Please help!

katana · Jan 6, 2008

Just nuke it with the removal tool :bigthumb:

Regarding the C:\F\F\F\ folders, are there any files in there that you want to keep ?

qwerty77 · Jan 6, 2008

The removal tool won't let me proceed.

qwerty77 · Jan 6, 2008

The F/F/F files....as long as I have 1 copy of each of them I don't need any of the others (I believe each F/ is a duplicate somehow).

katana · Jan 6, 2008

Each \F is a separate folder, if you delete C:\F then ALL the other folders will be gone.
It looks like something is backing up the folders, and at the rate it is going it will eat your entire drive.

Which Antivirus will you be keeping ?

qwerty77 · Jan 6, 2008

I guess I'll be keeping the symantec antivirus. Should I copy the F: files I need onto another drive and then delete the C:/F: ones to delete all the copies? I was hesitant to back anything up and upload it on another computer in case I was taking the infection with it.

katana · Jan 6, 2008

Ok, we will delete the McAfee files shortly.

Copy any files in the \F folders that you want to keep, and then just delete the first F folder on the C: drive.
That will remove them all.

Do you have the results of Findfiles.bat ?

qwerty77 · Jan 6, 2008

oh, yes, sorry, I thought that was after I removed those programs.

findfiles.bat:

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\Documents and Settings\Owner\Desktop

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\Documents and Settings\Owner\Desktop

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\Documents and Settings\Owner\Desktop

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\Documents and Settings\Owner\Desktop

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\Documents and Settings\Owner\Desktop

katana · Jan 6, 2008

My mistake, please run the following file

find a file
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad.
Save it as "All Files" and name it findfiles.bat Please save it on your desktop.

@echo off
if exist C:\look*.txt del /q C:\look*.txt
if exist C:\kresults.txt del /q C:\kresults.txt
cd c:
dir /a /s "hkcmd.exe >> C:\look.txt
dir /a /s "SPMgr.exe" >> C:\look1.txt
dir /a /s "ISBMgr.exe" >> C:\look2.txt
dir /a /s "Switcher.exe" >> C:\look3.txt
dir /a /s "igfxpers.exe" >> C:\look4.txt
dir /a /s "VAIOUpdt.exe" >> C:\look5.txt
dir /a /s "VCUServe.exe >> C:\look6.txt
dir /a /s "igfxtray.exe >> C:\look7.txt
dir /a /s "Apoint.exe >> C:\look8.txt
type C:\look*.txt >> C:\kresults.txt
start notepad C:\kresults.txt
del /q C:\look*.txt

Double click findfiles.bat. Notepad will open, copy and paste the contents in your reply.

qwerty77 · Jan 6, 2008

Volume in drive C has no label.
Volume Serial Number is E412-D2BE
Volume in drive C has no label.
Volume Serial Number is E412-D2BE
Volume in drive C has no label.
Volume Serial Number is E412-D2BE
Volume in drive C has no label.
Volume Serial Number is E412-D2BE
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

katana · Jan 6, 2008

And that is what you get for rushing something

Let's try that again, hopefully for the last time

find a file
Please copy (Ctrl+C) and paste (Ctrl+V) the following text in the quote to Notepad.
Save it as "All Files" and name it findfiles.bat Please save it on your desktop.

Echo off
if exist C:\look*.txt del /q C:\look*.txt
if exist C:\kresults.txt del /q C:\kresults.txt
cd c:\
dir /s /a "hkcmd.exe" >> C:\look.txt
dir /s /a "SPMgr.exe" >> C:\look1.txt
dir /s /a "ISBMgr.exe" >> C:\look2.txt
dir /s /a "Switcher.exe" >> C:\look3.txt
dir /s /a "igfxpers.exe" >> C:\look4.txt
dir /s /a "VAIOUpdt.exe" >> C:\look5.txt
dir /s /a "VCUServe.exe" >> C:\look6.txt
dir /s /a "igfxtray.exe" >> C:\look7.txt
dir /s /a "Apoint.exe" >> C:\look8.txt
type C:\look*.txt >> C:\kresults.txt
start notepad C:\kresults.txt
del /q C:\look*.txt

Double click findfiles.bat. Notepad will open, copy and paste the contents in your reply.

qwerty77 · Jan 6, 2008

hmm I just have a command prompt opened and says "C:\Documents and Settings\Owner\Desktop>Echo off"

katana · Jan 6, 2008

Don't worry, it will close shortly

qwerty77 · Jan 6, 2008

Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\F\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Directory of C:\WINDOWS\system32

