0)
Force Offscreen Composition REG_DWORD 0 (0x0)
AllowWindowReuse REG_DWORD 1 (0x1)
Friendly http errors REG_SZ yes
SmoothScroll REG_DWORD 1 (0x1)
Enable AutoImageResize REG_SZ yes
Show image placeholders REG_DWORD 0 (0x0)
Print_Background REG_SZ no
AutoSearch REG_DWORD 4 (0x4)
DOMStorage REG_DWORD 1 (0x1)
Error Dlg Details Pane Open REG_SZ yes
ControlTooltipCount REG_DWORD 5 (0x5)

HKEY_CURRENT_USER\software\microsoft\internet explorer\main\Default Feeds

HKEY_CURRENT_USER\software\microsoft\internet explorer\main\FeatureControl

HKEY_CURRENT_USER\software\microsoft\internet explorer\main\WindowsSearch

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
Enable_Disk_Cache REG_SZ yes
Cache_Percent_of_Disk REG_BINARY 0a000000
Delete_Temp_Files_On_Exit REG_SZ yes
Anchor_Visitation_Horizon REG_BINARY 01000000
Use_Async_DNS REG_SZ yes
Placeholder_Width REG_BINARY 1a000000
Placeholder_Height REG_BINARY 1a000000
CompanyName REG_SZ Microsoft Corporation
Custom_Key REG_SZ MICROSO
Wizard_Version REG_SZ 6.0.2600.0000
Default_Secondary_Page_URL REG_MULTI_SZ \0
Extensions Off Page REG_SZ about:NoAdd-ons
Security Risk Page REG_SZ about:SecurityRisk
Check_Associations REG_SZ yes

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main\ErrorThresholds

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main\FeatureControl

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main\UrlTemplate

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings
User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 8.0; Win32)
IE5_UA_Backup_Flag REG_SZ 5.0
NoNetAutodial REG_DWORD 0 (0x0)
MigrateProxy REG_DWORD 1 (0x1)
EmailName REG_SZ IEUser@
AutoConfigProxy REG_SZ wininet.dll
MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
WarnOnPost REG_BINARY 01000000
UseSchannelDirectly REG_BINARY 01000000
EnableHttp1_1 REG_DWORD 1 (0x1)
PrivacyAdvanced REG_DWORD 0 (0x0)
EnableNegotiate REG_DWORD 1 (0x1)
UrlEncoding REG_DWORD 0 (0x0)
SecureProtocols REG_DWORD 160 (0xa0)
PrivDiscUiShown REG_DWORD 1 (0x1)
ZonesSecurityUpgrade REG_BINARY 54d468a1d9d5cb01
DisableCachingOfSSLPages REG_DWORD 0 (0x0)
WarnonZoneCrossing REG_DWORD 0 (0x0)
ProxyEnable REG_DWORD 0 (0x0)
EnableAutodial REG_DWORD 0 (0x0)
ProxyHttp1.1 REG_DWORD 1 (0x1)
ShowPunycode REG_DWORD 0 (0x0)
EnablePunycode REG_DWORD 1 (0x1)
DisableIDNPrompt REG_DWORD 0 (0x0)
CertificateRevocation REG_DWORD 0 (0x0)
WarnonBadCertRecving REG_DWORD 1 (0x1)
WarnOnPostRedirect REG_DWORD 1 (0x1)

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\5.0

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Activities

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Cache

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Connections

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Lockdown_Zones

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\P3P

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Passport

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Protocols

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\TemplatePolicies

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Url History

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\ZoneMap

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\Zones

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

Error: Key: software\microsoft\internet explorer\search does not exist!

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search
SteelWerX Registry Console Tool 2.0URLSearchHooks: H - No File
Written by Bobbi Flekman 2006 (C)URLSearchHooks: H - No File
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooksURLSearchHooks: H - No File
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}URLSearchHooks: H - No File
SteelWerX Registry Console Tool 2.0URLSearchHooks: H - No File
Written by Bobbi Flekman 2006 (C)URLSearchHooks: H - No File
Error: Key: software\microsoft\internet explorer\urlsearchhooks does not exist!URLSearchHooks: H - No File
SteelWerX Registry Console Tool 2.0URLSearchHooks: H - No File
Written by Bobbi Flekman 2006 (C)URLSearchHooks: H - No File
Error: Key: .default\software\microsoft\internet explorer\urlsearchhooks does not exist!URLSearchHooks: H - No File

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
AutoRestartShell REG_DWORD 1 (0x1)
DefaultUserName REG_SZ Administrator
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ c:\WINDOWS\system32e\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
Background REG_SZ 0 0 0
DefaultPassword REG_SZ
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 0 (0x0)
AltDefaultUserName REG_SZ Administrator
AltDefaultDomainName REG_SZ PH10-22-2009
AutoAdminLogon REG_SZ 0
DefaultDomainName REG_SZ PH10-22-2009
Taskman REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon
ParseAutoexec REG_SZ 1
ExcludeProfileDirs REG_SZ Local Settings;Temporary Internet Files;History;Temp
BuildNumber REG_DWORD 2600 (0xa28)

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows
DebugOptions REG_SZ 2048
Documents REG_SZ
DosPrint REG_SZ no
load REG_SZ
NetMessage REG_SZ no
NullPort REG_SZ None
Programs REG_SZ com exe bat pif cmd
Run REG_SZ
Device REG_SZ Lexmark 2600 Series,winspool,Ne01:
BHO: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No File
BHO: <NO NAME> - No File
BHO: NoExplorer - No File
BHO: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: NoExplorer - No File
BHO: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: <NO NAME> - No File
BHO: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File
BHO: NoExplorer - No File
urun: [ctfmon.exe] c:\WINDOWS\system32e\ctfmon.exe
urun: [MSMSGS] "c:\Program Files\Messengere\msmsgs.exe" /background
urun: [TomTomHOME.exe] "c:\Program Files\TomTom HOME 2e\TomTomHOMERunner.exe"
mrun: [IgfxTray] c:\WINDOWS\system32e\igfxtray.exe
mrun: [HotKeysCmds] c:\WINDOWS\system32e\hkcmd.exe
mrun: [Persistence] c:\WINDOWS\system32e\igfxpers.exe
mrun: [PDF Complete] c:\Program Files\PDF Completee\pdfsty.exe
mrun: [SetRefresh] c:\Program Files\Compaq\SetRefreshe\SetRefresh.exe
mrun: [Recguard] c:\WINDOWS\Sminste\Recguard.exe
mrun: [Reminder] c:\WINDOWS\Creatore\Remind_XP.exe
mrun: [Scheduler] c:\WINDOWS\SMINSTe\Scheduler.exe
mrun: [lxdnmon.exe] "c:\Program Files\Lexmark 2600 Seriese\lxdnmon.exe"
mrun: [EzPrint] "c:\Program Files\Lexmark 2600 Seriese\ezprint.exe"
mrun: [QuickTime Task] "c:\Program Files\QuickTimee\qttask.exe" -atboottime
mrun: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Readere\Reader_sl.exe"
mrun: [Adobe ARM] "c:\Program Files\Common Files\Adobe\ARM\1.0e\AdobeARM.exe"
mrun: [mcui_exe] "c:\Program Files\McAfee.com\Agente\mcagent.exe" /runkey

ie: SteelWerX Registry Console Tool 2.0
ie: Written by Bobbi Flekman 2006 (C)

ie: HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext

ie: HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\E&xport to Microsoft Excel
ie: <NO NAME> REG_SZ res://c:\PROGRA~1\MICROS~2\Office12e\EXCEL.EXE/3000
ie: Contexts REG_DWORD 1 (0x1)

ie: {SteelWerX Registry Console Tool 2.0
ie: {Written by Bobbi Flekman 2006 (C)

ie: {HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions

ie: {HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
ie: { MenuText - REG_SZ Sun Java Console

ie: {HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
ie: { Icon - REG_SZ c:\PROGRA~1\MICROS~2\Office12e\REFBAR.ICO
ie: { HotIcon - REG_SZ c:\PROGRA~1\MICROS~2\Office12e\REFBARH.ICO
ie: { ButtonText - REG_SZ Research
ie: { Default Visible - REG_SZ Yes

ie: {HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}
ie: { MenuText - REG_SZ @xpsp3res.dll,-20001
ie: { Exec - REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe

ie: {HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ie: { ButtonText - REG_SZ Messenger
ie: { Default Visible - REG_SZ Yes
ie: { Exec - REG_SZ c:\Program Files\Messengere\msmsgs.exe
ie: { HotIcon - REG_SZ c:\Program Files\Messengere\msmsgs.exe,302
ie: { Icon - REG_SZ c:\Program Files\Messengere\msmsgs.exe,301
ie: { MenuText - REG_SZ Windows Messenger
ie: { ToolTip - REG_SZ Windows Messenger
IE: { CLSID - REG_SZ {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - {1fba04ee-3024-11d2-8f1f-0000f87abd16}\inprocserver32 does not exist!
IE: { ClsidExtension - REG_SZ {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - {cafeefac-0016-0000-0007-abcdeffedcbc}\inprocserver32 does not exist!
IE: { CLSID - REG_SZ {E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} - {e0dd6cab-2d10-11d2-8f1a-0000f87abd16}\inprocserver32 does not exist!
IE: { BandCLSID - REG_SZ {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - {ff059e31-cc5a-4e2e-bf3b-96e929d65503}\inprocserver32 does not exist!
IE: { CLSID - REG_SZ {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - {1fba04ee-3024-11d2-8f1f-0000f87abd16}\inprocserver32 does not exist!
IE: { CLSID - REG_SZ {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} - {1fba04ee-3024-11d2-8f1f-0000f87abd16}\inprocserver32 does not exist!

about REG_DWORD 2 (0x2)
https REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
myui REG_DWORD 2 (0x2)
https REG_DWORD 2 (0x2)
https REG_DWORD 2 (0x2)
https REG_DWORD 2 (0x2)
https REG_DWORD 2 (0x2)

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
SystemComponent REG_DWORD 0 (0x0)
Installer REG_SZ MSICD

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\Contains

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\Contains\Files
c:\windows\system32e\atl.dll REG_SZ
c:\windows\Downloaded Program Filese\gp.ocx REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation
CODEBASE REG_SZ http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
INF REG_SZ c:\WINDOWS\Downloaded Program Filese\gp.inf

HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\InstalledVersion
<NO NAME> REG_SZ 1,6,2,99
LastModified REG_SZ Wed, 02 Feb 2011 19:05:34 GMT

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters
NameServer REG_SZ
CLSID - REG_SZ {24433c07-882e-4dd6-8d0a-43836913e659} -
CLSID - REG_SZ {5513F07E-936B-4E52-9B00-067394E91CC5} -
CLSID - REG_SZ {5513F07E-936B-4E52-9B00-067394E91CC5} -

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
d; /.* /!d; s//securityproviders: /
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
d;/^((authentication|notification) packages) .* /i!d; s//lsa: 1 = /
Authentication Packages REG_MULTI_SZ msv1_0
Bounds REG_BINARY 0030000000200000
d;/^((authentication|notification) packages) .* /i!d; s//lsa: 1 = /
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest
ImpersonatePrivilegeUpgradeToolHasRun REG_DWORD 1 (0x1)
LsaPid REG_DWORD 1152 (0x480)
SecureBoot REG_DWORD 1 (0x1)
auditbaseobjects REG_DWORD 0 (0x0)
crashonauditfail REG_DWORD 0 (0x0)
disabledomaincreds REG_DWORD 0 (0x0)
everyoneincludesanonymous REG_DWORD 0 (0x0)
fipsalgorithmpolicy REG_DWORD 0 (0x0)
forceguest REG_DWORD 1 (0x1)
fullprivilegeauditing REG_BINARY 00
limitblankpassworduse REG_DWORD 1 (0x1)
lmcompatibilitylevel REG_DWORD 0 (0x0)
nodefaultadminowner REG_DWORD 1 (0x1)
nolmhash REG_DWORD 0 (0x0)
restrictanonymous REG_DWORD 0 (0x0)
restrictanonymoussam REG_DWORD 1 (0x1)
d;/^((authentication|notification) packages) .* /i!d; s//lsa: 1 = /
Notification Packages REG_MULTI_SZ scecli

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\subsystems
windows REG_EXPAND_SZ %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\driverse\mfehidk.sys [2010-12-22 386840]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\driverse\mfetdi2k.sys [2010-12-22 84072]
R1 oxpar;%OXPAR.SVCDESC%;c:\windows\system32\driverse\oxpar.sys [2007-1-24 80128]
R2 lxdn_device;lxdn_device;c:\WINDOWS\system32\lxdncoms.exe -service --> C:\WINDOWS\system32e\lxdncoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~1\mcafee\SITEAD~1e\mcsacore.exe [2010-2-3 88176]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\Program Files\Common Files\Mcafee\McSvcHoste\McSvHost.exe" /McCoreSvc [2010-12-22 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\Program Files\Common Files\McAfee\McSvcHoste\McSvHost.exe" /McCoreSvc [2010-12-22 271480]
R2 McProxy;McAfee Proxy Service;"c:\Program Files\Common Files\McAfee\McSvcHoste\McSvHost.exe" /McCoreSvc [2010-12-22 271480]
R2 McShield;McShield;c:\Program Files\Common Files\McAfee\SystemCoree\mcshield.exe [2010-12-22 171168]
R2 mfefire;McAfee Firewall Core Service;c:\Program Files\Common Files\McAfee\SystemCoree\mfefire.exe [2010-12-22 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32e\mfevtps.exe [2010-12-22 141792]
R2 pdfcDispatcher;PDF Document Manager;c:\Program Files\PDF Completee\pdfsvc.exe [2009-10-7 635416]
R2 regi;regi;c:\windows\system32\driverse\regi.sys [2007-4-17 11032]
R2 TomTomHOMEService;TomTomHOMEService;c:\Program Files\TomTom HOME 2e\TomTomHOMEService.exe [2009-11-13 92008]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\driverse\cfwids.sys [2010-12-22 55840]
R3 MfeAVFK;McAfee Inc. mfeavfk;c:\windows\system32\driverse\mfeavfk.sys [2010-12-22 152960]
R3 MfeBOPK;McAfee Inc. mfebopk;c:\windows\system32\driverse\mfebopk.sys [2010-12-22 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\driverse\mfefirek.sys [2010-12-22 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\driverse\mfendisk.sys [2010-12-22 88544]
R3 oxmf;OXPCI Bus enumerator;c:\windows\system32\driverse\oxmf.sys [2007-1-24 21888]
R3 Oxmfuf;Filter driver for OX16PCI95x ports;c:\windows\system32\driverse\oxmfuf.sys [2007-1-24 5888]
R3 oxser;OX16C95x Serial port driver;c:\windows\system32\driverse\oxser.sys [2007-1-24 70784]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3e\lxdnserv.exe [2008-2-27 98984]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\driverse\ADM8511.SYS [2009-10-26 20160]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\driverse\mfendisk.sys [2010-12-22 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\driverse\mferkdet.sys [2010-12-22 84264]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\WINDOWS\System32e\svchost.exe -k nosGetPlusHelper [2008-4-14 14336]

Halfday24 · Feb 27, 2011

DDS part 2 of 2:

=============== File Associations ===============

acrobat="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" /u "%1"
AcroExch.acrobatsecuritysettings.1="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.Document="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.Document.7="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.FDFDoc="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.pdfxml.1="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.XDPDoc="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
AcroExch.XFDFDoc="c:\Program Files\Adobe\Reader 9.0\Readere\AcroRd32.exe" "%1"
acwfile=%SystemRoot%\system32\accwiz.exe %1
AIFFFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
AIR.InstallerPackage=c:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0e\ADOBEA~1.EXE "%1"
Application.Manifest=rundll32.exe dfshim.dll,ShOpenVerbApplication %1
Application.Reference=rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
ASFFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:7 /Open "%L"
ASXFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
AUFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
AVIFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:8 /Open "%L"
!d
Briefcase=explorer.exe %1
callto=rundll32.exe msconf.dll,CallToProtocolHandler %l
CATFile=rundll32.exe cryptext.dll,CryptExtOpenCAT %1
cdafile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
CERFile=rundll32.exe cryptext.dll,CryptExtOpenCER %1
CertificateStoreFile=rundll32.exe cryptext.dll,CryptExtOpenSTR %1
certificate_wab_auto_file="c:\Program Files\Outlook Expresse\wab.exe" /certificate %1
!d
clpfile=clipbrd.exe %1
!d
!d
CompressedFolder=rundll32.exe zipfldr.dll,RouteTheCall %L
ConferenceLink=rundll32.exe msconf.dll,OpenConfLink %l
Connection Manager Profile=c:\WINDOWS\system32e\CMMGR32.EXE "%1"
CRLFile=rundll32.exe cryptext.dll,CryptExtOpenCRL %1
dat_auto_file="c:\Documents and Settings\Administrator\Desktope\winmail_opener.exe" "%1"
DocShortcut=rundll32 %SystemRoot%\System32\shscrap.dll,OpenScrap_RunDLL /r /x %1
dqyfile=c:\PROGRA~1\MICROS~2\Office12e\EXCEL.EXE
dunfile=%SystemRoot%\system32\RUNDLL32.EXE NETSHELL.DLL,InvokeDunFile %1
emffile=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
Excel.Addin="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.AddInMacroEnabled="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Backup="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Chart=c:\PROGRA~1\MICROS~2\Office12e\EXCEL.EXE /e
Excel.CSV="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Macrosheet="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Sheet.12="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Sheet.8="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.SheetBinaryMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.SheetMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.SLK="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Template="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Template.8="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.TemplateMacroEnabled="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.Workspace="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excel.XLL="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE" /e
Excelhtmlfile="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE"
Excelhtmltemplate="c:\Program Files\Microsoft Office\Office12e\EXCEL.EXE"
!d
Ezprint=c:\Program Files\Lexmark 2600 Seriese\ezprint.exe
feed="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
feeds="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
fndfile=%SystemRoot%\Explorer.exe
Folder=%SystemRoot%\Explorer.exe /idlist,%I,%L
fonfile=%SystemRoot%\System32\fontview.exe %1
ftp="c:\Program Files\Internet Explorere\IEXPLORE.EXE" %1
giffile="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
gopher="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
h323file="rundll32.exe" msconf.dll,NewMediaPhone %l
HCP="c:\WINDOWS\PCHealth\HelpCtr\Binariese\HelpCtr.exe" -FromHCP -url "%1"
helpfile=winhlp32.exe %1
hlpfile=%SystemRoot%\System32\winhlp32.exe %1
htafile=c:\WINDOWS\system32e\mshta.exe "%1" %*
htfile="c:\Program Files\Windows NTe\HYPERTRM.EXE" %1
htmlfile="c:\Program Files\Internet Explorere\IEXPLORE.EXE" -nohome
HTTP="c:\Program Files\Internet Explorere\IEXPLORE.EXE" -nohome
https="c:\Program Files\Internet Explorere\IEXPLORE.EXE" -nohome
iiifile="rundll32.exe" msconf.dll,NewMediaPhone %l
!d
!d
InternetShortcut="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\ieframe.dll",OpenURL %l
iqyfile=c:\PROGRA~1\MICROS~2\Office12e\EXCEL.EXE /e
ITS FILE="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
ivi.WinDVD8MediaFile="c:\Program Files\InterVideo\DVD8SESDe\WinDVD.exe" %1
jarfile="c:\Program Files\Java\jre1.6.0_07\bine\javaw.exe" -jar "%1" %*
JNLPFile="c:\Program Files\Java\jre1.6.0_07\bine\javaws.exe" "%1"
jpegfile=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
LDAP="c:\Program Files\Outlook Expresse\wab.exe" /ldap:%1
m3ufile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:6 /Open "%L"
MacromediaFlashPaper.MacromediaFlashPaper="c:\Program Files\Internet Explorere\IEXPLORE.EXE" -nohome "%1"
mailto="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" -c IPM.Note /m "%1"
MediaPackageFile="c:\Program Files\Microsoft Office\Office12e\MSTORE.EXE" "%1"
MedicalImagingSystem.Document=e:\EFILML~Ae\eFilmLt.exe /dde
mhtmlfile="c:\Program Files\Internet Explorere\IEXPLORE.EXE" -nohome
Microsoft Internet Mail Message="%ProgramFiles%\Outlook Express\msimn.exe" /eml:%1
Microsoft Internet News Message="%ProgramFiles%\Outlook Express\msimn.exe" /nws:%1
Microsoft.InformationCard=c:\WINDOWS\system32\rundll32.exe c:\WINDOWS\system32e\infocardcpl.cpl,ImportInformationCard_RunDll %1
Microsoft.WindowsCardSpaceBackup=c:\WINDOWS\system32\rundll32.exe c:\WINDOWS\system32e\infocardcpl.cpl,ImportInformationCard_RunDll %1
MIDFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
MMS="c:\Program Files\Windows Media Playere\wmplayer.exe" "%L"
MMST="c:\Program Files\Windows Media Playere\wmplayer.exe" "%L"
MMSU="c:\Program Files\Windows Media Playere\wmplayer.exe" "%L"
mp3file="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:6 /Open "%L"
mpegfile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:9 /Open "%L"
MPlayer=mplay32.exe /play /close "%L"
msbackupfile=%SystemRoot%\system32\ntbackup.exe
MSBD="c:\Program Files\Windows Media Playere\wmplayer.exe" "%L"
MSCFile=%SystemRoot%\system32\mmc.exe "%1" %*
MSDASC=Rundll32.exe c:\PROGRA~1\COMMON~1\System\OLEDB~1e\oledb32.dll,OpenDSLFile %1
Msi.Package="%SystemRoot%\System32\msiexec.exe" /i "%1" %*
Msi.Patch="%SystemRoot%\System32\msiexec.exe" /p "%1" %*
MSInfo.Document=c:\Program Files\Common Files\Microsoft Shared\MSInfoe\MSInfo32.exe /msinfo_file %1
MSProgramGroup=c:\WINDOWS\system32e\grpconv.exe %1
MsRcIncident=%SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe -Mode "hcp://system/Remote%%20Assistance/RAClientLayout.xml" -url "hcp://system/Remote%%20Assistance/Interaction/Client/rctoolScreen1.htm" -ExtraArgument "IncidentFile=%1"
msstylesfile=%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Appearance /Action:OpenMSTheme /file:"%1"
news="%ProgramFiles%\Outlook Express\msimn.exe" /newsurl:"%1"
nntp="%ProgramFiles%\Outlook Express\msimn.exe" /newsurl:"%1"
OfficeListShortcut="c:\Program Files\Microsoft Office\Office12e\MSPUB.EXE" %1
OfficeTheme.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
OISbmpfile="c:\PROGRA~1\MICROS~2\Office12e\OIS.EXE" /shellOpen "%1"
OISgiffile="c:\PROGRA~1\MICROS~2\Office12e\OIS.EXE" /shellOpen "%1"
OISjpegfile="c:\PROGRA~1\MICROS~2\Office12e\OIS.EXE" /shellOpen "%1"
OISpngfile="c:\PROGRA~1\MICROS~2\Office12e\OIS.EXE" /shellOpen "%1"
oms=rundll32.exe c:\PROGRA~1\MICROS~2\Office12e\OMSMAIN.DLL, OmsProtocolHandler %1
otffile=%SystemRoot%\System32\fontview.exe %1
Outlook.File.hol="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /hol "%1"
Outlook.File.ibc="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /v "%1"
Outlook.File.ics="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /ical "%1"
Outlook.File.msg="c:\Program Files\Microsoft Office\Office12e\OUTLOOK.EXE" /f "%1"
Outlook.File.vcf="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /v "%1"
Outlook.File.vcs="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /vcal "%1"
Outlook.Template="c:\Program Files\Microsoft Office\Office12e\OUTLOOK.EXE" /t "%1"
Outlook.URL.feed="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
Outlook.URL.mailto="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" -c IPM.Note /m "%1"
Outlook.URL.stssync="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
Outlook.URL.webcal="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
outlookfeed="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
outlookfeeds="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
P7RFile=rundll32.exe cryptext.dll,CryptExtOpenP7R %1
P7SFile=rundll32.exe cryptext.dll,CryptExtOpenPKCS7 %1
Paint.Picture=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
pbkfile=%SystemRoot%\system32\rasphone.exe -f "%1"
pdfvista.Document.3="c:\Program Files\PDF Completee\pdfvista.exe"
PerfFile=%SystemRoot%\system32\perfmon.exe %1
pfmfile=%SystemRoot%\System32\fontview.exe %1
!d
pjpegfile=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
pngfile=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
PowerPoint.Addin.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Addin.8="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Show.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Show.4=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.Show.7=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.Show.8="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.ShowMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Slide.12=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.Slide.4=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.Slide.7=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.Slide.8=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.SlideMacroEnabled.12=c:\PROGRA~1\MICROS~2\Office12e\POWERPNT.EXE "%1"
PowerPoint.SlideShow.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" /s "%1"
PowerPoint.SlideShow.8="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" /s "%1"
PowerPoint.SlideShowMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" /s "%1"
PowerPoint.Template.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Template.8="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.TemplateMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
PowerPoint.Wizard.8="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE" "%1"
powerpointhtmlfile="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE"
powerpointhtmltemplate="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE"
powerpointxmlfile="c:\Program Files\Microsoft Office\Office12e\POWERPNT.EXE"
prffile="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\msrating.dll",ClickedOnPRF %1
Publisher.Document.12="c:\Program Files\Microsoft Office\Office12e\MSPUB.EXE" %1
Publishing Folder=explorer.exe /idlist,%I,%L
QuickTime.3g2=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.3gp=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.3gp2=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.3gpp=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.aac=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.ac3=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.adts=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.aif=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.aifc=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.aiff=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.amc=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.AMR=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.au=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.avi=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.bmp=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.bwf=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.caf=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.cdda=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.cel=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.dib=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.dif=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.dv=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.flc=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.fli=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.gif=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.gsm=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.jp2=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.jpe=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.jpeg=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.jpg=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.kar=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m15=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m1a=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m1s=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m1v=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m3u=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m3url=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m4a=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m4b=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m4p=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m4v=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.m75=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mac=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.mid=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.midi=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mov=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mp2=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mp3=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mp4=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mpa=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mpeg=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mpg=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mpm=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mpv=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.mqv=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.pct=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.pic=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.pict=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.png=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.pnt=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.pntg=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.psd=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.qcp=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.qht=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.qhtm=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.qt=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.qti=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.qtif=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.qtl=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.rgb=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.rts=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.rtsp=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.sd2=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.sdp=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.sdv=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.sgi=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.smf=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.smi=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.smil=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.sml=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.snd=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.swa=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.targa=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.tga=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.tif=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.tiff=c:\Program Files\QuickTimee\PictureViewer.exe "%1"
QuickTime.ulw=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.vfw=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
QuickTime.wav=c:\Program Files\QuickTimee\QuickTimePlayer.exe "%1"
ratfile="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\msrating.dll",ClickedOnRAT %1
!d
!d
rlogin="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\url.dll",TelnetProtocolHandler %l
rtffile="c:\Program Files\Windows NT\Accessoriese\WORDPAD.EXE" "%1"
SavedDsQuery=rundll32 %SystemRoot%\system32\dsquery.dll,OpenSavedDsQuery %1
!d
scriptletfile="c:\WINDOWSe\NOTEPAD.EXE" "%1"
SHCmdFile=explorer.exe
Shell=%SystemRoot%\Explorer.exe /idlist,%I,%L
ShellScrap=rundll32 %SystemRoot%\system32\shscrap.dll,OpenScrap_RunDLL %1
snews="%ProgramFiles%\Outlook Express\msimn.exe" /newsurl:"%1"
SoundRec="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
SPCFile=rundll32.exe cryptext.dll,CryptExtOpenPKCS7 %1
STLFile=rundll32.exe cryptext.dll,CryptExtOpenCTL %1
stssync="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
T126_Whiteboard="c:\Program Files\NetMeetinge\wb32.exe" - "%1"
telnet="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\url.dll",TelnetProtocolHandler %l
themefile=%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Themes /Action:OpenTheme /file:"%1"
TIFImage.Document=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
tn3270="c:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32e\url.dll",TelnetProtocolHandler %l
tomtomhome="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
ttcfile=%SystemRoot%\System32\fontview.exe %1
ttffile=%SystemRoot%\System32\fontview.exe %1
!d
ulsfile="rundll32.exe" msconf.dll,NewMediaPhone %l
vcard_wab_auto_file="c:\Program Files\Outlook Expresse\wab.exe" /vcard %1
VisioViewer.Viewer="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
vnd-tomtom-address="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
vnd-tomtom-contentitem="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
vnd-tomtom-contentitems="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
vnd-tomtom-contentitems-of-type="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
vnd-tomtom-geo="c:\Program Files\TomTom HOME 2e\TomTomHOME.exe" -osint -uri "%1"
wab_auto_file="c:\Program Files\Outlook Expresse\wab.exe" %1
WAXFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
webcal="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
webcals="c:\PROGRA~1\MICROS~2\Office12e\OUTLOOK.EXE" /share "%1"
webpnpFile=%SystemRoot%\system32\wpnpinst.exe %1
Whiteboard="c:\Program Files\NetMeetinge\wb32.exe" "%1"
Windows.CompositeFont="%WinDir%\System32\notepad.exe" "%1"
Windows.Movie.Maker="c:\Program Files\Movie Makere\moviemk.exe" %1
Windows.XamlDocument="c:\WINDOWS\system32e\PresentationHost.exe" "%1" %*
Windows.Xbap="c:\WINDOWS\system32e\PresentationHost.exe" "%1" %*
wmafile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:5 /Open "%L"
WMDFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /WMPackage:"%L"
wmffile=rundll32.exe c:\WINDOWS\system32e\shimgvw.dll,ImageView_Fullscreen %1
WMP.DVR-MSFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
WMSFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /layout:"%L"
WMTContent=c:\Program Files\Windows Media Playere\wmplayer.exe "%L"
WMTMedia=c:\Program Files\Windows Media Playere\wmplayer.exe "%L"
WMVFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /prefetch:7 /Open "%L"
WMZFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /layout:"%L"
Word.Backup.8="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.Document.12="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.Document.8="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.DocumentMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.RTF.8="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.Template.12="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.Template.8="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
Word.TemplateMacroEnabled.12="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE" /n /dde
wordhtmlfile="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE"
wordhtmltemplate="c:\Program Files\Microsoft Office\Office12e\WINWORD.EXE"
Wordpad.Document.1="%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
WPLFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
wrifile="c:\Program Files\Windows NT\Accessoriese\WORDPAD.EXE" "%1"
WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
WVXFile="c:\Program Files\Windows Media Playere\wmplayer.exe" /Open "%L"
x-internet-signup=%ProgramFiles%\Internet Explorer\Connection Wizard\ISIGNUP.EXE %1
XEV.FailSafeApp=%SystemRoot%\system32\NOTEPAD.EXE %1
XEV.GenericApp="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
XEV.OriginalApp="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
xmlfile="c:\Program Files\Common Files\Microsoft Shared\OFFICE12e\MSOXMLED.EXE" /verb open "%1"
XPSViewer.Document.1="c:\WINDOWS\system32\XPSViewere\XPSViewer.exe" "%1" %*
xslfile="c:\Program Files\Internet Explorere\iexplore.exe" -nohome
zapfile=%SystemRoot%\system32\NOTEPAD.EXE %1
.bat
.cmd
.com
.exe
.scr
.reg
.txt

=============== Created Last 30 ================

2011-01-30 20:57:00 103864 ----a-w- c:\Program Files\Internet Explorer\Pluginse\nppdf32.dll

==================== Find3M ====================

2010-12-09 13:07:07 2027008 ----a-w- c:\WINDOWS\system32e\ntkrnlpa.exe

============= FINISH: 20:21:39.54 ===============

Halfday24 · Feb 27, 2011

Attach.txt Part 1

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/26/2009 7:19:30 PM
System Uptime: 2/26/2011 7:58:25 PM (1 hours ago)

Motherboard: PEGATRON CORPORATION | | 2A73h
Processor: Intel Pentium III Xeon processor | CPU 1 | 2933/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 133 GiB total, 116.015 GiB free.
D: is FIXED (NTFS) - 16 GiB total, 10.693 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP336: 11/29/2010 5:16:15 AM - System Checkpoint
RP337: 11/30/2010 11:05:23 AM - System Checkpoint
RP338: 12/1/2010 5:16:57 PM - System Checkpoint
RP339: 12/2/2010 11:50:40 PM - System Checkpoint
RP340: 12/4/2010 4:10:53 AM - System Checkpoint
RP341: 12/5/2010 10:10:53 AM - System Checkpoint
RP342: 12/6/2010 12:14:50 PM - Restore Operation
RP343: 12/7/2010 6:21:24 PM - System Checkpoint
RP344: 12/9/2010 12:21:24 AM - System Checkpoint
RP345: 12/10/2010 6:32:19 AM - System Checkpoint
RP346: 12/11/2010 12:42:17 PM - System Checkpoint
RP347: 12/12/2010 6:21:24 PM - System Checkpoint
RP348: 12/14/2010 12:21:26 AM - System Checkpoint
RP349: 12/15/2010 3:00:14 AM - Software Distribution Service 3.0
RP350: 12/16/2010 9:23:01 AM - System Checkpoint
RP351: 12/17/2010 3:46:53 PM - System Checkpoint
RP352: 12/18/2010 9:19:57 PM - System Checkpoint
RP353: 12/20/2010 3:19:30 AM - System Checkpoint
RP354: 12/21/2010 9:19:30 AM - System Checkpoint
RP355: 12/22/2010 3:57:57 PM - System Checkpoint
RP356: 12/23/2010 5:16:33 PM - System Checkpoint
RP357: 12/24/2010 11:08:44 PM - System Checkpoint
RP358: 12/26/2010 4:52:33 AM - System Checkpoint
RP359: 12/27/2010 10:53:38 AM - System Checkpoint
RP360: 12/28/2010 5:36:51 PM - System Checkpoint
RP361: 12/29/2010 11:16:35 PM - System Checkpoint
RP362: 12/31/2010 5:52:35 AM - System Checkpoint
RP363: 1/1/2011 8:24:23 AM - System Checkpoint
RP364: 1/2/2011 2:23:18 PM - System Checkpoint
RP365: 1/3/2011 8:24:22 PM - System Checkpoint
RP366: 1/5/2011 2:23:22 AM - System Checkpoint
RP367: 1/6/2011 8:23:22 AM - System Checkpoint
RP368: 1/7/2011 3:55:16 PM - System Checkpoint
RP369: 1/8/2011 10:16:18 PM - System Checkpoint
RP370: 1/10/2011 3:55:16 AM - System Checkpoint
RP371: 1/11/2011 9:56:25 AM - System Checkpoint
RP372: 1/12/2011 3:00:13 AM - Software Distribution Service 3.0
RP373: 1/13/2011 9:22:54 AM - System Checkpoint
RP374: 1/14/2011 3:21:49 PM - System Checkpoint
RP375: 1/15/2011 9:22:54 PM - System Checkpoint
RP376: 1/17/2011 3:21:49 AM - System Checkpoint
RP377: 1/18/2011 9:21:35 AM - System Checkpoint
RP378: 1/19/2011 3:22:40 PM - System Checkpoint
RP379: 1/20/2011 5:23:11 PM - System Checkpoint
RP380: 1/21/2011 11:10:13 PM - System Checkpoint
RP381: 1/23/2011 4:58:13 AM - System Checkpoint
RP382: 1/24/2011 10:59:18 AM - System Checkpoint
RP383: 1/25/2011 6:41:13 PM - System Checkpoint
RP384: 1/26/2011 11:32:51 PM - System Checkpoint
RP385: 1/28/2011 6:22:18 AM - System Checkpoint
RP386: 1/29/2011 10:59:23 AM - System Checkpoint
RP387: 1/30/2011 4:59:23 PM - System Checkpoint
RP388: 1/31/2011 11:05:50 PM - System Checkpoint
RP389: 2/2/2011 12:29:49 AM - System Checkpoint
RP390: 2/3/2011 6:30:47 AM - System Checkpoint
RP391: 2/9/2011 5:36:17 PM - Software Distribution Service 3.0
RP392: 2/12/2011 4:07:53 PM - System Checkpoint
RP393: 2/13/2011 4:11:25 PM - System Checkpoint
RP394: 2/14/2011 8:26:22 PM - System Checkpoint
RP395: 2/16/2011 3:01:16 AM - System Checkpoint
RP396: 2/17/2011 7:20:49 AM - System Checkpoint
RP397: 2/17/2011 4:58:41 PM - Restore Operation
RP398: 2/18/2011 5:06:58 PM - System Checkpoint
RP399: 2/20/2011 12:07:02 AM - System Checkpoint
RP400: 2/21/2011 5:36:05 AM - System Checkpoint
RP401: 2/22/2011 11:36:10 AM - System Checkpoint
RP402: 2/23/2011 5:08:50 PM - System Checkpoint
RP403: 2/24/2011 5:29:11 PM - Restore Operation
RP404: 2/25/2011 6:05:25 PM - System Checkpoint
RP405: 2/26/2011 9:36:04 AM - Restore Operation
RP406: 2/26/2011 9:47:29 AM - Restore Operation
RP407: 2/26/2011 11:19:10 AM - Installed Windows Internet Explorer 8.
RP408: 2/26/2011 11:19:38 AM - Software Distribution Service 3.0
RP409: 2/26/2011 12:52:14 PM - Post Malware removal
RP410: 2/26/2011 12:57:42 PM - Software Distribution Service 3.0

