« previous next »
Pages: 1 [2] 3

Author Topic: bad attack...  (Read 2424 times)

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #20 on: August 13, 2006, 02:37:29 PM »
I am running the adaware scan now and the avg virus screen keeps popping up with the same virus'. I keep clicking them the add to the vault....ugh!!!
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #21 on: August 13, 2006, 02:39:18 PM »
Quote
I am running the adaware scan now and the avg virus screen keeps popping up with the same virus'. I keep clicking them the add to the vault....ugh!!!

What is AVG prompting about, what file or folder?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #22 on: August 13, 2006, 02:41:14 PM »
this is the adaware log. rebooting and moving on to the spybot



ArchiveData(auto-quarantine- 2006-08-13 12-37-48.bckp)
Referencefile : SE1R118 07.08.2006
======================================================

MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU FileReference : C:\Documents and Settings\Debi\Application Data\microsoft\office\recent\cozywinter011.wpd.LNK
obj[1]=MRU FileReference : C:\Documents and Settings\Debi\recent\2006_08_10.lnk
obj[2]=MRU FileReference : C:\Documents and Settings\Debi\recent\alcanshorty.bfu.txt.lnk
obj[3]=MRU FileReference : C:\Documents and Settings\Debi\recent\avenger.zip.lnk
obj[4]=MRU FileReference : C:\Documents and Settings\Debi\recent\bfu.lnk
obj[5]=MRU FileReference : C:\Documents and Settings\Debi\recent\bfu.zip.lnk
obj[6]=MRU FileReference : C:\Documents and Settings\Debi\recent\c268348752498f57ff1128ae6a23c4f1.lnk
obj[7]=MRU FileReference : C:\Documents and Settings\Debi\recent\Copy of Untitled-6b.jpg.lnk
obj[8]=MRU FileReference : C:\Documents and Settings\Debi\recent\cozywinter011.pdf.lnk
obj[9]=MRU FileReference : C:\Documents and Settings\Debi\recent\CWShredder.zip.lnk
obj[10]=MRU FileReference : C:\Documents and Settings\Debi\recent\Debug.lnk
obj[11]=MRU FileReference : C:\Documents and Settings\Debi\recent\defs.zip.lnk
obj[12]=MRU FileReference : C:\Documents and Settings\Debi\recent\Desktop.ini
obj[13]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\search assistant\acmru\5603
obj[14]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\search assistant\acmru\5604
obj[15]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru\*
obj[16]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.CR2
obj[17]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.csv
obj[18]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.dot
obj[19]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.inf
obj[20]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.JPG
obj[21]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.log
obj[22]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.pdf
obj[23]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.png
obj[24]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.psd
obj[25]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.PUB
obj[26]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.txt
obj[27]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\.zip
obj[28]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\recentdocs\Folder
obj[29]=MRU FileReference : C:\Documents and Settings\Debi\recent\IMG_7581.JPG.lnk
obj[30]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows\currentversion\explorer\runmru
obj[31]=MRU RegReference : .DEFAULT\software\microsoft\windows media\wmsdk\general computername
obj[32]=MRU RegReference : S-1-5-18\software\microsoft\windows media\wmsdk\general computername
obj[33]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\windows media\wmsdk\general computername
obj[34]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\winrar\dialogedithistory\extrpath
obj[35]=MRU FileReference : C:\Documents and Settings\Debi\recent\Logs.lnk
obj[36]=MRU FileReference : C:\Documents and Settings\Debi\recent\MSPUB.PUB.lnk
obj[37]=MRU FileReference : C:\Documents and Settings\Debi\recent\Normal.dot.lnk
obj[38]=MRU FileReference : C:\Documents and Settings\Debi\recent\PASSWD.LOG.lnk
obj[39]=MRU FileReference : C:\Documents and Settings\Debi\recent\PcSetup.lnk
obj[40]=MRU FileReference : C:\Documents and Settings\Debi\recent\pcsetup.log.lnk
obj[41]=MRU FileReference : C:\Documents and Settings\Debi\recent\Rar.txt.lnk
obj[42]=MRU FileReference : C:\Documents and Settings\Debi\recent\readme.txt.lnk
obj[43]=MRU FileReference : C:\Documents and Settings\Debi\recent\repair.lnk
obj[44]=MRU FileReference : C:\Documents and Settings\Debi\recent\Report-Scan-20060813-110806.txt.lnk
obj[45]=MRU FileReference : C:\Documents and Settings\Debi\recent\ReportingEvents.log.lnk
obj[46]=MRU FileReference : C:\Documents and Settings\Debi\recent\res1.log.lnk
obj[47]=MRU FileReference : C:\Documents and Settings\Debi\recent\res2.log.lnk
obj[48]=MRU FileReference : C:\Documents and Settings\Debi\recent\reset.log.txt.lnk
obj[49]=MRU FileReference : C:\Documents and Settings\Debi\recent\scecomp.log.lnk
obj[50]=MRU FileReference : C:\Documents and Settings\Debi\recent\secsetup.inf.lnk
obj[51]=MRU FileReference : C:\Documents and Settings\Debi\recent\security.lnk
obj[52]=MRU FileReference : C:\Documents and Settings\Debi\recent\spuninst.lnk
obj[53]=MRU FileReference : C:\Documents and Settings\Debi\recent\spuninst.txt.lnk
obj[54]=MRU FileReference : C:\Documents and Settings\Debi\recent\SpySubtract.lnk
obj[55]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.inf (2).lnk
obj[56]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.inf.lnk
obj[57]=MRU FileReference : C:\Documents and Settings\Debi\recent\svcpack.lnk
obj[58]=MRU FileReference : C:\Documents and Settings\Debi\recent\Templates.lnk
obj[59]=MRU FileReference : C:\Documents and Settings\Debi\recent\testresult.csv.lnk
obj[60]=MRU FileReference : C:\Documents and Settings\Debi\recent\tl.lnk
obj[61]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-10.psd.lnk
obj[62]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-2.psd.lnk
obj[63]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6a.jpg.lnk
obj[64]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6a.psd.lnk
obj[65]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6b.jpg.lnk
obj[66]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6b.psd.lnk
obj[67]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6c.jpg.lnk
obj[68]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6c.psd.lnk
obj[69]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6d.jpg.lnk
obj[70]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6e.jpg.lnk
obj[71]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6f.jpg.lnk
obj[72]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6g.jpg.lnk
obj[73]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-6g.zip.lnk
obj[74]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-7b.psd.lnk
obj[75]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-8.psd.lnk
obj[76]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9.psd.lnk
obj[77]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9a.psd.lnk
obj[78]=MRU FileReference : C:\Documents and Settings\Debi\recent\Untitled-9b.psd.lnk
obj[79]=MRU FileReference : C:\Documents and Settings\Debi\recent\WhatsNew.txt.lnk
obj[80]=MRU FileReference : C:\Documents and Settings\Debi\recent\WinRAR.lnk
obj[81]=MRU FileReference : C:\Documents and Settings\Debi\recent\WPD.lnk
obj[82]=MRU FileReference : C:\Documents and Settings\Debi\recent\wpdtrace.log.lnk
obj[83]=MRU FileReference : C:\Documents and Settings\Debi\recent\_file_to_execute_.txt.lnk
obj[85]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[86]=MRU RegReference : software\microsoft\direct3d\mostrecentapplication name
obj[87]=MRU RegReference : software\microsoft\directdraw\mostrecentapplication name
obj[88]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\internet explorer download directory
obj[89]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\internet explorer\typedurls
obj[90]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\medialibraryui mllastselectednode
obj[91]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\player\settings opendir
obj[92]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\mediaplayer\preferences searchpath
obj[93]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\microsoft management console\recent file list
obj[94]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru value
obj[95]=MRU RegReference : S-1-5-21-1188980328-4011307237-4090996150-1006\software\microsoft\office\11.0\publisher\recent file list

TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[22]=IECache Entry : Cookie:[email protected]/
obj[23]=IECache Entry : Cookie:[email protected]/

WIN32.TROJANCLICKER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[24]=Regkey : software\microsoft\downloadmanager
obj[25]=RegData : software\microsoft\windows nt\currentversion\winlogon "Userinit"
obj[31]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042461.dll
obj[34]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043325.exe

WIN32.TROJAN.DOWNLOADER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[26]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041926.exe
obj[27]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0041933.exe
obj[33]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0043320.dll

WIN32.TROJAN.DNSCHANGER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[28]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0042066.exe

CMDSERVICES
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[29]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\Fifoed\A0042087.exe
obj[40]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046672.dll

VX2
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[30]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042174.dll
obj[35]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP141\A0044631.dll
obj[37]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046517.dll
obj[38]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046518.dll
obj[39]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046521.dll

TARGETSAVER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[32]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP135\A0042707.dll

IEHIJACKER.ZESTYFIND
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[36]=File : C:\System Volume Information\_restore{44A4B43F-BF79-4C22-8F5F-38D07C8D6912}\RP146\A0046515.exe
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #23 on: August 13, 2006, 02:42:51 PM »
OK, not to worry, that is a final cleanup step
The bad files are found in your system restore points
We'll finish cleaning those later
Carry on with Spybot
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #24 on: August 13, 2006, 03:08:58 PM »
Did the spybot...here are the results. Also, when I reboot my computer, as it is shutting down there is a flash box, a warning and the only thing I can catch from it as it is so fast to dissapear is something .dll. Don't know if that means anything, makes me think that this "thing" is still in there somewhere. By the way, I got this from limewire....



