Post by: yodeb9 on August 12, 2006, 12:17:27 PM
Scan saved at 10:04:13 AM, on 8/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
c:\program files\common files\aol\1139964437\ee\services\sscAntiSpywarePlugin\ver1_210_2_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1139964437\ee\aolssc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Debi\Local Settings\Temporary Internet Files\Content.IE5\0YK9DEL4\HijackThis[1].exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\mcafee.com\ANTIVI~1\OasClnt.exe
c:\program files\common files\aol\1139964437\ee\aolsoftware.exe
C:\DOCUME~1\Debi\LOCALS~1\Temp\Rar$EX00.234\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\SSCRun.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\j80s0id7e80.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: yodeb9 on August 12, 2006, 02:56:06 PM
Post by: guestolo on August 12, 2006, 05:21:38 PM
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
+REDownload Hijackthis from my signature below and save too a permanent folder of it's own onto your harddrive
ONLY run hijackthis from this new location
Post a fresh hijackthis log too please
Post by: yodeb9 on August 13, 2006, 09:43:58 AM
Running from: C:\Documents and Settings\Debi\Desktop
((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon\Settings
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wzcnotif
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
REGISTRY ENTRIES REMOVED:
[HKEY_CLASSES_ROOT\clsid\{06F2C52B-8DC6-419D-ABAC-336488FFA126}]
@=""
[HKEY_CLASSES_ROOT\clsid\{06F2C52B-8DC6-419D-ABAC-336488FFA126}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\clsid\{06F2C52B-8DC6-419D-ABAC-336488FFA126}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\clsid\{06F2C52B-8DC6-419D-ABAC-336488FFA126}\InprocServer32]
@="C:\\WINDOWS\\system32\\kldno.dll"
"ThreadingModel"="Apartment"
Granting sedebugprivilege to Administrators ... successful
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-08-12 10:41:24 ( .D... ) "C:\Documents and Settings\Debi\Application Data\AVG7"
2006-08-12 10:41:02 ( .D... ) "C:\Program Files\Grisoft"
2006-08-12 06:04:30 ( .D... ) "C:\Program Files\Windows Live Safety Center"
2006-08-11 19:33:50 50912 ( A.... ) "C:\WINDOWS\iconu.exe"
2006-08-04 08:44:46 ( .D... ) "C:\Documents and Settings\Debi\Application Data\Prevx"
2006-08-02 11:40:50 ( .D... ) "C:\Program Files\Common Files\InterVideo"
2006-08-02 11:40:42 ( .D... ) "C:\Program Files\InterActual"
2006-08-02 11:40:40 ( .D... ) "C:\Program Files\Creative"
2006-08-02 11:31:48 ( .DSH. ) "C:\Program Files\winupdates"
2006-08-02 10:33:22 ( .D... ) "C:\Documents and Settings\Debi\Application Data\InterVideo"
2006-08-01 21:34:50 ( .D... ) "C:\Program Files\Microsoft ActiveSync"
2006-08-01 21:34:12 ( .D... ) "C:\Program Files\Common Files\DESIGNER"
2006-08-01 21:33:52 ( .D... ) "C:\Program Files\Microsoft.NET"
2006-07-30 09:17:28 ( .D... ) "C:\Program Files\Common Files\aolback"
2006-07-30 09:16:46 ( .D... ) "C:\Program Files\AOL Companion"
2006-07-30 09:16:06 157696 ( A.... ) "C:\WINDOWS\system32\rmoc3260.dll"
2006-07-30 09:14:14 ( .D... ) "C:\Program Files\America Online 9.0"
2006-07-30 08:45:54 ( .D... ) "C:\Program Files\Common Files\AOLSHARE"
2006-07-30 08:23:14 ( .D... ) "C:\Program Files\Common Files\Napster Shared"
2006-07-29 10:40:02 ( .D... ) "C:\Program Files\Common Files\Napster Shared(2)"
2006-07-26 15:49:24 159744 ( A.... ) "C:\WINDOWS\system32\cvn0.exe"
2006-07-14 08:31:40 332288 ( A.... ) "C:\WINDOWS\system32\netapi32.dll"
2006-07-03 07:53:04 ( .D... ) "C:\Documents and Settings\Debi\Application Data\McAfee.com Personal Firewall"
2006-07-03 07:39:00 205 ( A.... ) "C:\WINDOWS\miqcx.dll"
2006-07-03 07:09:26 234272 ( ..S.R ) "C:\WINDOWS\system32\wyvcore.dll"
2006-07-03 06:45:56 235134 ( A.... ) "C:\WINDOWS\srvkqpjgtn.exe"
2006-07-03 06:45:18 234272 ( ..S.R ) "C:\WINDOWS\system32\ilv6mon.dll"
2006-07-03 06:45:12 234272 ( ..S.R ) "C:\WINDOWS\system32\it41_qc.dll"
2006-07-03 06:44:18 0 ( A.... ) "C:\WINDOWS\system32ghynf.exe"
2006-07-03 06:44:16 45056 ( A.... ) "C:\WINDOWS\system32\ghynf.exe"
2006-07-02 14:23:34 ( .DSH. ) "C:\Program Files\outlook"
2006-07-02 14:06:22 ( .D... ) "C:\Program Files\LG Software Innovations"
2006-06-22 20:05:36 ( .D... ) "C:\Program Files\Sunbelt Software"
2006-06-13 22:23:50 0 ( A.... ) "C:\Documents and Settings\Debi\Application Data\wklnhst.dat"
2006-06-02 13:39:46 402736 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll"
2006-05-19 05:59:42 148480 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll"
2006-05-19 05:59:42 111616 ( A.... ) "C:\WINDOWS\system32\dhcpcsvc.dll"
2006-05-19 05:59:42 94720 ( A.... ) "C:\WINDOWS\system32\iphlpapi.dll"
(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))
2006-08-12 10:39 73,728 C:\WINDOWS\system32\asuninst.exe
2006-08-12 10:39 11,776 C:\WINDOWS\system32\ZPORT4AS.dll
2006-08-11 19:33 50,912 C:\WINDOWS\iconu.exe
2006-08-10 15:23 6,144 C:\WINDOWS\system32\snmpmib.dll
2006-08-10 09:33 39,936 C:\WINDOWS\system32\hostmib.dll
2006-08-10 09:19 1,072,156,672 C:\hiberfil.sys
2006-08-09 17:27 33,792 C:\WINDOWS\system32\lmmib2.dll
2006-08-02 11:40 77,824 C:\WINDOWS\system32\ctdvda32.dll
2006-07-30 09:15 24,659 C:\WINDOWS\system32\aolddial.dll
2006-07-30 09:15 153,088 C:\WINDOWS\system32\jgdwmie.dll
2006-07-30 09:14 65,536 C:\WINDOWS\wanmpsvc.exe
2006-07-30 09:14 1,706,800 C:\WINDOWS\system32\gdiplus.dll
2006-07-03 07:52 8,704 C:\WINDOWS\system32\MPFApi.dll
2006-07-03 07:18 41,018 C:\WINDOWS\system32\EntAPI.dll
2006-07-03 07:09 234,272 C:\WINDOWS\system32\wyvcore.dll
2006-07-03 06:47 205 C:\WINDOWS\miqcx.dll
2006-07-03 06:45 235,134 C:\WINDOWS\srvkqpjgtn.exe
2006-07-03 06:45 234,272 C:\WINDOWS\system32\it41_qc.dll
2006-07-03 06:45 234,272 C:\WINDOWS\system32\ilv6mon.dll
2006-07-03 06:44 45,056 C:\WINDOWS\system32\ghynf.exe
2006-07-03 06:44 159,744 C:\WINDOWS\system32\cvn0.exe
2006-07-03 06:44 0 C:\WINDOWS\system32ghynf.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"EPSON Stylus Photo 2200"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S10IC2.EXE /P23 \"EPSON Stylus Photo 2200\" /O6 \"USB001\" /M \"Stylus Photo 2200\""
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"TVTunerLib"="C:\\Program Files\\Common Files\\Sony Shared\\TVTunerLib\\TVTLInstTool.exe"
"Mouse Suite 98 Daemon"="ICO.EXE"
"Alcmtr"="ALCMTR.EXE"
"VAIO Update 2"="\"C:\\Program Files\\Sony\\VAIO Update 2\\VAIOUpdt.exe\" /Stationary"
"sscRun"="C:\\Program Files\\Common Files\\AOL\\1139964437\\ee\\services\\sscFirewallPlugin\\ver1_210_2_1\\SSCRun.exe"
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"OASClnt"="C:\\Program Files\\mcafee.com\\antivirus\\oasclnt.exe"
"SonyPowerCfg"="C:\\Program Files\\Sony\\VAIO Power Management\\SPMgr.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"VZRemoteCommander"="C:\\Program Files\\Sony\\VAIO Zone Remote Commander\\AvRmtCtr.exe"
"RTHDCPL"="RTHDCPL.EXE"
"EmailScan"="C:\\Program Files\\mcafee.com\\antivirus\\mcvsescn.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Switcher.exe"="C:\\Program Files\\Sony\\Wireless Switch Setting Utility\\Switcher.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1139964437\\ee\\AOLSoftware.exe"
"MPFExe"="C:\\Program Files\\mcafee.com\\personal firewall\\MPfTray.exe"
"SsAAD.exe"="C:\\PROGRA~1\\sony\\SONICS~1\\SsAAD.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ISBMgr.exe"="C:\\Program Files\\Sony\\ISB Utility\\ISBMgr.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
"flags"=dword:00000008
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\000]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="C:\\Program Files\\MSN Gaming Zone\\kyzeqemih.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="C:\\Program Files\\Apoint\\howyn.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,20,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{FA010552-4A27-4cb1-A1BB-3E2D697F1639}"="SpySubtract Shell Extension"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\InterVideo WinCinema Manager.lnk"
"backup"="C:\\WINDOWS\\pss\\InterVideo WinCinema Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\INTERV~1\\Common\\Bin\\WINCIN~1.EXE "
"item"="InterVideo WinCinema Manager"
Contents of the 'Scheduled Tasks' folder
Completion time: Sun 08/13/2006 7:32:55.82
ComboFix ver 06.07.15/30 - This logfile is located at C:\ComboFix.txt
ComboFix.2006-08-13.073003.txt
doing the hijack this thing now...