==== Installed Programs ======================

<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ
<NO NAME> REG_SZ KB200003
<NO NAME> REG_SZ KB2416473
<NO NAME> REG_SZ KB2418241
<NO NAME> REG_SZ KB300003
<NO NAME> REG_SZ KB350003
<NO NAME> REG_SZ KB431780
<NO NAME> REG_SZ KB946922
<NO NAME> REG_SZ KB947748
<NO NAME> REG_SZ KB949272
<NO NAME> REG_SZ KB952137
<NO NAME> REG_SZ KB952677
<NO NAME> REG_SZ KB953300
<NO NAME> REG_SZ KB953595
<NO NAME> REG_SZ KB953990
<NO NAME> REG_SZ KB954832
<NO NAME> REG_SZ KB956860
<NO NAME> REG_SZ KB957541
<NO NAME> REG_SZ KB957542
<NO NAME> REG_SZ KB957543
<NO NAME> REG_SZ KB958129
<NO NAME> REG_SZ KB958481
<NO NAME> REG_SZ KB958483
<NO NAME> REG_SZ KB958484
<NO NAME> REG_SZ KB960043
<NO NAME> REG_SZ KB960043
<NO NAME> REG_SZ KB960043
<NO NAME> REG_SZ KB963707
<NO NAME> REG_SZ KB971111
<NO NAME> REG_SZ KB974417
<NO NAME> REG_SZ KB975195
<NO NAME> REG_SZ KB976569
<NO NAME> REG_SZ KB976570
<NO NAME> REG_SZ KB976576
<NO NAME> REG_SZ KB976578
<NO NAME> REG_SZ KB976578v2
<NO NAME> REG_SZ KB976765v2
<NO NAME> REG_SZ KB976769
<NO NAME> REG_SZ KB976769v2
<NO NAME> REG_SZ KB977354
<NO NAME> REG_SZ KB977354v2
<NO NAME> REG_SZ KB979909
<NO NAME> REG_SZ KB980773
<NO NAME> REG_SZ KB983583
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
AuthorizedCDFPrefix REG_SZ
BackUnString REG_SZ RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
CacheLocation REG_SZ C:\MSOCache\All Users
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ
Comments REG_SZ This hotfix is for Microsoft .NET Framework 3.5 SP1.
Comments REG_SZ This hotfix is for Microsoft .NET Framework 3.5 SP1.
Comments REG_SZ This is a placeholder for ARP comments for Spelling Dictionaries for Adobe Reader 9.0
Comments REG_SZ This security update is for Microsoft .NET Framework 3.5 SP1.
Comments REG_SZ This update is for Microsoft .NET Framework 3.5 SP1.
Comments REG_SZ Visual Studio C++ CRT SP1
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ
Contact REG_SZ AppleCare Support
Contact REG_SZ AppleCare Support
Contact REG_SZ AppleCare Support
Contact REG_SZ Customer Support
Contact REG_SZ Customer Support
Contact REG_SZ http://java.com
Contact REG_SZ Oliver Carr
Contact REG_SZ support@intervideo.com
Contact REG_SZ support@intervideo.com
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ "%ProgramFiles%\windows media player\wmplayer.exe"
DisplayIcon REG_EXPAND_SZ C:\WINDOWS\Installer\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\ARPPRODUCTICON.exe
DisplayIcon REG_SZ "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\setup.exe",1
DisplayIcon REG_SZ C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe
DisplayIcon REG_SZ C:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0\RESOUR~1\ADOBEA~1.EXE
DisplayIcon REG_SZ C:\program files\adobe\Acrobat_com\Acrobat_com.exe
DisplayIcon REG_SZ C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\OSETUP.DLL,1
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\Internet Explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\internet explorer\iexplore.exe
DisplayIcon REG_SZ C:\Program Files\Java\jre1.6.0_07\\bin\javaws.exe
DisplayIcon REG_SZ C:\Program Files\Lexmark 2600 Series\Install\x86\Uninst.exe
DisplayIcon REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
DisplayIcon REG_SZ C:\Program Files\McAfee.com\Agent\mcagent.exe,-0
DisplayIcon REG_SZ C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe
DisplayIcon REG_SZ C:\Program Files\PDF Complete\pdfvista.exe
DisplayIcon REG_SZ C:\Program Files\TomTom HOME 2\Resources\TomTom.ico
DisplayIcon REG_SZ C:\Program Files\Winmail Opener\wmopener.exe
DisplayIcon REG_SZ C:\WINDOWS\Creator\Recovery Wizard.exe,0
DisplayIcon REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ndpsetup.ico
DisplayIcon REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ndpsetup.ico
DisplayIcon REG_SZ C:\WINDOWS\RtlUpd.exe
DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
DisplayIcon REG_SZ C:\WINDOWS\system32\msiexec.exe
DisplayIcon REG_SZ C:\WINDOWS\system32\msiexec.exe
DisplayIcon REG_SZ C:\WINDOWS\system32\msiexec.exe
DisplayName REG_SZ Acrobat.com
DisplayName REG_SZ Acrobat.com
DisplayName REG_SZ Activation Assistant for the 2007 Microsoft Office suites
DisplayName REG_SZ Activation Assistant for the 2007 Microsoft Office suites
DisplayName REG_SZ Adobe AIR
DisplayName REG_SZ Adobe AIR
DisplayName REG_SZ Adobe Download Manager
DisplayName REG_SZ Adobe Flash Player 10 ActiveX
DisplayName REG_SZ Adobe Reader 9.4.2
DisplayName REG_SZ Apple Application Support
DisplayName REG_SZ Apple Software Update
DisplayName REG_SZ Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
DisplayName REG_SZ Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
DisplayName REG_SZ Hotfix for Windows XP (KB2158563)
DisplayName REG_SZ Hotfix for Windows XP (KB2443685)
DisplayName REG_SZ Hotfix for Windows XP (KB942288-v3)
DisplayName REG_SZ Hotfix for Windows XP (KB952117-v2)
DisplayName REG_SZ Hotfix for Windows XP (KB952287)
DisplayName REG_SZ Hotfix for Windows XP (KB954550-v5)
DisplayName REG_SZ Hotfix for Windows XP (KB958756)
DisplayName REG_SZ Hotfix for Windows XP (KB961118)
DisplayName REG_SZ Hotfix for Windows XP (KB970653-v3)
DisplayName REG_SZ Hotfix for Windows XP (KB976098-v2)
DisplayName REG_SZ Hotfix for Windows XP (KB979306)
DisplayName REG_SZ Hotfix for Windows XP (KB981793)
DisplayName REG_SZ HP Backup and Recovery Manager
DisplayName REG_SZ HP Help and Support
DisplayName REG_SZ Intel(R) Graphics Media Accelerator Driver
DisplayName REG_SZ InterVideo WinDVD 8
DisplayName REG_SZ InterVideo WinDVD 8
DisplayName REG_SZ Java(TM) 6 Update 7
DisplayName REG_SZ Lexmark 2600 Series
DisplayName REG_SZ Malwarebytes' Anti-Malware
DisplayName REG_SZ McAfee AntiVirus Plus
DisplayName REG_SZ McAfee Virtual Technician
DisplayName REG_SZ Microsoft .NET Framework 1.1
DisplayName REG_SZ Microsoft .NET Framework 1.1
DisplayName REG_SZ Microsoft .NET Framework 1.1 Security Update (KB2416447)
DisplayName REG_SZ Microsoft .NET Framework 1.1 Security Update (KB979906)
DisplayName REG_SZ Microsoft .NET Framework 2.0 Service Pack 2
DisplayName REG_SZ Microsoft .NET Framework 3.0 Service Pack 2
DisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
DisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
DisplayName REG_SZ Microsoft Office 2003 Web Components
DisplayName REG_SZ Microsoft Office 2007 Primary Interop Assemblies
DisplayName REG_SZ Microsoft Office Excel MUI (English) 2007
DisplayName REG_SZ Microsoft Office Outlook MUI (English) 2007
DisplayName REG_SZ Microsoft Office PowerPoint MUI (English) 2007
DisplayName REG_SZ Microsoft Office Proof (English) 2007
DisplayName REG_SZ Microsoft Office Proof (French) 2007
DisplayName REG_SZ Microsoft Office Proof (Spanish) 2007
DisplayName REG_SZ Microsoft Office Proofing (English) 2007
DisplayName REG_SZ Microsoft Office Publisher MUI (English) 2007
DisplayName REG_SZ Microsoft Office Shared MUI (English) 2007
DisplayName REG_SZ Microsoft Office Shared Setup Metadata MUI (English) 2007
DisplayName REG_SZ Microsoft Office Small Business 2007
DisplayName REG_SZ Microsoft Office Small Business 2007
DisplayName REG_SZ Microsoft Office Small Business Connectivity Components
DisplayName REG_SZ Microsoft Office Word MUI (English) 2007
DisplayName REG_SZ Microsoft Software Update for Web Folders (English) 12
DisplayName REG_SZ Microsoft SQL Server 2005
DisplayName REG_SZ Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
DisplayName REG_SZ Microsoft SQL Server Native Client
DisplayName REG_SZ Microsoft SQL Server Setup Support Files (English)
DisplayName REG_SZ Microsoft SQL Server VSS Writer
DisplayName REG_SZ Microsoft Visual C++ 2005 Redistributable
DisplayName REG_SZ MSXML 4.0 SP2 (KB954430)
DisplayName REG_SZ MSXML 4.0 SP2 (KB973688)
DisplayName REG_SZ MSXML 6.0 Parser
DisplayName REG_SZ PDF Complete Special Edition
DisplayName REG_SZ QuickTime
DisplayName REG_SZ Realtek High Definition Audio Driver
DisplayName REG_SZ Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
DisplayName REG_SZ Security Update for Windows Internet Explorer 8 (KB2482017)
DisplayName REG_SZ Security Update for Windows Internet Explorer 8 (KB971961)
DisplayName REG_SZ Security Update for Windows Internet Explorer 8 (KB981332)
DisplayName REG_SZ Security Update for Windows Internet Explorer 8 (KB982381)
DisplayName REG_SZ Security Update for Windows Media Player (KB2378111)
DisplayName REG_SZ Security Update for Windows Media Player (KB952069)
DisplayName REG_SZ Security Update for Windows Media Player (KB954155)
DisplayName REG_SZ Security Update for Windows Media Player (KB968816)
DisplayName REG_SZ Security Update for Windows Media Player (KB973540)
DisplayName REG_SZ Security Update for Windows Media Player (KB975558)
DisplayName REG_SZ Security Update for Windows Media Player (KB978695)
DisplayName REG_SZ Security Update for Windows Media Player (KB979402)
DisplayName REG_SZ Security Update for Windows XP (KB2079403)
DisplayName REG_SZ Security Update for Windows XP (KB2115168)
DisplayName REG_SZ Security Update for Windows XP (KB2121546)
DisplayName REG_SZ Security Update for Windows XP (KB2160329)
DisplayName REG_SZ Security Update for Windows XP (KB2229593)
DisplayName REG_SZ Security Update for Windows XP (KB2259922)
DisplayName REG_SZ Security Update for Windows XP (KB2279986)
DisplayName REG_SZ Security Update for Windows XP (KB2286198)
DisplayName REG_SZ Security Update for Windows XP (KB2296011)
DisplayName REG_SZ Security Update for Windows XP (KB2296199)
DisplayName REG_SZ Security Update for Windows XP (KB2347290)
DisplayName REG_SZ Security Update for Windows XP (KB2360937)
DisplayName REG_SZ Security Update for Windows XP (KB2387149)
DisplayName REG_SZ Security Update for Windows XP (KB2393802)
DisplayName REG_SZ Security Update for Windows XP (KB2419632)
DisplayName REG_SZ Security Update for Windows XP (KB2423089)
DisplayName REG_SZ Security Update for Windows XP (KB2436673)
DisplayName REG_SZ Security Update for Windows XP (KB2440591)
DisplayName REG_SZ Security Update for Windows XP (KB2443105)
DisplayName REG_SZ Security Update for Windows XP (KB2476687)
DisplayName REG_SZ Security Update for Windows XP (KB2478960)
DisplayName REG_SZ Security Update for Windows XP (KB2478971)
DisplayName REG_SZ Security Update for Windows XP (KB2479628)
DisplayName REG_SZ Security Update for Windows XP (KB2483185)
DisplayName REG_SZ Security Update for Windows XP (KB2485376)
DisplayName REG_SZ Security Update for Windows XP (KB923561)
DisplayName REG_SZ Security Update for Windows XP (KB946648)
DisplayName REG_SZ Security Update for Windows XP (KB950762)
DisplayName REG_SZ Security Update for Windows XP (KB950974)
DisplayName REG_SZ Security Update for Windows XP (KB951066)
DisplayName REG_SZ Security Update for Windows XP (KB951376-v2)
DisplayName REG_SZ Security Update for Windows XP (KB951748)
DisplayName REG_SZ Security Update for Windows XP (KB952004)
DisplayName REG_SZ Security Update for Windows XP (KB952954)
DisplayName REG_SZ Security Update for Windows XP (KB954459)
DisplayName REG_SZ Security Update for Windows XP (KB955069)
DisplayName REG_SZ Security Update for Windows XP (KB956572)
DisplayName REG_SZ Security Update for Windows XP (KB956744)
DisplayName REG_SZ Security Update for Windows XP (KB956802)
DisplayName REG_SZ Security Update for Windows XP (KB956803)
DisplayName REG_SZ Security Update for Windows XP (KB956844)
DisplayName REG_SZ Security Update for Windows XP (KB957097)
DisplayName REG_SZ Security Update for Windows XP (KB958644)
DisplayName REG_SZ Security Update for Windows XP (KB958687)
DisplayName REG_SZ Security Update for Windows XP (KB958869)
DisplayName REG_SZ Security Update for Windows XP (KB959426)
DisplayName REG_SZ Security Update for Windows XP (KB960225)
DisplayName REG_SZ Security Update for Windows XP (KB960803)
DisplayName REG_SZ Security Update for Windows XP (KB960859)
DisplayName REG_SZ Security Update for Windows XP (KB961371-v2)
DisplayName REG_SZ Security Update for Windows XP (KB961501)
DisplayName REG_SZ Security Update for Windows XP (KB968537)
DisplayName REG_SZ Security Update for Windows XP (KB969059)
DisplayName REG_SZ Security Update for Windows XP (KB969947)
DisplayName REG_SZ Security Update for Windows XP (KB970238)
DisplayName REG_SZ Security Update for Windows XP (KB970430)
DisplayName REG_SZ Security Update for Windows XP (KB971468)
DisplayName REG_SZ Security Update for Windows XP (KB971486)
DisplayName REG_SZ Security Update for Windows XP (KB971557)
DisplayName REG_SZ Security Update for Windows XP (KB971633)
DisplayName REG_SZ Security Update for Windows XP (KB971657)
DisplayName REG_SZ Security Update for Windows XP (KB972270)
DisplayName REG_SZ Security Update for Windows XP (KB973354)
DisplayName REG_SZ Security Update for Windows XP (KB973507)
DisplayName REG_SZ Security Update for Windows XP (KB973525)
DisplayName REG_SZ Security Update for Windows XP (KB973869)
DisplayName REG_SZ Security Update for Windows XP (KB973904)
DisplayName REG_SZ Security Update for Windows XP (KB974112)
DisplayName REG_SZ Security Update for Windows XP (KB974318)
DisplayName REG_SZ Security Update for Windows XP (KB974392)
DisplayName REG_SZ Security Update for Windows XP (KB974571)
DisplayName REG_SZ Security Update for Windows XP (KB975025)
DisplayName REG_SZ Security Update for Windows XP (KB975467)
DisplayName REG_SZ Security Update for Windows XP (KB975560)
DisplayName REG_SZ Security Update for Windows XP (KB975561)
DisplayName REG_SZ Security Update for Windows XP (KB975562)
DisplayName REG_SZ Security Update for Windows XP (KB975713)
DisplayName REG_SZ Security Update for Windows XP (KB977165)
DisplayName REG_SZ Security Update for Windows XP (KB977816)
DisplayName REG_SZ Security Update for Windows XP (KB977914)
DisplayName REG_SZ Security Update for Windows XP (KB978037)
DisplayName REG_SZ Security Update for Windows XP (KB978251)
DisplayName REG_SZ Security Update for Windows XP (KB978262)
DisplayName REG_SZ Security Update for Windows XP (KB978338)
DisplayName REG_SZ Security Update for Windows XP (KB978542)
DisplayName REG_SZ Security Update for Windows XP (KB978601)
DisplayName REG_SZ Security Update for Windows XP (KB978706)
DisplayName REG_SZ Security Update for Windows XP (KB979309)
DisplayName REG_SZ Security Update for Windows XP (KB979482)
DisplayName REG_SZ Security Update for Windows XP (KB979559)
DisplayName REG_SZ Security Update for Windows XP (KB979683)
DisplayName REG_SZ Security Update for Windows XP (KB979687)
DisplayName REG_SZ Security Update for Windows XP (KB980195)
DisplayName REG_SZ Security Update for Windows XP (KB980218)
DisplayName REG_SZ Security Update for Windows XP (KB980232)
DisplayName REG_SZ Security Update for Windows XP (KB980436)
DisplayName REG_SZ Security Update for Windows XP (KB981322)
DisplayName REG_SZ Security Update for Windows XP (KB981852)
DisplayName REG_SZ Security Update for Windows XP (KB981957)
DisplayName REG_SZ Security Update for Windows XP (KB981997)
DisplayName REG_SZ Security Update for Windows XP (KB982132)
DisplayName REG_SZ Security Update for Windows XP (KB982214)
DisplayName REG_SZ Security Update for Windows XP (KB982665)
DisplayName REG_SZ Security Update for Windows XP (KB982802)
DisplayName REG_SZ Spelling Dictionaries Support For Adobe Reader 9
DisplayName REG_SZ TomTom HOME 2.7.3.1894
DisplayName REG_SZ TomTom HOME Visual Studio Merge Modules
DisplayName REG_SZ Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
DisplayName REG_SZ Update for Windows Internet Explorer 8 (KB2447568)
DisplayName REG_SZ Update for Windows Internet Explorer 8 (KB976662)
DisplayName REG_SZ Update for Windows XP (KB2141007)
DisplayName REG_SZ Update for Windows XP (KB2345886)
DisplayName REG_SZ Update for Windows XP (KB2467659)
DisplayName REG_SZ Update for Windows XP (KB898461)
DisplayName REG_SZ Update for Windows XP (KB951978)
DisplayName REG_SZ Update for Windows XP (KB955759)
DisplayName REG_SZ Update for Windows XP (KB967715)
DisplayName REG_SZ Update for Windows XP (KB968389)
DisplayName REG_SZ Update for Windows XP (KB971737)
DisplayName REG_SZ Update for Windows XP (KB973687)
DisplayName REG_SZ Update for Windows XP (KB973815)
DisplayName REG_SZ WebFldrs XP
DisplayName REG_SZ Windows Genuine Advantage Notifications (KB905474)
DisplayName REG_SZ Windows Internet Explorer 8
DisplayName REG_SZ Windows Presentation Foundation
DisplayName REG_SZ Winmail Opener 1.4
DisplayName REG_SZ XML Paper Specification Shared Components Pack 1.0
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1
DisplayVersion REG_SZ 1.0
DisplayVersion REG_SZ 1.0.2
DisplayVersion REG_SZ 1.1.4322
DisplayVersion REG_SZ 1.3.1
DisplayVersion REG_SZ 1.4
DisplayVersion REG_SZ 1.5.3.9130
DisplayVersion REG_SZ 1.5.3.9130
DisplayVersion REG_SZ 1.6.0.70
DisplayVersion REG_SZ 1.6.2.99
DisplayVersion REG_SZ 1.9.0040.0
DisplayVersion REG_SZ 10.2.152.26
DisplayVersion REG_SZ 10.5.227
DisplayVersion REG_SZ 11.0.8003.0
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 12.0.4518.1014
DisplayVersion REG_SZ 2
DisplayVersion REG_SZ 2
DisplayVersion REG_SZ 2
DisplayVersion REG_SZ 2
DisplayVersion REG_SZ 2.0.7024.0
DisplayVersion REG_SZ 2.1.0
DisplayVersion REG_SZ 2.1.0.0
DisplayVersion REG_SZ 2.1.1.116
DisplayVersion REG_SZ 2.2.30729
DisplayVersion REG_SZ 2.5C
DisplayVersion REG_SZ 2.7.3.1894
DisplayVersion REG_SZ 20090308.140743
DisplayVersion REG_SZ 3
DisplayVersion REG_SZ 3
DisplayVersion REG_SZ 3.0.6920.0
DisplayVersion REG_SZ 3.2.30729
DisplayVersion REG_SZ 3.5.109
DisplayVersion REG_SZ 3.5.30729
DisplayVersion REG_SZ 4.2.0010
DisplayVersion REG_SZ 4.20.9870.0
DisplayVersion REG_SZ 4.20.9876.0
DisplayVersion REG_SZ 5
DisplayVersion REG_SZ 5.10.0.5508
DisplayVersion REG_SZ 5.5.0.0
DisplayVersion REG_SZ 6.10.1129.0
DisplayVersion REG_SZ 7.67.75.0
DisplayVersion REG_SZ 8.0.50727.42
DisplayVersion REG_SZ 8.5.10.36
DisplayVersion REG_SZ 8.5.10.36
DisplayVersion REG_SZ 9.0.0
DisplayVersion REG_SZ 9.00.3042.00
DisplayVersion REG_SZ 9.00.3042.00
DisplayVersion REG_SZ 9.00.3042.00
DisplayVersion REG_SZ 9.2.3042.00
DisplayVersion REG_SZ 9.4.2
DisplayVersion REG_SZ 9.50.7523
DoMaintenance REG_SZ N
EstimatedSize REG_DWORD 400 (0x190)
EstimatedSize REG_DWORD 1038388 (0xfd834)
EstimatedSize REG_DWORD 105211 (0x19afb)
EstimatedSize REG_DWORD 117878 (0x1cc76)
EstimatedSize REG_DWORD 13250 (0x33c2)
EstimatedSize REG_DWORD 13920 (0x3660)
EstimatedSize REG_DWORD 1496 (0x5d8)
EstimatedSize REG_DWORD 152419 (0x25363)
EstimatedSize REG_DWORD 15389 (0x3c1d)
EstimatedSize REG_DWORD 15444 (0x3c54)
EstimatedSize REG_DWORD 158 (0x9e)
EstimatedSize REG_DWORD 1665 (0x681)
EstimatedSize REG_DWORD 173075 (0x2a413)
EstimatedSize REG_DWORD 173075 (0x2a413)
EstimatedSize REG_DWORD 175250 (0x2ac92)
EstimatedSize REG_DWORD 18657 (0x48e1)
EstimatedSize REG_DWORD 20984 (0x51f8)
EstimatedSize REG_DWORD 210752 (0x33740)
EstimatedSize REG_DWORD 2208 (0x8a0)
EstimatedSize REG_DWORD 2227 (0x8b3)
EstimatedSize REG_DWORD 22337 (0x5741)
EstimatedSize REG_DWORD 22828 (0x592c)
EstimatedSize REG_DWORD 23416 (0x5b78)
EstimatedSize REG_DWORD 24282 (0x5eda)
EstimatedSize REG_DWORD 2472 (0x9a8)
EstimatedSize REG_DWORD 2729 (0xaa9)
EstimatedSize REG_DWORD 2833 (0xb11)
EstimatedSize REG_DWORD 30406 (0x76c6)
EstimatedSize REG_DWORD 31395 (0x7aa3)
EstimatedSize REG_DWORD 318714 (0x4dcfa)
EstimatedSize REG_DWORD 36198 (0x8d66)
EstimatedSize REG_DWORD 38197 (0x9535)
EstimatedSize REG_DWORD 4039 (0xfc7)
EstimatedSize REG_DWORD 4280 (0x10b8)
EstimatedSize REG_DWORD 45576 (0xb208)
EstimatedSize REG_DWORD 472004 (0x733c4)
EstimatedSize REG_DWORD 502 (0x1f6)
EstimatedSize REG_DWORD 506 (0x1fa)
EstimatedSize REG_DWORD 51191 (0xc7f7)
EstimatedSize REG_DWORD 5192 (0x1448)
EstimatedSize REG_DWORD 6144 (0x1800)
EstimatedSize REG_DWORD 687 (0x2af)
EstimatedSize REG_DWORD 7408 (0x1cf0)
EstimatedSize REG_DWORD 75505 (0x126f1)
EstimatedSize REG_DWORD 86011 (0x14ffb)