--- Search result list ---
CAS-Client: Settings (Registry key, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OvMon


--- Spybot - Search & Destroy version: 1.4  (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-13 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-11 Includes\Cookies.sbi (*)
2006-08-11 Includes\Dialer.sbi (*)
2006-08-11 Includes\Hijackers.sbi (*)
2006-08-11 Includes\Keyloggers.sbi (*)
2006-08-11 Includes\Malware.sbi (*)
2006-08-11 Includes\PUPS.sbi (*)
2006-08-11 Includes\Revision.sbi (*)
2006-08-11 Includes\Security.sbi (*)
2006-08-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
 / DataAccess: Microsoft Data Access Components KB870669
 / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
 / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
 / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
 / Windows XP / SP2: Windows XP Hotfix - KB833407
 / Windows XP / SP3: Windows XP Hotfix - KB307154
 / Windows XP / SP3: Windows XP Hotfix - KB867282
 / Windows XP / SP3: Windows XP Hotfix - KB873333
 / Windows XP / SP3: Windows XP Hotfix - KB873339
 / Windows XP / SP3: Security Update for Windows XP (KB883939)
 / Windows XP / SP3: Windows XP Hotfix - KB884018
 / Windows XP / SP3: Windows XP Hotfix - KB884575
 / Windows XP / SP3: Windows XP Hotfix - KB885250
 / Windows XP / SP3: Windows XP Hotfix - KB885835
 / Windows XP / SP3: Windows XP Hotfix - KB885836
 / Windows XP / SP3: Windows XP Hotfix - KB886185
 / Windows XP / SP3: Windows XP Hotfix - KB887472
 / Windows XP / SP3: Windows XP Hotfix - KB887742
 / Windows XP / SP3: Windows XP Hotfix - KB888113
 / Windows XP / SP3: Windows XP Hotfix - KB888239
 / Windows XP / SP3: Windows XP Hotfix - KB888302
 / Windows XP / SP3: Security Update for Windows XP (KB890046)
 / Windows XP / SP3: Windows XP Hotfix - KB890047
 / Windows XP / SP3: Windows XP Hotfix - KB890175
 / Windows XP / SP3: Windows XP Hotfix - KB890859
 / Windows XP / SP3: Windows XP Hotfix - KB890923
 / Windows XP / SP3: Windows XP Hotfix - KB891781
 / Windows XP / SP3: Security Update for Windows XP (KB893756)
 / Windows XP / SP3: Windows Installer 3.1 (KB893803)
 / Windows XP / SP3: Update for Windows XP (KB894391)
 / Windows XP / SP3: Security Update for Windows XP (KB896358)
 / Windows XP / SP3: Security Update for Windows XP (KB896422)
 / Windows XP / SP3: Security Update for Windows XP (KB896423)
 / Windows XP / SP3: Security Update for Windows XP (KB896424)
 / Windows XP / SP3: Security Update for Windows XP (KB896428)
 / Windows XP / SP3: Update for Windows XP (KB898461)
 / Windows XP / SP3: Security Update for Windows XP (KB899587)
 / Windows XP / SP3: Security Update for Windows XP (KB899591)
 / Windows XP / SP3: Update for Windows XP (KB900485)
 / Windows XP / SP3: Security Update for Windows XP (KB900725)
 / Windows XP / SP3: Security Update for Windows XP (KB901017)
 / Windows XP / SP3: Security Update for Windows XP (KB901214)
 / Windows XP / SP3: Security Update for Windows XP (KB902400)
 / Windows XP / SP3: Security Update for Windows XP (KB903235)
 / Windows XP / SP3: Security Update for Windows XP (KB904706)
 / Windows XP / SP3: Security Update for Windows XP (KB905414)
 / Windows XP / SP3: Security Update for Windows XP (KB905749)
 / Windows XP / SP3: Security Update for Windows XP (KB905915)
 / Windows XP / SP3: Security Update for Windows XP (KB908519)
 / Windows XP / SP3: Security Update for Windows XP (KB908531)
 / Windows XP / SP3: Update for Windows XP (KB910437)
 / Windows XP / SP3: Security Update for Windows XP (KB911280)
 / Windows XP / SP3: Security Update for Windows XP (KB911562)
 / Windows XP / SP3: Security Update for Windows XP (KB911567)
 / Windows XP / SP3: Security Update for Windows XP (KB911927)
 / Windows XP / SP3: Security Update for Windows XP (KB912812)
 / Windows XP / SP3: Security Update for Windows XP (KB912919)
 / Windows XP / SP3: Security Update for Windows XP (KB913446)
 / Windows XP / SP3: Security Update for Windows XP (KB913580)
 / Windows XP / SP3: Security Update for Windows XP (KB914388)
 / Windows XP / SP3: Security Update for Windows XP (KB914389)
 / Windows XP / SP3: Security Update for Windows XP (KB916281)
 / Windows XP / SP3: Update for Windows XP (KB916595)
 / Windows XP / SP3: Security Update for Windows XP (KB917159)
 / Windows XP / SP3: Security Update for Windows XP (KB917344)
 / Windows XP / SP3: Security Update for Windows XP (KB917422)
 / Windows XP / SP3: Security Update for Windows XP (KB917953)
 / Windows XP / SP3: Security Update for Windows XP (KB918439)
 / Windows XP / SP3: Security Update for Windows XP (KB918899)
 / Windows XP / SP3: Security Update for Windows XP (KB920214)
 / Windows XP / SP3: Security Update for Windows XP (KB920670)
 / Windows XP / SP3: Security Update for Windows XP (KB920683)
 / Windows XP / SP3: Security Update for Windows XP (KB921398)
 / Windows XP / SP3: Security Update for Windows XP (KB921883)
 / Windows XP / SP3: Security Update for Windows XP (KB922616)
 / Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
   file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
   size: 6283264
    MD5: 10c40f37ac87a18f624143d4fe6e8dec

Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
   file: C:\Program Files\Apoint\Apoint.exe
   size: 114688
    MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd

Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
   file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
   size: 369664
    MD5: 32e0d24ead2a5c7ee7b6ad516eafe8ee

Located: HK_LM:Run, EPSON Stylus Photo 2200
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
   file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
   size: 74752
    MD5: 7984d2a1b7a3a691889c53708fe450bf

Located: HK_LM:Run, HostManager
command: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
   file: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
   size: 50792
    MD5: 01ca06b4a25ee7832d8959667d4fd42d

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
   file: C:\WINDOWS\system32\hkcmd.exe
   size: 126976
    MD5: 9df289a92ff94405304927d4f7cb222e

Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
   file: C:\WINDOWS\system32\igfxtray.exe
   size: 155648
    MD5: f4a3dbae65caf223cfd8915e6135a43e

Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
   file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
   size: 32768
    MD5: 93eefbc237adfc406f52ee56d97f784b

Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
   file:

Located: HK_LM:Run, MPFExe
command: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
   file: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
   size: 992808
    MD5: ff79902a27581102d8565aef54ba91f6

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
   file: C:\WINDOWS\system32\RUNDLL32.EXE
   size: 33280
    MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
   file: C:\Program Files\QuickTime\qttask.exe
   size: 98304
    MD5: c341ccfbe98bc7df6e0b856bb9fc265a

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
   file:

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
   file: C:\WINDOWS\RTHDCPL.EXE
   size: 13783040
    MD5: 66ae097c581ba0337ca57bcc3c86ebac

Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
   file: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
   size: 184320
    MD5: cad377a29ee32c696aacafe512add1b7

Located: HK_LM:Run, SsAAD.exe
command: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
   file: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
   size: 81920
    MD5: ed3c7da8ade49efc753fdddf18c8a53e

Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
   file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
   size: 167936
    MD5: 0f84a9fe786f5698c27939c7f817b10a

Located: HK_LM:Run, TVTunerLib
command: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
   file: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
   size: 245760
    MD5: 3edbeac8436e961669bff22f656cfcf4

Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
   file: C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
   size: 151552
    MD5: 2ba8f6a9c5a5c355da408a9fdb204f5b

Located: HK_LM:Run, VZRemoteCommander
command: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
   file: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
   size: 192512
    MD5: 783b5f2faefd99b85bf3ac40f62ea77d

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
   file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
   size: 29696
    MD5: deb88aef013dd1eefb462d7cad642166

Located: Startup (common), America Online 9.0 Tray Icon.lnk
command: C:\Program Files\America Online 9.0\aoltray.exe
   file: C:\Program Files\America Online 9.0\aoltray.exe
   size: 36953
    MD5: 9006fa0b6da152be1e4e290552b01421

Located: Startup (common), Monitor.lnk
command: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
   file: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
   size: 110592
    MD5: 2985a499fea57f6f9232936e6618d5cf

Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
   file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
   size: 113664
    MD5: c2ff17734176cd15221c10044ef0ba1a

Located: WinLogon, crypt32chain
command: crypt32.dll
   file: crypt32.dll

Located: WinLogon, cryptnet
command: cryptnet.dll
   file: cryptnet.dll

Located: WinLogon, cscdll
command: cscdll.dll
   file: cscdll.dll

Located: WinLogon, igfxcui
command: igfxsrvc.dll
   file: igfxsrvc.dll

Located: WinLogon, ScCertProp
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, Schedule
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, sclgntfy
command: sclgntfy.dll
   file: sclgntfy.dll

Located: WinLogon, SensLogn
command: WlNotify.dll
   file: WlNotify.dll

Located: WinLogon, termsrv
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, VESWinlogon
command: VESWinlogon.dll
   file: VESWinlogon.dll

Located: WinLogon, WgaLogon
command: WgaLogon.dll
   file: WgaLogon.dll

Located: WinLogon, wlballoon
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, wzcnotif
command: wzcdlg.dll
   file: wzcdlg.dll