Logfile of HijackThis v1.99.1
Scan saved at 7:43:15 AM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\aolsoftware.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\common files\aol\1139964437\ee\services\sscAntiSpywarePlugin\ver1_210_2_1\AOLSP Scheduler.exe
C:\WINDOWS\system32\NOTEPAD.EXE
c:\program files\common files\aol\1139964437\ee\aolssc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\SSCRun.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: yodeb9 on August 13, 2006, 10:51:29 AM
Partition table (MBR) - OK - Quick checked
Boot sector of disk C: - OK - Quick checked
System registry Software\Microsoft\Windows NT\CurrentVersion\Windows\Load Scanned
System registry Software\Microsoft\Windows NT\CurrentVersion\Windows\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnceEx Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServices Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServicesOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnceEx Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServices Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServicesOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Winlogon\Userinit Scanned
System registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Scanned
System registry exefile\shell\open\command Scanned
System registry scrfile\shell\open\command Scanned
System registry scrfile\shell\config\command Scanned
System registry batfile\shell\open\command Scanned
System registry cmdfile\shell\open\command Scanned
System registry comfile\shell\open\command Scanned
System registry piffile\shell\open\command Scanned
System registry giffile\shell\open\command Scanned
System registry htmlfile\shell\open\command Scanned
System registry htafile\shell\open\command Scanned
System registry jpegfile\shell\open\command Scanned
System registry txtfile\shell\open\command Scanned
System registry regfile\shell\open\command Scanned
System registry cplfile\shell\cplopen\command Scanned
System registry Word.Document.8\shell\open\command Scanned
System registry WordPad.Document.1\shell\open\command Scanned
System registry inffile\shell\open\command Scanned
System registry vbsfile\shell\open\command Scanned
System registry vbefile\shell\open\command Scanned
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe - OK - Quick checked
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe - OK - Quick checked
C:\PROGRA~1\sony\SONICS~1\SSAAD.exe - OK - Quick checked
C:\Program Files\Apoint\Apoint.exe - OK - Quick checked
C:\Program Files\Common Files\AOL\1139964437\ee\aolsoftware.exe - OK - Quick checked
C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\sscRun.exe - OK - Quick checked
C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe - OK - Quick checked
C:\Program Files\Internet Explorer\IEXPLORE.EXE - OK - Quick checked
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE - OK - Quick checked
C:\Program Files\QuickTime\qttask.exe - OK - Quick checked
C:\Program Files\Real\RealPlayer\realplay.exe - OK - Quick checked
C:\Program Files\Sony\ISB Utility\ISBMgr.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe - OK - Quick checked
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe - OK - Quick checked
C:\Program Files\mcafee.com\antivirus\mcvsescn.exe - OK - Quick checked
C:\Program Files\mcafee.com\antivirus\oasclnt.exe - OK - Quick checked
C:\Program Files\mcafee.com\personal firewall\MpfTray.exe - OK - Quick checked
C:\WINDOWS\ALCMTR.EXE - OK - Quick checked
C:\WINDOWS\RTHDCPL.EXE - OK - Quick checked
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE - OK - Quick checked
C:\WINDOWS\regedit.exe - OK - Quick checked
C:\WINDOWS\system32\hkcmd.exe - OK - Quick checked
C:\WINDOWS\system32\igfxtray.exe - OK - Quick checked
C:\WINDOWS\system32\mshta.exe - OK - Quick checked
C:\WINDOWS\system32\rundll32.exe - OK - Quick checked
C:\WINDOWS\system32\shell32.dll - OK - Quick checked
C:\WINDOWS\system32\shimgvw.dll - OK - Quick checked
C:\WINDOWS\system32\kernel32.dll - OK - Quick checked
C:\WINDOWS\system32\wsock32.dll - OK - Quick checked
C:\WINDOWS\system32\user32.dll - OK - Quick checked
C:\WINDOWS\system32\shell32.dll - OK - Quick checked
C:\WINDOWS\system32\ntoskrnl.exe - OK - Quick checked
C:\WINDOWS\system32\drivers\etc\hosts - OK - Quick checked
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041920.exe Trojan horse Downloader.Generic.HWZ Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041921.exe Trojan horse Downloader.Generic2.JFD Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041922.exe Trojan horse Downloader.Generic2.IBN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041923.exe Trojan horse Downloader.Generic2.IBN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041924.exe Trojan horse Downloader.Generic2.IBN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041927.exe Trojan horse Downloader.Generic.HGT Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041928.exe Trojan horse Downloader.Generic.HGT Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041929.exe Trojan horse Dropper.Agent.PP Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041931.exe Trojan horse Downloader.Generic2.GDZ Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041932.exe Trojan horse Dropper.Agent.ALO Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041934.exe Trojan horse Dropper.Agent.PP Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042206.exe Trojan horse Clicker.COR Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042243.exe Trojan horse Downloader.Generic.VPJ Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042245.exe Trojan horse Downloader.Generic.YZD Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042249.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042698.exe Trojan horse Downloader.Generic.HWZ Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042699.exe Trojan horse Downloader.Generic2.HQQ Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042701.exe Trojan horse Downloader.Generic2.HQR Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042703.exe Trojan horse Downloader.Generic.JAD Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042705.exe Trojan horse Downloader.Generic2.HQP Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043261.exe Trojan horse Downloader.Generic2.DXO Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043289.exe Trojan horse Clicker.BHH Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043297.exe Trojan horse Downloader.Generic2.JGM Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043298.exe Trojan horse Downloader.Generic2.JGB Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043299.exe Trojan horse Clicker.COR Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043321.exe Trojan horse Generic.YMN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043324.exe Trojan horse Generic.YMN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP136\A0043360.exe Trojan horse Downloader.Dyfica.3.AP Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP141\A0044636.exe Trojan horse Generic.YMN Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP141\A0044668.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP141\A0044722.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP142\A0044831.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP143\A0044885.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP143\A0044912.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP143\A0045912.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP143\A0045944.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP143\A0045949.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046190.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046209.dll Trojan horse Downloader.Agent.ETT Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046210.exe Trojan horse Downloader.Generic2.JVR Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046247.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046248.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046249.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046250.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046251.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046252.DLL Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046253.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046254.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046255.dll Trojan horse Look2me Infected
C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP145\A0046256.dll Trojan horse Look2me Infected
System registry Software\Microsoft\Windows NT\CurrentVersion\Windows\Load Scanned
System registry Software\Microsoft\Windows NT\CurrentVersion\Windows\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnceEx Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServices Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServicesOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Run Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunOnceEx Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServices Scanned
System registry Software\Microsoft\Windows\CurrentVersion\RunServicesOnce Scanned
System registry Software\Microsoft\Windows\CurrentVersion\Winlogon\Userinit Scanned
System registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Scanned
System registry exefile\shell\open\command Scanned
System registry scrfile\shell\open\command Scanned
System registry scrfile\shell\config\command Scanned
System registry batfile\shell\open\command Scanned
System registry cmdfile\shell\open\command Scanned
System registry comfile\shell\open\command Scanned
System registry piffile\shell\open\command Scanned
System registry giffile\shell\open\command Scanned
System registry htmlfile\shell\open\command Scanned
System registry htafile\shell\open\command Scanned
System registry jpegfile\shell\open\command Scanned
System registry txtfile\shell\open\command Scanned
System registry regfile\shell\open\command Scanned
System registry cplfile\shell\cplopen\command Scanned
System registry Word.Document.8\shell\open\command Scanned
System registry WordPad.Document.1\shell\open\command Scanned
System registry inffile\shell\open\command Scanned
System registry vbsfile\shell\open\command Scanned
System registry vbefile\shell\open\command Scanned
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe - OK - Quick checked
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe - OK - Quick checked
C:\PROGRA~1\sony\SONICS~1\SSAAD.exe - OK - Quick checked
C:\Program Files\Apoint\Apoint.exe - OK - Quick checked
C:\Program Files\Common Files\AOL\1139964437\ee\aolsoftware.exe - OK - Quick checked
C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\sscRun.exe - OK - Quick checked
C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe - OK - Quick checked
C:\Program Files\Internet Explorer\IEXPLORE.EXE - OK - Quick checked
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE - OK - Quick checked
C:\Program Files\QuickTime\qttask.exe - OK - Quick checked
C:\Program Files\Real\RealPlayer\realplay.exe - OK - Quick checked
C:\Program Files\Sony\ISB Utility\ISBMgr.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe - OK - Quick checked
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe - OK - Quick checked
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe - OK - Quick checked
C:\Program Files\mcafee.com\antivirus\mcvsescn.exe - OK - Quick checked
C:\Program Files\mcafee.com\antivirus\oasclnt.exe - OK - Quick checked
C:\Program Files\mcafee.com\personal firewall\MpfTray.exe - OK - Quick checked
C:\WINDOWS\ALCMTR.EXE - OK - Quick checked
C:\WINDOWS\RTHDCPL.EXE - OK - Quick checked
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE - OK - Quick checked
C:\WINDOWS\regedit.exe - OK - Quick checked
C:\WINDOWS\system32\hkcmd.exe - OK - Quick checked
C:\WINDOWS\system32\igfxtray.exe - OK - Quick checked
C:\WINDOWS\system32\mshta.exe - OK - Quick checked
C:\WINDOWS\system32\rundll32.exe - OK - Quick checked
C:\WINDOWS\system32\shell32.dll - OK - Quick checked
C:\WINDOWS\system32\shimgvw.dll - OK - Quick checked
Post by: guestolo on August 13, 2006, 10:58:45 AM
- Right click the BFU folder on your desktop, and choose Extract All
- Click "Next"
- In the box to choose where to extract the files to, click "Browse"
- Click on the + sign next to "My Computer"
- Click on "Local Disk (C:) or whatever your primary drive is
- Click "Make New Folder"
- Type in BFU
- Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
Save it to the same folder you made earlier (c:\BFU)[/list].
==Go to Start > My Computer and navigate to the C:\BFU folder.
- Start the Brute Force Uninstaller by doubleclicking BFU.exe
- Next to the scriptline to execute field click the folder icon (http://metallica.geekstogo.com/foldericon.png) and select alcanshorty.bfu
- Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.)
- Wait for the complete script execution box to pop up and press OK.
- Press exit to terminate the BFU program.
* Click on Avenger.zip to open the file
* Extract avenger.exe to your desktop
Copy all the text contained in the quote box below to your Clipboard by highlighting it and pressing the (Ctrl+C) on your keyboard
Quote
files to delete:
C:\WINDOWS\iconu.exe
C:\WINDOWS\system32\wyvcore.dll
C:\WINDOWS\miqcx.dll
C:\WINDOWS\srvkqpjgtn.exe
C:\WINDOWS\system32\it41_qc.dll
C:\WINDOWS\system32\ilv6mon.dll
C:\WINDOWS\system32\ghynf.exe
C:\WINDOWS\system32\cvn0.exe
C:\WINDOWS\system32\kldno.dll
C:\Program Files\MSN Gaming Zone\kyzeqemih.html
C:\Program Files\Apoint\howyn.html
Now, start The Avenger program by clicking on its icon on your desktop
* Under "Script file to execute" choose "Input Script Manually".
* Now click on the Magnifying Glass icon which will open a new window titled "View/edit script"
* Paste the text copied to clipboard into this window by pressing (Ctrl+V).
* Click Done
* Now click on the Green Light to begin execution of the script
* Answer "Yes" twice when prompted.
Avenger should now Reboot your computer
Back in Windows
1. Open the Control Panel.
2. Open Display Properties.
3. Click the Desktop tab.
4. Click the Customize Desktop button.
5 Click the Web tab in the Desktop Items window.
7. Uncheck anything in this box except for My Current Home Page if it is selected
You have multiple Virus scanners installed
I would stick with ONE, more than one can cause conflicts and system instabilities
It's possible all of the next 3 are running
AVG, McAfee and AOL's AV
I would stick with either AVG OR McAfee and uninstall the others
Reboot after you decide which to keep
Can you post all the following back please
1. A fresh hijackthis log
2. The log created from avenger>>A copy of it is created here C:\Avenger.txt
Post by: yodeb9 on August 13, 2006, 11:25:39 AM
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\cvknnwyj
*******************
Script file located at: \??\C:\Documents and Settings\lihfyvby.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\iconu.exe deleted successfully.