12/30/2007 05:36 PM 77,824 hkcmd.exe
1 File(s) 77,824 bytes

Total Files Listed:
32 File(s) 2,490,368 bytes
0 Dir(s) 70,603,694,080 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\F\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Directory of C:\Program Files\Sony\VAIO Power Management

12/30/2007 05:36 PM 217,088 spmgr.exe
1 File(s) 217,088 bytes

Total Files Listed:
16 File(s) 3,473,408 bytes
0 Dir(s) 70,603,522,048 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\F\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Directory of C:\Program Files\Sony\ISB Utility

12/30/2007 05:36 PM 32,768 isbmgr.exe
1 File(s) 32,768 bytes

Total Files Listed:
16 File(s) 524,288 bytes
0 Dir(s) 70,603,386,880 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\F\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Directory of C:\Program Files\Sony\Wireless Switch Setting Utility

12/30/2007 05:36 PM 176,128 switcher.exe
1 File(s) 176,128 bytes

Total Files Listed:
16 File(s) 2,818,048 bytes
0 Dir(s) 70,603,350,016 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

qwerty77 · Jan 6, 2008

Directory of C:\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\F\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Directory of C:\WINDOWS\system32

12/31/2007 08:30 PM 118,784 igfxpers.exe
1 File(s) 118,784 bytes

Total Files Listed:
32 File(s) 3,801,088 bytes
0 Dir(s) 70,603,276,288 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\F\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Directory of C:\Program Files\Sony\VAIO Update 3

12/30/2007 05:36 PM 551,032 vaioupdt.exe
1 File(s) 551,032 bytes

Total Files Listed:
16 File(s) 8,816,512 bytes
0 Dir(s) 70,603,227,136 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\F\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Directory of C:\Program Files\Sony\VAIO Camera Utility

12/30/2007 05:36 PM 69,632 vcuserve.exe
1 File(s) 69,632 bytes

Total Files Listed:
16 File(s) 1,114,112 bytes
0 Dir(s) 70,603,161,600 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\F\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\WINDOWS\Drivers\Intel 945G Display

04/05/2006 01:21 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Directory of C:\WINDOWS\system32

12/30/2007 05:36 PM 94,208 igfxtray.exe
1 File(s) 94,208 bytes

Total Files Listed:
32 File(s) 3,014,656 bytes
0 Dir(s) 70,603,231,232 bytes free
Volume in drive C has no label.
Volume Serial Number is E412-D2BE

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\F\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Directory of C:\Program Files\Apoint

12/30/2007 05:36 PM 118,784 apoint.exe
1 File(s) 118,784 bytes

Directory of C:\WINDOWS\Drivers\Touchpad

11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes

Total Files Listed:
32 File(s) 3,801,088 bytes
0 Dir(s) 70,603,071,488 bytes free

katana · Jan 6, 2008

Very curious ????

It looks like those \F folders may be part of the infection, DO NOT delete any of those folders yet.

katana · Jan 7, 2008

Let's see if we can replace some of those infected files,
I will need to look at some, so we know they are clean.

Upload a File
Open suspicious file packer again and paste in the list of files below, then press next
C:\F\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe
C:\F\Program Files\Sony\VAIO Power Management\spmgr.exe
C:\F\Program Files\Sony\ISB Utility\isbmgr.exe
C:\F\Program Files\Sony\Wireless Switch Setting Utility\switcher.exe
C:\F\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe
C:\F\Program Files\Sony\VAIO Update 3\vaioupdt.exe
C:\F\Program Files\Sony\VAIO Camera Utility\vcuserve.exe
C:\F\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe
C:\F\WINDOWS\Drivers\Touchpad\Apoint.exe

Go to spykiller
This is your original topic

Subject:-- Check for legit files

In the main text window please put the following link
http://forums.spybot.info/showthread.php?p=150701#post150701
you may also add any comments you wish
then press attach and upload the zip/cab file that was created.

Please re-run DSS and post the log, so we can make sure nothing has changed.

qwerty77 · Jan 8, 2008

Deckard's System Scanner v20071014.68
Run by Owner on 2008-01-07 21:19:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 89% (more than 75%).