Halfday24 · Feb 27, 2011

Attach.txt Part 2:

HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=52152
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=52153
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=52154
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=52155
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=52156
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=98073
HelpLink REG_EXPAND_SZ http://go.microsoft.com/fwlink/?LinkId=98075
HelpLink REG_EXPAND_SZ http://java.com
HelpLink REG_EXPAND_SZ http://support.microsoft.com/
HelpLink REG_EXPAND_SZ http://support.microsoft.com/kb/954430
HelpLink REG_EXPAND_SZ http://support.microsoft.com/kb/973688
HelpLink REG_EXPAND_SZ http://www.adobe.com/support/main.html
HelpLink REG_EXPAND_SZ http://www.adobe.com/support/main.html
HelpLink REG_EXPAND_SZ http://www.apple.com/support/
HelpLink REG_EXPAND_SZ http://www.apple.com/support/
HelpLink REG_EXPAND_SZ http://www.apple.com/support/
HelpLink REG_EXPAND_SZ http://www.intervideo.com/jsp/Support.jsp/
HelpLink REG_EXPAND_SZ http://www.intervideo.com/jsp/Support.jsp/
HelpLink REG_EXPAND_SZ http://www.microsoft.com/support
HelpLink REG_EXPAND_SZ http://www.microsoft.com/windows
HelpLink REG_EXPAND_SZ http://www.tomtom.com/home
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ
HelpLink REG_SZ http://go.microsoft.com/fwlink/?LinkId=120337
HelpLink REG_SZ http://go.microsoft.com/fwlink/?LinkId=52152
HelpLink REG_SZ http://support.lexmark.com
HelpLink REG_SZ http://support.microsoft.com/?kbid=2378111
HelpLink REG_SZ http://support.microsoft.com/?kbid=952069
HelpLink REG_SZ http://support.microsoft.com/?kbid=954155
HelpLink REG_SZ http://support.microsoft.com/?kbid=968816
HelpLink REG_SZ http://support.microsoft.com/?kbid=973540
HelpLink REG_SZ http://support.microsoft.com/?kbid=975558
HelpLink REG_SZ http://support.microsoft.com/?kbid=978695
HelpLink REG_SZ http://support.microsoft.com/?kbid=979402
HelpLink REG_SZ http://support.microsoft.com/contactussupport/?ws=support
HelpLink REG_SZ http://support.microsoft.com/kb/2416473
HelpLink REG_SZ http://support.microsoft.com/kb/953595
HelpLink REG_SZ http://support.microsoft.com/kb/958484
HelpLink REG_SZ http://support.microsoft.com/kb/963707
HelpLink REG_SZ http://support.microsoft.com?kbid=2079403
HelpLink REG_SZ http://support.microsoft.com?kbid=2115168
HelpLink REG_SZ http://support.microsoft.com?kbid=2121546
HelpLink REG_SZ http://support.microsoft.com?kbid=2141007
HelpLink REG_SZ http://support.microsoft.com?kbid=2158563
HelpLink REG_SZ http://support.microsoft.com?kbid=2160329
HelpLink REG_SZ http://support.microsoft.com?kbid=2229593
HelpLink REG_SZ http://support.microsoft.com?kbid=2259922
HelpLink REG_SZ http://support.microsoft.com?kbid=2279986
HelpLink REG_SZ http://support.microsoft.com?kbid=2286198
HelpLink REG_SZ http://support.microsoft.com?kbid=2296011
HelpLink REG_SZ http://support.microsoft.com?kbid=2296199
HelpLink REG_SZ http://support.microsoft.com?kbid=2345886
HelpLink REG_SZ http://support.microsoft.com?kbid=2347290
HelpLink REG_SZ http://support.microsoft.com?kbid=2360937
HelpLink REG_SZ http://support.microsoft.com?kbid=2387149
HelpLink REG_SZ http://support.microsoft.com?kbid=2393802
HelpLink REG_SZ http://support.microsoft.com?kbid=2419632
HelpLink REG_SZ http://support.microsoft.com?kbid=2423089
HelpLink REG_SZ http://support.microsoft.com?kbid=2436673
HelpLink REG_SZ http://support.microsoft.com?kbid=2440591
HelpLink REG_SZ http://support.microsoft.com?kbid=2443105
HelpLink REG_SZ http://support.microsoft.com?kbid=2443685
HelpLink REG_SZ http://support.microsoft.com?kbid=2447568
HelpLink REG_SZ http://support.microsoft.com?kbid=2467659
HelpLink REG_SZ http://support.microsoft.com?kbid=2476687
HelpLink REG_SZ http://support.microsoft.com?kbid=2478960
HelpLink REG_SZ http://support.microsoft.com?kbid=2478971
HelpLink REG_SZ http://support.microsoft.com?kbid=2479628
HelpLink REG_SZ http://support.microsoft.com?kbid=2482017
HelpLink REG_SZ http://support.microsoft.com?kbid=2483185
HelpLink REG_SZ http://support.microsoft.com?kbid=2485376
HelpLink REG_SZ http://support.microsoft.com?kbid=898461
HelpLink REG_SZ http://support.microsoft.com?kbid=905474
HelpLink REG_SZ http://support.microsoft.com?kbid=923561
HelpLink REG_SZ http://support.microsoft.com?kbid=942288-v3
HelpLink REG_SZ http://support.microsoft.com?kbid=946648
HelpLink REG_SZ http://support.microsoft.com?kbid=950762
HelpLink REG_SZ http://support.microsoft.com?kbid=950974
HelpLink REG_SZ http://support.microsoft.com?kbid=951066
HelpLink REG_SZ http://support.microsoft.com?kbid=951376
HelpLink REG_SZ http://support.microsoft.com?kbid=951748
HelpLink REG_SZ http://support.microsoft.com?kbid=951978
HelpLink REG_SZ http://support.microsoft.com?kbid=952004
HelpLink REG_SZ http://support.microsoft.com?kbid=952117-v2
HelpLink REG_SZ http://support.microsoft.com?kbid=952287
HelpLink REG_SZ http://support.microsoft.com?kbid=952954
HelpLink REG_SZ http://support.microsoft.com?kbid=954459
HelpLink REG_SZ http://support.microsoft.com?kbid=954550
HelpLink REG_SZ http://support.microsoft.com?kbid=955069
HelpLink REG_SZ http://support.microsoft.com?kbid=955759
HelpLink REG_SZ http://support.microsoft.com?kbid=956572
HelpLink REG_SZ http://support.microsoft.com?kbid=956744
HelpLink REG_SZ http://support.microsoft.com?kbid=956802
HelpLink REG_SZ http://support.microsoft.com?kbid=956803
HelpLink REG_SZ http://support.microsoft.com?kbid=956844
HelpLink REG_SZ http://support.microsoft.com?kbid=957097
HelpLink REG_SZ http://support.microsoft.com?kbid=958644
HelpLink REG_SZ http://support.microsoft.com?kbid=958687
HelpLink REG_SZ http://support.microsoft.com?kbid=958756
HelpLink REG_SZ http://support.microsoft.com?kbid=958869
HelpLink REG_SZ http://support.microsoft.com?kbid=959426
HelpLink REG_SZ http://support.microsoft.com?kbid=960225
HelpLink REG_SZ http://support.microsoft.com?kbid=960803
HelpLink REG_SZ http://support.microsoft.com?kbid=960859
HelpLink REG_SZ http://support.microsoft.com?kbid=961118
HelpLink REG_SZ http://support.microsoft.com?kbid=961371
HelpLink REG_SZ http://support.microsoft.com?kbid=961501
HelpLink REG_SZ http://support.microsoft.com?kbid=967715
HelpLink REG_SZ http://support.microsoft.com?kbid=968389
HelpLink REG_SZ http://support.microsoft.com?kbid=968537
HelpLink REG_SZ http://support.microsoft.com?kbid=969059
HelpLink REG_SZ http://support.microsoft.com?kbid=969947
HelpLink REG_SZ http://support.microsoft.com?kbid=970238
HelpLink REG_SZ http://support.microsoft.com?kbid=970430
HelpLink REG_SZ http://support.microsoft.com?kbid=970653
HelpLink REG_SZ http://support.microsoft.com?kbid=971468
HelpLink REG_SZ http://support.microsoft.com?kbid=971486
HelpLink REG_SZ http://support.microsoft.com?kbid=971557
HelpLink REG_SZ http://support.microsoft.com?kbid=971633
HelpLink REG_SZ http://support.microsoft.com?kbid=971657
HelpLink REG_SZ http://support.microsoft.com?kbid=971737
HelpLink REG_SZ http://support.microsoft.com?kbid=971961
HelpLink REG_SZ http://support.microsoft.com?kbid=972270
HelpLink REG_SZ http://support.microsoft.com?kbid=973354
HelpLink REG_SZ http://support.microsoft.com?kbid=973507
HelpLink REG_SZ http://support.microsoft.com?kbid=973525
HelpLink REG_SZ http://support.microsoft.com?kbid=973687
HelpLink REG_SZ http://support.microsoft.com?kbid=973815
HelpLink REG_SZ http://support.microsoft.com?kbid=973869
HelpLink REG_SZ http://support.microsoft.com?kbid=973904
HelpLink REG_SZ http://support.microsoft.com?kbid=974112
HelpLink REG_SZ http://support.microsoft.com?kbid=974318
HelpLink REG_SZ http://support.microsoft.com?kbid=974392
HelpLink REG_SZ http://support.microsoft.com?kbid=974571
HelpLink REG_SZ http://support.microsoft.com?kbid=975025
HelpLink REG_SZ http://support.microsoft.com?kbid=975467
HelpLink REG_SZ http://support.microsoft.com?kbid=975560
HelpLink REG_SZ http://support.microsoft.com?kbid=975561
HelpLink REG_SZ http://support.microsoft.com?kbid=975562
HelpLink REG_SZ http://support.microsoft.com?kbid=975713
HelpLink REG_SZ http://support.microsoft.com?kbid=976098
HelpLink REG_SZ http://support.microsoft.com?kbid=976662
HelpLink REG_SZ http://support.microsoft.com?kbid=977165
HelpLink REG_SZ http://support.microsoft.com?kbid=977816
HelpLink REG_SZ http://support.microsoft.com?kbid=977914
HelpLink REG_SZ http://support.microsoft.com?kbid=978037
HelpLink REG_SZ http://support.microsoft.com?kbid=978251
HelpLink REG_SZ http://support.microsoft.com?kbid=978262
HelpLink REG_SZ http://support.microsoft.com?kbid=978338
HelpLink REG_SZ http://support.microsoft.com?kbid=978542
HelpLink REG_SZ http://support.microsoft.com?kbid=978601
HelpLink REG_SZ http://support.microsoft.com?kbid=978706
HelpLink REG_SZ http://support.microsoft.com?kbid=979306
HelpLink REG_SZ http://support.microsoft.com?kbid=979309
HelpLink REG_SZ http://support.microsoft.com?kbid=979482
HelpLink REG_SZ http://support.microsoft.com?kbid=979559
HelpLink REG_SZ http://support.microsoft.com?kbid=979683
HelpLink REG_SZ http://support.microsoft.com?kbid=979687
HelpLink REG_SZ http://support.microsoft.com?kbid=980195
HelpLink REG_SZ http://support.microsoft.com?kbid=980218
HelpLink REG_SZ http://support.microsoft.com?kbid=980232
HelpLink REG_SZ http://support.microsoft.com?kbid=980436
HelpLink REG_SZ http://support.microsoft.com?kbid=981322
HelpLink REG_SZ http://support.microsoft.com?kbid=981332
HelpLink REG_SZ http://support.microsoft.com?kbid=981793
HelpLink REG_SZ http://support.microsoft.com?kbid=981852
HelpLink REG_SZ http://support.microsoft.com?kbid=981957
HelpLink REG_SZ http://support.microsoft.com?kbid=981997
HelpLink REG_SZ http://support.microsoft.com?kbid=982132
HelpLink REG_SZ http://support.microsoft.com?kbid=982214
HelpLink REG_SZ http://support.microsoft.com?kbid=982381
HelpLink REG_SZ http://support.microsoft.com?kbid=982665
HelpLink REG_SZ http://support.microsoft.com?kbid=982802
HelpLink REG_SZ http://support.microsoft.com?kbid=test
HelpLink REG_SZ http://www.adobe.com/go/flashplayer_support/
HelpLink REG_SZ http://www.hp.com
HelpLink REG_SZ http://www.malwarebytes.org
HelpLink REG_SZ http://www.microsoft.com/ie
HelpLink REG_SZ http://www.nosltd.com
HelpLink REG_SZ http://www.tomtom.com/support
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ
HelpTelephone REG_SZ 1-800-275-2273
HelpTelephone REG_SZ 1-800-275-2273
HelpTelephone REG_SZ 1-800-275-2273
HelpTelephone REG_SZ 1-800-833-6687
HiddenByIE8Setup REG_DWORD 1 (0x1)
HiddenByIE8Setup REG_DWORD 1 (0x1)
HiddenByIE8Setup REG_DWORD 1 (0x1)
HiddenByIE8Setup REG_DWORD 1 (0x1)
HiddenByIE8Setup REG_DWORD 1 (0x1)
Inno Setup: App Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
Inno Setup: Deselected Tasks REG_SZ quicklaunchicon
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: Language REG_SZ english
Inno Setup: Selected Tasks REG_SZ desktopicon
Inno Setup: Setup Version REG_SZ 5.4.0 (a)
Inno Setup: User REG_SZ Administrator
InstallDate REG_SZ 20090406
InstallDate REG_SZ 20090406
InstallDate REG_SZ 20090406
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091007
InstallDate REG_SZ 20091008
InstallDate REG_SZ 20091008
InstallDate REG_SZ 20091026
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091028
InstallDate REG_SZ 20091029
InstallDate REG_SZ 20091030
InstallDate REG_SZ 20091112
InstallDate REG_SZ 20091119
InstallDate REG_SZ 20091125
InstallDate REG_SZ 20091125
InstallDate REG_SZ 20091125
InstallDate REG_SZ 20091209
InstallDate REG_SZ 20091209
InstallDate REG_SZ 20091209
InstallDate REG_SZ 20091209
InstallDate REG_SZ 20091209
InstallDate REG_SZ 20100113
InstallDate REG_SZ 20100113
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100210
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100220
InstallDate REG_SZ 20100222
InstallDate REG_SZ 20100224
InstallDate REG_SZ 20100311
InstallDate REG_SZ 20100329
InstallDate REG_SZ 20100407
InstallDate REG_SZ 20100407
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100414
InstallDate REG_SZ 20100512
InstallDate REG_SZ 20100526
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100612
InstallDate REG_SZ 20100624
InstallDate REG_SZ 20100714
InstallDate REG_SZ 20100803
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100811
InstallDate REG_SZ 20100817
InstallDate REG_SZ 20100817
InstallDate REG_SZ 20100817
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100915
InstallDate REG_SZ 20100929
InstallDate REG_SZ 20101007
InstallDate REG_SZ 20101007
InstallDate REG_SZ 20101008
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101014
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20101215
InstallDate REG_SZ 20110112
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110209
InstallDate REG_SZ 20110215
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallDate REG_SZ 20110226
InstallLocation REG_EXPAND_SZ C:\Program Files\PDF Complete\
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ
InstallLocation REG_SZ c:\program files\adobe\Acrobat_com
InstallLocation REG_SZ C:\program files\adobe\Acrobat_com\
InstallLocation REG_SZ C:\Program Files\Apple Software Update\
InstallLocation REG_SZ C:\Program Files\Common Files\Adobe AIR\
InstallLocation REG_SZ C:\Program Files\Common Files\Adobe AIR\
InstallLocation REG_SZ C:\Program Files\Common Files\Apple\Apple Application Support\
InstallLocation REG_SZ C:\Program Files\HPQ\HP Help and Support
InstallLocation REG_SZ C:\Program Files\InterVideo\DVD8SESD\
InstallLocation REG_SZ C:\Program Files\InterVideo\DVD8SESD\
InstallLocation REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
InstallLocation REG_SZ C:\Program Files\McAfee
InstallLocation REG_SZ C:\Program Files\McAfee\
InstallLocation REG_SZ C:\Program Files\Microsoft Office
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ c:\Program Files\Microsoft Office\
InstallLocation REG_SZ C:\Program Files\Microsoft Office\
InstallLocation REG_SZ c:\Program Files\Microsoft Small Business\
InstallLocation REG_SZ c:\Program Files\Microsoft SQL Server\
InstallLocation REG_SZ c:\Program Files\Microsoft SQL Server\
InstallLocation REG_SZ c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\
InstallLocation REG_SZ C:\Program Files\NOS\bin
InstallLocation REG_SZ C:\Program Files\QuickTime\
InstallLocation REG_SZ C:\Program Files\Realtek\Audio\InstallShield\
InstallLocation REG_SZ C:\Program Files\TomTom HOME 2
InstallLocation REG_SZ C:\WINDOWS\
InstallLocation REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v3.5\
InstallSource REG_SZ c:\525f9b6c993ccec4fd1b39\
InstallSource REG_SZ c:\5ac2e80dd61a99af1d12cc\dotnetfx20\
InstallSource REG_SZ c:\5ac2e80dd61a99af1d12cc\dotnetfx30\
InstallSource REG_SZ c:\99f62f3e5e88d93c179c\
InstallSource REG_SZ c:\appl.zip\OfficeBCMUS\Loader\
InstallSource REG_SZ c:\appl.zip\OfficeBCMUS\OFFICE\
InstallSource REG_SZ c:\appl.zip\OfficeBCMUS\OWC11\
InstallSource REG_SZ c:\b8632213b9f96afe24\Setup\
InstallSource REG_SZ c:\b8632213b9f96afe24\Setup\
InstallSource REG_SZ c:\b8632213b9f96afe24\setup\
InstallSource REG_SZ c:\b8632213b9f96afe24\Setup\
InstallSource REG_SZ c:\b8632213b9f96afe24\Setup\
InstallSource REG_SZ C:\Compaq\AUDIO\RealTek\
InstallSource REG_SZ C:\Compaq\DotNet3i\wcu\WPF\
InstallSource REG_SZ C:\Compaq\DotNeti\
InstallSource REG_SZ C:\Compaq\Help_Support\
InstallSource REG_SZ C:\Compaq\HPBackup\
InstallSource REG_SZ C:\Compaq\WinDvD\
InstallSource REG_SZ C:\Compaq\WinDvD\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AIR9CE.tmp\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP993.TMP\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP993.TMP\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP993.TMP\