File C:\WINDOWS\system32\wyvcore.dll deleted successfully.
File C:\WINDOWS\miqcx.dll deleted successfully.
File C:\WINDOWS\srvkqpjgtn.exe deleted successfully.
File C:\WINDOWS\system32\it41_qc.dll deleted successfully.
File C:\WINDOWS\system32\ilv6mon.dll deleted successfully.
File C:\WINDOWS\system32\ghynf.exe not found!
Deletion of file C:\WINDOWS\system32\ghynf.exe failed!
Could not process line:
C:\WINDOWS\system32\ghynf.exe
Status: 0xc0000034
File C:\WINDOWS\system32\cvn0.exe not found!
Deletion of file C:\WINDOWS\system32\cvn0.exe failed!
Could not process line:
C:\WINDOWS\system32\cvn0.exe
Status: 0xc0000034
File C:\WINDOWS\system32\kldno.dll not found!
Deletion of file C:\WINDOWS\system32\kldno.dll failed!
Could not process line:
C:\WINDOWS\system32\kldno.dll
Status: 0xc0000034
File C:\Program Files\MSN Gaming Zone\kyzeqemih.html not found!
Deletion of file C:\Program Files\MSN Gaming Zone\kyzeqemih.html failed!
Could not process line:
C:\Program Files\MSN Gaming Zone\kyzeqemih.html
Status: 0xc0000034
File C:\Program Files\Apoint\howyn.html not found!
Deletion of file C:\Program Files\Apoint\howyn.html failed!
Could not process line:
C:\Program Files\Apoint\howyn.html
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
Logfile of HijackThis v1.99.1
Scan saved at 9:25:00 AM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
c:\program files\common files\aol\1139964437\ee\services\sscAntiSpywarePlugin\ver1_210_2_1\AOLSP Scheduler.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\common files\aol\1139964437\ee\aolssc.exe
C:\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\SSCRun.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: guestolo on August 13, 2006, 11:32:24 AM
and do more harm than good
I would still decide which scanner your happier with and disable or uninstall the others
Do a "System scan only" with Hijackthis and put a check next to these entries:
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot your computer
Let me know how everythings running afterwards, we just have some final cleanup
Post by: yodeb9 on August 13, 2006, 11:44:47 AM
here is the latest log
Logfile of HijackThis v1.99.1
Scan saved at 9:43:03 AM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\common files\aol\1139964437\ee\services\sscAntiSpywarePlugin\ver1_210_2_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1139964437\ee\aolssc.exe
C:\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1139964437\ee\services\sscFirewallPlugin\ver1_210_2_1\SSCRun.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: guestolo on August 13, 2006, 11:49:53 AM
Post by: yodeb9 on August 13, 2006, 11:58:05 AM
Post by: guestolo on August 13, 2006, 12:04:13 PM
==Download, install, and update Ewido anti-spyware (http://\"http://www.ewido.net/en/download/\")[list=1]
- Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
- After the update finishes (the status bar at the bottom will display "Update successful")
- Close Ewido. Do not run it yet.
Sign in with your normal user account
In safe mode try deleting the 3 unwanted desktop icons, if they won't remove carry on
Ewido Scan
- Then run Ewido and click on the Scanner tab at the top and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
- Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
- Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
Post the whole report from Ewido's
Post by: yodeb9 on August 13, 2006, 12:18:07 PM
Post by: guestolo on August 13, 2006, 12:19:42 PM
You can run the Manual updater from this link
http://www.ewido.net/en/download/updates/ (http://\"http://www.ewido.net/en/download/updates/\")
Choose the Full Database
Post by: yodeb9 on August 13, 2006, 12:33:10 PM
Post by: guestolo on August 13, 2006, 12:34:25 PM
you can run it in Normal mode
But save the report when your done, reboot the computer
Come back here and post the whole report
Post by: yodeb9 on August 13, 2006, 01:15:45 PM
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:08:06 AM 8/13/2006
+ Scan result:
C:\WINDOWS\RGViaQ\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined).
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\avenger\backup.zip/avenger/ilv6mon.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\avenger\backup.zip/avenger/it41_qc.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\avenger\backup.zip/avenger/wyvcore.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\avenger\backup.zip/avenger/iconu.exe -> Adware.Zestyfind : Cleaned with backup (quarantined).
::Report end
Post by: guestolo on August 13, 2006, 02:01:52 PM
C:\WINDOWS\RGViaQ <-this folder
Let me know how everythings running afterwards
Do you have either Ad-Aware SE Personal 1.06 or Spybot 1.4 installed on this computer?
Don't go trying to download them from a bogus link, just let me know and I can link you to them
Post by: yodeb9 on August 13, 2006, 02:17:33 PM
Got rid of the file, seems fine so far....
Post by: guestolo on August 13, 2006, 02:22:19 PM
Is it able to keep updated?
I would still download then update these next 2 anti-spyware programs
There both yours for free
Hold onto them
Download and Install
Ad-Aware SE Personal 1.06 (http://\"ftp://ftp.download.com/pub/win95/utilities/aawsepersonal.exe\")
Open Ad-Aware, ensure to click the check for updates now link and Connect to download the latest updates
Close out after it is updated, as we will need it later
Open Ad-Aware SE 1.06
Click START
Click the radio button to Perform a Full system scan then click NEXT
When it's finished scanning
At this point you should either right click on the screen and and choose the "Select All" Objects option or individually put a checkmark in each objects checkbox
click on the Next button. Ad-Aware SE will now present you with a confirmation box as to whether or not you would like to remove the objects you have just selected. Press the "OK" button
RESTART your computer to finish the cleaning process
===================================
Download and Install Spybot 1.4 from
HERE (http://\"http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1\")
After installation--Click the UPDATE button on the left
SEARCH FOR UPDATES on the right
Check, and then download all updates
After update is complete
Click the "Search & Destroy" button on the left
"Check for Problems"---When the Scan is complete
FIX all selected promblems in RED
RESTART the computer if any Red entries were found and fixed
NOTE: ALLOW both Ad-Aware and Spybot access thru your firewall so they can update
If you have trouble updating let me know please
After you have done the above, post back and let me know if they found anything
Some quick final steps and we are done here
Post by: yodeb9 on August 13, 2006, 02:37:29 PM
Post by: guestolo on August 13, 2006, 02:39:18 PM
Quote
I am running the adaware scan now and the avg virus screen keeps popping up with the same virus'. I keep clicking them the add to the vault....ugh!!!
What is AVG prompting about, what file or folder?
Post by: yodeb9 on August 13, 2006, 02:41:14 PM
ArchiveData(auto-quarantine- 2006-08-13 12-37-48.bckp)
Referencefile : SE1R118 07.08.2006
======================================================
MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU FileReference : C:\Documents and Settings\Debi\Application Data\microsoft\office\recent\cozywinter011.wpd.LNK
obj[1]=MRU FileReference : C:\Documents and Settings\Debi\recent\2006_08_10.lnk
obj[2]=MRU FileReference : C:\Documents and Settings\Debi\recent\alcanshorty.bfu.txt.lnk
obj[3]=MRU FileReference : C:\Documents and Settings\Debi\recent\avenger.zip.lnk
obj[4]=MRU FileReference : C:\Documents and Settings\Debi\recent\bfu.lnk
obj[5]=MRU FileReference : C:\Documents and Settings\Debi\recent\bfu.zip.lnk
obj[6]=MRU FileReference : C:\Documents and Settings\Debi\recent\c268348752498f57ff1128ae6a23c4f1.lnk
obj[7]=MRU FileReference : C:\Documents and Settings\Debi\recent\Copy of Untitled-6b.jpg.lnk
obj[8]=MRU FileReference : C:\Documents and Settings\Debi\recent\cozywinter011.pdf.lnk
obj[9]=MRU FileReference : C:\Documents and Settings\Debi\recent\CWShredder.zip.lnk
obj[10]=MRU FileReference : C:\Documents and Settings\Debi\recent\Debug.lnk
obj[11]=MRU FileReference : C:\Documents and Settings\Debi\recent\defs.zip.lnk
obj[12]=MRU FileReference : C:\Documents and Settings\Debi\recent\Desktop.ini
obj[13]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\search assistant\acmru\5603
obj[14]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\search assistant\acmru\5604
obj[15]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru\*
obj[16]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.CR2
obj[17]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.csv
obj[18]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.dot
obj[19]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.inf
obj[20]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.JPG
obj[21]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.log
obj[22]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.pdf
obj[23]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.png
obj[24]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.psd
obj[25]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.PUB
obj[26]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.txt
obj[27]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.zip
obj[28]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\Folder
obj[29]=MRU FileReference : C:\Documents and Settings\Debi\recent\IMG_7581.JPG.lnk
obj[30]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\runmru
obj[31]=MRU RegReference : .DEFAULT\software\microsoft\windows media\wmsdk\general computername
obj[32]=MRU RegReference : S-1-5-18\software\microsoft\windows media\wmsdk\general computername
obj[33]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows media\wmsdk\general computername
obj[34]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\winrar\dialogedithistory\extrpath
obj[35]=MRU FileReference : C:\Documents and Settings\Debi\recent\Logs.lnk
obj[36]=MRU FileReference : C:\Documents and Settings\Debi\recent\MSPUB.PUB.lnk
obj[37]=MRU FileReference : C:\Documents and Settings\Debi\recent\Normal.dot.lnk
obj[38]=MRU FileReference : C:\Documents and Settings\Debi\recent\PASSWD.LOG.lnk
obj[39]=MRU FileReference : C:\Documents and Settings\Debi\recent\PcSetup.lnk
obj[40]=MRU FileReference : C:\Documents and Settings\Debi\recent\pcsetup.log.lnk
obj[41]=MRU FileReference : C:\Documents and Settings\Debi\recent\Rar.txt.lnk
obj[42]=MRU FileReference : C:\Documents and Settings\Debi\recent\readme.txt.lnk
obj[43]=MRU FileReference : C:\Documents and Settings\Debi\recent\repair.lnk
obj[44]=MRU FileReference : C:\Documents and Settings\Debi\recent\Report-Scan-20060813-110806.txt.lnk
obj[45]=MRU FileReference : C:\Documents and Settings\Debi\recent\ReportingEvents.log.lnk
obj[46]=MRU FileReference : C:\Documents and Settings\Debi\recent\res1.log.lnk
obj[47]=MRU FileReference : C:\Documents and Settings\Debi\recent\res2.log.lnk
obj[48]=MRU FileReference : C:\Documents and Settings\Debi\recent\reset.log.txt.lnk
obj[49]=MRU FileReference : C:\Documents and Settings\Debi\recent\scecomp.log.lnk
obj[50]=MRU FileReference : C:\Documents and Settings\Debi\recent\secsetup.inf.lnk
obj[51]=MRU FileReference : C:\Documents and Settings\Debi\recent\security.lnk
obj[52]=MRU FileReference : C:\Documents and Settings\Debi\recent\spuninst.lnk
obj[53]=MRU FileReference : C:\Documents and Settings\Debi\recent\spuninst.txt.lnk
obj[54]=MRU FileReference : C:\Documents and Settings\Debi\recent\SpySubtract.lnk
obj[55]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.inf (2).lnk
obj[56]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.inf.lnk
obj[57]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.lnk
obj[58]=MRU FileReference : C:\Documents and Settings\Debi\recent\Templates.lnk
obj[59]=MRU FileReference : C:\Documents and Settings\Debi\recent\testresult.csv.lnk
obj[60]=MRU FileReference : C:\Documents and Settings\Debi\recent\tl.lnk
obj[61]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-10.psd.lnk
obj[62]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-2.psd.lnk
obj[63]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6a.jpg.lnk
obj[64]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6a.psd.lnk
obj[65]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6b.jpg.lnk
obj[66]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6b.psd.lnk
obj[67]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6c.jpg.lnk
obj[68]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6c.psd.lnk
obj[69]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6d.jpg.lnk
obj[70]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6e.jpg.lnk
obj[71]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6f.jpg.lnk
obj[72]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6g.jpg.lnk
obj[73]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6g.zip.lnk
obj[74]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-7b.psd.lnk
obj[75]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-8.psd.lnk
obj[76]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9.psd.lnk
obj[77]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9a.psd.lnk
obj[78]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9b.psd.lnk
obj[79]=MRU FileReference : C:\Documents and Settings\Debi\recent\WhatsNew.txt.lnk
obj[80]=MRU FileReference : C:\Documents and Settings\Debi\recent\WinRAR.lnk
obj[81]=MRU FileReference : C:\Documents and Settings\Debi\recent\WPD.lnk
obj[82]=MRU FileReference : C:\Documents and Settings\Debi\recent\wpdtrace.log.lnk