-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:25 PM, on 1/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\etMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\Owner\Desktop\Computer\dss.exe
C:\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/200015205/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173976083410
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (file missing)
O23 - Service: McAfee Task Manager (McTaskManager) - Unknown owner - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 11510 bytes

qwerty77 · Jan 8, 2008

-- Files created between 2007-12-07 and 2008-01-07 -----------------------------

2008-01-05 17:15:32 0 d-------- C:\Documents and Settings\Owner\.SunDownloadManager
2008-01-03 17:06:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-03 17:06:49 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-03 14:18:26 0 d-------- C:\KAV
2008-01-02 10:51:07 0 d-------- C:\WINDOWS\ERUNT
2007-12-31 19:33:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-12-31 19:28:03 0 d-------- C:\WINDOWS\CSC
2007-12-31 18:37:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-30 17:43:03 28672 -ra------ C:\WINDOWS\etRun.exe <Not Verified; eMPIA Technology, Inc.; etRun>
2007-12-30 17:43:03 36864 -ra------ C:\WINDOWS\etMon.exe <Not Verified; EMPIA Technology Corporation; etMonitor>
2007-12-30 17:43:02 61440 -ra------ C:\WINDOWS\system32\etVFW.dll <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:43:02 17808 -ra------ C:\WINDOWS\system32\emYUV.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2007-12-30 17:43:02 159872 -ra------ C:\WINDOWS\system32\drivers\etFilter.sys <Not Verified; eMPIA Technology Inc.; EM27xx / EM28xx USB Video Convertor>
2007-12-30 17:42:59 6016 -ra------ C:\WINDOWS\system32\drivers\etScan.sys <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:42:58 94720 -ra------ C:\WINDOWS\system32\drivers\etDevice.sys <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:24:33 217088 --a------ C:\WINDOWS\etSTI.exe <Not Verified; eMPIA Technology, Inc.; etSTI>
2007-12-30 17:24:33 208896 --a------ C:\WINDOWS\etCap.exe <Not Verified; eMPIA Technology, Inc.; etCap>
2007-12-30 17:24:33 393306 --a------ C:\WINDOWS\etamcap.exe <Not Verified; Microsoft Corporation; DirectX 9.0 Sample>
2007-12-30 17:24:33 0 d-------- C:\Program Files\ETUSB2.0
2007-12-30 17:24:32 0 d-------- C:\Program Files\eMPIA-ET
2007-12-30 15:11:54 0 d-------- C:\Program Files\ScopePhoto
2007-12-29 13:53:31 0 d-------- C:\Documents and Settings\Owner\Application Data\Sonic
2007-12-29 13:53:16 0 d-------- C:\Documents and Settings\Owner\Application Data\Leadertech
2007-12-29 08:20:03 0 d-------- C:\Program Files\MSECache
2007-12-20 18:38:12 0 d-------- C:\Program Files\ReflexiveArcade
2007-12-10 08:53:10 0 d-------- C:\Documents and Settings\Owner\Application Data\Help

-- Find3M Report ---------------------------------------------------------------

2008-01-05 18:38:12 0 d-------- C:\Program Files\Symantec AntiVirus
2008-01-05 18:20:51 0 d-------- C:\Program Files\Common Files
2008-01-05 17:11:59 0 d-------- C:\Program Files\Google
2008-01-03 21:20:30 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-03 21:20:28 0 d-------- C:\Program Files\Apoint
2008-01-02 16:39:27 146 --a------ C:\Documents and Settings\Owner\Application Data\GL_Alerts.conf
2008-01-02 07:55:26 0 d-------- C:\Program Files\LimeWire
2008-01-02 07:48:05 0 d-------- C:\Program Files\Common Files\AOL
2008-01-02 07:39:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-01-02 07:39:19 0 d-------- C:\Program Files\Sony Pictures Games
2008-01-02 07:37:59 0 d-------- C:\Program Files\DAPlus
2008-01-01 21:44:13 0 d-------- C:\Program Files\Spyware Doctor
2007-12-31 20:30:31 118784 --a------ C:\WINDOWS\system32\igfxpers.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-31 19:34:50 0 d-------- C:\Program Files\Trend Micro
2007-12-31 13:19:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Sony Corporation
2007-12-30 17:46:55 0 d-------- C:\Program Files\Java
2007-12-30 17:38:39 0 d-------- C:\Program Files\iTunes
2007-12-30 17:38:38 0 d-------- C:\Program Files\QuickTime
2007-12-30 17:36:25 94208 --a------ C:\WINDOWS\system32\igfxtray.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-30 17:36:24 77824 --a------ C:\WINDOWS\system32\hkcmd.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-30 17:24:28 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-27 17:16:04 0 d-------- C:\Documents and Settings\Owner\Application Data\Aim
2007-12-26 21:32:29 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2007-12-25 22:04:57 0 d-------- C:\Program Files\Yahoo!
2007-12-25 22:04:57 0 d-------- C:\Program Files\1Club.FM
2007-12-25 21:51:42 0 d-------- C:\Program Files\BitTorrent
2007-12-10 08:53:10 0 d-------- C:\Program Files\AIM
2007-12-07 00:25:06 47760 --a------ C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2007-11-08 16:31:07 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2007-11-07 21:20:57 0 d-------- C:\Documents and Settings\Owner\Application Data\MySpace
2007-11-07 21:20:55 0 d-------- C:\Program Files\MySpace