InstallSource REG_SZ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mia1\
InstallSource REG_SZ C:\Documents and Settings\Administrator\Application Data\Sun\Java\jre1.6.0_07\
InstallSource REG_SZ C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe\Updater6\Install\reader9rdr-en_US\
InstallSource REG_SZ C:\Documents and Settings\Administrator\Local Settings\Temp\fla9D0.tmp\
InstallSource REG_SZ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\H3WFEEO0\
InstallSource REG_SZ C:\Documents and Settings\All Users\Application Data\Adobe\Reader\9.3\ARM\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0019-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-001A-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\MSOCache\All Users\{91120000-00CA-0000-0000-0000000FF1CE}-C\
InstallSource REG_SZ C:\WINDOWS\system32\
InstallSource REG_SZ C:\WINDOWS\TEMP\IXP02AE4.tmp\dotnetfx35\x86\

Halfday24 · Feb 27, 2011

Attach.txt Part 3:

Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 0 (0x0)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1033 (0x409)
Language REG_DWORD 1036 (0x40c)
Language REG_DWORD 3082 (0xc0a)
Language REG_DWORD 9 (0x9)
Language REG_DWORD 9 (0x9)
Language REG_DWORD 9 (0x9)
LogFile REG_SZ C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.ilg
LogFile REG_SZ C:\Program Files\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\Setup.ilg
LogFile REG_SZ C:\Program Files\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\Setup.ilg
LogFile REG_SZ C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.ilg
LogFile REG_SZ C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.ilg
LogMode REG_DWORD 1 (0x1)
LogMode REG_DWORD 1 (0x1)
LogMode REG_DWORD 1 (0x1)
MajorVersion REG_DWORD 2 (0x2)
MajorVersion REG_DWORD 2 (0x2)
MajorVersion REG_DWORD 2 (0x2)
MajorVersion REG_DWORD 4 (0x4)
MajorVersion REG_DWORD 8 (0x8)
MinorVersion REG_DWORD 2 (0x2)
MinorVersion REG_DWORD 5 (0x5)
MinorVersion REG_DWORD 5 (0x5)
MinorVersion REG_DWORD 50 (0x32)
MinorVersion REG_DWORD 7 (0x7)
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{4571CC76-42C4-7D67-E024-0AEB166E1C6F}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{49FA793C-785E-47E9-93DF-BD442B0B45D1}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
ModifyPath REG_EXPAND_SZ MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{91120000-00CA-0000-0000-0000000FF1CE}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
ModifyPath REG_EXPAND_SZ MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
ModifyPath REG_SZ "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /modify SMALLBUSINESSR /dll OSETUP.DLL
ModifyPath REG_SZ "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe"
ModifyPath REG_SZ C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe
NoElevateOnModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 0 (0x0)
NoModify REG_DWORD 0 (0x0)
NoModify REG_DWORD 0 (0x0)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoModify REG_DWORD 1 (0x1)
NoRemove REG_DWORD 0 (0x0)
NoRemove REG_DWORD 0 (0x0)
NoRemove REG_DWORD 0 (0x0)
NoRemove REG_DWORD 0 (0x0)
NoRemove REG_DWORD 0 (0x0)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemove REG_DWORD 1 (0x1)
NoRemoveInitialValue REG_DWORD 1 (0x1)
NoRemoveInitialValue REG_DWORD 1 (0x1)
NoRemoveInitialValue REG_DWORD 1 (0x1)
NoRemoveInitialValue REG_DWORD 1 (0x1)
NoRemoveInitialValue REG_DWORD 1 (0x1)
NoRepair REG_DWORD 0 (0x0)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
NoRepair REG_DWORD 1 (0x1)
PackageIds REG_MULTI_SZ OfficeMUI.en-us\0OfficeMUISet.en-us\0ExcelMUI.en-us\0OutlookMUI.en-us\0PowerPointMUI.en-us\0RosebudMUI.en-us\0Proof.es-es\0Proof.fr-fr\0Proof.en-us\0Proofing.en-us\0PublisherMUI.en-us\0WordMUI.en-us\0SmallBusinessrWW\0\0
ParentDisplayName REG_SZ Microsoft .NET Framework 1.1 (1033)
ParentDisplayName REG_SZ Microsoft .NET Framework 1.1 (1033)
ParentDisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentDisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentDisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentDisplayName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows Internet Explorer 8 - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ ie8Hotfix
ParentKeyName REG_SZ Microsoft .NET Framework 1.1 (1033)
ParentKeyName REG_SZ Microsoft .NET Framework 1.1 (1033)
ParentKeyName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentKeyName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentKeyName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentKeyName REG_SZ Microsoft .NET Framework 3.5 SP1
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ParentKeyName REG_SZ OperatingSystem
ProductCodes REG_MULTI_SZ {90120000-006E-0409-0000-0000000FF1CE}\0{90120000-0115-0409-0000-0000000FF1CE}\0{90120000-0016-0409-0000-0000000FF1CE}\0{90120000-001A-0409-0000-0000000FF1CE}\0{90120000-0018-0409-0000-0000000FF1CE}\0{90120000-0010-0409-0000-0000000FF1CE}\0{90120000-001F-0C0A-0000-0000000FF1CE}\0{90120000-001F-040C-0000-0000000FF1CE}\0{90120000-001F-0409-0000-0000000FF1CE}\0{90120000-002C-0409-0000-0000000FF1CE}\0{90120000-0019-0409-0000-0000000FF1CE}\0{90120000-001B-0409-0000-0000000FF1CE}\0{91120000-00CA-0000-0000-0000000FF1CE}\0\0
ProductGuid REG_SZ {0F12A151-27CC-4641-A446-22E96A946F52}
ProductGuid REG_SZ {3C9EEFEF-1F71-4213-AC41-4BF5FE0FED95}
ProductGuid REG_SZ {3F9F7336-6DF8-476F-ABF6-C70A17FAF619}
ProductGuid REG_SZ {A93C4E94-1005-489D-BEAA-B873C1AA6CFC}
ProductGuid REG_SZ {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
ProductID REG_SZ
ProductID REG_SZ 81606-905-8911144-64100

Halfday24 · Feb 27, 2011

Attach.txt Part 4:

Publisher REG_SZ Adobe Systems Inc.
Publisher REG_SZ Adobe Systems Inc.
Publisher REG_SZ Adobe Systems Incorporated
Publisher REG_SZ Adobe Systems Incorporated
Publisher REG_SZ Adobe Systems Incorporated
Publisher REG_SZ Adobe Systems Incorporated
Publisher REG_SZ Adobe Systems Incorporated
Publisher REG_SZ Apple Inc.
Publisher REG_SZ Apple Inc.
Publisher REG_SZ Apple Inc.
Publisher REG_SZ Eolsoft
Publisher REG_SZ Hewlett-Packard Company
Publisher REG_SZ HPQ
Publisher REG_SZ InterVideo Inc.
Publisher REG_SZ InterVideo Inc.
Publisher REG_SZ Lexmark International, Inc.
Publisher REG_SZ Malwarebytes Corporation
Publisher REG_SZ McAfee, Inc.
Publisher REG_SZ McAfee, Inc.
Publisher REG_SZ Microsoft
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ Microsoft Corporation
Publisher REG_SZ NOS Microsystems Ltd.
Publisher REG_SZ PDF Complete, Inc
Publisher REG_SZ Realtek Semiconductor Corp.
Publisher REG_SZ Sun Microsystems, Inc.
Publisher REG_SZ TomTom
Publisher REG_SZ TomTom International B.V.
QuietUninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
QuietUninstallString REG_SZ MsiExec.Exe /x {90A40409-6000-11D3-8CFE-0150048383C9} /qn
QuietUninstallString REG_SZ Rundll32 IedkCS32.dll,BrandCleanInstallStubs
QuietUninstallString REG_SZ rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Readme REG_EXPAND_SZ C:\Program Files\Adobe\Reader 9.0\Readme.htm
Readme REG_EXPAND_SZ C:\Program Files\Java\jre1.6.0_07\README.txt
Readme REG_EXPAND_SZ file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ
Readme REG_SZ file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm
RegCompany REG_SZ
RegistryLocation REG_SZ HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\KB953595
RegistryLocation REG_SZ HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB2416473
RegistryLocation REG_SZ HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB958484
RegistryLocation REG_SZ HKEY_LOCAL_MACHINE\Software\Microsoft\Updates\Microsoft .NET Framework 3.5 SP1\SP1\KB963707
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2447568-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB2482017-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB971961-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB976662-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB981332-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP0\KB982381-IE8
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB898461
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2079403
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2115168
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2121546
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2141007
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2158563
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2160329
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2229593
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2259922
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2279986
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2286198
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2296011
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2296199
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2345886
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2347290
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2360937
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2387149
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2393802
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2419632
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2423089
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2436673
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2440591
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2443105
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2443685
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2467659
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2476687
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2478960
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2478971
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2479628
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2483185
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB2485376
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB923561
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB942288-v3
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB946648
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950974
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951066
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951376-v2
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951748
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB951978
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952004
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952117-v2
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952287
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB952954
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB954459
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB954550-v5
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB955069
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB955759
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956572
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956744
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956802
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956803
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956844
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB957097
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958644
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958687
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958756
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB958869
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB959426
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960225
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960803
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB960859
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961118
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961371-v2
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB961501
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB967715
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB968389
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB968537
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB969059
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB969947
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB970238
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB970430
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB970653-v3
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971468
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971486
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971557
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971633
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971657
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB971737
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB972270
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973354
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973507
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973525
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973687
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973815
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973869
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB973904
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974112
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974318
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974392
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB974571
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975025
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975467
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975560
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975561
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975562
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB975713
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB976098-v2
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB977165
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB977816
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB977914
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978037
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978251
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978262
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978338
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978542
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978601
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB978706
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979306
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979309
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979482
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979559
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979683
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB979687
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980195
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980218
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980232
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB980436
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981322
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981793
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981852
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981957
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB981997
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982132
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982214
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982665
RegistryLocation REG_SZ HKLM\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB982802
RegOwner REG_SZ