obj[83]=MRU FileReference : C:\Documents and Settings\Debi\recent\_file_to_execute_.txt.lnk
obj[85]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[86]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[87]=MRU RegReference : software\microsoft\directdraw\mostrecentapplication name
obj[88]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\internet explorer download directory
obj[89]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\internet explorer\typedurls
obj[90]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\medialibraryui mllastselectednode
obj[91]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\player\settings opendir
obj[92]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\preferences searchpath
obj[93]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\microsoft management console\recent file list
obj[94]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru value
obj[95]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\office\11.0\publisher\recent file list
TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[22]=IECache Entry : Cookie:[email protected]/
obj[23]=IECache Entry : Cookie:[email protected]/
WIN32.TROJANCLICKER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[24]=Regkey : software\microsoft\downloadmanager
obj[25]=RegData : software\microsoft\windows nt\currentversion\winlogon "Userinit"
obj[31]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042461.dll
obj[34]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043325.exe
WIN32.TROJAN.DOWNLOADER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[26]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041926.exe
obj[27]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041933.exe
obj[33]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043320.dll
WIN32.TROJAN.DNSCHANGER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[28]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0042066.exe
CMDSERVICES
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[29]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0042087.exe
obj[40]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046672.dll
VX2
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[30]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042174.dll
obj[35]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP141\A0044631.dll
obj[37]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046517.dll
obj[38]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046518.dll
obj[39]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046521.dll
TARGETSAVER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[32]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042707.dll
IEHIJACKER.ZESTYFIND
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[36]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046515.exe
Post by: guestolo on August 13, 2006, 02:42:51 PM
The bad files are found in your system restore points
We'll finish cleaning those later
Carry on with Spybot
Post by: yodeb9 on August 13, 2006, 03:08:58 PM
--- Search result list ---
CAS-Client: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OvMon
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-13 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-11 Includes\Cookies.sbi (*)
2006-08-11 Includes\Dialer.sbi (*)
2006-08-11 Includes\Hijackers.sbi (*)
2006-08-11 Includes\Keyloggers.sbi (*)
2006-08-11 Includes\Malware.sbi (*)
2006-08-11 Includes\PUPS.sbi (*)
2006-08-11 Includes\Revision.sbi (*)
2006-08-11 Includes\Security.sbi (*)
2006-08-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows XP / SP2: Windows XP Hotfix - KB833407
/ Windows XP / SP3: Windows XP Hotfix - KB307154
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB884018
/ Windows XP / SP3: Windows XP Hotfix - KB884575
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888239
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10c40f37ac87a18f624143d4fe6e8dec
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 369664
MD5: 32e0d24ead2a5c7ee7b6ad516eafe8ee
Located: HK_LM:Run, EPSON Stylus Photo 2200
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
size: 74752
MD5: 7984d2a1b7a3a691889c53708fe450bf
Located: HK_LM:Run, HostManager
command: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
file: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
size: 50792
MD5: 01ca06b4a25ee7832d8959667d4fd42d
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: 9df289a92ff94405304927d4f7cb222e
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: f4a3dbae65caf223cfd8915e6135a43e
Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93eefbc237adfc406f52ee56d97f784b
Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
file:
Located: HK_LM:Run, MPFExe
command: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
file: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
size: 992808
MD5: ff79902a27581102d8565aef54ba91f6
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: c341ccfbe98bc7df6e0b856bb9fc265a
Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:
Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 13783040
MD5: 66ae097c581ba0337ca57bcc3c86ebac
Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
file: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
size: 184320
MD5: cad377a29ee32c696aacafe512add1b7
Located: HK_LM:Run, SsAAD.exe
command: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
file: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
size: 81920
MD5: ed3c7da8ade49efc753fdddf18c8a53e
Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
size: 167936
MD5: 0f84a9fe786f5698c27939c7f817b10a
Located: HK_LM:Run, TVTunerLib
command: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
file: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
size: 245760
MD5: 3edbeac8436e961669bff22f656cfcf4
Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
file: C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
size: 151552
MD5: 2ba8f6a9c5a5c355da408a9fdb204f5b
Located: HK_LM:Run, VZRemoteCommander
command: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
file: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
size: 192512
MD5: 783b5f2faefd99b85bf3ac40f62ea77d
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), America Online 9.0 Tray Icon.lnk
command: C:\Program Files\America Online 9.0\aoltray.exe
file: C:\Program Files\America Online 9.0\aoltray.exe
size: 36953
MD5: 9006fa0b6da152be1e4e290552b01421
Located: Startup (common), Monitor.lnk
command: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
file: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
size: 110592
MD5: 2985a499fea57f6f9232936e6618d5cf
Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, VESWinlogon
command: VESWinlogon.dll
file: VESWinlogon.dll
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll
--- Browser helper object list ---
--- ActiveX list ---
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase: http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 4/11/2006 5:10:10 PM
Date (last access): 8/13/2006 12:17:34 PM
Date (last write): 4/11/2006 5:10:10 PM
Filesize: 135168
Attributes: archive
MD5: 7267AE9C8DF527C30885DC29687D2A9B
CRC32: 1B1733A3
Version: 58.5.0.0
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab\")
Path: C:\Program Files\Java\jre1.5.0\bin\
Long name: NPJPI150.dll
Short name:
Date (created): 3/9/2005 2:26:44 PM
Date (last access): 8/13/2006 12:06:38 PM
Date (last write): 3/9/2005 2:26:44 PM
Filesize: 69740
Attributes: archive
MD5: D25BB4762A876A3DBF6F2BAA36A179FA
CRC32: 9367234B
Version: 1.5.0.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 788 ( 4) \SystemRoot\System32\smss.exe
PID: 836 ( 788) \??\C:\WINDOWS\system32\csrss.exe
PID: 860 ( 788) \??\C:\WINDOWS\system32\winlogon.exe
PID: 904 ( 860) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 916 ( 860) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1060 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1120 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 904) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1204 ( 904) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
size: 86016
MD5: AA1D9C4A2F997FEA8A4FB0929212EDA2
PID: 1308 ( 904) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
size: 372809
MD5: A57B20BB52B7C504B7A9FB4C82B639BA
PID: 1392 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1492 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1716 ( 904) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
size: 73728
MD5: 1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C
PID: 1956 ( 904) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
size: 100016
MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 1968 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 336896
MD5: 9BF46D959F713D64C8FF3DE2B2437863
PID: 1984 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 84480
MD5: 66093610FA61142F6BCFD83AFB7E8A29
PID: 2000 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 281088
MD5: 07C595396C6F4631E88F9792E1BECD7E
PID: 2008 (1956) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
size: 46768
MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID: 132 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
size: 94208
MD5: C0312F716AC9963FFAFAF99A269DE8B0
PID: 168 ( 904) C:\Program Files\ewido anti-spyware 4.0\guard.exe
size: 172032
MD5: F8D982556A9E0795829632FF0812DC2D
PID: 196 ( 904) C:\Program Files\mcafee.com\personal firewall\MPFService.exe
size: 548864
MD5: 54762D5377D42E53BBFF823E631D1533
PID: 308 ( 904) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
size: 7520337
MD5: F80EEC5E1D6CDF82CB974DAADA0C57DD
PID: 480 ( 904) C:\WINDOWS\system32\nvsvc32.exe
size: 127043
MD5: B73B1060A6CFE44011BB9CA850FFBCD0
PID: 500 ( 904) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
size: 139264
MD5: E6CD560A4A16FEEE5503CB59A3E30A84
PID: 544 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 588 ( 904) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 620 ( 904) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
size: 150528
MD5: 66C78DC68C0C418C5D5E62745E9FD764
PID: 648 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
size: 1839104
MD5: D8F1426431A33270DDF15FD22FD4D823
PID: 696 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
size: 270336
MD5: 7CC2E7077D4222B234F78704321F3056
PID: 1376 ( 904) C:\WINDOWS\wanmpsvc.exe
size: 65536
MD5: 909F2DC0DA7F57D229A05EE90647B2C3
PID: 2348 (2192) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 2656 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
size: 167936
MD5: 3EF7CEBC4964B4D2E60B79893F4C84EB
PID: 2720 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
size: 57344
MD5: 284BF2F51F0C8ED2C5DDC58BC529F4BF
PID: 2788 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
size: 135168
MD5: C5D91CD2EB27CD0474DC6FDAF29220F1
PID: 2820 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
size: 745472
MD5: 206CE4A9ACF7D04AE7A27FCE8EF2FA70
PID: 3852 (2348) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
size: 74752
MD5: 7984D2A1B7A3A691889C53708FE450BF
PID: 4044 (2348) C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5EC6A3A27642F72A9D58BF6631D9F6DD
PID: 4068 (2348) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
size: 151552
MD5: 2BA8F6A9C5A5C355DA408A9FDB204F5B
PID: 1192 (2348) C:\Program Files\Real\RealPlayer\RealPlay.exe
size: 26112
MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 1444 (1436) C:\Program Files\Apoint\Apntex.exe
size: 45056
MD5: CCA1B81492B40890E44B2B20A780EE1F
PID: 1460 (2348) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
size: 184320
MD5: CAD377A29EE32C696AACAFE512ADD1B7
PID: 1368 (2348) C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
size: 192512
MD5: 783B5F2FAEFD99B85BF3AC40F62EA77D
PID: 2084 (2348) C:\WINDOWS\RTHDCPL.EXE
size: 13783040
MD5: 66AE097C581BA0337CA57BCC3C86EBAC
PID: 2200 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
size: 143360
MD5: E74F07164D9415773BB79FD5055B9384
PID: 2500 (2348) C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
size: 50792
MD5: 01CA06B4A25EE7832D8959667D4FD42D
PID: 2848 (2348) C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
size: 992808
MD5: FF79902A27581102D8565AEF54BA91F6
PID: 3224 (2348) C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
size: 81920
MD5: ED3C7DA8ADE49EFC753FDDDF18C8A53E
PID: 2160 ( 904) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3432 ( 904) C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
size: 69632
MD5: 45B83808BF5C9968C3259A48898C7DD5
PID: 3864 ( 904) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3052 (2348) C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3724 (2348) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93EEFBC237ADFC406F52EE56D97F784B
PID: 3168 (2348) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 369664
MD5: 32E0D24EAD2A5C7EE7B6AD516EAFE8EE
PID: 3612 (2348) C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10C40F37AC87A18F624143D4FE6E8DEC
PID: 3900 (2348) C:\Program Files\America Online 9.0\aoltray.exe
size: 36953
MD5: 9006FA0B6DA152BE1E4E290552B01421
PID: 3992 (2348) C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
size: 110592
MD5: 2985A499FEA57F6F9232936E6618D5CF
PID: 3624 (2348) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 1580 (3624) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
size: 65536
MD5: 1412A6785B953D99A2A83A1ED706ACE8