--- Browser helper object list ---


--- ActiveX list ---
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
          DPF name:
        CLSID name: ActiveScan Installer Class
         Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
          Codebase: http://acs.pandasoftware.com/activescan/as5free/asinst.cab
              Path: C:\WINDOWS\Downloaded Program Files\
         Long name:         asinst.dll
        Short name:                  
    Date (created): 4/11/2006 5:10:10 PM
Date (last access): 8/13/2006 12:17:34 PM
 Date (last write): 4/11/2006 5:10:10 PM
          Filesize:             135168
        Attributes:           archive
               MD5: 7267AE9C8DF527C30885DC29687D2A9B
             CRC32:           1B1733A3
           Version:           58.5.0.0

{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
          DPF name: Java Runtime Environment 1.5.0
        CLSID name: Java Plug-in 1.5.0
         Installer:
          Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
              Path: C:\Program Files\Java\jre1.5.0\bin\
         Long name:       NPJPI150.dll
        Short name:                  
    Date (created): 3/9/2005 2:26:44 PM
Date (last access): 8/13/2006 12:06:38 PM
 Date (last write): 3/9/2005 2:26:44 PM
          Filesize:              69740
        Attributes:           archive
               MD5: D25BB4762A876A3DBF6F2BAA36A179FA
             CRC32:           9367234B
           Version:            1.5.0.0



--- Process list ---
PID:    0 (   0) [System]
PID:  788 (   4) \SystemRoot\System32\smss.exe
PID:  836 ( 788) \??\C:\WINDOWS\system32\csrss.exe
PID:  860 ( 788) \??\C:\WINDOWS\system32\winlogon.exe
PID:  904 ( 860) C:\WINDOWS\system32\services.exe
 size: 108032
  MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID:  916 ( 860) C:\WINDOWS\system32\lsass.exe
 size: 13312
  MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1060 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1120 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 904) C:\WINDOWS\System32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1204 ( 904) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
 size: 86016
  MD5: AA1D9C4A2F997FEA8A4FB0929212EDA2
PID: 1308 ( 904) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
 size: 372809
  MD5: A57B20BB52B7C504B7A9FB4C82B639BA
PID: 1392 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1492 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1716 ( 904) C:\WINDOWS\system32\spoolsv.exe
 size: 57856
  MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
 size: 73728
  MD5: 1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C
PID: 1956 ( 904) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
 size: 100016
  MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 1968 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
 size: 336896
  MD5: 9BF46D959F713D64C8FF3DE2B2437863
PID: 1984 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
 size: 84480
  MD5: 66093610FA61142F6BCFD83AFB7E8A29
PID: 2000 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
 size: 281088
  MD5: 07C595396C6F4631E88F9792E1BECD7E
PID: 2008 (1956) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
 size: 46768
  MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID:  132 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
 size: 94208
  MD5: C0312F716AC9963FFAFAF99A269DE8B0
PID:  168 ( 904) C:\Program Files\ewido anti-spyware 4.0\guard.exe
 size: 172032
  MD5: F8D982556A9E0795829632FF0812DC2D
PID:  196 ( 904) C:\Program Files\mcafee.com\personal firewall\MPFService.exe
 size: 548864
  MD5: 54762D5377D42E53BBFF823E631D1533
PID:  308 ( 904) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
 size: 7520337
  MD5: F80EEC5E1D6CDF82CB974DAADA0C57DD
PID:  480 ( 904) C:\WINDOWS\system32\nvsvc32.exe
 size: 127043
  MD5: B73B1060A6CFE44011BB9CA850FFBCD0
PID:  500 ( 904) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
 size: 139264
  MD5: E6CD560A4A16FEEE5503CB59A3E30A84
PID:  544 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID:  588 ( 904) C:\WINDOWS\system32\wdfmgr.exe
 size: 38912
  MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID:  620 ( 904) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 size: 150528
  MD5: 66C78DC68C0C418C5D5E62745E9FD764
PID:  648 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 size: 1839104
  MD5: D8F1426431A33270DDF15FD22FD4D823
PID:  696 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 size: 270336
  MD5: 7CC2E7077D4222B234F78704321F3056
PID: 1376 ( 904) C:\WINDOWS\wanmpsvc.exe
 size: 65536
  MD5: 909F2DC0DA7F57D229A05EE90647B2C3
PID: 2348 (2192) C:\WINDOWS\Explorer.EXE
 size: 1032192
  MD5: A0732187050030AE399B241436565E64
PID: 2656 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 size: 167936
  MD5: 3EF7CEBC4964B4D2E60B79893F4C84EB
PID: 2720 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 size: 57344
  MD5: 284BF2F51F0C8ED2C5DDC58BC529F4BF
PID: 2788 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 size: 135168
  MD5: C5D91CD2EB27CD0474DC6FDAF29220F1
PID: 2820 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
 size: 745472
  MD5: 206CE4A9ACF7D04AE7A27FCE8EF2FA70
PID: 3852 (2348) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
 size: 74752
  MD5: 7984D2A1B7A3A691889C53708FE450BF
PID: 4044 (2348) C:\Program Files\Apoint\Apoint.exe
 size: 114688
  MD5: 5EC6A3A27642F72A9D58BF6631D9F6DD
PID: 4068 (2348) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
 size: 151552
  MD5: 2BA8F6A9C5A5C355DA408A9FDB204F5B
PID: 1192 (2348) C:\Program Files\Real\RealPlayer\RealPlay.exe
 size: 26112
  MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 1444 (1436) C:\Program Files\Apoint\Apntex.exe
 size: 45056
  MD5: CCA1B81492B40890E44B2B20A780EE1F
PID: 1460 (2348) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 size: 184320
  MD5: CAD377A29EE32C696AACAFE512ADD1B7
PID: 1368 (2348) C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
 size: 192512
  MD5: 783B5F2FAEFD99B85BF3AC40F62EA77D
PID: 2084 (2348) C:\WINDOWS\RTHDCPL.EXE
 size: 13783040
  MD5: 66AE097C581BA0337CA57BCC3C86EBAC
PID: 2200 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 size: 143360
  MD5: E74F07164D9415773BB79FD5055B9384
PID: 2500 (2348) C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
 size: 50792
  MD5: 01CA06B4A25EE7832D8959667D4FD42D
PID: 2848 (2348) C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
 size: 992808
  MD5: FF79902A27581102D8565AEF54BA91F6
PID: 3224 (2348) C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
 size: 81920
  MD5: ED3C7DA8ADE49EFC753FDDDF18C8A53E
PID: 2160 ( 904) C:\WINDOWS\System32\alg.exe
 size: 44544
  MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3432 ( 904) C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 size: 69632
  MD5: 45B83808BF5C9968C3259A48898C7DD5
PID: 3864 ( 904) C:\WINDOWS\System32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3052 (2348) C:\Program Files\QuickTime\qttask.exe
 size: 98304
  MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3724 (2348) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 size: 32768
  MD5: 93EEFBC237ADFC406F52EE56D97F784B
PID: 3168 (2348) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
 size: 369664
  MD5: 32E0D24EAD2A5C7EE7B6AD516EAFE8EE
PID: 3612 (2348) C:\Program Files\ewido anti-spyware 4.0\ewido.exe
 size: 6283264
  MD5: 10C40F37AC87A18F624143D4FE6E8DEC
PID: 3900 (2348) C:\Program Files\America Online 9.0\aoltray.exe
 size: 36953
  MD5: 9006FA0B6DA152BE1E4E290552B01421
PID: 3992 (2348) C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
 size: 110592
  MD5: 2985A499FEA57F6F9232936E6618D5CF
PID: 3624 (2348) C:\Program Files\Internet Explorer\iexplore.exe
 size: 93184
  MD5: E7484514C0464642BE7B4DC2689354C8
PID: 1580 (3624) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
 size: 65536
  MD5: 1412A6785B953D99A2A83A1ED706ACE8
PID: 2152 (3664) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
 size: 4393096
  MD5: 09CA174A605B480318731E691DC98539
PID:    4 (   0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/13/2006 12:58:07 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
  C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
  http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
  http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
  http://www.sony.com/vaiopeople
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL
   
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
  http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
  %SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
  http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
  http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
  http://www.sony.com/vaiopeople
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
  http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
  http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
  http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
   uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
       publisher: Lavasoft
       help link: http://www.lavasoft.com

  (AddressBook)

Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
         version: 9
 version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
   uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
       publisher: Adobe Systems, Inc.
        comments:  
         contact: Customer Support
       help link: http://www.adobe.com/support/main.html
  help telephone: 1-555-555-4505

AOL Uninstaller (Choose which Products to Remove)  (AOL Uninstaller)
   uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe

  (AOLAntivirus)
   uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

AOL Coach Version 1.0(Build:20030807.3)  (AolCoach)
   uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe

  (AOLFirewall)
   uninstall cmd: "C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

AVG Free Edition  (AVG7Uninstall)
   uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL

HDAUDIO SoftV92 Data Fax Modem with SmartCP  (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200)
   uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_104D0200

  (Connection Manager)

  (DirectAnimation)

  (DirectDrawEx)

  (DXM_Runtime)

Canon Utilities EOS Utility 1.0.3.17 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
   uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"

EPSON Printer Software  (EPSON Printer and Utilities)
   uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r

ewido anti-spyware 4.0  (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
   uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
       publisher: ewido networks
       help link: http://www.ewido.net

  (Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
   uninstall cmd: C:\Documents and Settings\Debi\Local Settings\Temporary Internet Files\Content.IE5\0YK9DEL4\HijackThis.exe /uninstall
       publisher: Soeperman Enterprises Ltd.