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
10/14/2005 12:21 PM 102400 --a------ C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/19/2003 11:08 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/08/2006 12:50 PM]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" []
"DeadAIM"="C:\Program Files\AIM\\DeadAIM.ocm" [02/23/2004 03:16 AM]
"etMonitor"="C:\WINDOWS\etMon.exe" [10/11/2005 05:57 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/15/2006 07:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
Trend Micro Anti-Spyware.lnk - C:\Program Files\Trend Micro\Tmas\Tmas.exe [8/2/2006 3:15:47 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{03A80B1D-5C6A-42c2-9DFB-81B6005D8023}"= C:\Program Files\Trend Micro\Tmas\sshook.dll [08/02/2006 03:15 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 03/09/2006 04:51 PM 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Clean Access Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
backup=C:\WINDOWS\pss\Clean Access Agent.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VPN Client.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
backup=C:\WINDOWS\pss\VPN Client.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Webshots.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Webshots.lnk
backup=C:\WINDOWS\pss\Webshots.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1154548953\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
"C:\Program Files\Spyware Doctor\SDTrayApp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8435c48-225e-11db-b383-806d6172696f}]
AutoRun\command- E:\sony\Autorun.exe

-- End of Deckard's System Scanner: finished at 2008-01-07 21:20:44 ------------

qwerty77 · Jan 8, 2008

I wasn't sure why it said I had so much memory in use so I rebooted and reran the DSS and this is the new log:

Deckard's System Scanner v20071014.68
Run by Owner on 2008-01-07 21:45:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:24 PM, on 1/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\etMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Owner\Desktop\Computer\dss.exe
C:\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/200015205/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1173976083410
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (file missing)
O23 - Service: McAfee Task Manager (McTaskManager) - Unknown owner - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 11348 bytes

-- Files created between 2007-12-07 and 2008-01-07 -----------------------------

2008-01-05 17:15:32 0 d-------- C:\Documents and Settings\Owner\.SunDownloadManager
2008-01-03 17:06:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-03 17:06:49 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-03 14:18:26 0 d-------- C:\KAV
2008-01-02 10:51:07 0 d-------- C:\WINDOWS\ERUNT
2007-12-31 19:33:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-12-31 19:28:03 0 d-------- C:\WINDOWS\CSC
2007-12-31 18:37:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-30 17:43:03 28672 -ra------ C:\WINDOWS\etRun.exe <Not Verified; eMPIA Technology, Inc.; etRun>
2007-12-30 17:43:03 36864 -ra------ C:\WINDOWS\etMon.exe <Not Verified; EMPIA Technology Corporation; etMonitor>
2007-12-30 17:43:02 61440 -ra------ C:\WINDOWS\system32\etVFW.dll <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:43:02 17808 -ra------ C:\WINDOWS\system32\emYUV.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2007-12-30 17:43:02 159872 -ra------ C:\WINDOWS\system32\drivers\etFilter.sys <Not Verified; eMPIA Technology Inc.; EM27xx / EM28xx USB Video Convertor>
2007-12-30 17:42:59 6016 -ra------ C:\WINDOWS\system32\drivers\etScan.sys <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:42:58 94720 -ra------ C:\WINDOWS\system32\drivers\etDevice.sys <Not Verified; eMPIA Technology, Inc.; ET USB 28xx Video>
2007-12-30 17:24:33 217088 --a------ C:\WINDOWS\etSTI.exe <Not Verified; eMPIA Technology, Inc.; etSTI>
2007-12-30 17:24:33 208896 --a------ C:\WINDOWS\etCap.exe <Not Verified; eMPIA Technology, Inc.; etCap>
2007-12-30 17:24:33 393306 --a------ C:\WINDOWS\etamcap.exe <Not Verified; Microsoft Corporation; DirectX 9.0 Sample>
2007-12-30 17:24:33 0 d-------- C:\Program Files\ETUSB2.0
2007-12-30 17:24:32 0 d-------- C:\Program Files\eMPIA-ET
2007-12-30 15:11:54 0 d-------- C:\Program Files\ScopePhoto
2007-12-29 13:53:31 0 d-------- C:\Documents and Settings\Owner\Application Data\Sonic
2007-12-29 13:53:16 0 d-------- C:\Documents and Settings\Owner\Application Data\Leadertech
2007-12-29 08:20:03 0 d-------- C:\Program Files\MSECache
2007-12-20 18:38:12 0 d-------- C:\Program Files\ReflexiveArcade
2007-12-10 08:53:10 0 d-------- C:\Documents and Settings\Owner\Application Data\Help

-- Find3M Report ---------------------------------------------------------------

2008-01-07 21:43:43 0 d-------- C:\Program Files\Symantec AntiVirus
2008-01-07 21:39:42 413 --a------ C:\Program Files\Shortcut to HiJackThis.exe.lnk
2008-01-05 18:20:51 0 d-------- C:\Program Files\Common Files
2008-01-05 17:11:59 0 d-------- C:\Program Files\Google
2008-01-03 21:20:30 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-03 21:20:28 0 d-------- C:\Program Files\Apoint
2008-01-02 16:39:27 146 --a------ C:\Documents and Settings\Owner\Application Data\GL_Alerts.conf
2008-01-02 07:55:26 0 d-------- C:\Program Files\LimeWire
2008-01-02 07:48:05 0 d-------- C:\Program Files\Common Files\AOL
2008-01-02 07:39:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-01-02 07:39:19 0 d-------- C:\Program Files\Sony Pictures Games
2008-01-02 07:37:59 0 d-------- C:\Program Files\DAPlus
2008-01-01 21:44:13 0 d-------- C:\Program Files\Spyware Doctor
2007-12-31 20:30:31 118784 --a------ C:\WINDOWS\system32\igfxpers.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-31 19:34:50 0 d-------- C:\Program Files\Trend Micro
2007-12-31 13:19:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Sony Corporation
2007-12-30 17:46:55 0 d-------- C:\Program Files\Java
2007-12-30 17:38:39 0 d-------- C:\Program Files\iTunes
2007-12-30 17:38:38 0 d-------- C:\Program Files\QuickTime
2007-12-30 17:36:25 94208 --a------ C:\WINDOWS\system32\igfxtray.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-30 17:36:24 77824 --a------ C:\WINDOWS\system32\hkcmd.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-12-30 17:24:28 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-27 17:16:04 0 d-------- C:\Documents and Settings\Owner\Application Data\Aim
2007-12-26 21:32:29 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2007-12-25 22:04:57 0 d-------- C:\Program Files\Yahoo!
2007-12-25 22:04:57 0 d-------- C:\Program Files\1Club.FM
2007-12-25 21:51:42 0 d-------- C:\Program Files\BitTorrent
2007-12-10 08:53:10 0 d-------- C:\Program Files\AIM
2007-12-07 00:25:06 47760 --a------ C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2007-11-08 16:31:07 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2007-11-07 21:20:57 0 d-------- C:\Documents and Settings\Owner\Application Data\MySpace
2007-11-07 21:20:55 0 d-------- C:\Program Files\MySpace

qwerty77 · Jan 8, 2008

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
10/14/2005 12:21 PM 102400 --a------ C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/19/2003 11:08 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/08/2006 12:50 PM]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" []
"DeadAIM"="C:\Program Files\AIM\\DeadAIM.ocm" [02/23/2004 03:16 AM]
"etMonitor"="C:\WINDOWS\etMon.exe" [10/11/2005 05:57 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/15/2006 07:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
Trend Micro Anti-Spyware.lnk - C:\Program Files\Trend Micro\Tmas\Tmas.exe [8/2/2006 3:15:47 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{03A80B1D-5C6A-42c2-9DFB-81B6005D8023}"= C:\Program Files\Trend Micro\Tmas\sshook.dll [08/02/2006 03:15 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 03/09/2006 04:51 PM 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Clean Access Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Clean Access Agent.lnk
backup=C:\WINDOWS\pss\Clean Access Agent.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VPN Client.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
backup=C:\WINDOWS\pss\VPN Client.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Webshots.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Webshots.lnk
backup=C:\WINDOWS\pss\Webshots.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1154548953\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
"C:\Program Files\Spyware Doctor\SDTrayApp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8435c48-225e-11db-b383-806d6172696f}]
AutoRun\command- E:\sony\Autorun.exe

-- End of Deckard's System Scanner: finished at 2008-01-07 21:45:48 ------------

Please help!

Security Expert-Emeritus

New member

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

Security Expert-Emeritus

New member

New member

Security Expert-Emeritus

Security Expert-Emeritus

New member

New member

New member

New member