PID: 2152 (3664) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/13/2006 12:58:07 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com (http://\"http://www.google.com\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie (http://\"http://www.google.com/ie\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s (http://\"http://www.google.com/keyword/%s\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home (http://\"http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie (http://\"http://www.google.com/ie\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm\")
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com (http://\"http://www.lavasoft.com\")
(AddressBook)
Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 9
version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html (http://\"http://www.adobe.com/support/main.html\")
help telephone: 1-555-555-4505
AOL Uninstaller (Choose which Products to Remove) (AOL Uninstaller)
uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe
(AOLAntivirus)
uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
AOL Coach Version 1.0(Build:20030807.3) (AolCoach)
uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
(AOLFirewall)
uninstall cmd: "C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
HDAUDIO SoftV92 Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_104D0200
(Connection Manager)
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
Canon Utilities EOS Utility 1.0.3.17 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
ewido anti-spyware 4.0 (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net (http://\"http://www.ewido.net\")
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Debi\Local Settings\Temporary Internet Files\Content.IE5\0YK9DEL4\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
Canon Utilities PhotoStitch 3.1 3.1.14 (InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA})
version: 50397198
version (major): 3
version (minor): 1
estimated size: 1364
install date: 20060507
install location: C:\Program Files\Canon\PhotoStitch\
install source: E:\SOFTWARE\PSTITCH\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
publisher: Canon
comments:
contact:
help link:
help telephone:
OpenMG Secure Module 4.1.00 4.1.00.13261 (InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 15029
install date: 20050309
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
install source: C:\abu\software\0503602.snc\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
publisher: Sony Corporation
VAIO Registration 13.0.3 (InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5})
version: 218103811
version (major): 13
estimated size: 1644
install date: 20050309
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is79\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{315BA29D-2644-4760-B5FD-5AC04A52B8C5}
publisher: Sony Electronics
comments: Customer Support Department
contact: Customer Support Department
help link: http://www.sony.com/pcsupport (http://\"http://www.sony.com/pcsupport\")
help telephone: 1-888-4-SONY-PC
readme: Readme.txt
Canon Utilities EOS Capture 1.2 1.2 (InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808})
version: 16908288
version (major): 1
version (minor): 2
estimated size: 2448
install date: 20060507
install source: E:\SOFTWARE\EC\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{74BE7519-41A7-45A8-8AA6-78C7907A4808}
publisher: Canon
comments:
contact:
help link:
help telephone:
Canon Utilities EOS Viewer Utility 1.2 1.2.1 (InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373})
version: 16908289
version (major): 1
version (minor): 2
estimated size: 8852
install date: 20060507
install source: E:\SOFTWARE\EVU\English\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{750CF8D7-4B04-404F-AFA2-14C129C42373}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
Canon EOS 20D WIA Driver 5.4 (InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3})
version: 84148224
version (major): 5
version (minor): 4
estimated size: 1200
install date: 20060507
install source: E:\SOFTWARE\WIA\EOS 20D\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
VAIO Survey Standalone 3.02 (InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE})
version: 50462720
version (major): 3
version (minor): 2
estimated size: 359
install date: 20050823
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isE6\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}
publisher: Sony Electronics
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Windows XP Hotfix - KB307154 20040813.160158 (KB307154)
uninstall cmd: C:\WINDOWS\$NtUninstallKB307154$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=307154 (http://\"http://support.microsoft.com?kbid=307154\")
Windows XP Hotfix - KB833407 20040119.115651 (KB833407)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=833407 (http://\"http://support.microsoft.com?kbid=833407\")
High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221 (http://\"http://support.microsoft.com?kbid=KB835221\")
Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282 (http://\"http://support.microsoft.com?kbid=867282\")
Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669 (http://\"http://support.microsoft.com?kbid=KB870669\")
Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333 (http://\"http://support.microsoft.com?kbid=873333\")
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339 (http://\"http://support.microsoft.com?kbid=873339\")
Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939 (http://\"http://support.microsoft.com?kbid=883939\")
(KB884016)
Windows XP Hotfix - KB884018 20040812.132033 (KB884018)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=884018 (http://\"http://support.microsoft.com?kbid=884018\")
Windows XP Hotfix - KB884575 20040827.145237 (KB884575)
uninstall cmd: C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=884575 (http://\"http://support.microsoft.com?kbid=884575\")
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250 (http://\"http://support.microsoft.com?kbid=885250\")
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835 (http://\"http://support.microsoft.com?kbid=885835\")
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836 (http://\"http://support.microsoft.com?kbid=885836\")
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185 (http://\"http://support.microsoft.com?kbid=886185\")
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472 (http://\"http://support.microsoft.com?kbid=887472\")
Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742 (http://\"http://support.microsoft.com?kbid=887742\")
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113 (http://\"http://support.microsoft.com?kbid=888113\")
Windows XP Hotfix - KB888239 20041124.162528 (KB888239)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888239 (http://\"http://support.microsoft.com?kbid=888239\")
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302 (http://\"http://support.microsoft.com?kbid=888302\")
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046 (http://\"http://support.microsoft.com?kbid=890046\")
Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047 (http://\"http://support.microsoft.com?kbid=890047\")
Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175 (http://\"http://support.microsoft.com?kbid=890175\")
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859 (http://\"http://support.microsoft.com?kbid=890859\")
Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890923 (http://\"http://support.microsoft.com?kbid=890923\")
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781 (http://\"http://support.microsoft.com?kbid=891781\")
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756 (http://\"http://support.microsoft.com?kbid=893756\")
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467 (http://\"http://go.microsoft.com/fwlink/?LinkId=42467\")
Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391 (http://\"http://support.microsoft.com?kbid=894391\")
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358 (http://\"http://support.microsoft.com?kbid=896358\")
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422 (http://\"http://support.microsoft.com?kbid=896422\")
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423 (http://\"http://support.microsoft.com?kbid=896423\")
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424 (http://\"http://support.microsoft.com?kbid=896424\")
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428 (http://\"http://support.microsoft.com?kbid=896428\")
Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458 (http://\"http://support.microsoft.com/kb/898458\")
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461 (http://\"http://support.microsoft.com?kbid=898461\")
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587 (http://\"http://support.microsoft.com?kbid=899587\")
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591 (http://\"http://support.microsoft.com?kbid=899591\")
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060509
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485 (http://\"http://support.microsoft.com?kbid=900485\")
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725 (http://\"http://support.microsoft.com?kbid=900725\")
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017 (http://\"http://support.microsoft.com?kbid=901017\")
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214 (http://\"http://support.microsoft.com?kbid=901214\")
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400 (http://\"http://support.microsoft.com?kbid=902400\")
Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235 (http://\"http://support.microsoft.com?kbid=903235\")
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706 (http://\"http://support.microsoft.com?kbid=904706\")
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414 (http://\"http://support.microsoft.com?kbid=905414\")
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749 (http://\"http://support.microsoft.com?kbid=905749\")
Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915 (http://\"http://support.microsoft.com?kbid=905915\")
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519 (http://\"http://support.microsoft.com?kbid=908519\")
Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531 (http://\"http://support.microsoft.com?kbid=908531\")
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437 (http://\"http://support.microsoft.com?kbid=910437\")
Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280 (http://\"http://support.microsoft.com?kbid=911280\")
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562 (http://\"http://support.microsoft.com?kbid=911562\")
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564 (http://\"http://support.microsoft.com/?kbid=911564\")
Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565 (http://\"http://support.microsoft.com/?kbid=911565\")
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567 (http://\"http://support.microsoft.com?kbid=911567\")
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927 (http://\"http://support.microsoft.com?kbid=911927\")
Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812 (http://\"http://support.microsoft.com?kbid=912812\")
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919 (http://\"http://support.microsoft.com?kbid=912919\")
Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446 (http://\"http://support.microsoft.com?kbid=913446\")
Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580 (http://\"http://support.microsoft.com?kbid=913580\")
Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388 (http://\"http://support.microsoft.com?kbid=914388\")
Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389 (http://\"http://support.microsoft.com?kbid=914389\")
Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281 (http://\"http://support.microsoft.com?kbid=916281\")
Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595 (http://\"http://support.microsoft.com?kbid=916595\")
Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159 (http://\"http://support.microsoft.com?kbid=917159\")
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344 (http://\"http://support.microsoft.com?kbid=917344\")
Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422 (http://\"http://support.microsoft.com?kbid=917422\")
Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734 (http://\"http://support.microsoft.com/?kbid=917734\")
Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953 (http://\"http://support.microsoft.com?kbid=917953\")
Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439 (http://\"http://support.microsoft.com?kbid=918439\")
Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link:
Post by: guestolo on August 13, 2006, 03:19:52 PM
Let's try this
We will create a new restore point and clear the older ones that are infected
Go to START>>All Programs>>Accessories>>System Tools>>System Restore
Create a New restore point
Name it and click create
When that's done
Open MyComputer
Right click on Local Disk C:
Select Properties>>Disk CleanUp
Let if finish calculating
Select the More Options tab
and click Cleanup under System Restore
This will clear all later restore points except for the one you just made
Ok the prompts, it may take a few seconds to remove old restore points
Ok again after it's ready and let it finish cleaning
EXTRA PROTECTION
*Install SpywareBlaster 3.5.1 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")
- *Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
*Make sure your Anti-Virus software is always kept up to date and actively running in the background