  (ICW)

  (IE40)

  (IE4Data)

  (IE5BAKEX)

  (IEData)

  (InstallShield Uninstall Information)

Canon Utilities PhotoStitch 3.1 3.1.14 (InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA})
         version: 50397198
 version (major): 3
 version (minor): 1
  estimated size: 1364
    install date: 20060507
install location: C:\Program Files\Canon\PhotoStitch\
  install source: E:\SOFTWARE\PSTITCH\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  

OpenMG Secure Module 4.1.00 4.1.00.13261 (InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E})
         version: 67174400
 version (major): 4
 version (minor): 1
  estimated size: 15029
    install date: 20050309
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
  install source: C:\abu\software\0503602.snc\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
       publisher: Sony Corporation

VAIO Registration 13.0.3 (InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5})
         version: 218103811
 version (major): 13
  estimated size: 1644
    install date: 20050309
  install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is79\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{315BA29D-2644-4760-B5FD-5AC04A52B8C5}
       publisher: Sony Electronics
        comments: Customer Support Department
         contact: Customer Support Department
       help link: http://www.sony.com/pcsupport
  help telephone: 1-888-4-SONY-PC
          readme: Readme.txt

Canon Utilities EOS Capture 1.2 1.2 (InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808})
         version: 16908288
 version (major): 1
 version (minor): 2
  estimated size: 2448
    install date: 20060507
  install source: E:\SOFTWARE\EC\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{74BE7519-41A7-45A8-8AA6-78C7907A4808}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  

Canon Utilities EOS Viewer Utility 1.2 1.2.1 (InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373})
         version: 16908289
 version (major): 1
 version (minor): 2
  estimated size: 8852
    install date: 20060507
  install source: E:\SOFTWARE\EVU\English\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{750CF8D7-4B04-404F-AFA2-14C129C42373}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  
          readme:  

Canon EOS 20D WIA Driver 5.4 (InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3})
         version: 84148224
 version (major): 5
 version (minor): 4
  estimated size: 1200
    install date: 20060507
  install source: E:\SOFTWARE\WIA\EOS 20D\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  
          readme:  

VAIO Survey Standalone 3.02 (InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE})
         version: 50462720
 version (major): 3
 version (minor): 2
  estimated size: 359
    install date: 20050823
  install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isE6\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}
       publisher: Sony Electronics
        comments: 0
         contact: 0
       help link: 0
  help telephone: 0
          readme: 0

Windows XP Hotfix - KB307154 20040813.160158 (KB307154)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB307154$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=307154

Windows XP Hotfix - KB833407 20040119.115651 (KB833407)
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=833407

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=KB835221

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=867282

Microsoft Data Access Components KB870669  (KB870669)
   uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=KB870669

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=883939

  (KB884016)

Windows XP Hotfix - KB884018 20040812.132033 (KB884018)
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=884018

Windows XP Hotfix - KB884575 20040827.145237 (KB884575)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=884575

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888239 20041124.162528 (KB888239)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888239

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888302

Security Update for Windows XP (KB890046) 1 (KB890046)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB890923 1 (KB890923)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890923

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=891781

Security Update for Windows XP (KB893756) 1 (KB893756)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=893756

  (KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
   uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=894391

Security Update for Windows XP (KB896358) 1 (KB896358)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896428

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=898461

Security Update for Windows XP (KB899587) 1 (KB899587)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899591) 1 (KB899591)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=899591

Update for Windows XP (KB900485) 2 (KB900485)
    install date: 20060509
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901214) 1 (KB901214)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=901214

Security Update for Windows XP (KB902400) 1 (KB902400)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB903235) 1 (KB903235)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=903235

Security Update for Windows XP (KB904706) 2 (KB904706)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=904706

Security Update for Windows XP (KB905414) 1 (KB905414)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905915

Security Update for Windows XP (KB908519) 1 (KB908519)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=908519

Security Update for Windows XP (KB908531) 1 (KB908531)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=908531

Update for Windows XP (KB910437) 1 (KB910437)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=910437

Security Update for Windows XP (KB911280) 1 (KB911280)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911562

Security Update for Windows Media Player (KB911564)  (KB911564)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565)  (KB911565)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911567

Security Update for Windows XP (KB911927) 1 (KB911927)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
    install date: 20060226
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=913446

Security Update for Windows XP (KB913580) 1 (KB913580)
    install date: 20060512
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=914389

Security Update for Windows XP (KB916281) 1 (KB916281)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=916281

Update for Windows XP (KB916595) 1 (KB916595)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917159

Security Update for Windows XP (KB917344) 1 (KB917344)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917344

Security Update for Windows XP (KB917422) 1 (KB917422)
    install date: 20060813
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917422

Security Update for Windows Media Player 10 (KB917734)  (KB917734_WMP10)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=917734

Security Update for Windows XP (KB917953) 1 (KB917953)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917953

Security Update for Windows XP (KB918439) 1 (KB918439)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=918439

Security Update for Windows XP (KB918899) 1 (KB918899)
    install date: 20060813
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link:
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #25 on: August 13, 2006, 03:19:52 PM »
Actually, it looks good

Let's try this
We will create a new restore point and clear the older ones that are infected
Go to START>>All Programs>>Accessories>>System Tools>>System Restore
Create a New restore point
Name it and click create
When that's done

Open MyComputer
Right click on Local Disk C:
Select Properties>>Disk CleanUp
Let if finish calculating

Select the More Options tab
and click Cleanup under System Restore
This will clear all later restore points except for the one you just made

Ok the prompts, it may take a few seconds to remove old restore points
Ok again after it's ready and let it finish cleaning

EXTRA PROTECTION
*Install  SpywareBlaster 3.5.1 by JavaCool  
    *Will block bad ActiveX Controls
    *Block Malevolent cookies in Internet Explorer and Firefox
    *Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates and then click the "Enable all protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"

*Make sure your Anti-Virus software is always kept up to date and actively running in the background
Again, ONLY run one Active AV in the background, hold onto AVG and keep AOL's McAfee version removed or disabled
But please do continue to use it's firewall protection

Update and do scan's with your Anti-Spyware programs on a regular basis
Hold onto Ad-Aware and Spybot
In addition, open Spybot 1.4
Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Immunize after every update

+Ewido will become a limited free version after 30 days
It's your choice to hold onto it or not
It will still update and remove malware after the 30days are up

Reboot one more time after you have done the above, let me know if you still get that prompt when you shut down
Can you get the name of the .dll or any indication what it's related too
It may be a legit file it's related too
« Last Edit: August 13, 2006, 03:26:37 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #26 on: August 13, 2006, 03:22:02 PM »
sorry, not everything made it last time I tried to post this

--- Search result list ---
CAS-Client: Settings (Registry key, fixed)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OvMon


--- Spybot - Search & Destroy version: 1.4  (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-08-13 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-08-11 Includes\Cookies.sbi (*)
2006-08-11 Includes\Dialer.sbi (*)
2006-08-11 Includes\Hijackers.sbi (*)
2006-08-11 Includes\Keyloggers.sbi (*)
2006-08-11 Includes\Malware.sbi (*)
2006-08-11 Includes\PUPS.sbi (*)
2006-08-11 Includes\Revision.sbi (*)
2006-08-11 Includes\Security.sbi (*)
2006-08-11 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-08-11 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
 / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
 / DataAccess: Microsoft Data Access Components KB870669
 / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
 / Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
 / Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
 / Windows XP / SP2: Windows XP Hotfix - KB833407
 / Windows XP / SP3: Windows XP Hotfix - KB307154
 / Windows XP / SP3: Windows XP Hotfix - KB867282
 / Windows XP / SP3: Windows XP Hotfix - KB873333
 / Windows XP / SP3: Windows XP Hotfix - KB873339
 / Windows XP / SP3: Security Update for Windows XP (KB883939)
 / Windows XP / SP3: Windows XP Hotfix - KB884018
 / Windows XP / SP3: Windows XP Hotfix - KB884575
 / Windows XP / SP3: Windows XP Hotfix - KB885250
 / Windows XP / SP3: Windows XP Hotfix - KB885835
 / Windows XP / SP3: Windows XP Hotfix - KB885836
 / Windows XP / SP3: Windows XP Hotfix - KB886185
 / Windows XP / SP3: Windows XP Hotfix - KB887472
 / Windows XP / SP3: Windows XP Hotfix - KB887742
 / Windows XP / SP3: Windows XP Hotfix - KB888113
 / Windows XP / SP3: Windows XP Hotfix - KB888239
 / Windows XP / SP3: Windows XP Hotfix - KB888302
 / Windows XP / SP3: Security Update for Windows XP (KB890046)
 / Windows XP / SP3: Windows XP Hotfix - KB890047
 / Windows XP / SP3: Windows XP Hotfix - KB890175
 / Windows XP / SP3: Windows XP Hotfix - KB890859
 / Windows XP / SP3: Windows XP Hotfix - KB890923
 / Windows XP / SP3: Windows XP Hotfix - KB891781
 / Windows XP / SP3: Security Update for Windows XP (KB893756)
 / Windows XP / SP3: Windows Installer 3.1 (KB893803)
 / Windows XP / SP3: Update for Windows XP (KB894391)
 / Windows XP / SP3: Security Update for Windows XP (KB896358)
 / Windows XP / SP3: Security Update for Windows XP (KB896422)
 / Windows XP / SP3: Security Update for Windows XP (KB896423)
 / Windows XP / SP3: Security Update for Windows XP (KB896424)
 / Windows XP / SP3: Security Update for Windows XP (KB896428)
 / Windows XP / SP3: Update for Windows XP (KB898461)
 / Windows XP / SP3: Security Update for Windows XP (KB899587)
 / Windows XP / SP3: Security Update for Windows XP (KB899591)
 / Windows XP / SP3: Update for Windows XP (KB900485)
 / Windows XP / SP3: Security Update for Windows XP (KB900725)
 / Windows XP / SP3: Security Update for Windows XP (KB901017)
 / Windows XP / SP3: Security Update for Windows XP (KB901214)
 / Windows XP / SP3: Security Update for Windows XP (KB902400)
 / Windows XP / SP3: Security Update for Windows XP (KB903235)
 / Windows XP / SP3: Security Update for Windows XP (KB904706)
 / Windows XP / SP3: Security Update for Windows XP (KB905414)
 / Windows XP / SP3: Security Update for Windows XP (KB905749)
 / Windows XP / SP3: Security Update for Windows XP (KB905915)
 / Windows XP / SP3: Security Update for Windows XP (KB908519)
 / Windows XP / SP3: Security Update for Windows XP (KB908531)
 / Windows XP / SP3: Update for Windows XP (KB910437)
 / Windows XP / SP3: Security Update for Windows XP (KB911280)
 / Windows XP / SP3: Security Update for Windows XP (KB911562)
 / Windows XP / SP3: Security Update for Windows XP (KB911567)
 / Windows XP / SP3: Security Update for Windows XP (KB911927)
 / Windows XP / SP3: Security Update for Windows XP (KB912812)
 / Windows XP / SP3: Security Update for Windows XP (KB912919)
 / Windows XP / SP3: Security Update for Windows XP (KB913446)
 / Windows XP / SP3: Security Update for Windows XP (KB913580)
 / Windows XP / SP3: Security Update for Windows XP (KB914388)
 / Windows XP / SP3: Security Update for Windows XP (KB914389)
 / Windows XP / SP3: Security Update for Windows XP (KB916281)
 / Windows XP / SP3: Update for Windows XP (KB916595)
 / Windows XP / SP3: Security Update for Windows XP (KB917159)
 / Windows XP / SP3: Security Update for Windows XP (KB917344)
 / Windows XP / SP3: Security Update for Windows XP (KB917422)
 / Windows XP / SP3: Security Update for Windows XP (KB917953)
 / Windows XP / SP3: Security Update for Windows XP (KB918439)
 / Windows XP / SP3: Security Update for Windows XP (KB918899)
 / Windows XP / SP3: Security Update for Windows XP (KB920214)
 / Windows XP / SP3: Security Update for Windows XP (KB920670)
 / Windows XP / SP3: Security Update for Windows XP (KB920683)
 / Windows XP / SP3: Security Update for Windows XP (KB921398)
 / Windows XP / SP3: Security Update for Windows XP (KB921883)
 / Windows XP / SP3: Security Update for Windows XP (KB922616)
 / Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221