Halfday24 · Feb 27, 2011

Attach.txt Part 5:

ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Hotfix
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Security Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
ReleaseType REG_SZ Update
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RemoveOnIE8Uninstall REG_DWORD 1 (0x1)
RequiresIESysFile REG_SZ 100.0
RequiresIESysFile REG_SZ 4.70.0.1155
RequiresIESysFile REG_SZ 4.71
ShellUITransformLanguage REG_SZ en-US
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
Size REG_SZ
SkuComponents REG_MULTI_SZ C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Proofing.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Publisher.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\SMALLBUSINESSR\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Office.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\PowerPoint.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Rosebud.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Excel.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Outlook.en-us\setup.xml\0C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\Word.en-us\setup.xml\0\0
SystemComponent REG_DWORD 0 (0x0)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
SystemComponent REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
TSAware REG_DWORD 1 (0x1)
UninstallPath REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
UninstallString REG_EXPAND_SZ C:\Program Files\PDF Complete\uninstall.exe
UninstallString REG_EXPAND_SZ MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{4571CC76-42C4-7D67-E024-0AEB166E1C6F}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{49FA793C-785E-47E9-93DF-BD442B0B45D1}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
UninstallString REG_EXPAND_SZ MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{91120000-00CA-0000-0000-0000000FF1CE}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
UninstallString REG_EXPAND_SZ MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
UninstallString REG_SZ
UninstallString REG_SZ
UninstallString REG_SZ
UninstallString REG_SZ
UninstallString REG_SZ
UninstallString REG_SZ
UninstallString REG_SZ "C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
UninstallString REG_SZ "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SMALLBUSINESSR /dll OSETUP.DLL
UninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
UninstallString REG_SZ "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
UninstallString REG_SZ "C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe" /Get1
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB952117-v2$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
UninstallString REG_SZ "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
UninstallString REG_SZ "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
UninstallString REG_SZ C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
UninstallString REG_SZ C:\Program Files\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe -runfromtemp -l0x0409
UninstallString REG_SZ C:\Program Files\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe -runfromtemp -l0x0409
UninstallString REG_SZ C:\Program Files\Lexmark 2600 Series\Install\x86\Uninst.exe
UninstallString REG_SZ C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
UninstallString REG_SZ C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
UninstallString REG_SZ C:\Program Files\Winmail Opener\uninst.exe
UninstallString REG_SZ C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
UninstallString REG_SZ C:\WINDOWS\system32\igxpun.exe -uninstall
UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe -maintain activex
UninstallString REG_SZ C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
UninstallString REG_SZ C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
UninstallString REG_SZ C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
UninstallString REG_SZ C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UninstallString REG_SZ msiexec /qb /x {4571CC76-42C4-7D67-E024-0AEB166E1C6F}
UninstallString REG_SZ msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
UninstallString REG_SZ RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
UninstallString REG_SZ RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.exe" -l0x9 -removeonly
UninstallString REG_SZ RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
UninstallString REG_SZ rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Halfday24 · Feb 27, 2011

Attach Part 6:

URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ
URLInfoAbout REG_SZ http://java.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://support.microsoft.com
URLInfoAbout REG_SZ http://www.adobe.com
URLInfoAbout REG_SZ http://www.adobe.com
URLInfoAbout REG_SZ http://www.adobe.com
URLInfoAbout REG_SZ http://www.apple.com
URLInfoAbout REG_SZ http://www.apple.com
URLInfoAbout REG_SZ http://www.apple.com
URLInfoAbout REG_SZ http://www.eolsoft.com/freeware/winmail_opener/
URLInfoAbout REG_SZ http://www.hp.com
URLInfoAbout REG_SZ http://www.hp.com
URLInfoAbout REG_SZ http://www.InterVideo.com/
URLInfoAbout REG_SZ http://www.InterVideo.com/
UrlInfoAbout REG_SZ http://www.lexmark.com
URLInfoAbout REG_SZ http://www.malwarebytes.org
URLInfoAbout REG_SZ http://www.microsoft.com/
URLInfoAbout REG_SZ http://www.microsoft.com/genuine
URLInfoAbout REG_SZ http://www.microsoft.com/ie
URLInfoAbout REG_SZ http://www.microsoft.com/support
URLInfoAbout REG_SZ http://www.nosltd.com
URLInfoAbout REG_SZ http://www.pdfcomplete.com
URLInfoAbout REG_SZ http://www.tomtom.com
URLInfoAbout REG_SZ http://www.tomtom.com/home
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ
URLUpdateInfo REG_SZ http://go.microsoft.com/fwlink/?LinkId=120338
URLUpdateInfo REG_SZ http://go.microsoft.com/fwlink/?LinkId=98074
URLUpdateInfo REG_SZ http://go.microsoft.com/fwlink/?LinkId=98076
URLUpdateInfo REG_SZ http://java.sun.com
URLUpdateInfo REG_SZ http://www.adobe.com/acrofamily/main.html
URLUpdateInfo REG_SZ http://www.adobe.com/go/getflashplayer/
URLUpdateInfo REG_SZ http://www.adobe.com/products/acrobat/readstep.html
URLUpdateInfo REG_SZ http://www.apple.com/
URLUpdateInfo REG_SZ http://www.apple.com/macosx/
URLUpdateInfo REG_SZ http://www.apple.com/quicktime/
URLUpdateInfo REG_SZ http://www.intervideo.com/
URLUpdateInfo REG_SZ http://www.intervideo.com/
URLUpdateInfo REG_SZ http://www.malwarebytes.org
URLUpdateInfo REG_SZ http://www.pdfcomplete.com
URLUpdateInfo REG_SZ http://www.tomtom.com/home
Version REG_DWORD 101319785 (0x60a0469)
Version REG_DWORD 121831499 (0x743004b)
Version REG_DWORD 134217748 (0x8000014)
Version REG_DWORD 134217748 (0x8000014)
Version REG_DWORD 134268455 (0x800c627)
Version REG_DWORD 150994944 (0x9000000)
Version REG_DWORD 150997986 (0x9000be2)
Version REG_DWORD 150997986 (0x9000be2)
Version REG_DWORD 150997986 (0x9000be2)
Version REG_DWORD 151129058 (0x9020be2)
Version REG_DWORD 151257090 (0x9040002)
Version REG_DWORD 154279267 (0x9321d63)
Version REG_DWORD 16777216 (0x1000000)
Version REG_DWORD 16777218 (0x1000002)
Version REG_DWORD 16847074 (0x10110e2)
Version REG_DWORD 16973825 (0x1030001)
Version REG_DWORD 17104899 (0x1050003)
Version REG_DWORD 17170432 (0x1060000)
Version REG_DWORD 184557379 (0xb001f43)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 201331110 (0xc0011a6)
Version REG_DWORD 33561456 (0x2001b70)
Version REG_DWORD 33619968 (0x2010000)
Version REG_DWORD 33619969 (0x2010001)
Version REG_DWORD 33716233 (0x2027809)
Version REG_DWORD 33882112 (0x2050000)
Version REG_DWORD 36831232 (0x2320000)
Version REG_DWORD 50338568 (0x3001b08)
Version REG_DWORD 50493449 (0x3027809)
Version REG_DWORD 50690057 (0x3057809)
Version REG_DWORD 67239946 (0x402000a)
Version REG_DWORD 68429454 (0x414268e)
Version REG_DWORD 68429460 (0x4142694)
Version REG_DWORD 84213760 (0x5050000)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 1 (0x1)
VersionMajor REG_DWORD 10 (0xa)
VersionMajor REG_DWORD 11 (0xb)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 12 (0xc)
VersionMajor REG_DWORD 2 (0x2)
VersionMajor REG_DWORD 2 (0x2)
VersionMajor REG_DWORD 2 (0x2)
VersionMajor REG_DWORD 2 (0x2)
VersionMajor REG_DWORD 3 (0x3)
VersionMajor REG_DWORD 3 (0x3)
VersionMajor REG_DWORD 3 (0x3)
VersionMajor REG_DWORD 3 (0x3)
VersionMajor REG_DWORD 4 (0x4)
VersionMajor REG_DWORD 4 (0x4)
VersionMajor REG_DWORD 5 (0x5)
VersionMajor REG_DWORD 6 (0x6)
VersionMajor REG_DWORD 7 (0x7)
VersionMajor REG_DWORD 8 (0x8)
VersionMajor REG_DWORD 8 (0x8)
VersionMajor REG_DWORD 8 (0x8)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_DWORD 9 (0x9)
VersionMajor REG_SZ 10
VersionMajor REG_SZ 2
VersionMajor REG_SZ 3
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 0 (0x0)
VersionMinor REG_DWORD 1 (0x1)
VersionMinor REG_DWORD 1 (0x1)
VersionMinor REG_DWORD 1 (0x1)
VersionMinor REG_DWORD 10 (0xa)
VersionMinor REG_DWORD 2 (0x2)
VersionMinor REG_DWORD 2 (0x2)
VersionMinor REG_DWORD 2 (0x2)
VersionMinor REG_DWORD 2 (0x2)
VersionMinor REG_DWORD 20 (0x14)
VersionMinor REG_DWORD 20 (0x14)
VersionMinor REG_DWORD 3 (0x3)
VersionMinor REG_DWORD 4 (0x4)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 5 (0x5)
VersionMinor REG_DWORD 50 (0x32)
VersionMinor REG_DWORD 6 (0x6)
VersionMinor REG_DWORD 67 (0x43)
VersionMinor REG_SZ 0
VersionMinor REG_SZ 5
VersionMinor REG_SZ 5
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
WindowsInstaller REG_DWORD 1 (0x1)
Error: Key: software\microsoft\windows\currentversion\uninstall does not exist!
For more information, visit http://support.microsoft.com/kb/2416473.
For more information, visit http://support.microsoft.com/kb/953595.
For more information, visit http://support.microsoft.com/kb/958484.
For more information, visit http://support.microsoft.com/kb/963707.

Halfday24 · Feb 27, 2011

Attach.txt Part 7 of 7:

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{4571CC76-42C4-7D67-E024-0AEB166E1C6F}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{49FA793C-785E-47E9-93DF-BD442B0B45D1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{50120000-1105-0000-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-0010-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-0016-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-0018-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-0019-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-001A-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-001B-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-001F-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-001F-040C-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-001F-0C0A-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-002C-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-006E-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90120000-0115-0409-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{90A40409-6000-11D3-8CFE-0150048383C9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{91120000-00CA-0000-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A2BCA9F1-566C-4805-97D1-7FDC93386723}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A49F249F-0C91-497F-86DF-B2585E8E76B7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A939D341-5A04-4E0A-BB55-3E65B386432D}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{AC76BA86-7AD7-1033-7B44-A94000000001}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{AC76BA86-7AD7-5464-3428-900000000004}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{BAF78226-3200-4DB4-BE33-4D922A799840}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB2418241
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB971111
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976569
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976576
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB976765v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB979909
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB980773
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB983583
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Activation Assistant for the 2007 Microsoft Office suites
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\AddressBook
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Adobe AIR
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Adobe Flash Player ActiveX
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Branding
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Connection Manager
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\DirectAnimation
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\DirectDrawEx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\DXM_Runtime
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Fontcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\HDMI
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\HOMESTUDENTR
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ICW
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\IDNMitigationAPIs
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\IE40
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\IE4Data
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\IE5BAKEX
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ie7
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ie8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\IEData
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\InstallShield Uninstall Information
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\InstallShield Uninstall Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2079403
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2115168
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2121546
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2141007
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2158563
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2160329
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2229593
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2259922
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2279986
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2286198
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2296011
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2296199
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2345886
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2347290
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2360937
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2378111_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2387149
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2393802
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2419632
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2423089
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2436673
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2440591
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2443105
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2443685
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2447568-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2467659
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2476687
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2478960
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2478971
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2479628
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2482017-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2483185
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB2485376
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB884016
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB893803
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB893803v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB898461
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB923561
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB935695_Beta
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB942288-v3
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB946648
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB950762
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB950974
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB951066
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB951376-v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB951748
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB951978
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952004
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952069_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952117
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952117-v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952287
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB952954
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB954155_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB954459
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB954550-v5
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB955069
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB955759
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB956572
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB956744
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB956802
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB956803
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB956844
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB957097
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB958644
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB958687
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB958756
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB958869
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB959426
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB960225
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB960803
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB960859
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB961118
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB961371-v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB961501
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB967715
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB968389
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB968537
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB968816_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB969059
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB969947
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB970238
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB970430
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB970653-v3
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971468
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971486
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971557
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971633
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971657
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971737
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB971961-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB972270
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973354
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973507
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973525
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973540_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973687
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973815
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973869
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB973904
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB974112
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB974318
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB974392
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB974571
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975025
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975467
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975558_WM8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975560
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975561
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975562
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB975713
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB976098-v2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB976662-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB977165
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB977816
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB977914
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978037
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978251
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978262
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978338
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978542
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978601
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978695_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB978706
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979306
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979309
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979402_WM9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979482
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979559
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979683
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB979687
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB980195
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB980218
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB980232
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB980436
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981322
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981332-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981793
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981852
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981957
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB981997
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB982132
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB982214
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB982381-IE8
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB982665
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\KB982802
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Lexmark 2600 Series
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\M2416447
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\M979906
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Malwarebytes' Anti-Malware_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Microsoft .NET Framework 1.1 (1033)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Microsoft .NET Framework 3.5 SP1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Microsoft SQL Server 2005
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MobileOptionPack
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MPlayer2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSC
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30-Beta1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30-Beta2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30-KB884016
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30-RC1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30-RC2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI30a-KB884016
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI31-Beta
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\MSI31-RC1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\NetMeeting
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\NLSDownlevelMapping
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\OutlookExpress
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\PCHealth
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\PDF Complete
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\PROHYBRID2R
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\SchedulingAgent
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\SMALLBUSINESSR
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\TomTom HOME
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\WgaNotify
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\WIC
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\Winmail Opener
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\XpsEPSC
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
If you later install a more recent service pack, this hotfix will be uninstalled automatically.
If you later install a more recent service pack, this security update will be uninstalled automatically.
If you later install a more recent service pack, this update will be uninstalled automatically.
SteelWerX Registry Console Tool 2.0
SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)
Written by Bobbi Flekman 2006 (C)

==== Event Viewer Messages From Past Week ========

Broni · Feb 27, 2011

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

Halfday24 · Feb 27, 2011

2011/02/27 17:00:46.0921 1308 TDSS rootkit removing tool 2.4.18.0 Feb 21 2011 11:08:08
2011/02/27 17:00:47.0578 1308 ================================================================================
2011/02/27 17:00:47.0578 1308 SystemInfo:
2011/02/27 17:00:47.0578 1308
2011/02/27 17:00:47.0578 1308 OS Version: 5.1.2600 ServicePack: 3.0
2011/02/27 17:00:47.0578 1308 Product type: Workstation
2011/02/27 17:00:47.0578 1308 ComputerName: PH10-22-2009
2011/02/27 17:00:47.0578 1308 UserName: Administrator
2011/02/27 17:00:47.0578 1308 Windows directory: C:\WINDOWS
2011/02/27 17:00:47.0578 1308 System windows directory: C:\WINDOWS
2011/02/27 17:00:47.0578 1308 Processor architecture: Intel x86
2011/02/27 17:00:47.0578 1308 Number of processors: 2
2011/02/27 17:00:47.0578 1308 Page size: 0x1000
2011/02/27 17:00:47.0578 1308 Boot type: Normal boot
2011/02/27 17:00:47.0578 1308 ================================================================================
2011/02/27 17:00:47.0953 1308 Initialize success
2011/02/27 17:01:01.0453 3316 ================================================================================
2011/02/27 17:01:01.0453 3316 Scan started
2011/02/27 17:01:01.0453 3316 Mode: Manual;
2011/02/27 17:01:01.0453 3316 ================================================================================
2011/02/27 17:01:02.0062 3316 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/02/27 17:01:02.0078 3316 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/02/27 17:01:02.0109 3316 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/02/27 17:01:02.0140 3316 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
2011/02/27 17:01:02.0171 3316 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/02/27 17:01:02.0187 3316 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
2011/02/27 17:01:02.0218 3316 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/02/27 17:01:02.0265 3316 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/02/27 17:01:02.0328 3316 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/02/27 17:01:02.0343 3316 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/02/27 17:01:02.0546 3316 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/02/27 17:01:02.0578 3316 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/02/27 17:01:02.0656 3316 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/02/27 17:01:02.0687 3316 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/02/27 17:01:02.0734 3316 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/02/27 17:01:02.0765 3316 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
2011/02/27 17:01:02.0796 3316 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/02/27 17:01:02.0828 3316 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/02/27 17:01:02.0843 3316 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/02/27 17:01:02.0859 3316 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/02/27 17:01:02.0906 3316 cfwids (7e6f7da1c4de5680820f964562548949) C:\WINDOWS\system32\drivers\cfwids.sys
2011/02/27 17:01:03.0125 3316 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/02/27 17:01:03.0171 3316 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/02/27 17:01:03.0250 3316 dmio (31136aaa951d5d493fa680e7739c9077) C:\WINDOWS\system32\drivers\dmio.sys
2011/02/27 17:01:03.0250 3316 Suspicious file (Forged): C:\WINDOWS\system32\drivers\dmio.sys. Real md5: 31136aaa951d5d493fa680e7739c9077, Fake md5: 7c824cf7bbde77d95c08005717a95f6f
2011/02/27 17:01:03.0265 3316 dmio - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/02/27 17:01:03.0265 3316 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/02/27 17:01:03.0296 3316 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/02/27 17:01:03.0343 3316 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/02/27 17:01:03.0359 3316 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/02/27 17:01:03.0390 3316 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/02/27 17:01:03.0421 3316 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/02/27 17:01:03.0453 3316 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/02/27 17:01:03.0531 3316 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/02/27 17:01:03.0546 3316 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/02/27 17:01:03.0562 3316 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/02/27 17:01:03.0593 3316 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/02/27 17:01:03.0609 3316 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/02/27 17:01:03.0656 3316 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/02/27 17:01:03.0687 3316 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/02/27 17:01:03.0718 3316 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/02/27 17:01:03.0812 3316 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/02/27 17:01:03.0875 3316 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/02/27 17:01:03.0906 3316 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2011/02/27 17:01:03.0953 3316 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2011/02/27 17:01:04.0015 3316 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2011/02/27 17:01:04.0031 3316 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2011/02/27 17:01:04.0046 3316 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2011/02/27 17:01:04.0062 3316 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2011/02/27 17:01:04.0062 3316 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
2011/02/27 17:01:04.0093 3316 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
2011/02/27 17:01:04.0109 3316 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
2011/02/27 17:01:04.0125 3316 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2011/02/27 17:01:04.0140 3316 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2011/02/27 17:01:04.0140 3316 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2011/02/27 17:01:04.0156 3316 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2011/02/27 17:01:04.0171 3316 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
2011/02/27 17:01:04.0187 3316 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
2011/02/27 17:01:04.0328 3316 ialm (c4018896856a1a1f1f3a0a6ee7206551) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/02/27 17:01:04.0484 3316 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/02/27 17:01:04.0609 3316 IntcAzAudAddService (e5c925b50154d102734ab446ade781f4) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/02/27 17:01:04.0718 3316 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/02/27 17:01:04.0781 3316 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/02/27 17:01:04.0812 3316 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/02/27 17:01:04.0812 3316 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/02/27 17:01:04.0843 3316 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/02/27 17:01:04.0890 3316 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/02/27 17:01:04.0906 3316 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/02/27 17:01:04.0984 3316 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/02/27 17:01:05.0031 3316 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/02/27 17:01:05.0062 3316 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\WINDOWS\system32\drivers\iviaspi.sys
2011/02/27 17:01:05.0078 3316 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/02/27 17:01:05.0109 3316 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/02/27 17:01:05.0156 3316 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/02/27 17:01:05.0296 3316 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\WINDOWS\system32\drivers\mfeapfk.sys
2011/02/27 17:01:05.0328 3316 MfeAVFK (67e961988312b1a28d6f93357b0bf998) C:\WINDOWS\system32\drivers\mfeavfk.sys
2011/02/27 17:01:05.0421 3316 MfeBOPK (19161b1796cf74a6a326abde309062ba) C:\WINDOWS\system32\drivers\mfebopk.sys
2011/02/27 17:01:05.0453 3316 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\WINDOWS\system32\drivers\mfefirek.sys
2011/02/27 17:01:05.0546 3316 mfehidk (0efab2b91b27543fe589de700de07136) C:\WINDOWS\system32\drivers\mfehidk.sys
2011/02/27 17:01:05.0593 3316 mfendisk (549dd4966bf0b1d1fc205ca0755a745b) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
2011/02/27 17:01:05.0609 3316 mfendiskmp (549dd4966bf0b1d1fc205ca0755a745b) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
2011/02/27 17:01:05.0671 3316 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\WINDOWS\system32\drivers\mferkdet.sys
2011/02/27 17:01:05.0750 3316 mfetdi2k (e6c5f7aade5a31c057d73201acfe8adf) C:\WINDOWS\system32\drivers\mfetdi2k.sys
2011/02/27 17:01:05.0781 3316 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/02/27 17:01:05.0812 3316 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/02/27 17:01:05.0843 3316 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/02/27 17:01:05.0890 3316 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/02/27 17:01:05.0921 3316 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/02/27 17:01:05.0953 3316 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/02/27 17:01:06.0000 3316 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/02/27 17:01:06.0031 3316 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/02/27 17:01:06.0062 3316 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/02/27 17:01:06.0078 3316 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/02/27 17:01:06.0078 3316 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/02/27 17:01:06.0109 3316 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/02/27 17:01:06.0140 3316 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/02/27 17:01:06.0156 3316 NDIS (8716356e49a665bdc7b114725b60a456) C:\WINDOWS\system32\drivers\NDIS.sys
2011/02/27 17:01:06.0171 3316 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/02/27 17:01:06.0187 3316 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/02/27 17:01:06.0250 3316 NdisWan (5526cfebb619f7f763bd6a2e1b618078) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/02/27 17:01:06.0296 3316 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/02/27 17:01:06.0343 3316 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/02/27 17:01:06.0359 3316 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/02/27 17:01:06.0390 3316 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/02/27 17:01:06.0421 3316 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/02/27 17:01:06.0531 3316 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/02/27 17:01:06.0562 3316 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/02/27 17:01:06.0578 3316 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/02/27 17:01:06.0609 3316 oxmf (7a1984671b6c3bbf8fd060f8917208c0) C:\WINDOWS\system32\DRIVERS\oxmf.sys
2011/02/27 17:01:06.0625 3316 Oxmfuf (0bf21f9a594c1995a46184beb838aca1) C:\WINDOWS\system32\DRIVERS\oxmfuf.sys
2011/02/27 17:01:06.0640 3316 oxpar (0b2f22e758a459b87a06689a8fedf63e) C:\WINDOWS\system32\DRIVERS\oxpar.sys
2011/02/27 17:01:06.0671 3316 oxser (002830544100a47e821b906c619267a9) C:\WINDOWS\system32\DRIVERS\oxser.sys
2011/02/27 17:01:06.0703 3316 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/02/27 17:01:06.0718 3316 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/02/27 17:01:06.0734 3316 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/02/27 17:01:06.0765 3316 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/02/27 17:01:06.0781 3316 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/02/27 17:01:06.0828 3316 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/02/27 17:01:06.0859 3316 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/02/27 17:01:06.0984 3316 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/02/27 17:01:07.0000 3316 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/02/27 17:01:07.0031 3316 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/02/27 17:01:07.0171 3316 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/02/27 17:01:07.0187 3316 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/02/27 17:01:07.0203 3316 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/02/27 17:01:07.0218 3316 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/02/27 17:01:07.0234 3316 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/02/27 17:01:07.0250 3316 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/02/27 17:01:07.0265 3316 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/02/27 17:01:07.0296 3316 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/02/27 17:01:07.0343 3316 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/02/27 17:01:07.0359 3316 regi (001b4278407f4303efc902a2b16f2453) C:\WINDOWS\system32\drivers\regi.sys
2011/02/27 17:01:07.0406 3316 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/02/27 17:01:07.0437 3316 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/02/27 17:01:07.0468 3316 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/02/27 17:01:07.0484 3316 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/02/27 17:01:07.0515 3316 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/02/27 17:01:07.0562 3316 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/02/27 17:01:07.0578 3316 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/02/27 17:01:07.0640 3316 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/02/27 17:01:07.0671 3316 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/02/27 17:01:07.0687 3316 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/02/27 17:01:07.0718 3316 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/02/27 17:01:07.0750 3316 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/02/27 17:01:07.0765 3316 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
2011/02/27 17:01:07.0765 3316 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/02/27 17:01:07.0796 3316 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/02/27 17:01:07.0796 3316 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/02/27 17:01:07.0890 3316 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/02/27 17:01:07.0921 3316 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/02/27 17:01:07.0937 3316 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/02/27 17:01:07.0968 3316 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/02/27 17:01:08.0031 3316 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/02/27 17:01:08.0062 3316 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/02/27 17:01:08.0093 3316 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/02/27 17:01:08.0125 3316 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/02/27 17:01:08.0171 3316 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/02/27 17:01:08.0187 3316 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/02/27 17:01:08.0218 3316 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/02/27 17:01:08.0250 3316 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/02/27 17:01:08.0281 3316 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/02/27 17:01:08.0312 3316 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/02/27 17:01:08.0343 3316 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/02/27 17:01:08.0375 3316 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/02/27 17:01:08.0406 3316 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/02/27 17:01:08.0609 3316 ================================================================================
2011/02/27 17:01:08.0609 3316 Scan finished
2011/02/27 17:01:08.0609 3316 ================================================================================
2011/02/27 17:01:08.0625 0320 Detected object count: 1
2011/02/27 17:02:36.0000 0320 dmio (31136aaa951d5d493fa680e7739c9077) C:\WINDOWS\system32\drivers\dmio.sys
2011/02/27 17:02:36.0000 0320 Suspicious file (Forged): C:\WINDOWS\system32\drivers\dmio.sys. Real md5: 31136aaa951d5d493fa680e7739c9077, Fake md5: 7c824cf7bbde77d95c08005717a95f6f
2011/02/27 17:02:37.0156 0320 Backup copy found, using it..
2011/02/27 17:02:37.0171 0320 C:\WINDOWS\system32\drivers\dmio.sys - will be cured after reboot
2011/02/27 17:02:37.0171 0320 Rootkit.Win32.TDSS.tdl3(dmio) - User select action: Cure
2011/02/27 17:02:48.0718 3456 Deinitialize success

Broni · Feb 27, 2011

Well done

How is redirection?

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Halfday24 · Feb 27, 2011

Redirection seems to be better right now. Thank you.

Here are the results of the MBRCheck.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 124):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F95000 klmdb.sys
0xB9F67000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F56000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0B8000 MountMgr.sys
0xB9F37000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9F11000 tsk77.tmp
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9EF9000 atapi.sys
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9ED9000 fltMgr.sys
0xB9EC7000 sr.sys
0xB9E6A000 mfehidk.sys
0xB9E53000 KSecDD.sys
0xB9DC6000 Ntfs.sys
0xB9D99000 NDIS.sys
0xB9D7F000 Mup.sys
0xBA128000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB97A2000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xB978E000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA388000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB976A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA390000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9742000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB9728000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xBA3A0000 \SystemRoot\system32\DRIVERS\oxmf.sys
0xB9714000 \SystemRoot\system32\DRIVERS\oxpar.sys
0xBA138000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA3B0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA148000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA55C000 \SystemRoot\system32\drivers\iviaspi.sys
0xBA158000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA168000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB96F1000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA76F000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB96DD000 \SystemRoot\system32\DRIVERS\mfendisk.sys
0xBA178000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA56C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB96C6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA188000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA198000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBA3E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB968D000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA1A8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB9669000 \SystemRoot\system32\drivers\mfeavfk.sys
0xB961E000 \SystemRoot\system32\drivers\mfefirek.sys
0xBA400000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA410000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB95C6000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA1B8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA420000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5B8000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9D43000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA1C8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA1E8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5BC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xA948C000 \SystemRoot\system32\DRIVERS\oxser.sys
0xB96BE000 \SystemRoot\system32\DRIVERS\serenum.sys
0xBA5C2000 \SystemRoot\system32\DRIVERS\oxmfuf.sys
0xA8FD0000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xA8FAC000 \SystemRoot\system32\drivers\portcls.sys
0xBA1F8000 \SystemRoot\system32\drivers\drmk.sys
0xBA5CA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA7CE000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5CE000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA460000 \SystemRoot\System32\drivers\vga.sys
0xBA5D2000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5D6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA470000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA480000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB95B2000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA8EB1000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA8E58000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA8E0A000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA8DF7000 \SystemRoot\system32\drivers\mfetdi2k.sys
0xBA208000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA8DCF000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA8DAD000 \SystemRoot\System32\drivers\afd.sys
0xBA218000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA8D82000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA8D12000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA248000 \SystemRoot\System32\Drivers\Fips.SYS
0xBA4A8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xA8F00000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA268000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xBA340000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xA8EF8000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xBA378000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xA8EF0000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xBA278000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA8CD2000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA5EE000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB95BE000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA3B8000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA747000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04F000 \SystemRoot\System32\igxpdv32.DLL
0xBF1E7000 \SystemRoot\System32\igxpdx32.DLL
0xBF47A000 \SystemRoot\System32\ATMFD.DLL
0xA8BCA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA894D000 \SystemRoot\system32\drivers\wdmaud.sys
0xA8C72000 \SystemRoot\system32\drivers\sysaudio.sys
0xA8650000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA84E0000 \SystemRoot\system32\DRIVERS\srv.sys
0xBA656000 \SystemRoot\system32\drivers\regi.sys
0xA8320000 \SystemRoot\system32\drivers\cfwids.sys
0xA7D9B000 \SystemRoot\System32\Drivers\HTTP.sys
0xA7D0D000 \SystemRoot\system32\drivers\mfeapfk.sys
0xA7F44000 \SystemRoot\system32\drivers\mfebopk.sys
0xA76A8000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \windows\system32\ntdll.dll

Processes (total 43):
0 System Idle Process
4 System
1012 C:\windows\system32\smss.exe
1072 csrss.exe
1096 C:\windows\system32\winlogon.exe
1140 C:\windows\system32\services.exe
1152 C:\windows\system32\lsass.exe
1328 C:\windows\system32\svchost.exe
1420 svchost.exe
1544 C:\windows\system32\svchost.exe
1648 svchost.exe
1796 svchost.exe
1884 C:\windows\system32\spoolsv.exe
440 C:\windows\explorer.exe
648 C:\windows\system32\igfxtray.exe
656 C:\windows\system32\hkcmd.exe
664 C:\windows\system32\igfxpers.exe
692 svchost.exe
736 C:\windows\system32\igfxsrvc.exe
860 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
928 C:\windows\SMINST\Scheduler.exe
960 C:\windows\system32\lxdncoms.exe
468 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
1336 C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
1456 C:\Program Files\Lexmark 2600 Series\ezprint.exe
1632 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
1812 C:\windows\system32\mfevtps.exe
1996 C:\Program Files\McAfee.com\Agent\mcagent.exe
2036 sqlservr.exe
2044 C:\windows\system32\ctfmon.exe
128 C:\Program Files\Messenger\msmsgs.exe
148 C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
584 C:\Program Files\PDF Complete\pdfsvc.exe
936 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
1076 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1268 C:\windows\system32\svchost.exe
1604 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
2052 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
2156 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
3288 C:\windows\system32\rundll32.exe
4016 alg.exe
2384 C:\windows\system32\taskmgr.exe
3844 C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000021`43000000 (NTFS)

PhysicalDrive0 Model Number: ST3160318AS, Rev: HP34

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Hewlett-Packard MBR code detected
SHA1: 6DE5B7C1EEAFBE901B2807597A84F9F19604E031

Done!

Broni · Feb 27, 2011

"Better" means it still happens?

Halfday24 · Feb 27, 2011

I have the firewall and the anti-virus turned off. How do I disable script blocking?

Halfday24 · Feb 27, 2011

Better means that the sites I went to yesterday that resulted in a redirect are working correctly now. I didn't do a lot of testing because I want to continue on with the process and get everything safe before I do a bunch of browsing. I'm in the process of preparing to run the ComboFix but want to make sure I have all of the blocking software disabled. How do I know if I have the script blocking turned off properly?

Halfday24 · Feb 27, 2011

ComboFix 11-02-27.01 - Administrator 02/27/2011 18:09:13.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1658 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Application Data\Adobe\plugs
c:\program files\Shared
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2011-01-28 to 2011-02-28 )))))))))))))))))))))))))))))))
.

2011-02-27 00:55 . 2011-02-27 00:55 -------- d-----w- c:\program files\NOS
2011-02-26 18:41 . 2011-02-26 18:42 -------- d-----w- C:\Quarantine
2011-02-26 18:23 . 2011-02-26 18:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2011-02-26 18:23 . 2011-02-26 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-02-26 18:23 . 2010-12-21 00:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-26 18:23 . 2011-02-26 18:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-26 18:23 . 2010-12-21 00:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-26 17:18 . 2011-02-26 17:19 -------- dc-h--w- c:\windows\ie8
2011-02-26 17:16 . 2010-10-18 11:10 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
2011-02-20 17:30 . 2011-02-20 17:30 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2011-01-30 20:57 . 2011-01-30 20:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-27 23:03 . 2008-04-14 09:00 153344 ----a-w- c:\windows\system32\drivers\dmio.sys
2011-01-21 14:44 . 2008-04-14 09:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 09:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2008-04-14 09:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2008-04-14 09:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59 . 2008-04-14 09:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2008-04-14 09:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2008-04-14 09:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2008-04-14 09:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2008-04-14 09:00 385024 ------w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2008-04-14 09:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2008-04-14 09:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42 . 2008-04-14 09:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2008-04-14 09:00 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-26 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-26 137752]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-21 525824]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-07-10 872448]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2008-03-27 660136]
"EzPrint"="c:\program files\Lexmark 2600 Series\ezprint.exe" [2008-03-27 107176]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-23 1193848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\windows\\system32\\lxdncoms.exe"=
"c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdnpswx.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnmon.exe"=
"c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdnjswx.exe"=
"c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdntime.exe"=
"c:\\Program Files\\Lexmark 2600 Series\\lxdnlscn.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [12/22/2010 5:52 AM 84072]
R1 oxpar;%OXPAR.SVCDESC%;c:\windows\system32\drivers\oxpar.sys [1/24/2007 12:28 PM 80128]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [12/22/2010 5:51 AM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [12/22/2010 5:51 AM 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [12/22/2010 5:52 AM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [12/22/2010 5:52 AM 141792]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [10/7/2009 8:40 PM 635416]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [4/17/2007 9:09 PM 11032]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 5:31 AM 92008]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [12/22/2010 5:52 AM 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [12/22/2010 5:52 AM 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [12/22/2010 5:52 AM 88544]
R3 oxmf;OXPCI Bus enumerator;c:\windows\system32\drivers\oxmf.sys [1/24/2007 12:28 PM 21888]
R3 Oxmfuf;Filter driver for OX16PCI95x ports;c:\windows\system32\drivers\oxmfuf.sys [1/24/2007 12:28 PM 5888]
R3 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\oxser.sys [1/24/2007 12:28 PM 70784]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2/27/2008 5:07 PM 98984]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2/3/2010 9:58 PM 88176]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [10/26/2009 9:43 PM 20160]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [12/22/2010 5:52 AM 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [12/22/2010 5:52 AM 84264]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [4/14/2008 3:00 AM 14336]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - KLMDB
*Deregistered* - klmdb
*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://webmail.aol.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-klmdb.sys

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-27 18:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-765832434-3566525949-56134348-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,84,31,6f,15,fc,a1,16,4b,89,41,e1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,84,31,6f,15,fc,a1,16,4b,89,41,e1,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,36,d9,5f,64,11,fe,95,46,a1,00,d1,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-02-27 18:12:41
ComboFix-quarantined-files.txt 2011-02-28 00:12

Pre-Run: 124,418,932,736 bytes free
Post-Run: 124,445,593,600 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - AEEB04F63A9F2724E565CB035E3C4DAE

Broni · Feb 27, 2011

Looks good

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Halfday24 · Feb 27, 2011

OTL logfile created on: 2/27/2011 8:00:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 133.04 Gb Total Space | 115.92 Gb Free Space | 87.14% Space Free | Partition Type: NTFS
Drive D: | 16.00 Gb Total Space | 10.69 Gb Free Space | 66.83% Space Free | Partition Type: NTFS

Computer Name: PH10-22-2009 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/27 19:21:36 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2011/01/17 16:15:32 | 000,822,560 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcupdate.exe
PRC - [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/11/22 18:15:16 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\windows\system32\mfevtps.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 05:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/06/18 10:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/04/14 03:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\windows\explorer.exe
PRC - [2008/03/27 09:13:18 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
PRC - [2008/02/27 17:07:26 | 000,594,600 | ---- | M] ( ) -- C:\windows\system32\lxdncoms.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/07/10 11:53:08 | 000,872,448 | ---- | M] () -- C:\windows\SMINST\Scheduler.exe

========== Modules (SafeList) ==========

MOD - [2011/02/27 19:21:36 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2011/01/04 17:38:44 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (nosGetPlusHelper) getPlus(R)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 22:28:54 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\windows\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 20:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/11/13 05:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/06/18 10:29:12 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/02/27 17:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2008/02/27 17:07:14 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/06/11 17:34:34 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/04/13 19:04:34 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2008/04/13 19:04:32 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2008/04/13 19:04:30 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2008/04/13 19:04:30 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2008/04/13 19:04:30 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2008/04/13 19:04:30 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2008/04/13 19:04:30 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2008/04/13 19:04:30 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2008/04/13 19:04:28 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 19:04:28 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2008/04/13 19:04:28 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2008/04/13 19:04:28 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2008/04/13 19:04:28 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2008/04/13 19:04:28 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2008/04/13 19:04:28 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2008/01/04 00:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/11/06 19:23:56 | 004,622,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\windows\system32\drivers\regi.sys -- (regi)
DRV - [2007/01/24 12:28:00 | 000,080,128 | ---- | M] (OEM) [Kernel | System | Running] -- C:\windows\system32\drivers\oxpar.sys -- (oxpar)
DRV - [2007/01/24 12:28:00 | 000,070,784 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\oxser.sys -- (oxser)
DRV - [2007/01/24 12:28:00 | 000,021,888 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\oxmf.sys -- (oxmf)
DRV - [2007/01/24 12:28:00 | 000,005,888 | ---- | M] (OEM) [Kernel | On_Demand | Running] -- C:\windows\system32\drivers\oxmfuf.sys -- (Oxmfuf)
DRV - [2002/04/04 08:32:06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symmpi.sys -- (Symmpi)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ADM8511.SYS -- (ADM8511)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://webmail.aol.com/
IE - HKU\S-1-5-21-765832434-3566525949-56134348-500\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-765832434-3566525949-56134348-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/02/12 15:38:36 | 000,000,000 | ---D | M]

[2010/03/29 12:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/03/29 12:27:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/03/29 12:27:31 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

O1 HOSTS File: ([2011/02/27 18:11:47 | 000,000,027 | ---- | M]) - C:\windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101222055211.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2600 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Recguard] C:\windows\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\windows\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\windows\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKU\S-1-5-21-765832434-3566525949-56134348-500..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-765832434-3566525949-56134348-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\windows\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\windows\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/02/27 19:21:33 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/02/27 18:12:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/02/27 18:08:13 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/02/27 18:06:25 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/02/27 18:06:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/02/27 18:06:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/02/27 18:06:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/02/27 18:06:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/02/27 18:05:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/27 17:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/02/27 17:00:36 | 001,372,248 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2011/02/26 19:38:19 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2011/02/26 18:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2011/02/26 12:41:21 | 000,000,000 | ---D | C] -- C:\Quarantine
[2011/02/26 12:23:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2011/02/26 12:23:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/26 12:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/26 12:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/26 12:23:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/26 12:23:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/26 12:21:26 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2011/02/26 12:11:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/02/26 11:18:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/02/26 09:45:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
[2011/02/20 11:30:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2011/02/17 16:56:52 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2009/10/26 21:48:59 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDNhcp.dll
[2008/02/27 17:07:28 | 000,320,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnih.exe
[2008/02/27 17:07:26 | 000,594,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncoms.exe
[2008/02/27 17:07:23 | 000,365,224 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncfg.exe
[2007/11/28 17:19:08 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnpmui.dll
[2007/11/28 17:16:04 | 001,101,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnserv.dll
[2007/11/28 17:13:37 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnlmpm.dll
[2007/11/28 17:13:30 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdniesc.dll
[2007/11/28 17:13:22 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomm.dll
[2007/11/28 17:12:26 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnhbn3.dll
[2007/11/28 17:12:07 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnusb1.dll
[2007/11/28 17:11:47 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdncomc.dll
[2007/11/28 17:10:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnprox.dll
[2007/11/28 17:09:17 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdninpa.dll

========== Files - Modified Within 30 Days ==========

[2011/02/27 19:21:36 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/02/27 18:11:47 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/27 18:08:16 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/02/27 17:20:30 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe
[2011/02/27 17:15:55 | 004,276,140 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/02/27 17:04:54 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/27 17:04:29 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2011/02/27 17:03:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/27 17:00:38 | 000,001,283 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2011/02/26 19:43:01 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2011/02/26 19:42:00 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5kt4lwfo.exe
[2011/02/26 19:38:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2011/02/26 12:58:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/26 12:23:35 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/26 12:22:30 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Malwarebytes.url
[2011/02/26 12:21:36 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2011/02/26 11:21:41 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/26 10:17:59 | 000,000,144 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Multiple Iexplore.exe Processes Running In Task Manager.url
[2011/02/21 11:09:00 | 001,372,248 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2011/02/15 17:22:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/02/12 15:38:40 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/02 12:14:17 | 000,001,734 | -H-- | M] () -- C:\Documents and Settings\Administrator\My Documents\Default.rdp

========== Files Created - No Company Name ==========

[2011/02/27 18:08:16 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/02/27 18:08:14 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/02/27 18:06:25 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/27 18:06:25 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/27 18:06:25 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/27 18:06:25 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/27 18:06:25 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/02/27 17:20:30 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe
[2011/02/27 17:15:51 | 004,276,140 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/02/27 16:54:36 | 000,001,283 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
[2011/02/26 19:43:00 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2011/02/26 19:41:58 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\5kt4lwfo.exe
[2011/02/26 12:23:35 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/26 12:17:09 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Malwarebytes.url
[2011/02/26 10:17:59 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Multiple Iexplore.exe Processes Running In Task Manager.url
[2010/09/26 19:36:02 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/08 20:26:50 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/06/08 20:26:50 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\C8745E31C5.sys
[2009/10/26 21:49:03 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdnrwrd.ini
[2009/10/26 21:48:59 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDNinst.dll
[2009/10/26 21:47:25 | 000,348,160 | R--- | C] () -- C:\WINDOWS\System32\lxdncoin.dll
[2009/10/07 20:50:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/10/07 20:31:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/10/07 20:13:00 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2009/04/06 09:00:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/06 08:51:50 | 000,491,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/06 08:51:50 | 000,090,030 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/06 08:48:38 | 000,274,168 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/04/06 08:40:43 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/06 08:35:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/14 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/02/07 14:13:51 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdngrd.dll
[2007/11/28 11:51:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdnvs.dll
[2007/11/20 18:02:39 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\lxdndrs.dll
[2007/11/20 17:44:48 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\lxdncaps.dll
[2007/10/02 16:51:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdncnv4.dll
[2002/05/28 10:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 10:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/05/08 12:12:22 | 000,000,790 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== LOP Check ==========

[2010/04/07 14:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/08 20:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2009/10/07 20:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2010/03/29 12:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TomTom
[2011/02/23 00:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PDFC
[2010/03/29 12:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/10/07 20:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2009/10/07 20:46:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/03/23 08:23:20 | 000,051,465 | ---- | M] () -- C:\AR00007168ARR001.J01
[2009/10/26 18:19:02 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/02/27 18:08:16 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/02/27 18:12:41 | 000,012,569 | ---- | M] () -- C:\ComboFix.txt
[2010/03/25 11:59:18 | 000,030,720 | ---- | M] () -- C:\Mary Zylka Resume.doc
[2010/09/27 21:25:37 | 000,011,405 | ---- | M] () -- C:\names.docx
[2008/04/14 03:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 03:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/02/27 17:03:45 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2011/02/27 17:02:48 | 000,044,604 | ---- | M] () -- C:\TDSSKiller.2.4.18.0_27.02.2011_17.00.46_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\windows\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\windows\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\windows\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/04/06 08:40:04 | 000,000,067 | -HS- | M] () -- C:\windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/02/27 05:05:40 | 000,115,200 | ---- | M] () -- C:\windows\system32\spool\prtprocs\w32x86\lxdndrpp.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >
[2007/02/12 15:58:11 | 000,473,403 | ---- | M] () -- C:\windows\HP2_1024x768.jpg
[2008/03/25 17:38:54 | 000,152,632 | ---- | M] () -- C:\windows\HP3_1024x768.jpg

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/04/06 01:24:55 | 000,094,208 | ---- | M] () -- C:\windows\system32\config\default.sav
[2009/04/06 01:24:55 | 001,089,536 | ---- | M] () -- C:\windows\system32\config\software.sav
[2009/04/06 01:24:55 | 000,876,544 | ---- | M] () -- C:\windows\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/04/06 08:41:31 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2009/10/07 20:40:05 | 000,000,152 | ---- | M] () -- C:\windows\system32\config\systemprofile\BCM_DropUserDatabases.txt

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/26 18:21:27 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/04/06 08:50:34 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/02/26 19:42:00 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5kt4lwfo.exe
[2011/02/27 17:15:55 | 004,276,140 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/02/26 12:21:36 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2011/02/27 17:20:30 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe
[2009/10/26 12:35:52 | 037,694,488 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\mcafee.exe
[2011/02/27 19:21:36 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/02/21 11:09:00 | 001,372,248 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2011/02/26 19:38:21 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/03/29 12:24:48 | 020,299,200 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\Administrator\Desktop\TomTomHOME2winlatest.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/26 18:21:27 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Administrator\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/10/26 21:49:37 | 000,000,252 | ---- | M] () -- C:\Documents and Settings\All Users\FastPics.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/02/25 23:35:48 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Administrator\Cookies\desktop.ini
[2011/02/27 19:21:51 | 000,180,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/14 03:00:00 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\windows\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 03:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2007/04/03 03:37:24 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2007/04/03 03:37:24 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 08:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/14 03:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 09:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/03 03:37:24 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/03 03:37:24 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/03 03:37:26 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2007/04/03 03:37:28 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2007/04/03 03:34:02 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< >

< End of report >

Halfday24 · Feb 27, 2011

OTL Extras logfile created on: 2/27/2011 8:00:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 75.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 133.04 Gb Total Space | 115.92 Gb Free Space | 87.14% Space Free | Partition Type: NTFS
Drive D: | 16.00 Gb Total Space | 10.69 Gb Free Space | 66.83% Space Free | Partition Type: NTFS

Computer Name: PH10-22-2009 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\windows\system32\lxdncoms.exe" = C:\windows\system32\lxdncoms.exe:*:Enabled:2600 Series Server -- ( )
"C:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe" = C:\windows\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled

rinter Status Window Interface -- ()
"C:\Program Files\Lexmark 2600 Series\lxdnmon.exe" = C:\Program Files\Lexmark 2600 Series\lxdnmon.exe:*:Enabled

rinter Device Monitor -- ()
"C:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe" = C:\windows\system32\spool\drivers\w32x86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe" = C:\windows\system32\spool\drivers\w32x86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe" = C:\Program Files\Lexmark 2600 Series\lxdnlscn.exe:*:Enabled: -- ()
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{4571CC76-42C4-7D67-E024-0AEB166E1C6F}" = Acrobat.com
"{49FA793C-785E-47E9-93DF-BD442B0B45D1}" = McAfee Virtual Technician
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"Lexmark 2600 Series" = Lexmark 2600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSC" = McAfee AntiVirus Plus
"PDF Complete" = PDF Complete Special Edition
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Winmail Opener" = Winmail Opener 1.4
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/26/2011 12:20:15 AM | Computer Name = PH10-22-2009 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/26/2011 1:14:13 AM | Computer Name = PH10-22-2009 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/26/2011 9:46:35 AM | Computer Name = PH10-22-2009 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/26/2011 9:57:06 AM | Computer Name = PH10-22-2009 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2/26/2011 11:50:36 AM | Computer Name = PH10-22-2009 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module unknown, version 0.0.0.0, fault address 0x00f90000.

Error - 2/26/2011 1:15:20 PM | Computer Name = PH10-22-2009 | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 2/26/2011 1:15:20 PM | Computer Name = PH10-22-2009 | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 2/26/2011 1:15:20 PM | Computer Name = PH10-22-2009 | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 2/26/2011 1:15:20 PM | Computer Name = PH10-22-2009 | Source = Userenv | ID = 1041
Description = Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
and it will not be loaded. This is most likely caused by a faulty registration.

Error - 2/26/2011 1:29:15 PM | Computer Name = PH10-22-2009 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ OSession Events ]
Error - 3/31/2010 4:15:41 AM | Computer Name = PH10-22-2009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18100
seconds with 240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/26/2011 9:56:07 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7034
Description = The McAfee Validation Trust Protection Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 2/26/2011 9:59:05 PM | Computer Name = PH10-22-2009 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 2/26/2011 9:59:05 PM | Computer Name = PH10-22-2009 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 2/26/2011 9:59:28 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the lxdnCATSCustConnectService
service to connect.

Error - 2/26/2011 9:59:28 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 2/26/2011 11:42:33 PM | Computer Name = PH10-22-2009 | Source = Print | ID = 6161
Description = The document Test Page owned by Administrator failed to print on printer
Lexmark 2600 Series. Data type: LEMF. Size of the spool file in bytes: 134262.
Number of bytes printed: 134262. Total number of pages in the document: 1. Number
of pages printed: 0. Client machine: \\PH10-22-2009. Win32 error code returned
by the print processor: 0 (0x0).

Error - 2/27/2011 7:04:07 PM | Computer Name = PH10-22-2009 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 2/27/2011 7:04:38 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the lxdnCATSCustConnectService
service to connect.

Error - 2/27/2011 7:04:38 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 2/27/2011 8:04:58 PM | Computer Name = PH10-22-2009 | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).

< End of report >

Broni · Feb 27, 2011

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

========================================================================

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-765832434-3566525949-56134348-500\..Trusted Domains: mcafee.com ([]https in Trusted sites)
[2010/06/08 20:26:50 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\C8745E31C5.sys


:Services

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" =-

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

========================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

Halfday24 · Feb 27, 2011

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//about.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Exclude.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//FWEvent.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//LanguageSelection.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Message.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryCmd.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyAgttryNag.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//MyNotification.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//NOCLessUpdate.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//quarantine.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//ScanNow.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//strings.vbs/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Template.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//Update.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\//VirFound.htm/\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\betavscan\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\vs\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafeeasap.com\www\ not found.
Registry key HKEY_USERS\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-765832434-3566525949-56134348-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
C:\Documents and Settings\All Users\Application Data\C8745E31C5.sys moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\\DisableMonitoring deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 382001 bytes
->Temporary Internet Files folder emptied: 8647834 bytes
->Java cache emptied: 1970 bytes
->Flash cache emptied: 790 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 9.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.22.2 log created on 02272011_211103

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_380.dat not found!

Registry entries deleted on Reboot...

Halfday24 · Feb 27, 2011

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
McAfee AntiVirus Plus
McAfee Virtual Technician
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player
Adobe Reader 9.4.2
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

Solved Google search result links redirecting to other websites & multiple IE processes

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 51 +0

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 51 +0

Posts: 56,041 +516

Posts: 51 +0

Posts: 51 +0

Similar threads