Again, ONLY run one Active AV in the background, hold onto AVG and keep AOL's McAfee version removed or disabled
But please do continue to use it's firewall protection
Update and do scan's with your Anti-Spyware programs on a regular basis
Hold onto Ad-Aware and Spybot
In addition, open Spybot 1.4
Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Immunize after every update
+Ewido will become a limited free version after 30 days
It's your choice to hold onto it or not
It will still update and remove malware after the 30days are up
Reboot one more time after you have done the above, let me know if you still get that prompt when you shut down
Can you get the name of the .dll or any indication what it's related too
It may be a legit file it's related too
Post by: yodeb9 on August 13, 2006, 03:22:02 PM
--- Search result list ---
CAS-Client: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OvMon
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-13 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-11 Includes\Cookies.sbi (*)
2006-08-11 Includes\Dialer.sbi (*)
2006-08-11 Includes\Hijackers.sbi (*)
2006-08-11 Includes\Keyloggers.sbi (*)
2006-08-11 Includes\Malware.sbi (*)
2006-08-11 Includes\PUPS.sbi (*)
2006-08-11 Includes\Revision.sbi (*)
2006-08-11 Includes\Security.sbi (*)
2006-08-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows XP / SP2: Windows XP Hotfix - KB833407
/ Windows XP / SP3: Windows XP Hotfix - KB307154
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB884018
/ Windows XP / SP3: Windows XP Hotfix - KB884575
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888239
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10c40f37ac87a18f624143d4fe6e8dec
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 369664
MD5: 32e0d24ead2a5c7ee7b6ad516eafe8ee
Located: HK_LM:Run, EPSON Stylus Photo 2200
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
size: 74752
MD5: 7984d2a1b7a3a691889c53708fe450bf
Located: HK_LM:Run, HostManager
command: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
file: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
size: 50792
MD5: 01ca06b4a25ee7832d8959667d4fd42d
Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 126976
MD5: 9df289a92ff94405304927d4f7cb222e
Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 155648
MD5: f4a3dbae65caf223cfd8915e6135a43e
Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93eefbc237adfc406f52ee56d97f784b
Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
file:
Located: HK_LM:Run, MPFExe
command: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
file: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
size: 992808
MD5: ff79902a27581102d8565aef54ba91f6
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: c341ccfbe98bc7df6e0b856bb9fc265a
Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:
Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 13783040
MD5: 66ae097c581ba0337ca57bcc3c86ebac
Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
file: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
size: 184320
MD5: cad377a29ee32c696aacafe512add1b7
Located: HK_LM:Run, SsAAD.exe
command: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
file: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
size: 81920
MD5: ed3c7da8ade49efc753fdddf18c8a53e
Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
size: 167936
MD5: 0f84a9fe786f5698c27939c7f817b10a
Located: HK_LM:Run, TVTunerLib
command: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
file: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
size: 245760
MD5: 3edbeac8436e961669bff22f656cfcf4
Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
file: C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
size: 151552
MD5: 2ba8f6a9c5a5c355da408a9fdb204f5b
Located: HK_LM:Run, VZRemoteCommander
command: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
file: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
size: 192512
MD5: 783b5f2faefd99b85bf3ac40f62ea77d
Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: deb88aef013dd1eefb462d7cad642166
Located: Startup (common), America Online 9.0 Tray Icon.lnk
command: C:\Program Files\America Online 9.0\aoltray.exe
file: C:\Program Files\America Online 9.0\aoltray.exe
size: 36953
MD5: 9006fa0b6da152be1e4e290552b01421
Located: Startup (common), Monitor.lnk
command: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
file: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
size: 110592
MD5: 2985a499fea57f6f9232936e6618d5cf
Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
Located: WinLogon, igfxcui
command: igfxsrvc.dll
file: igfxsrvc.dll
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, VESWinlogon
command: VESWinlogon.dll
file: VESWinlogon.dll
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: WinLogon, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll
--- Browser helper object list ---
--- ActiveX list ---
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
DPF name:
CLSID name: ActiveScan Installer Class
Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
Codebase: http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
Path: C:\WINDOWS\Downloaded Program Files\
Long name: asinst.dll
Short name:
Date (created): 4/11/2006 5:10:10 PM
Date (last access): 8/13/2006 12:17:34 PM
Date (last write): 4/11/2006 5:10:10 PM
Filesize: 135168
Attributes: archive
MD5: 7267AE9C8DF527C30885DC29687D2A9B
CRC32: 1B1733A3
Version: 58.5.0.0
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab\")
Path: C:\Program Files\Java\jre1.5.0\bin\
Long name: NPJPI150.dll
Short name:
Date (created): 3/9/2005 2:26:44 PM
Date (last access): 8/13/2006 12:06:38 PM
Date (last write): 3/9/2005 2:26:44 PM
Filesize: 69740
Attributes: archive
MD5: D25BB4762A876A3DBF6F2BAA36A179FA
CRC32: 9367234B
Version: 1.5.0.0
--- Process list ---
PID: 0 ( 0) [System]
PID: 788 ( 4) \SystemRoot\System32\smss.exe
PID: 836 ( 788) \??\C:\WINDOWS\system32\csrss.exe
PID: 860 ( 788) \??\C:\WINDOWS\system32\winlogon.exe
PID: 904 ( 860) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 916 ( 860) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1060 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1120 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 904) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1204 ( 904) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
size: 86016
MD5: AA1D9C4A2F997FEA8A4FB0929212EDA2
PID: 1308 ( 904) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
size: 372809
MD5: A57B20BB52B7C504B7A9FB4C82B639BA
PID: 1392 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1492 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1716 ( 904) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
size: 73728
MD5: 1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C
PID: 1956 ( 904) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
size: 100016
MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 1968 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 336896
MD5: 9BF46D959F713D64C8FF3DE2B2437863
PID: 1984 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 84480
MD5: 66093610FA61142F6BCFD83AFB7E8A29
PID: 2000 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 281088
MD5: 07C595396C6F4631E88F9792E1BECD7E
PID: 2008 (1956) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
size: 46768
MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID: 132 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
size: 94208
MD5: C0312F716AC9963FFAFAF99A269DE8B0
PID: 168 ( 904) C:\Program Files\ewido anti-spyware 4.0\guard.exe
size: 172032
MD5: F8D982556A9E0795829632FF0812DC2D
PID: 196 ( 904) C:\Program Files\mcafee.com\personal firewall\MPFService.exe
size: 548864
MD5: 54762D5377D42E53BBFF823E631D1533
PID: 308 ( 904) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
size: 7520337
MD5: F80EEC5E1D6CDF82CB974DAADA0C57DD
PID: 480 ( 904) C:\WINDOWS\system32\nvsvc32.exe
size: 127043
MD5: B73B1060A6CFE44011BB9CA850FFBCD0
PID: 500 ( 904) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
size: 139264
MD5: E6CD560A4A16FEEE5503CB59A3E30A84
PID: 544 ( 904) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 588 ( 904) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 620 ( 904) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
size: 150528
MD5: 66C78DC68C0C418C5D5E62745E9FD764
PID: 648 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
size: 1839104
MD5: D8F1426431A33270DDF15FD22FD4D823
PID: 696 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
size: 270336
MD5: 7CC2E7077D4222B234F78704321F3056
PID: 1376 ( 904) C:\WINDOWS\wanmpsvc.exe
size: 65536
MD5: 909F2DC0DA7F57D229A05EE90647B2C3
PID: 2348 (2192) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 2656 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
size: 167936
MD5: 3EF7CEBC4964B4D2E60B79893F4C84EB
PID: 2720 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
size: 57344
MD5: 284BF2F51F0C8ED2C5DDC58BC529F4BF
PID: 2788 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
size: 135168
MD5: C5D91CD2EB27CD0474DC6FDAF29220F1
PID: 2820 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
size: 745472
MD5: 206CE4A9ACF7D04AE7A27FCE8EF2FA70
PID: 3852 (2348) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
size: 74752
MD5: 7984D2A1B7A3A691889C53708FE450BF
PID: 4044 (2348) C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5EC6A3A27642F72A9D58BF6631D9F6DD
PID: 4068 (2348) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
size: 151552
MD5: 2BA8F6A9C5A5C355DA408A9FDB204F5B
PID: 1192 (2348) C:\Program Files\Real\RealPlayer\RealPlay.exe
size: 26112
MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 1444 (1436) C:\Program Files\Apoint\Apntex.exe
size: 45056
MD5: CCA1B81492B40890E44B2B20A780EE1F
PID: 1460 (2348) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
size: 184320
MD5: CAD377A29EE32C696AACAFE512ADD1B7
PID: 1368 (2348) C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
size: 192512
MD5: 783B5F2FAEFD99B85BF3AC40F62EA77D
PID: 2084 (2348) C:\WINDOWS\RTHDCPL.EXE
size: 13783040
MD5: 66AE097C581BA0337CA57BCC3C86EBAC
PID: 2200 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
size: 143360
MD5: E74F07164D9415773BB79FD5055B9384
PID: 2500 (2348) C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
size: 50792
MD5: 01CA06B4A25EE7832D8959667D4FD42D
PID: 2848 (2348) C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
size: 992808
MD5: FF79902A27581102D8565AEF54BA91F6
PID: 3224 (2348) C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
size: 81920
MD5: ED3C7DA8ADE49EFC753FDDDF18C8A53E
PID: 2160 ( 904) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3432 ( 904) C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
size: 69632
MD5: 45B83808BF5C9968C3259A48898C7DD5
PID: 3864 ( 904) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3052 (2348) C:\Program Files\QuickTime\qttask.exe
size: 98304
MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3724 (2348) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93EEFBC237ADFC406F52EE56D97F784B
PID: 3168 (2348) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 369664
MD5: 32E0D24EAD2A5C7EE7B6AD516EAFE8EE
PID: 3612 (2348) C:\Program Files\ewido anti-spyware 4.0\ewido.exe
size: 6283264
MD5: 10C40F37AC87A18F624143D4FE6E8DEC
PID: 3900 (2348) C:\Program Files\America Online 9.0\aoltray.exe
size: 36953
MD5: 9006FA0B6DA152BE1E4E290552B01421
PID: 3992 (2348) C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
size: 110592
MD5: 2985A499FEA57F6F9232936E6618D5CF
PID: 3624 (2348) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 1580 (3624) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
size: 65536
MD5: 1412A6785B953D99A2A83A1ED706ACE8
PID: 2152 (3664) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/13/2006 12:58:07 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com (http://\"http://www.google.com\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie (http://\"http://www.google.com/ie\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s (http://\"http://www.google.com/keyword/%s\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home (http://\"http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie (http://\"http://www.google.com/ie\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm\")
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com (http://\"http://www.lavasoft.com\")
(AddressBook)
Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
version: 9
version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
publisher: Adobe Systems, Inc.
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html (http://\"http://www.adobe.com/support/main.html\")
help telephone: 1-555-555-4505
AOL Uninstaller (Choose which Products to Remove) (AOL Uninstaller)
uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe
(AOLAntivirus)
uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
AOL Coach Version 1.0(Build:20030807.3) (AolCoach)
uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
(AOLFirewall)
uninstall cmd: "C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
HDAUDIO SoftV92 Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_104D0200
(Connection Manager)
(DirectAnimation)
(DirectDrawEx)
(DXM_Runtime)
Canon Utilities EOS Utility 1.0.3.17 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
ewido anti-spyware 4.0 (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net (http://\"http://www.ewido.net\")
(Fontcore)
HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\Debi\Local Settings\Temporary Internet Files\Content.IE5\0YK9DEL4\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.