--- Startup entries list ---
Located: HK_LM:Run, !ewido
command: "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
   file: C:\Program Files\ewido anti-spyware 4.0\ewido.exe
   size: 6283264
    MD5: 10c40f37ac87a18f624143d4fe6e8dec

Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
   file: C:\Program Files\Apoint\Apoint.exe
   size: 114688
    MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd

Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
   file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
   size: 369664
    MD5: 32e0d24ead2a5c7ee7b6ad516eafe8ee

Located: HK_LM:Run, EPSON Stylus Photo 2200
command: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
   file: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
   size: 74752
    MD5: 7984d2a1b7a3a691889c53708fe450bf

Located: HK_LM:Run, HostManager
command: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
   file: C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
   size: 50792
    MD5: 01ca06b4a25ee7832d8959667d4fd42d

Located: HK_LM:Run, HotKeysCmds
command: C:\WINDOWS\system32\hkcmd.exe
   file: C:\WINDOWS\system32\hkcmd.exe
   size: 126976
    MD5: 9df289a92ff94405304927d4f7cb222e

Located: HK_LM:Run, IgfxTray
command: C:\WINDOWS\system32\igfxtray.exe
   file: C:\WINDOWS\system32\igfxtray.exe
   size: 155648
    MD5: f4a3dbae65caf223cfd8915e6135a43e

Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
   file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
   size: 32768
    MD5: 93eefbc237adfc406f52ee56d97f784b

Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
   file:

Located: HK_LM:Run, MPFExe
command: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
   file: C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
   size: 992808
    MD5: ff79902a27581102d8565aef54ba91f6

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
   file: C:\WINDOWS\system32\RUNDLL32.EXE
   size: 33280
    MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
   file: C:\Program Files\QuickTime\qttask.exe
   size: 98304
    MD5: c341ccfbe98bc7df6e0b856bb9fc265a

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
   file:

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
   file: C:\WINDOWS\RTHDCPL.EXE
   size: 13783040
    MD5: 66ae097c581ba0337ca57bcc3c86ebac

Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
   file: C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
   size: 184320
    MD5: cad377a29ee32c696aacafe512add1b7

Located: HK_LM:Run, SsAAD.exe
command: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
   file: C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
   size: 81920
    MD5: ed3c7da8ade49efc753fdddf18c8a53e

Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
   file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
   size: 167936
    MD5: 0f84a9fe786f5698c27939c7f817b10a

Located: HK_LM:Run, TVTunerLib
command: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
   file: C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
   size: 245760
    MD5: 3edbeac8436e961669bff22f656cfcf4

Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
   file: C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
   size: 151552
    MD5: 2ba8f6a9c5a5c355da408a9fdb204f5b

Located: HK_LM:Run, VZRemoteCommander
command: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
   file: C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
   size: 192512
    MD5: 783b5f2faefd99b85bf3ac40f62ea77d

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
   file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
   size: 29696
    MD5: deb88aef013dd1eefb462d7cad642166

Located: Startup (common), America Online 9.0 Tray Icon.lnk
command: C:\Program Files\America Online 9.0\aoltray.exe
   file: C:\Program Files\America Online 9.0\aoltray.exe
   size: 36953
    MD5: 9006fa0b6da152be1e4e290552b01421

Located: Startup (common), Monitor.lnk
command: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
   file: C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
   size: 110592
    MD5: 2985a499fea57f6f9232936e6618d5cf

Located: Startup (user), Adobe Gamma.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
   file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
   size: 113664
    MD5: c2ff17734176cd15221c10044ef0ba1a

Located: WinLogon, crypt32chain
command: crypt32.dll
   file: crypt32.dll

Located: WinLogon, cryptnet
command: cryptnet.dll
   file: cryptnet.dll

Located: WinLogon, cscdll
command: cscdll.dll
   file: cscdll.dll

Located: WinLogon, igfxcui
command: igfxsrvc.dll
   file: igfxsrvc.dll

Located: WinLogon, ScCertProp
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, Schedule
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, sclgntfy
command: sclgntfy.dll
   file: sclgntfy.dll

Located: WinLogon, SensLogn
command: WlNotify.dll
   file: WlNotify.dll

Located: WinLogon, termsrv
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, VESWinlogon
command: VESWinlogon.dll
   file: VESWinlogon.dll

Located: WinLogon, WgaLogon
command: WgaLogon.dll
   file: WgaLogon.dll

Located: WinLogon, wlballoon
command: wlnotify.dll
   file: wlnotify.dll

Located: WinLogon, wzcnotif
command: wzcdlg.dll
   file: wzcdlg.dll



--- Browser helper object list ---


--- ActiveX list ---
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
          DPF name:
        CLSID name: ActiveScan Installer Class
         Installer: C:\WINDOWS\Downloaded Program Files\asinst.inf
          Codebase: http://acs.pandasoftware.com/activescan/as5free/asinst.cab
              Path: C:\WINDOWS\Downloaded Program Files\
         Long name:         asinst.dll
        Short name:                  
    Date (created): 4/11/2006 5:10:10 PM
Date (last access): 8/13/2006 12:17:34 PM
 Date (last write): 4/11/2006 5:10:10 PM
          Filesize:             135168
        Attributes:           archive
               MD5: 7267AE9C8DF527C30885DC29687D2A9B
             CRC32:           1B1733A3
           Version:           58.5.0.0

{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
          DPF name: Java Runtime Environment 1.5.0
        CLSID name: Java Plug-in 1.5.0
         Installer:
          Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
              Path: C:\Program Files\Java\jre1.5.0\bin\
         Long name:       NPJPI150.dll
        Short name:                  
    Date (created): 3/9/2005 2:26:44 PM
Date (last access): 8/13/2006 12:06:38 PM
 Date (last write): 3/9/2005 2:26:44 PM
          Filesize:              69740
        Attributes:           archive
               MD5: D25BB4762A876A3DBF6F2BAA36A179FA
             CRC32:           9367234B
           Version:            1.5.0.0



--- Process list ---
PID:    0 (   0) [System]
PID:  788 (   4) \SystemRoot\System32\smss.exe
PID:  836 ( 788) \??\C:\WINDOWS\system32\csrss.exe
PID:  860 ( 788) \??\C:\WINDOWS\system32\winlogon.exe
PID:  904 ( 860) C:\WINDOWS\system32\services.exe
 size: 108032
  MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID:  916 ( 860) C:\WINDOWS\system32\lsass.exe
 size: 13312
  MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1060 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1120 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1156 ( 904) C:\WINDOWS\System32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1204 ( 904) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
 size: 86016
  MD5: AA1D9C4A2F997FEA8A4FB0929212EDA2
PID: 1308 ( 904) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
 size: 372809
  MD5: A57B20BB52B7C504B7A9FB4C82B639BA
PID: 1392 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1492 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1716 ( 904) C:\WINDOWS\system32\spoolsv.exe
 size: 57856
  MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1812 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
 size: 73728
  MD5: 1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C
PID: 1956 ( 904) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
 size: 100016
  MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 1968 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
 size: 336896
  MD5: 9BF46D959F713D64C8FF3DE2B2437863
PID: 1984 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
 size: 84480
  MD5: 66093610FA61142F6BCFD83AFB7E8A29
PID: 2000 ( 904) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
 size: 281088
  MD5: 07C595396C6F4631E88F9792E1BECD7E
PID: 2008 (1956) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
 size: 46768
  MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID:  132 ( 904) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
 size: 94208
  MD5: C0312F716AC9963FFAFAF99A269DE8B0
PID:  168 ( 904) C:\Program Files\ewido anti-spyware 4.0\guard.exe
 size: 172032
  MD5: F8D982556A9E0795829632FF0812DC2D
PID:  196 ( 904) C:\Program Files\mcafee.com\personal firewall\MPFService.exe
 size: 548864
  MD5: 54762D5377D42E53BBFF823E631D1533
PID:  308 ( 904) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
 size: 7520337
  MD5: F80EEC5E1D6CDF82CB974DAADA0C57DD
PID:  480 ( 904) C:\WINDOWS\system32\nvsvc32.exe
 size: 127043
  MD5: B73B1060A6CFE44011BB9CA850FFBCD0
PID:  500 ( 904) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
 size: 139264
  MD5: E6CD560A4A16FEEE5503CB59A3E30A84
PID:  544 ( 904) C:\WINDOWS\system32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID:  588 ( 904) C:\WINDOWS\system32\wdfmgr.exe
 size: 38912
  MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID:  620 ( 904) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
 size: 150528
  MD5: 66C78DC68C0C418C5D5E62745E9FD764
PID:  648 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
 size: 1839104
  MD5: D8F1426431A33270DDF15FD22FD4D823
PID:  696 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
 size: 270336
  MD5: 7CC2E7077D4222B234F78704321F3056
PID: 1376 ( 904) C:\WINDOWS\wanmpsvc.exe
 size: 65536
  MD5: 909F2DC0DA7F57D229A05EE90647B2C3
PID: 2348 (2192) C:\WINDOWS\Explorer.EXE
 size: 1032192
  MD5: A0732187050030AE399B241436565E64
PID: 2656 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
 size: 167936
  MD5: 3EF7CEBC4964B4D2E60B79893F4C84EB
PID: 2720 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
 size: 57344
  MD5: 284BF2F51F0C8ED2C5DDC58BC529F4BF
PID: 2788 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
 size: 135168
  MD5: C5D91CD2EB27CD0474DC6FDAF29220F1
PID: 2820 ( 904) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
 size: 745472
  MD5: 206CE4A9ACF7D04AE7A27FCE8EF2FA70
PID: 3852 (2348) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
 size: 74752
  MD5: 7984D2A1B7A3A691889C53708FE450BF
PID: 4044 (2348) C:\Program Files\Apoint\Apoint.exe
 size: 114688
  MD5: 5EC6A3A27642F72A9D58BF6631D9F6DD
PID: 4068 (2348) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
 size: 151552
  MD5: 2BA8F6A9C5A5C355DA408A9FDB204F5B
PID: 1192 (2348) C:\Program Files\Real\RealPlayer\RealPlay.exe
 size: 26112
  MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 1444 (1436) C:\Program Files\Apoint\Apntex.exe
 size: 45056
  MD5: CCA1B81492B40890E44B2B20A780EE1F
PID: 1460 (2348) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
 size: 184320
  MD5: CAD377A29EE32C696AACAFE512ADD1B7
PID: 1368 (2348) C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
 size: 192512
  MD5: 783B5F2FAEFD99B85BF3AC40F62EA77D
PID: 2084 (2348) C:\WINDOWS\RTHDCPL.EXE
 size: 13783040
  MD5: 66AE097C581BA0337CA57BCC3C86EBAC
PID: 2200 ( 904) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
 size: 143360
  MD5: E74F07164D9415773BB79FD5055B9384
PID: 2500 (2348) C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
 size: 50792
  MD5: 01CA06B4A25EE7832D8959667D4FD42D
PID: 2848 (2348) C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
 size: 992808
  MD5: FF79902A27581102D8565AEF54BA91F6
PID: 3224 (2348) C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
 size: 81920
  MD5: ED3C7DA8ADE49EFC753FDDDF18C8A53E
PID: 2160 ( 904) C:\WINDOWS\System32\alg.exe
 size: 44544
  MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3432 ( 904) C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
 size: 69632
  MD5: 45B83808BF5C9968C3259A48898C7DD5
PID: 3864 ( 904) C:\WINDOWS\System32\svchost.exe
 size: 14336
  MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 3052 (2348) C:\Program Files\QuickTime\qttask.exe
 size: 98304
  MD5: C341CCFBE98BC7DF6E0B856BB9FC265A
PID: 3724 (2348) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
 size: 32768
  MD5: 93EEFBC237ADFC406F52EE56D97F784B
PID: 3168 (2348) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
 size: 369664
  MD5: 32E0D24EAD2A5C7EE7B6AD516EAFE8EE
PID: 3612 (2348) C:\Program Files\ewido anti-spyware 4.0\ewido.exe
 size: 6283264
  MD5: 10C40F37AC87A18F624143D4FE6E8DEC
PID: 3900 (2348) C:\Program Files\America Online 9.0\aoltray.exe
 size: 36953
  MD5: 9006FA0B6DA152BE1E4E290552B01421
PID: 3992 (2348) C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
 size: 110592
  MD5: 2985A499FEA57F6F9232936E6618D5CF
PID: 3624 (2348) C:\Program Files\Internet Explorer\iexplore.exe
 size: 93184
  MD5: E7484514C0464642BE7B4DC2689354C8
PID: 1580 (3624) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
 size: 65536
  MD5: 1412A6785B953D99A2A83A1ED706ACE8
PID: 2152 (3664) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
 size: 4393096
  MD5: 09CA174A605B480318731E691DC98539
PID:    4 (   0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 8/13/2006 12:58:07 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
  C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
  http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
  http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
  http://www.sony.com/vaiopeople
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main\Default_Search_URL
   
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
  http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
  %SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
  http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
  http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
  http://www.sony.com/vaiopeople
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
  http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
  http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
  http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
   uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
       publisher: Lavasoft
       help link: http://www.lavasoft.com

  (AddressBook)

Adobe Photoshop CS2 9.0 (Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D})
         version: 9
 version (major): 9
install location: C:\Program Files\Adobe\Adobe Photoshop CS2\
   uninstall cmd: msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
       publisher: Adobe Systems, Inc.
        comments:  
         contact: Customer Support
       help link: http://www.adobe.com/support/main.html
  help telephone: 1-555-555-4505

AOL Uninstaller (Choose which Products to Remove)  (AOL Uninstaller)
   uninstall cmd: C:\Program Files\Common Files\AOL\uninstaller.exe

  (AOLAntivirus)
   uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

AOL Coach Version 1.0(Build:20030807.3)  (AolCoach)
   uninstall cmd: C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe

  (AOLFirewall)
   uninstall cmd: "C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

AVG Free Edition  (AVG7Uninstall)
   uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL

HDAUDIO SoftV92 Data Fax Modem with SmartCP  (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200)
   uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_104D0200

  (Connection Manager)

  (DirectAnimation)

  (DirectDrawEx)

  (DXM_Runtime)

Canon Utilities EOS Utility 1.0.3.17 (EOS Utility)
install location: C:\Program Files\Canon\EOS Utility
   uninstall cmd: "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"

EPSON Printer Software  (EPSON Printer and Utilities)
   uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r

ewido anti-spyware 4.0  (ewidoantispyware4)
install location: C:\Program Files\ewido anti-spyware 4.0
   uninstall cmd: C:\Program Files\ewido anti-spyware 4.0\Uninstall.exe
       publisher: ewido networks
       help link: http://www.ewido.net

  (Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
   uninstall cmd: C:\Documents and Settings\Debi\Local Settings\Temporary Internet Files\Content.IE5\0YK9DEL4\HijackThis.exe /uninstall
       publisher: Soeperman Enterprises Ltd.

  (ICW)

  (IE40)

  (IE4Data)

  (IE5BAKEX)

  (IEData)

  (InstallShield Uninstall Information)

Canon Utilities PhotoStitch 3.1 3.1.14 (InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA})
         version: 50397198
 version (major): 3
 version (minor): 1
  estimated size: 1364
    install date: 20060507
install location: C:\Program Files\Canon\PhotoStitch\
  install source: E:\SOFTWARE\PSTITCH\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  

OpenMG Secure Module 4.1.00 4.1.00.13261 (InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E})
         version: 67174400
 version (major): 4
 version (minor): 1
  estimated size: 15029
    install date: 20050309
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
  install source: C:\abu\software\0503602.snc\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
       publisher: Sony Corporation

VAIO Registration 13.0.3 (InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5})
         version: 218103811
 version (major): 13
  estimated size: 1644
    install date: 20050309
  install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is79\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{315BA29D-2644-4760-B5FD-5AC04A52B8C5}
       publisher: Sony Electronics
        comments: Customer Support Department
         contact: Customer Support Department
       help link: http://www.sony.com/pcsupport
  help telephone: 1-888-4-SONY-PC
          readme: Readme.txt

Canon Utilities EOS Capture 1.2 1.2 (InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808})
         version: 16908288
 version (major): 1
 version (minor): 2
  estimated size: 2448
    install date: 20060507
  install source: E:\SOFTWARE\EC\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{74BE7519-41A7-45A8-8AA6-78C7907A4808}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  

Canon Utilities EOS Viewer Utility 1.2 1.2.1 (InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373})
         version: 16908289
 version (major): 1
 version (minor): 2
  estimated size: 8852
    install date: 20060507
  install source: E:\SOFTWARE\EVU\English\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{750CF8D7-4B04-404F-AFA2-14C129C42373}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  
          readme:  

Canon EOS 20D WIA Driver 5.4 (InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3})
         version: 84148224
 version (major): 5
 version (minor): 4
  estimated size: 1200
    install date: 20060507
  install source: E:\SOFTWARE\WIA\EOS 20D\ENGLISH\
   uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}
       publisher: Canon
        comments:  
         contact:  
       help link:  
  help telephone:  
          readme:  

VAIO Survey Standalone 3.02 (InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE})
         version: 50462720
 version (major): 3
 version (minor): 2
  estimated size: 359
    install date: 20050823
  install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isE6\
   uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}
       publisher: Sony Electronics
        comments: 0
         contact: 0
       help link: 0
  help telephone: 0
          readme: 0

Windows XP Hotfix - KB307154 20040813.160158 (KB307154)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB307154$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=307154

Windows XP Hotfix - KB833407 20040119.115651 (KB833407)
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=833407

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=KB835221

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=867282

Microsoft Data Access Components KB870669  (KB870669)
   uninstall cmd: C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=KB870669

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=883939

  (KB884016)

Windows XP Hotfix - KB884018 20040812.132033 (KB884018)
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=884018

Windows XP Hotfix - KB884575 20040827.145237 (KB884575)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=884575

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888239 20041124.162528 (KB888239)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888239

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=888302

Security Update for Windows XP (KB890046) 1 (KB890046)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB890923 1 (KB890923)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=890923

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
   uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=891781

Security Update for Windows XP (KB893756) 1 (KB893756)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=893756

  (KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
   uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=894391

Security Update for Windows XP (KB896358) 1 (KB896358)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=896428

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=898461

Security Update for Windows XP (KB899587) 1 (KB899587)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899591) 1 (KB899591)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=899591

Update for Windows XP (KB900485) 2 (KB900485)
    install date: 20060509
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=900485

Security Update for Windows XP (KB900725) 1 (KB900725)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=900725

Security Update for Windows XP (KB901017) 1 (KB901017)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901214) 1 (KB901214)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=901214

Security Update for Windows XP (KB902400) 1 (KB902400)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB903235) 1 (KB903235)
    install date: 20050823
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=903235

Security Update for Windows XP (KB904706) 2 (KB904706)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=904706

Security Update for Windows XP (KB905414) 1 (KB905414)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
    install date: 20060214
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=905915

Security Update for Windows XP (KB908519) 1 (KB908519)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=908519

Security Update for Windows XP (KB908531) 1 (KB908531)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=908531

Update for Windows XP (KB910437) 1 (KB910437)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=910437

Security Update for Windows XP (KB911280) 1 (KB911280)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911280

Security Update for Windows XP (KB911562) 1 (KB911562)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911562

Security Update for Windows Media Player (KB911564)  (KB911564)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565)  (KB911565)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911567) 1 (KB911567)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911567

Security Update for Windows XP (KB911927) 1 (KB911927)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=911927

Security Update for Windows XP (KB912812) 1 (KB912812)
    install date: 20060420
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=912812

Security Update for Windows XP (KB912919) 1 (KB912919)
    install date: 20060215
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=912919

Security Update for Windows XP (KB913446) 1 (KB913446)
    install date: 20060226
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=913446

Security Update for Windows XP (KB913580) 1 (KB913580)
    install date: 20060512
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=913580

Security Update for Windows XP (KB914388) 1 (KB914388)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=914388

Security Update for Windows XP (KB914389) 1 (KB914389)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=914389

Security Update for Windows XP (KB916281) 1 (KB916281)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=916281

Update for Windows XP (KB916595) 1 (KB916595)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=916595

Security Update for Windows XP (KB917159) 1 (KB917159)
    install date: 20060719
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917159

Security Update for Windows XP (KB917344) 1 (KB917344)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917344

Security Update for Windows XP (KB917422) 1 (KB917422)
    install date: 20060813
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917422

Security Update for Windows Media Player 10 (KB917734)  (KB917734_WMP10)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com/?kbid=917734

Security Update for Windows XP (KB917953) 1 (KB917953)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=917953

Security Update for Windows XP (KB918439) 1 (KB918439)
    install date: 20060616
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=918439

Security Update for Windows XP (KB918899) 1 (KB918899)
    install date: 20060813
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
       publisher: Microsoft Corporation
       help link: http://support.microsoft.com?kbid=918899

Security Update for Windows XP (KB920214) 1 (KB920214)
    install date: 20060813
   uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
       publisher: Microsoft Corpo
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #27 on: August 13, 2006, 03:23:36 PM »
Don't worry about it
Follow my last set of instructions just before you posted again
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #28 on: August 13, 2006, 03:54:49 PM »
Okay. I rebooted and didn't catch what the "box" thinggy said. Fired up and rebooted again and it didn't show up. Will have to use a bit to see if things are good...seems slow. but.....my eyes are now crossed and need to step away for a bit.  Thanks so far, and will check back in a bit!
Logged

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #29 on: August 13, 2006, 06:41:33 PM »
Been working on computer last 3 hours, and performance seems slow. I was editing photos, and it was hanging in the process and it has never done that before. I am running defrag right now.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #30 on: August 13, 2006, 06:54:18 PM »
Can i see a new hijackthis log please
How long have you had AVG installed?

How long have you had McAfee's installed?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #31 on: August 13, 2006, 07:02:09 PM »
I've had McAfee on since I've had the computer, since January this year. It was not working after I got the trojan. I reinstalled and ran it. I had over 900 virus and 3 trojan. (thank you limewire) I put the AGV on yesterday after I posted.

Logfile of HijackThis v1.99.1
Scan saved at 4:58:44 PM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 2200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB001" /M "Stylus Photo 2200"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1139964437\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{724689B3-0029-4F6C-A42B-77B802E854E7}: NameServer = 68.87.69.146,68.87.85.98
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #32 on: August 13, 2006, 07:07:50 PM »
Let's try the following
Go to START>>RUN>>type in
services.msc
In the new window that opens
Double click on Ewido Anti-Spyware on the right hand side
In the startup type in the drop down menu, set it to Disabled
Apply and OK out of there

If you just put on AVG
Why don't you try the following
Reenable McAfee's virus scanner, it appears to be still installed according to Spybot's log
 (AOLAntivirus)
uninstall cmd: "C:\Program Files\mcafee.com\antivirus\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

Now access your add/remove programs and remove the free version of AVG

Reboot the computer

Does that help?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #33 on: August 13, 2006, 07:30:40 PM »
got the ewido disarmed. little gun shy with putting mcafee back on. it was disarmed by the virus before. This defrag is taking forever, so will see if that is better first???
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #34 on: August 13, 2006, 07:32:13 PM »
You should let the defrag run uninterrupted
McAfee's is still installed isn't it?
It is in your add/remove programs
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #35 on: August 13, 2006, 07:40:04 PM »
not in the add/remove program list. all that is  left in there for aol, is the program to do my email stuff. and i gotta say, i left the firewall on, and all that is now gone too. I only uninstalled the virus protection. Sometimes I think that aol is a bit screwey....don't know what to tell ya. I didn't take it off, and now that whole part is gone too.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #36 on: August 13, 2006, 10:30:38 PM »
Can I see the following please
I'm unsure what's going on at your end
Download and unzip to your desktop InstalledPrograms.zip
Double click on InstalledPrograms.vbs
Allow this script to run if prompted by your Anti-Virus, we are just collecting information

Click OK at the IP prompt and click YES to view the results now
A text file will open, can you copy and paste back here the whole contents
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #37 on: August 13, 2006, 10:54:52 PM »
Sorry for the delay...cannot log on to the internet any longer. I get a connection, but the dreaded page cannot be displayed when I hit Internet Explorer....

Anyway, here is the log file
INSTALLED SOFTWARE (184) - DEB - 8/13/2006 8:48:04 PM

Ad-Aware SE Personal   Ver: 1.06
Adobe Bridge 1.0   Ver: 001.000.004   Installed: 5/13/2006
Adobe Common File Installer   Ver: 1.00.0000   Installed: 2/14/2006
Adobe Help Center 1.0   Ver: 001.000.000   Installed: 2/14/2006
Adobe Photoshop CS2   Ver: 9.0
Adobe Photoshop CS2   Ver: 9.0   Installed: 2/14/2006
Adobe Reader 7.0   Ver: 7.0.0   Installed: 3/9/2005
Adobe Stock Photos 1.0   Ver: 001.000.000   Installed: 2/14/2006
AOL Connectivity Services   
AVG Free Edition   
Canon Camera WIA Driver   Ver: 5.4   Installed: 5/7/2006
Canon EOS 20D WIA Driver   Ver: 5.4   Installed: 5/7/2006
Canon Utilities EOS Capture 1.2   Ver: 1.2   Installed: 5/7/2006
Canon Utilities EOS Utility   Ver: 1.0.3.17
Canon Utilities EOS Viewer Utility 1.2   Ver: 1.2.1   Installed: 5/7/2006
Canon Utilities PhotoStitch 3.1   Ver: 3.1.14   Installed: 5/7/2006
Canon Utilities ZoomBrowser EX   
Click to DVD 2.0.03 Menu Data   Ver: 2.0.03   Installed: 8/23/2005
Click to DVD 2.4.02   Ver: 2.4.02   Installed: 8/23/2005
DVgate Plus   
EOS Capture 1.2   Ver: 1.2   Installed: 5/7/2006
EOS Viewer Utility 1.2.1   Ver: 1.2.1   Installed: 5/7/2006
EPSON Copy Utility   
EPSON Photo Print   
EPSON Printer Software   
EPSON Scan   
EPSON Smart Panel   
ewido anti-spyware 4.0   
HDAUDIO SoftV92 Data Fax Modem with SmartCP   
High Definition Audio Driver Package - KB835221   Ver: 20040219.000000
HijackThis 1.99.1   Ver: 1.99.1
Image Converter 2   
Intel® Graphics Media Accelerator Driver for Mobile   
Intel® PRO Network Connections Drivers   
Intel® PROSet/Wireless Software   
InterVideo WinDVD for VAIO   Ver: 5.0-B11.731
InterVideo WinDVDX   
ISScript   Ver: 3.00.185   Installed: 3/9/2005
J2SE Runtime Environment 5.0   Ver: 1.5.0   Installed: 3/9/2005
Learn2 Player (Uninstall Only)   
mCore   Ver: 1.31.0000   Installed: 4/5/2006
mDriver   Ver: 1.31.0000   Installed: 4/5/2006
Memory Stick Formatter   
Microsoft .NET Framework 1.1   
Microsoft .NET Framework 1.1   Ver: 1.1.4322   Installed: 8/23/2005
Microsoft .NET Framework 1.1 Hotfix (KB886903)   
Microsoft Data Access Components KB870669   
Microsoft Office Professional Edition 2003   Ver: 11.0.5614.0   Installed: 8/1/2006
Microsoft SQL Server Desktop Engine (VAIO_VEDB)   Ver: 8.00.761   Installed: 3/9/2005
Microsoft Works   Ver: 08.04.0623   Installed: 8/23/2005
mMHouse   Ver: 1.31.0000   Installed: 4/5/2006
mPfMgr   Ver: 1.31.0000   Installed: 4/5/2006
mXML   Ver: 1.31.0000   Installed: 4/5/2006
Napster   Ver: 3.6.0.7
Napster Burn Engine   Ver: 3.5.0000   Installed: 2/28/2006
NVIDIA Drivers   
OpenMG Limited Patch 4.1-05-13-31-01   
OpenMG Secure Module 4.1.00   Ver: 4.1.00.13261   Installed: 3/9/2005
OpenMG Secure Module 4.1.00   Ver: 4.1.00.13261   Installed: 3/9/2005
Panda ActiveScan   
PhotoStitch   Ver: 3.1.14   Installed: 5/7/2006
PictureGear Studio 2.0   
QuickTime   
RealPlayer Basic   
Realtek High Definition Audio Driver   
SanDisk TransferMate   
ScanToWeb   
Security Update for Step By Step Interactive Training (KB898458)   Ver: 20050502.101010   Installed: 2/14/2006
Security Update for Windows Media Player (KB911564)      Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB911565)      Installed: 2/15/2006
Security Update for Windows Media Player 10 (KB917734)      Installed: 6/16/2006
Security Update for Windows XP (KB883939)   Ver: 1   Installed: 8/23/2005
Security Update for Windows XP (KB890046)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB893756)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB896358)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB896422)   Ver: 1   Installed: 8/23/2005
Security Update for Windows XP (KB896423)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB896424)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB896428)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB899587)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB899591)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB900725)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB901017)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB901214)   Ver: 1   Installed: 8/23/2005
Security Update for Windows XP (KB902400)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB903235)   Ver: 1   Installed: 8/23/2005
Security Update for Windows XP (KB904706)   Ver: 2   Installed: 2/15/2006
Security Update for Windows XP (KB905414)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB905749)   Ver: 1   Installed: 2/14/2006
Security Update for Windows XP (KB905915)   Ver: 1   Installed: 2/15/2006
Security Update for Windows XP (KB908519)   Ver: 1   Installed: 2/15/2006
Security Update for Windows XP (KB908531)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911280)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB911562)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911567)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB911927)   Ver: 1   Installed: 2/15/2006
Security Update for Windows XP (KB912812)   Ver: 1   Installed: 4/20/2006
Security Update for Windows XP (KB912919)   Ver: 1   Installed: 2/15/2006
Security Update for Windows XP (KB913446)   Ver: 1   Installed: 2/26/2006
Security Update for Windows XP (KB913580)   Ver: 1   Installed: 5/12/2006
Security Update for Windows XP (KB914388)   Ver: 1   Installed: 7/19/2006
Security Update for Windows XP (KB914389)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB916281)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB917159)   Ver: 1   Installed: 7/19/2006
Security Update for Windows XP (KB917344)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB917422)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB917953)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB918439)   Ver: 1   Installed: 6/16/2006
Security Update for Windows XP (KB918899)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920214)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920670)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB920683)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB921398)   Ver: 1   Installed: 8/13/2006
Security Update for Windows XP (KB921883)   Ver: 1   Installed: 8/12/2006
Security Update for Windows XP (KB922616)   Ver: 1   Installed: 8/13/2006
Setting Utility Series   
Shockwave Flash   
Sonic RecordNow!   Ver: 7.30   Installed: 8/23/2005
SonicStage 3.0   Ver: 3.0   Installed: 8/23/2005
SonicStage Mastering Studio Audio Filter Custom Preset   
Sony Certificate PCH   
Sony MP4 Shared Library   Ver: 1.1   Installed: 3/9/2005
Sony USB Mouse   
Sony Utilities DLL   
Sony Video Shared Library   Ver: 2.0.01   Installed: 3/9/2005
Spybot - Search & Destroy 1.4   Ver: 1.4
SpySubtract   
Update for Windows XP (KB894391)   Ver: 1   Installed: 2/14/2006
Update for Windows XP (KB898461)   Ver: 1   Installed: 2/14/2006
Update for Windows XP (KB900485)   Ver: 2   Installed: 5/9/2006
Update for Windows XP (KB910437)   Ver: 1   Installed: 2/15/2006
Update for Windows XP (KB916595)   Ver: 1   Installed: 7/19/2006
VAIO Control Center   
VAIO Entertainment Platform   Ver: 1.3.00.14090
VAIO Event Service   Ver: 2.1.00.14030
VAIO Launcher   
VAIO Light Flo Wallpaper   
VAIO Media 4.0   
VAIO Media AC3 Decoder 1.0   
VAIO Media Integrated Server 4.1      Installed: 8/23/2005
VAIO Media Redistribution 4.0   
VAIO Media Registration Tool 4.0   
VAIO Original Screen Saver   
VAIO Original Screen Saver VAIO Motion SD Wide Contents   
VAIO Power Management   Ver: 1.6.01.14010
VAIO Registration   Ver: 13.0.3   Installed: 3/9/2005
VAIO Registration   Ver: 13.0.3   Installed: 3/9/2005
VAIO Survey Standalone   Ver: 3.02   Installed: 8/23/2005
VAIO Survey Standalone   Ver: 3.02   Installed: 8/23/2005
VAIO TV Tuner Library 1.4   
VAIO Update 2   
VAIO Wireless Utility   
VAIO Zone   
VAIO Zone Remote Commander   
Viewpoint Media Player   
WebFldrs XP   Ver: 9.50.7523   Installed: 3/9/2005
Windows Backup Utility   Ver: 5.1   Installed: 3/9/2005
Windows Genuine Advantage Notifications (KB905474)   Ver: 1.5.0532.2   Installed: 6/27/2006
Windows Installer 3.1 (KB893803)   Ver: 3.1
Windows Media Format Runtime   
Windows Media Player 10   
Windows XP Hotfix - KB307154   Ver: 20040813.160158
Windows XP Hotfix - KB833407   Ver: 20040119.115651
Windows XP Hotfix - KB867282   Ver: 20050127.090417
Windows XP Hotfix - KB873333   Ver: 20050114.005213
Windows XP Hotfix - KB873339   Ver: 20041117.092459
Windows XP Hotfix - KB884018   Ver: 20040812.132033
Windows XP Hotfix - KB884575   Ver: 20040827.145237
Windows XP Hotfix - KB885250   Ver: 20050118.202711
Windows XP Hotfix - KB885835   Ver: 20041027.181713
Windows XP Hotfix - KB885836   Ver: 20041028.173203
Windows XP Hotfix - KB886185   Ver: 20041021.090540
Windows XP Hotfix - KB887472   Ver: 20041014.162858
Windows XP Hotfix - KB887742   Ver: 20041103.095002
Windows XP Hotfix - KB888113   Ver: 20041116.131036
Windows XP Hotfix - KB888239   Ver: 20041124.162528
Windows XP Hotfix - KB888302   Ver: 20041207.111426
Windows XP Hotfix - KB890047   Ver: 20041221.124506
Windows XP Hotfix - KB890175   Ver: 20041201.233338
Windows XP Hotfix - KB890859   Ver: 1   Installed: 2/14/2006
Windows XP Hotfix - KB890923   Ver: 1   Installed: 8/23/2005
Windows XP Hotfix - KB891781   Ver: 20050110.165439
WinRAR archiver   
Wireless Switch Setting Utility
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
bad attack...
« Reply #38 on: August 13, 2006, 11:01:05 PM »
Looks like you tried to remove more than just the Virus scanner

What happens when you go to START>>RUN

Type the following in exactly or copy>paste it and then hit OK

"C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe" /PopUpMsgBox="N" /CheckMutx="N" /S

If that won't work, try this one
"C:\Program Files\mcafee.com\personal firewall\aol\uninst.exe"

If neither of the following work
Can you do this for ONLY a short time
Reboot into safe mode with Network Connection
Can you connect?
« Last Edit: August 13, 2006, 11:02:22 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline yodeb9

  • Newbie
  • *
  • Posts: 27
  • Karma: +0/-0
    • View Profile
bad attack...
« Reply #39 on: August 13, 2006, 11:08:31 PM »
When I first took it off, there were options, and I only uninstalled the virus protection, leaving the firewall, the spyware, and my aol connection. Now they are all gone and I can't even log online with that computer any longer....
 
tried the run the c: prompts and I get that it is no longer on the computer
Logged
Pages: 1 [2] 3
« previous next »