(ICW)
(IE40)
(IE4Data)
(IE5BAKEX)
(IEData)
(InstallShield Uninstall Information)
Canon Utilities PhotoStitch 3.1 3.1.14 (InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA})
version: 50397198
version (major): 3
version (minor): 1
estimated size: 1364
install date: 20060507
install location: C:\Program Files\Canon\PhotoStitch\
install source: E:\SOFTWARE\PSTITCH\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
publisher: Canon
comments:
contact:
help link:
help telephone:
OpenMG Secure Module 4.1.00 4.1.00.13261 (InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E})
version: 67174400
version (major): 4
version (minor): 1
estimated size: 15029
install date: 20050309
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
install source: C:\abu\software\0503602.snc\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
publisher: Sony Corporation
VAIO Registration 13.0.3 (InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5})
version: 218103811
version (major): 13
estimated size: 1644
install date: 20050309
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is79\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{315BA29D-2644-4760-B5FD-5AC04A52B8C5}
publisher: Sony Electronics
comments: Customer Support Department
contact: Customer Support Department
help link: http://www.sony.com/pcsupport (http://\"http://www.sony.com/pcsupport\")
help telephone: 1-888-4-SONY-PC
readme: Readme.txt
Canon Utilities EOS Capture 1.2 1.2 (InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808})
version: 16908288
version (major): 1
version (minor): 2
estimated size: 2448
install date: 20060507
install source: E:\SOFTWARE\EC\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{74BE7519-41A7-45A8-8AA6-78C7907A4808}
publisher: Canon
comments:
contact:
help link:
help telephone:
Canon Utilities EOS Viewer Utility 1.2 1.2.1 (InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373})
version: 16908289
version (major): 1
version (minor): 2
estimated size: 8852
install date: 20060507
install source: E:\SOFTWARE\EVU\English\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{750CF8D7-4B04-404F-AFA2-14C129C42373}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
Canon EOS 20D WIA Driver 5.4 (InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3})
version: 84148224
version (major): 5
version (minor): 4
estimated size: 1200
install date: 20060507
install source: E:\SOFTWARE\WIA\EOS 20D\ENGLISH\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
publisher: Canon
comments:
contact:
help link:
help telephone:
readme:
VAIO Survey Standalone 3.02 (InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE})
version: 50462720
version (major): 3
version (minor): 2
estimated size: 359
install date: 20050823
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isE6\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}
publisher: Sony Electronics
comments: 0
contact: 0
help link: 0
help telephone: 0
readme: 0
Windows XP Hotfix - KB307154 20040813.160158 (KB307154)
uninstall cmd: C:\WINDOWS\$NtUninstallKB307154$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=307154 (http://\"http://support.microsoft.com?kbid=307154\")
Windows XP Hotfix - KB833407 20040119.115651 (KB833407)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=833407 (http://\"http://support.microsoft.com?kbid=833407\")
High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221 (http://\"http://support.microsoft.com?kbid=KB835221\")
Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282 (http://\"http://support.microsoft.com?kbid=867282\")
Microsoft Data Access Components KB870669 (KB870669)
uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB870669 (http://\"http://support.microsoft.com?kbid=KB870669\")
Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333 (http://\"http://support.microsoft.com?kbid=873333\")
Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339 (http://\"http://support.microsoft.com?kbid=873339\")
Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939 (http://\"http://support.microsoft.com?kbid=883939\")
(KB884016)
Windows XP Hotfix - KB884018 20040812.132033 (KB884018)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=884018 (http://\"http://support.microsoft.com?kbid=884018\")
Windows XP Hotfix - KB884575 20040827.145237 (KB884575)
uninstall cmd: C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=884575 (http://\"http://support.microsoft.com?kbid=884575\")
Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250 (http://\"http://support.microsoft.com?kbid=885250\")
Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835 (http://\"http://support.microsoft.com?kbid=885835\")
Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836 (http://\"http://support.microsoft.com?kbid=885836\")
Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185 (http://\"http://support.microsoft.com?kbid=886185\")
Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472 (http://\"http://support.microsoft.com?kbid=887472\")
Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742 (http://\"http://support.microsoft.com?kbid=887742\")
Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113 (http://\"http://support.microsoft.com?kbid=888113\")
Windows XP Hotfix - KB888239 20041124.162528 (KB888239)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888239 (http://\"http://support.microsoft.com?kbid=888239\")
Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302 (http://\"http://support.microsoft.com?kbid=888302\")
Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046 (http://\"http://support.microsoft.com?kbid=890046\")
Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047 (http://\"http://support.microsoft.com?kbid=890047\")
Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175 (http://\"http://support.microsoft.com?kbid=890175\")
Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859 (http://\"http://support.microsoft.com?kbid=890859\")
Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890923 (http://\"http://support.microsoft.com?kbid=890923\")
Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781 (http://\"http://support.microsoft.com?kbid=891781\")
Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756 (http://\"http://support.microsoft.com?kbid=893756\")
(KB893803)
Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467 (http://\"http://go.microsoft.com/fwlink/?LinkId=42467\")
Update for Windows XP (KB894391) 1 (KB894391)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391 (http://\"http://support.microsoft.com?kbid=894391\")
Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358 (http://\"http://support.microsoft.com?kbid=896358\")
Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422 (http://\"http://support.microsoft.com?kbid=896422\")
Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423 (http://\"http://support.microsoft.com?kbid=896423\")
Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424 (http://\"http://support.microsoft.com?kbid=896424\")
Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428 (http://\"http://support.microsoft.com?kbid=896428\")
Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458 (http://\"http://support.microsoft.com/kb/898458\")
Update for Windows XP (KB898461) 1 (KB898461)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461 (http://\"http://support.microsoft.com?kbid=898461\")
Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587 (http://\"http://support.microsoft.com?kbid=899587\")
Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591 (http://\"http://support.microsoft.com?kbid=899591\")
Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060509
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485 (http://\"http://support.microsoft.com?kbid=900485\")
Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725 (http://\"http://support.microsoft.com?kbid=900725\")
Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017 (http://\"http://support.microsoft.com?kbid=901017\")
Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214 (http://\"http://support.microsoft.com?kbid=901214\")
Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400 (http://\"http://support.microsoft.com?kbid=902400\")
Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050823
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235 (http://\"http://support.microsoft.com?kbid=903235\")
Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706 (http://\"http://support.microsoft.com?kbid=904706\")
Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414 (http://\"http://support.microsoft.com?kbid=905414\")
Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20060214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749 (http://\"http://support.microsoft.com?kbid=905749\")
Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915 (http://\"http://support.microsoft.com?kbid=905915\")
Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519 (http://\"http://support.microsoft.com?kbid=908519\")
Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531 (http://\"http://support.microsoft.com?kbid=908531\")
Update for Windows XP (KB910437) 1 (KB910437)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437 (http://\"http://support.microsoft.com?kbid=910437\")
Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280 (http://\"http://support.microsoft.com?kbid=911280\")
Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562 (http://\"http://support.microsoft.com?kbid=911562\")
Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564 (http://\"http://support.microsoft.com/?kbid=911564\")
Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565 (http://\"http://support.microsoft.com/?kbid=911565\")
Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567 (http://\"http://support.microsoft.com?kbid=911567\")
Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927 (http://\"http://support.microsoft.com?kbid=911927\")
Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060420
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812 (http://\"http://support.microsoft.com?kbid=912812\")
Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919 (http://\"http://support.microsoft.com?kbid=912919\")
Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446 (http://\"http://support.microsoft.com?kbid=913446\")
Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060512
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580 (http://\"http://support.microsoft.com?kbid=913580\")
Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388 (http://\"http://support.microsoft.com?kbid=914388\")
Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389 (http://\"http://support.microsoft.com?kbid=914389\")
Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281 (http://\"http://support.microsoft.com?kbid=916281\")
Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595 (http://\"http://support.microsoft.com?kbid=916595\")
Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060719
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159 (http://\"http://support.microsoft.com?kbid=917159\")
Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344 (http://\"http://support.microsoft.com?kbid=917344\")
Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422 (http://\"http://support.microsoft.com?kbid=917422\")
Security Update for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734 (http://\"http://support.microsoft.com/?kbid=917734\")
Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953 (http://\"http://support.microsoft.com?kbid=917953\")
Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060616
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439 (http://\"http://support.microsoft.com?kbid=918439\")
Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899 (http://\"http://support.microsoft.com?kbid=918899\")
Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corpo
Post by: guestolo on August 13, 2006, 03:23:36 PM
Follow my last set of instructions just before you posted again
Post by: yodeb9 on August 13, 2006, 03:54:49 PM
Post by: yodeb9 on August 13, 2006, 06:41:33 PM
Post by: guestolo on August 13, 2006, 06:54:18 PM
How long have you had AVG installed?
How long have you had McAfee's installed?
Post by: yodeb9 on August 13, 2006, 07:02:09 PM
Logfile of HijackThis v1.99.1
Scan saved at 4:58:44 PM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: guestolo on August 13, 2006, 07:07:50 PM
Go to START>>RUN>>type in
services.msc
In the new window that opens
Double click on Ewido Anti-Spyware on the right hand side
In the startup type in the drop down menu, set it to Disabled
Apply and OK out of there
If you just put on AVG
Why don't you try the following
Reenable McAfee's virus scanner, it appears to be still installed according to Spybot's log
(AOLAntivirus)
uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
Now access your add/remove programs and remove the free version of AVG
Reboot the computer
Does that help?
Post by: yodeb9 on August 13, 2006, 07:30:40 PM
Post by: guestolo on August 13, 2006, 07:32:13 PM
McAfee's is still installed isn't it?
It is in your add/remove programs
Post by: yodeb9 on August 13, 2006, 07:40:04 PM
Post by: guestolo on August 13, 2006, 10:30:38 PM
I'm unsure what's going on at your end
Download and unzip to your desktop InstalledPrograms.zip (http://\"http://www.billsway.com/vbspage/vbsfiles/InstalledPrograms.zip\")
Double click on InstalledPrograms.vbs
Allow this script to run if prompted by your Anti-Virus, we are just collecting information
Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents
Post by: yodeb9 on August 13, 2006, 10:54:52 PM
Anyway, here is the log file
INSTALLED SOFTWARE (184) - DEB - 8/13/2006 8:48:04 PM
Ad-Aware SE Personal Ver: 1.06
Adobe Bridge 1.0 Ver: 001.000.004 Installed: 5/13/2006
Adobe Common File Installer Ver: 1.00.0000 Installed: 2/14/2006
Adobe Help Center 1.0 Ver: 001.000.000 Installed: 2/14/2006
Adobe Photoshop CS2 Ver: 9.0
Adobe Photoshop CS2 Ver: 9.0 Installed: 2/14/2006
Adobe Reader 7.0 Ver: 7.0.0 Installed: 3/9/2005
Adobe Stock Photos 1.0 Ver: 001.000.000 Installed: 2/14/2006
AOL Connectivity Services
AVG Free Edition
Canon Camera WIA Driver Ver: 5.4 Installed: 5/7/2006
Canon EOS 20D WIA Driver Ver: 5.4 Installed: 5/7/2006
Canon Utilities EOS Capture 1.2 Ver: 1.2 Installed: 5/7/2006
Canon Utilities EOS Utility Ver: 1.0.3.17
Canon Utilities EOS Viewer Utility 1.2 Ver: 1.2.1 Installed: 5/7/2006
Canon Utilities PhotoStitch 3.1 Ver: 3.1.14 Installed: 5/7/2006
Canon Utilities ZoomBrowser EX
Click to DVD 2.0.03 Menu Data Ver: 2.0.03 Installed: 8/23/2005
Click to DVD 2.4.02 Ver: 2.4.02 Installed: 8/23/2005
DVgate Plus
EOS Capture 1.2 Ver: 1.2 Installed: 5/7/2006
EOS Viewer Utility 1.2.1 Ver: 1.2.1 Installed: 5/7/2006
EPSON Copy Utility
EPSON Photo Print
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
ewido anti-spyware 4.0
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221 Ver: 20040219.000000
HijackThis 1.99.1 Ver: 1.99.1
Image Converter 2
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD for VAIO Ver: 5.0-B11.731
InterVideo WinDVDX
ISScript Ver: 3.00.185 Installed: 3/9/2005
J2SE Runtime Environment 5.0 Ver: 1.5.0 Installed: 3/9/2005
Learn2 Player (Uninstall Only)
mCore Ver: 1.31.0000 Installed: 4/5/2006
mDriver Ver: 1.31.0000 Installed: 4/5/2006
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Ver: 1.1.4322 Installed: 8/23/2005
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Data Access Components KB870669
Microsoft Office Professional Edition 2003 Ver: 11.0.5614.0 Installed: 8/1/2006
Microsoft SQL Server Desktop Engine (VAIO_VEDB) Ver: 8.00.761 Installed: 3/9/2005
Microsoft Works Ver: 08.04.0623 Installed: 8/23/2005
mMHouse Ver: 1.31.0000 Installed: 4/5/2006
mPfMgr Ver: 1.31.0000 Installed: 4/5/2006
mXML Ver: 1.31.0000 Installed: 4/5/2006
Napster Ver: 3.6.0.7
Napster Burn Engine Ver: 3.5.0000 Installed: 2/28/2006
NVIDIA Drivers
OpenMG Limited Patch 4.1-05-13-31-01
OpenMG Secure Module 4.1.00 Ver: 4.1.00.13261 Installed: 3/9/2005
OpenMG Secure Module 4.1.00 Ver: 4.1.00.13261 Installed: 3/9/2005
Panda ActiveScan
PhotoStitch Ver: 3.1.14 Installed: 5/7/2006
PictureGear Studio 2.0
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
SanDisk TransferMate
ScanToWeb
Security Update for Step By Step Interactive Training (KB898458) Ver: 20050502.101010 Installed: 2/14/2006
Security Update for Windows Media Player (KB911564) Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB911565) Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB917734) Installed: 6/16/2006
Security Update for Windows XP (KB883939) Ver: 1 Installed: 8/23/2005
Security Update for Windows XP (KB890046) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB893756) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB896358) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB896422) Ver: 1 Installed: 8/23/2005
Security Update for Windows XP (KB896423) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB896424) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB896428) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB899587) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB899591) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB900725) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB901017) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB901214) Ver: 1 Installed: 8/23/2005
Security Update for Windows XP (KB902400) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB903235) Ver: 1 Installed: 8/23/2005
Security Update for Windows XP (KB904706) Ver: 2 Installed: 2/15/2006
Security Update for Windows XP (KB905414) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB905749) Ver: 1 Installed: 2/14/2006
Security Update for Windows XP (KB905915) Ver: 1 Installed: 2/15/2006
Security Update for Windows XP (KB908519) Ver: 1 Installed: 2/15/2006
Security Update for Windows XP (KB908531) Ver: 1 Installed: 4/20/2006
Security Update for Windows XP (KB911280) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB911562) Ver: 1 Installed: 4/20/2006
Security Update for Windows XP (KB911567) Ver: 1 Installed: 4/20/2006
Security Update for Windows XP (KB911927) Ver: 1 Installed: 2/15/2006
Security Update for Windows XP (KB912812) Ver: 1 Installed: 4/20/2006
Security Update for Windows XP (KB912919) Ver: 1 Installed: 2/15/2006
Security Update for Windows XP (KB913446) Ver: 1 Installed: 2/26/2006
Security Update for Windows XP (KB913580) Ver: 1 Installed: 5/12/2006
Security Update for Windows XP (KB914388) Ver: 1 Installed: 7/19/2006
Security Update for Windows XP (KB914389) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB916281) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB917159) Ver: 1 Installed: 7/19/2006
Security Update for Windows XP (KB917344) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB917422) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB917953) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB918439) Ver: 1 Installed: 6/16/2006
Security Update for Windows XP (KB918899) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB920214) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB920670) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB920683) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB921398) Ver: 1 Installed: 8/13/2006
Security Update for Windows XP (KB921883) Ver: 1 Installed: 8/12/2006
Security Update for Windows XP (KB922616) Ver: 1 Installed: 8/13/2006
Setting Utility Series
Shockwave Flash
Sonic RecordNow! Ver: 7.30 Installed: 8/23/2005
SonicStage 3.0 Ver: 3.0 Installed: 8/23/2005
SonicStage Mastering Studio Audio Filter Custom Preset
Sony Certificate PCH
Sony MP4 Shared Library Ver: 1.1 Installed: 3/9/2005
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library Ver: 2.0.01 Installed: 3/9/2005
Spybot - Search & Destroy 1.4 Ver: 1.4
SpySubtract
Update for Windows XP (KB894391) Ver: 1 Installed: 2/14/2006
Update for Windows XP (KB898461) Ver: 1 Installed: 2/14/2006
Update for Windows XP (KB900485) Ver: 2 Installed: 5/9/2006
Update for Windows XP (KB910437) Ver: 1 Installed: 2/15/2006
Update for Windows XP (KB916595) Ver: 1 Installed: 7/19/2006
VAIO Control Center
VAIO Entertainment Platform Ver: 1.3.00.14090
VAIO Event Service Ver: 2.1.00.14030
VAIO Launcher
VAIO Light Flo Wallpaper
VAIO Media 4.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 4.1 Installed: 8/23/2005
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Power Management Ver: 1.6.01.14010
VAIO Registration Ver: 13.0.3 Installed: 3/9/2005
VAIO Registration Ver: 13.0.3 Installed: 3/9/2005
VAIO Survey Standalone Ver: 3.02 Installed: 8/23/2005
VAIO Survey Standalone Ver: 3.02 Installed: 8/23/2005
VAIO TV Tuner Library 1.4
VAIO Update 2
VAIO Wireless Utility
VAIO Zone
VAIO Zone Remote Commander
Viewpoint Media Player
WebFldrs XP Ver: 9.50.7523 Installed: 3/9/2005
Windows Backup Utility Ver: 5.1 Installed: 3/9/2005
Windows Genuine Advantage Notifications (KB905474) Ver: 1.5.0532.2 Installed: 6/27/2006
Windows Installer 3.1 (KB893803) Ver: 3.1
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB307154 Ver: 20040813.160158
Windows XP Hotfix - KB833407 Ver: 20040119.115651
Windows XP Hotfix - KB867282 Ver: 20050127.090417
Windows XP Hotfix - KB873333 Ver: 20050114.005213
Windows XP Hotfix - KB873339 Ver: 20041117.092459
Windows XP Hotfix - KB884018 Ver: 20040812.132033
Windows XP Hotfix - KB884575 Ver: 20040827.145237
Windows XP Hotfix - KB885250 Ver: 20050118.202711
Windows XP Hotfix - KB885835 Ver: 20041027.181713
Windows XP Hotfix - KB885836 Ver: 20041028.173203
Windows XP Hotfix - KB886185 Ver: 20041021.090540
Windows XP Hotfix - KB887472 Ver: 20041014.162858
Windows XP Hotfix - KB887742 Ver: 20041103.095002
Windows XP Hotfix - KB888113 Ver: 20041116.131036
Windows XP Hotfix - KB888239 Ver: 20041124.162528
Windows XP Hotfix - KB888302 Ver: 20041207.111426
Windows XP Hotfix - KB890047 Ver: 20041221.124506
Windows XP Hotfix - KB890175 Ver: 20041201.233338
Windows XP Hotfix - KB890859 Ver: 1 Installed: 2/14/2006
Windows XP Hotfix - KB890923 Ver: 1 Installed: 8/23/2005
Windows XP Hotfix - KB891781 Ver: 20050110.165439
WinRAR archiver
Wireless Switch Setting Utility
Post by: guestolo on August 13, 2006, 11:01:05 PM
What happens when you go to START>>RUN
Type the following in exactly or copy>paste it and then hit OK
"C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S
If that won't work, try this one
"C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe"
If neither of the following work
Can you do this for ONLY a short time
Reboot into safe mode with Network Connection
Can you connect?
Post by: yodeb9 on August 13, 2006, 11:08:31 PM
tried the run the c: prompts and I get that it is no longer on the computer
Post by: guestolo on August 13, 2006, 11:32:26 PM
From the computer online transfer to the desktop of the offline computer
Winsock XP fix (http://\"http://www.majorgeeks.com/download4372.html\")
Ensure you run it from the desktop
Double click to run and click the FIX button
Follow the prompts, reboot the computer afterwards
See if that gets you back online
Post by: yodeb9 on August 13, 2006, 11:45:51 PM
Post by: guestolo on August 14, 2006, 12:00:59 AM
Can I see an updated hijackthis log
Are you planning on reinstall McAfee's firwall or do you want another option?
Post by: yodeb9 on August 14, 2006, 12:08:40 AM
Logfile of HijackThis v1.99.1
Scan saved at 10:06:05 PM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\DOCUME~1\Debi\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\Debi\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\RunOnce: [0048021155528340mcinstcleanup] C:\DOCUME~1\Debi\LOCALS~1\Temp\004802~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog
O4 - HKLM\..\RunOnce: [AOLRebootNeeded] regsvr32.exe /s
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: guestolo on August 14, 2006, 12:21:06 AM
Can you reboot your computer
Back in Windows
A free firewall that is a great alternative
Sunbelt Kerio Personal Firewall (http://\"http://www.sunbelt-software.com/Kerio.cfm\")
The full version will become a limited free version after 30 days
It's all you need
Post another fresh hijackthis log please
I just want to see if it looks any different
I may not see it till tomorrow
I just want to see if one service and runkey from AOL is gone
Post by: yodeb9 on August 14, 2006, 12:39:24 AM
Logfile of HijackThis v1.99.1
Scan saved at 10:37:43 PM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople (http://\"http://www.sony.com/vaiopeople\")
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488 (http://\"http://go.microsoft.com/fwlink/?LinkId=488\")
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab (http://\"http://acs.pandasoftware.com/activescan/as5free/asinst.cab\")
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Post by: guestolo on August 14, 2006, 07:00:59 PM
You can do the following
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- AOL Spyware Protection Service
Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Post by: yodeb9 on August 14, 2006, 07:44:07 PM
anything else you see?
Post by: guestolo on August 14, 2006, 07:45:53 PM
Post by: yodeb9 on August 14, 2006, 07:51:05 PM
Post by: guestolo on August 14, 2006, 07:52:18 PM
Take care yodeb9
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />