removing vcodec found by spybot

[mark w]

Appologies if this looks like a duplicate posting, i first posted it in the malware forum, but then found this forum specifically for spybot.Same topic in Malware removed. -tashi
posting reads:
Hi,
Like others I stupidly downloaded this Vcodec thing when I thought it was an update for media player, as it claimed to be. My antivirus does not pick it up, Norton 2006 (fully updated) but the thing is picked up by spybot, i thought last night that spybot had removed it, i had to let it run a scan immediately after a restart, but i have just scanned again and it has found vcodec again, I assume this thing was responsible for installing spy falcon on my machine and numerious virus / spyware alerts that kept popping up all over the place, also something kept trying to alter my home page, i thought i had got it all under control, but then it all came back again, how do i get rid of this, I have not posted a spybot log as i could not find out how to get one.
regards
Mark

 

[tashi]

Hello.

If you would like to post a Spybot-S&D log in this topic.

• Open SpyBot, check for and get any updates available.
• Close all browsers, check for problems and fix everything found in red
• Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools, and view report, ensure all the options are selected near the bottom except
  
• Uncheck[ ] do not report disabled or known legitimate Items.
• uncheck[ ] Include a list of services in report.
• Uncheck[ ] Include uninstall list in report.
  
• Now select (near the top) view report.
• Press export in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach or post that report.

If you would like to start a topic in the Malware removal forum:
Follow these instructions.
Before you post a log, and who will advise you.

Start a topic here:
Malware Forum

Cheers.

 

[mark w]

Spybot log

Ok thanks for reply, followed your instructions to the letter and here is the log I obtained:
I have had to split the log over 2 posts as it was to big for one post

--- Search result list ---
Vcodec: Data (File, fixed)
C:\WINDOWS\system32\ncompat.tlb


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-03-11 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-03-10 Includes\Cookies.sbi (*)
2006-03-10 Includes\Dialer.sbi (*)
2006-03-10 Includes\Hijackers.sbi (*)
2006-03-10 Includes\Keyloggers.sbi (*)
2006-03-10 Includes\Malware.sbi (*)
2006-03-10 Includes\PUPS.sbi (*)
2006-03-10 Includes\Revision.sbi (*)
2006-03-10 Includes\Security.sbi (*)
2006-03-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-03-10 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB887797
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Hotfix for Windows XP (KB896344)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Update for Windows XP (KB900930)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Hotfix for Windows XP (KB912475)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Update for Windows XP (KB912945)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)


--- Startup entries list ---
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: c6fa9370324cde99ec1c3f4a22a9be56

Located: HK_LM:Run, BluetoothAuthenticationAgent
command: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
file: C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 52896
MD5: 33f7120f21ca916fef56d76bc1c4ab26

Located: HK_LM:Run, DataLayer
command: C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
file: C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
size: 819712
MD5: 53afebe1a74f0daaa2e376b9982c8029

Located: HK_LM:Run, Hcontrol
command: C:\WINDOWS\ATK0100\Hcontrol.exe
file: C:\WINDOWS\ATK0100\Hcontrol.exe
size: 61440
MD5: 37af08722b28ce50d4dffb739b38c967

Located: HK_LM:Run, HKSERV.EXE
command: C:\Program Files\Sony\HotKey Utility\HKserv.exe
file: C:\Program Files\Sony\HotKey Utility\HKserv.exe
size: 122880
MD5: cff77822d14335e9912747c82b60462f

Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93eefbc237adfc406f52ee56d97f784b

Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 29696
MD5: 62e28ace0821c5d1268cf04269769586

Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
file: C:\WINDOWS\system32\ICO.EXE
size: 45056
MD5: ad2feae5da83bc4b80299ff68f9e6c45

Located: HK_LM:Run, PCSuiteTrayApplication
command: C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
file:

Located: HK_LM:Run, PDService.exe
command: C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
file: C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
size: 40960
MD5: af7e1118132dad8105d5eb3a9cd8a1b0

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5d22b4258489575412f6d18affc847a2

Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\sony\vaio power management\SPMgr.exe
file: C:\Program Files\sony\vaio power management\SPMgr.exe
size: 180224
MD5: 0c78d17952e9496a0690c45581feb424

Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
size: 290816
MD5: 5e20250190efca43359eaa4a3bf0055d

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 006220ee86eb71c5884f415eaa9e8058

Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
file: C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
size: 147456
MD5: 9300f9c490ab85a314e101cb97b82d6f

Located: HK_LM:Run, vmlib
command: vmlib.exe
file:

Located: HK_CU:Run, H/PC Connection Agent
command: "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
file: C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
size: 401491
MD5: 67a6951da793e24bc876f1f380e25ac7

Located: HK_CU:Run, LDM
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: c76c901f3d304c4d773e1bfdcb517798

Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

Located: HK_CU:Run, PcSync
command: C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
file:

Located: Startup (common), Acrobat Assistant.lnk
command: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
file: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
size: 217195
MD5: 61c615ee47ce5c6f7bb3257b1734ef55

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Audio Filter.lnk
command: C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
file: C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
size: 2707456
MD5: 03d97ea95beec2c1c45c6168695a073a

Located: Startup (common), Logitech Desktop Messenger.lnk
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 196608
MD5: 6f2e5108667bf1149d884e3cbeb9cdd1

Located: Startup (common), Logitech SetPoint.lnk
command: C:\Program Files\Logitech\SetPoint\KEM.exe
file: C:\Program Files\Logitech\SetPoint\KEM.exe
size: 581632
MD5: dc33a22d209298aec3b22e4cfb64adde

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 35f1c2bcde48ff9126782947cd54e82f

Located: Startup (user), VAIO Launcher.lnk
command: C:\Program Files\sony\VAIO Launcher\Launcher.exe
file: C:\Program Files\sony\VAIO Launcher\Launcher.exe
size: 692224
MD5: f6799245910bad2b1498988511f5920d

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{4da4616d-7e6e-4fd9-a2d5-b6c535733e22} ()
BHO name:
CLSID name:

{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Norton Internet Security 2006)
BHO name: Norton Internet Security 2006
CLSID name: CNisExtBho Class
description: NIS 2004,
classification: Legitimate
known filename: NISShExt.dll
info link: http://www.symantec.com/sabu/nis/nis_pe/
info source: TonyKlein
Path: C:\Program Files\Common Files\Symantec Shared\AdBlocking\
Long name: NISShExt.dll
Short name:
Date (created): 06/02/2006 23:35:48
Date (last access): 13/03/2006 22:35:22
Date (last write): 06/02/2006 23:35:48
Filesize: 94384
Attributes: archive
MD5: AD8FD65B6285111F7CF60A774D53C99F
CRC32: B756703C
Version: 9.1.0.33

{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NavShExt.dll
Short name:
Date (created): 05/02/2006 01:03:32
Date (last access): 13/03/2006 22:35:22
Date (last write): 05/02/2006 01:03:32
Filesize: 140960
Attributes: archive
MD5: 2BBF8C0CF0E439ADA20789CD3D0FB57B
CRC32: F87D6BA5
Version: 12.2.0.13



--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://www.apple.com/qtactivex/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 08/10/2005 00:39:20
Date (last access): 13/03/2006 17:52:16
Date (last write): 08/10/2005 00:39:20
Filesize: 327736
Attributes: archive
MD5: CE3D865CCF4267C85934D9B7CA8521F2
CRC32: F9306ACA
Version: 6.4.0.29

{11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control)
DPF name:
CLSID name: iPIX ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\IPIXX.inf
Codebase: http://www.ipix.com/viewers/ipixx.cab
description: iPIX ActiveX Control
classification: Open for discussion
known filename: ipixx.ocx
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\DOWNLO~1\
Long name: ipixx.ocx
Short name:
Date (created): 02/06/2000 11:29:42
Date (last access): 13/03/2006 22:36:42
Date (last write): 02/06/2000 11:29:42
Filesize: 102912
Attributes: archive
MD5: FF183CADA1ED933276B169E304E88910
CRC32: E85AE186
Version: 6.2.0.5

{4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class)
DPF name:
CLSID name: EPUImageControl Class
Installer: C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.inf
Codebase: http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
description:
classification: Legitimate
known filename: EPUWalcontrol.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: EPUWALcontrol.dll
Short name: EPUWAL~1.DLL
Date (created): 16/03/2005 08:09:56
Date (last access): 13/03/2006 22:36:42
Date (last write): 16/03/2005 08:09:56
Filesize: 1115848
Attributes: archive
MD5: 5CF5EBA8DA5EFAE945C93CD7433A4321
CRC32: 548889C0
Version: 1.0.3.24

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_05
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_05\bin\
Long name: NPJPI142_05.dll
Short name: NPJPI1~1.DLL
Date (created): 18/08/2004 18:44:30
Date (last access): 13/03/2006 17:49:26
Date (last write): 18/08/2004 18:44:30
Filesize: 65650
Attributes: archive
MD5: 174488C8877FA852448D1937C322AABB
CRC32: 62C2460D
Version: 1.4.2.50

{BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control)
DPF name:
CLSID name: Image Uploader 3.0 Control
Installer: C:\WINDOWS\Downloaded Program Files\ImageUploader3.inf
Codebase: http://www.jessopsphotoexpress.com/wpp/jessopsphotoexpress/app/opcuploader.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ImageUploader3.ocx
Short name: IMAGEU~1.OCX
Date (created): 04/10/2005 12:20:16
Date (last access): 13/03/2006 22:36:42
Date (last write): 04/10/2005 12:20:16
Filesize: 1851392
Attributes: archive
MD5: 206FA8B1CE62C8A16120AC0A8B7D2BA8
CRC32: 23927585
Version: 3.5.52.0

{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_05
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI142_05.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_05\bin\
Long name: NPJPI142_05.dll
Short name: NPJPI1~1.DLL
Date (created): 18/08/2004 18:44:30
Date (last access): 13/03/2006 22:54:26
Date (last write): 18/08/2004 18:44:30
Filesize: 65650
Attributes: archive
MD5: 174488C8877FA852448D1937C322AABB
CRC32: 62C2460D
Version: 1.4.2.50

 

[mark w]

The other half of the log

--- Process list ---
PID: 0 ( 0) [System]
PID: 828 ( 4) \SystemRoot\System32\smss.exe
PID: 880 ( 828) \??\C:\WINDOWS\system32\csrss.exe
PID: 908 ( 828) \??\C:\WINDOWS\system32\winlogon.exe
PID: 956 ( 908) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 968 ( 908) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1128 ( 956) C:\WINDOWS\System32\Ati2evxx.exe
size: 385024
MD5: D24907C31A3004A560385E5048C72DD7
PID: 1148 ( 956) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1256 ( 956) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1296 ( 956) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1372 ( 956) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1496 ( 956) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1740 ( 956) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 169632
MD5: 8431E14C3C6B465EE4F9FB9FDD05FDF9
PID: 1764 ( 956) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 192160
MD5: 39D51E6E48CC96448D62ED80A18D5FAA
PID: 1956 ( 956) C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
size: 202400
MD5: 122ACFD2AF6B0DC7D2BF796364E9C265
PID: 144 ( 956) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
size: 214720
MD5: C5F415BB02EE89CDE1B6CEE3538F424B
PID: 232 ( 956) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
size: 1160848
MD5: 1567D41313BB856FE150CF6DECC80174
PID: 420 ( 956) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 1123008
MD5: 4958968E5A7CA5EAD38CDE73DFCC7C1F
PID: 772 ( 956) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1196 ( 908) C:\WINDOWS\system32\Ati2evxx.exe
size: 385024
MD5: D24907C31A3004A560385E5048C72DD7
PID: 1424 (1384) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1540 (1424) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 1676 ( 956) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
size: 77824
MD5: CD64CE62BE47DF0E9A459FD9002221FE
PID: 284 ( 956) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 100032
MD5: 45DAAB5A2B1815E6A0FD6F2165A13F17
PID: 476 ( 956) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 520 ( 956) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
size: 94208
MD5: 12CDB5DC7774298223099D6E41ED5CE7
PID: 580 ( 956) C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 139936
MD5: 0B9744394FA53C720BCE0D0DE96070E7
PID: 632 ( 956) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 716 ( 956) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 668 ( 956) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
size: 118877
MD5: 025CEDE4860C91610DCBA8E700AB21D9
PID: 2056 (1572) C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_Task.exe
size: 399872
MD5: E810F0E59F60406DD346318D5F152AF8
PID: 2136 ( 956) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 2800 ( 956) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 3424 (1148) C:\WINDOWS\System32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 13/03/2006 22:54:25

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.co.uk/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.club-vaio.sony-europe.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E0131F2-E665-44BE-A8A4-2331800BFE94}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E0131F2-E665-44BE-A8A4-2331800BFE94}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AADCC41-D3F6-4436-A249-AE751220FC2E}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AADCC41-D3F6-4436-A249-AE751220FC2E}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08DAD412-5841-4C68-8021-4AF6E4F4B7EB}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08DAD412-5841-4C68-8021-4AF6E4F4B7EB}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E41C96B6-C8BB-4266-870E-A113560397F0}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E41C96B6-C8BB-4266-870E-A113560397F0}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E682E42-916E-40CD-9B12-3CCDE3C40802}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E682E42-916E-40CD-9B12-3CCDE3C40802}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08C392E1-35C6-4DA1-9F25-C1B1EF205EDD}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08C392E1-35C6-4DA1-9F25-C1B1EF205EDD}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8FC73871-8D12-4392-9237-D352F81B7B71}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8FC73871-8D12-4392-9237-D352F81B7B71}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68F623CC-B3C1-4D65-B5BF-795D4B023F51}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68F623CC-B3C1-4D65-B5BF-795D4B023F51}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C77F377D-3C65-4C68-B95C-BEFCB4431613}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C77F377D-3C65-4C68-B95C-BEFCB4431613}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5324C7DC-0FC1-48C5-AE74-1362E6A663AD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5324C7DC-0FC1-48C5-AE74-1362E6A663AD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace

 

[tashi]

Hi there and thank you for the log.

I am transferring your topic to the malware removal forum so we can take a closer look.

If you are not being helped at another forum, please follow these instructions.
Before you post a log, and who will advise you.

Do the on-line anti-virus scanner and then provide a HJT (HiJackThis) log by copy pasting it into this topic.

Someone will then assist you as soon as available.

Cheers.

 

[mark w]

OK.
I ran the online virus scan and it told me it was not fully succesfull at removing "TROJ_ZLOB.FS"
Then I ran HijackThis and here is the log file it produced.
Log split over 2 posts due to size.

Logfile of HijackThis v1.99.1
Scan saved at 20:29:36, on 14/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mssearchnet.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\sony\VAIO Launcher\Launcher.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file)
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vmlib] vmlib.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.jessopsphotoexpress.com/wpp/jessopsphotoexpress/app/opcuploader.cab
O18 - Protocol: bw+0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

[mark w]

O18 - Protocol: bw40 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

 

[LonnyRJones]

Hi

Start Hijackthis and place a check next to these items If there.
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file)
O4 - HKLM\..\Run: [vmlib] vmlib.exe
====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Next: Fallow the instructions in this thread and post the logs mentioned
no need for a before hijackthis log as thats already been posted.
http://forums.spybot.info/showthread.php?t=1958

when you post your next hijackthis log to make it small enough to post in one
reply you can edit out the 018 's Logitech, Im not suggesting they be fixed..

 

[mark w]

new logs

Followed instruction
logs requested are here:
(problem does not appear resolved, still seem to have spy falcon and still keep getting pop up virus warnings etc.
anyway here are the logs:

Spybot report

--- Search result list ---
SpyFalcon: Type library (Registry key, fixed)
HKEY_CLASSES_ROOT\TypeLib\{244B730E-D899-4E38-9428-03D1143242E0}

SpyFalcon: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpyFalcon.exe

SpyFalcon: Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\SpyFalcon

SpyFalcon: Uninstall settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyFalcon

SpyFalcon: Program directory (Directory, fixed)
C:\Program Files\SpyFalcon\

SpyFalcon: Program directory (Directory, fixed)
C:\Program Files\SpyFalcon\Lang\

SpyFalcon: Program directory (Directory, fixed)
C:\Program Files\SpyFalcon\Logs\

SpyFalcon: Program directory (Directory, fixed)
C:\Program Files\SpyFalcon\Quarantine\

Windows.ActiveDesktop: User settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-3302453815-4055598052-4283441845-1005\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoHTMLWallPaper!=W=1


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-03-11 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-03-10 Includes\Cookies.sbi (*)
2006-03-10 Includes\Dialer.sbi (*)
2006-03-10 Includes\Hijackers.sbi (*)
2006-03-10 Includes\Keyloggers.sbi (*)
2006-03-10 Includes\Malware.sbi (*)
2006-03-10 Includes\PUPS.sbi (*)
2006-03-10 Includes\Revision.sbi (*)
2006-03-10 Includes\Security.sbi (*)
2006-03-10 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-03-10 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Security Update for Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB887797
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB890923
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Hotfix for Windows XP (KB896344)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Update for Windows XP (KB900930)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901190)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB903235)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Hotfix for Windows XP (KB912475)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Update for Windows XP (KB912945)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)


--- Startup entries list ---
Located: HK_LM:Run, Apoint
command: C:\Program Files\Apoint\Apoint.exe
file: C:\Program Files\Apoint\Apoint.exe
size: 114688
MD5: 5ec6a3a27642f72a9d58bf6631d9f6dd

Located: HK_LM:Run, ATIPTA
command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 339968
MD5: c6fa9370324cde99ec1c3f4a22a9be56

Located: HK_LM:Run, BluetoothAuthenticationAgent
command: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
file: C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 52896
MD5: 33f7120f21ca916fef56d76bc1c4ab26

Located: HK_LM:Run, DataLayer
command: C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
file: C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
size: 819712
MD5: 53afebe1a74f0daaa2e376b9982c8029

Located: HK_LM:Run, Hcontrol
command: C:\WINDOWS\ATK0100\Hcontrol.exe
file: C:\WINDOWS\ATK0100\Hcontrol.exe
size: 61440
MD5: 37af08722b28ce50d4dffb739b38c967

Located: HK_LM:Run, HKSERV.EXE
command: C:\Program Files\Sony\HotKey Utility\HKserv.exe
file: C:\Program Files\Sony\HotKey Utility\HKserv.exe
size: 122880
MD5: cff77822d14335e9912747c82b60462f

Located: HK_LM:Run, ISBMgr.exe
command: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
file: C:\Program Files\Sony\ISB Utility\ISBMgr.exe
size: 32768
MD5: 93eefbc237adfc406f52ee56d97f784b

Located: HK_LM:Run, Logitech Hardware Abstraction Layer
command: KHALMNPR.EXE
file: C:\WINDOWS\KHALMNPR.EXE
size: 29696
MD5: 62e28ace0821c5d1268cf04269769586

Located: HK_LM:Run, Mouse Suite 98 Daemon
command: ICO.EXE
file: C:\WINDOWS\system32\ICO.EXE
size: 45056
MD5: ad2feae5da83bc4b80299ff68f9e6c45

Located: HK_LM:Run, PCSuiteTrayApplication
command: C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
file:

Located: HK_LM:Run, PDService.exe
command: C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
file: C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
size: 40960
MD5: af7e1118132dad8105d5eb3a9cd8a1b0

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 77824
MD5: 5d22b4258489575412f6d18affc847a2

Located: HK_LM:Run, SonyPowerCfg
command: C:\Program Files\sony\vaio power management\SPMgr.exe
file: C:\Program Files\sony\vaio power management\SPMgr.exe
size: 180224
MD5: 0c78d17952e9496a0690c45581feb424

Located: HK_LM:Run, SpyFalcon
command: C:\Program Files\SpyFalcon\SpyFalcon.exe /h
file:

Located: HK_LM:Run, Switcher.exe
command: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
file: C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
size: 290816
MD5: 5e20250190efca43359eaa4a3bf0055d

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 006220ee86eb71c5884f415eaa9e8058

Located: HK_LM:Run, VAIO Update 2
command: "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
file: C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
size: 147456
MD5: 9300f9c490ab85a314e101cb97b82d6f

Located: HK_CU:Run, H/PC Connection Agent
command: "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
file: C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
size: 401491
MD5: 67a6951da793e24bc876f1f380e25ac7

Located: HK_CU:Run, LDM
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
size: 36864
MD5: c76c901f3d304c4d773e1bfdcb517798

Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

Located: HK_CU:Run, PcSync
command: C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
file:

Located: Startup (common), Acrobat Assistant.lnk
command: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
file: C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
size: 217195
MD5: 61c615ee47ce5c6f7bb3257b1734ef55

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Audio Filter.lnk
command: C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
file: C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
size: 2707456
MD5: 03d97ea95beec2c1c45c6168695a073a

Located: Startup (common), Logitech Desktop Messenger.lnk
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 196608
MD5: 6f2e5108667bf1149d884e3cbeb9cdd1

Located: Startup (common), Logitech SetPoint.lnk
command: C:\Program Files\Logitech\SetPoint\KEM.exe
file: C:\Program Files\Logitech\SetPoint\KEM.exe
size: 581632
MD5: dc33a22d209298aec3b22e4cfb64adde

Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 35f1c2bcde48ff9126782947cd54e82f

Located: Startup (user), VAIO Launcher.lnk
command: C:\Program Files\sony\VAIO Launcher\Launcher.exe
file: C:\Program Files\sony\VAIO Launcher\Launcher.exe
size: 692224
MD5: f6799245910bad2b1498988511f5920d

Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} (Norton Internet Security 2006)
BHO name: Norton Internet Security 2006
CLSID name: CNisExtBho Class
description: NIS 2004,
classification: Legitimate
known filename: NISShExt.dll
info link: http://www.symantec.com/sabu/nis/nis_pe/
info source: TonyKlein
Path: C:\Program Files\Common Files\Symantec Shared\AdBlocking\
Long name: NISShExt.dll
Short name:
Date (created): 06/02/2006 23:35:48
Date (last access): 15/03/2006 18:26:44
Date (last write): 06/02/2006 23:35:48
Filesize: 94384
Attributes: archive
MD5: AD8FD65B6285111F7CF60A774D53C99F
CRC32: B756703C
Version: 9.1.0.33

{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} (NAV Helper)
BHO name: NAV Helper
CLSID name: CNavExtBho Class
Path: C:\Program Files\Norton Internet Security\Norton AntiVirus\
Long name: NavShExt.dll
Short name:
Date (created): 05/02/2006 01:03:32
Date (last access): 15/03/2006 18:26:36
Date (last write): 05/02/2006 01:03:32
Filesize: 140960
Attributes: archive
MD5: 2BBF8C0CF0E439ADA20789CD3D0FB57B
CRC32: F87D6BA5
Version: 12.2.0.13



--- ActiveX list ---
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object)
DPF name:
CLSID name: QuickTime Object
Installer: C:\WINDOWS\Downloaded Program Files\QTPlugin.inf
Codebase: http://www.apple.com/qtactivex/qtplugin.cab
description: Apple Quicktime
classification: Legitimate
known filename: QTPLUGIN.OCX
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\QuickTime\
Long name: QTPlugin.ocx
Short name:
Date (created): 08/10/2005 00:39:20
Date (last access): 15/03/2006 18:42:24
Date (last write): 08/10/2005 00:39:20
Filesize: 327736
Attributes: archive
MD5: CE3D865CCF4267C85934D9B7CA8521F2
CRC32: F9306ACA
Version: 6.4.0.29

{11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control)
DPF name:
CLSID name: iPIX ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\IPIXX.inf
Codebase: http://www.ipix.com/viewers/ipixx.cab
description: iPIX ActiveX Control
classification: Open for discussion
known filename: ipixx.ocx
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\DOWNLO~1\
Long name: ipixx.ocx
Short name:
Date (created): 02/06/2000 11:29:42
Date (last access): 14/03/2006 20:15:38
Date (last write): 02/06/2000 11:29:42
Filesize: 102912
Attributes: archive
MD5: FF183CADA1ED933276B169E304E88910
CRC32: E85AE186
Version: 6.2.0.5

{4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class)
DPF name:
CLSID name: EPUImageControl Class
Installer: C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.inf
Codebase: http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
description:
classification: Legitimate
known filename: EPUWalcontrol.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: EPUWALcontrol.dll
Short name: EPUWAL~1.DLL
Date (created): 16/03/2005 08:09:56
Date (last access): 15/03/2006 19:06:50
Date (last write): 16/03/2005 08:09:56
Filesize: 1115848
Attributes: archive
MD5: 5CF5EBA8DA5EFAE945C93CD7433A4321
CRC32: 548889C0
Version: 1.0.3.24

{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_05
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\j2re1.4.2_05\bin\
Long name: NPJPI142_05.dll
Short name: NPJPI1~1.DLL
Date (created): 18/08/2004 18:44:30
Date (last access): 14/03/2006 20:07:16
Date (last write): 18/08/2004 18:44:30
Filesize: 65650
Attributes: archive
MD5: 174488C8877FA852448D1937C322AABB
CRC32: 62C2460D
Version: 1.4.2.50

{BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control)
DPF name:
CLSID name: Image Uploader 3.0 Control
Installer: C:\WINDOWS\Downloaded Program Files\ImageUploader3.inf
Codebase: http://www.jessopsphotoexpress.com/wpp/jessopsphotoexpress/app/opcuploader.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: ImageUploader3.ocx
Short name: IMAGEU~1.OCX
Date (created): 04/10/2005 12:20:16
Date (last access): 14/03/2006 20:15:38
Date (last write): 04/10/2005 12:20:16
Filesize: 1851392
Attributes: archive
MD5: 206FA8B1CE62C8A16120AC0A8B7D2BA8
CRC32: 23927585
Version: 3.5.52.0

{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_05
Installer:
Codebase: http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
description:
classification: Legitimate
known filename: NPJPI142_05.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\j2re1.4.2_05\bin\
Long name: NPJPI142_05.dll
Short name: NPJPI1~1.DLL
Date (created): 18/08/2004 18:44:30
Date (last access): 15/03/2006 19:18:02
Date (last write): 18/08/2004 18:44:30
Filesize: 65650
Attributes: archive
MD5: 174488C8877FA852448D1937C322AABB
CRC32: 62C2460D
Version: 1.4.2.50

 

[mark w]

spybot log cont

--- Process list ---
PID: 0 ( 0) [System]
PID: 148 ( 4) \SystemRoot\System32\smss.exe
PID: 196 ( 148) \??\C:\WINDOWS\system32\csrss.exe
PID: 220 ( 148) \??\C:\WINDOWS\system32\winlogon.exe
PID: 264 ( 220) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 276 ( 220) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 424 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 492 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 548 ( 264) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2032 ( 924) C:\WINDOWS\explorer.exe
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 596 (2032) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 15/03/2006 19:18:03

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://search.msn.com/spbasic.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.google.co.uk/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.club-vaio.sony-europe.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---
Protocol 0: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 1: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 2: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip [*]

Protocol 3: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 4: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider

Protocol 5: MSAFD RfComm [Bluetooth]
GUID: {9FC48064-7298-43E4-B7BD-181F2089792A}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD RfComm [Bluetooth]

Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E0131F2-E665-44BE-A8A4-2331800BFE94}] SEQPACKET 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2E0131F2-E665-44BE-A8A4-2331800BFE94}] DATAGRAM 5
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AADCC41-D3F6-4436-A249-AE751220FC2E}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AADCC41-D3F6-4436-A249-AE751220FC2E}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08DAD412-5841-4C68-8021-4AF6E4F4B7EB}] SEQPACKET 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08DAD412-5841-4C68-8021-4AF6E4F4B7EB}] DATAGRAM 8
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E41C96B6-C8BB-4266-870E-A113560397F0}] SEQPACKET 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E41C96B6-C8BB-4266-870E-A113560397F0}] DATAGRAM 7
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E682E42-916E-40CD-9B12-3CCDE3C40802}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6E682E42-916E-40CD-9B12-3CCDE3C40802}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08C392E1-35C6-4DA1-9F25-C1B1EF205EDD}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 17: MSAFD NetBIOS [\Device\NetBT_Tcpip_{08C392E1-35C6-4DA1-9F25-C1B1EF205EDD}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 18: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8FC73871-8D12-4392-9237-D352F81B7B71}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 19: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8FC73871-8D12-4392-9237-D352F81B7B71}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68F623CC-B3C1-4D65-B5BF-795D4B023F51}] SEQPACKET 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{68F623CC-B3C1-4D65-B5BF-795D4B023F51}] DATAGRAM 4
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C77F377D-3C65-4C68-B95C-BEFCB4431613}] SEQPACKET 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C77F377D-3C65-4C68-B95C-BEFCB4431613}] DATAGRAM 6
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5324C7DC-0FC1-48C5-AE74-1362E6A663AD}] SEQPACKET 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5324C7DC-0FC1-48C5-AE74-1362E6A663AD}] DATAGRAM 9
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *

Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP

Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS

Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace

Namespace Provider 3: Bluetooth Namespace
GUID: {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D}
Filename: %SystemRoot%\system32\wshbth.dll
Description: Bluetooth
DB filename: %SystemRoot%\system32\wshbth.dll
DB protocol: Bluetooth-Namespace



--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com

(AddressBook)

Adobe Photoshop Elements 2.0 2.0 (Adobe Photoshop Elements 2.0)
version (major): 2
install location: C:\Program Files\Adobe\Photoshop Elements 2
install source: C:\WINDOWS\Temp\VARU\Temp1\W-GA-000036-03\Photoshop Elements\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
publisher: Adobe Systems, Inc.

ATI - Software Uninstall Utility 6.14.10.1009 (All ATI Software)
install location: C:\Program Files\ATI Technologies\UninstallAll
uninstall cmd: C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Display Driver 8.033-040710a-016982C-Sony (ATI Display Driver)
uninstall cmd: rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean

(AvantGo Client)

SoftV92 Data Fax Modem (CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D\HXFSETUP.EXE -U -IVEN_8086&DEV_24C6&SUBSYS_818C104D

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

eMedia Codec 4.0 4.0 (eMedia Codec)
uninstall cmd: C:\Program Files\eMedia Codec\uninst.exe
publisher: eMedia Codec Software

EPSON Printer Software (EPSON Printer and Utilities)
uninstall cmd: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

ewido anti-malware (ewidoantimalware)
install location: C:\Program Files\ewido anti-malware
uninstall cmd: C:\Program Files\ewido anti-malware\Uninstall.exe
publisher: ewido networks
help link: http://www.ewido.net

(Fontcore)

FTDI USB Serial Converter Drivers (FTDICOMM)
uninstall cmd: C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini

ATK0100 ACPI UTILITY (Hcontrol)
uninstall cmd: C:\WINDOWS\ATK0100\XPunin.exe

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\hijackthis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

Nokia Connectivity Cable Driver 1.00.150.2 (InstallShield_{3D249F10-79EC-48D4-93E5-C470ABE523FA})
version: 16777366
version (major): 1
estimated size: 337
install date: 20050713
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is33\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3D249F10-79EC-48D4-93E5-C470ABE523FA}
publisher: Nokia
contact: 0
help link: http://www.nokia.com/pcsuite
help telephone: 0
readme: 0

x-black LCD 1.4.1.0 (InstallShield_{546CCE4F-3620-47A8-98C9-4D6FD8F311AF})
version: 17039361
version (major): 1
version (minor): 4
estimated size: 440
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isB\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{546CCE4F-3620-47A8-98C9-4D6FD8F311AF} /l2057
publisher: Sony Corporation
comments: Multilingual
contact: Customer Support Department
help link: http://www.vaio-link.com
help telephone: 0

Nokia PC Suite 6.60.16 (InstallShield_{617095DB-B523-4D11-BBFD-2D74C2AD98B8})
version: 104595472
version (major): 6
version (minor): 60
estimated size: 30852
install date: 20050713
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is15\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{617095DB-B523-4D11-BBFD-2D74C2AD98B8}
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com/pcsuite
help telephone: -
readme: C:\Program Files\Nokia\Nokia PC Suite 6\Readme.htm

My Info Centre 1.5.4.0 (InstallShield_{62B715BC-01F5-4CC9-9811-D24ED44C16D4})
version: 17104900
version (major): 1
version (minor): 5
estimated size: 3025
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isD\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{62B715BC-01F5-4CC9-9811-D24ED44C16D4} /l2057
publisher: Sony
comments: Please install Macromedia Flash Player version 7 or higher first
contact: Customer Support Department
help link: http://www.vaio-link.com
help telephone: 0

USB Driver for Panasonic DVC 1.00.0000 (InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B})
version: 16777216
version (major): 1
install date: 20041128
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is31\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6304CCF6-3343-4DA5-96B6-84B3A644B93B} /l1033
publisher: Panasonic
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

VAIO Online Registration (English) 4.3.2.2 (InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C})
version: 67305474
version (major): 4
version (minor): 3
estimated size: 1694
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is5\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l2057
publisher: Sony Corporation
comments: Register with Club VAIO
contact: Customer Support Department: VAIO-Link
help link: http://www.vaio-link.com
help telephone: Please consult your Troubleshooting Guide

OpenMG Secure Module 4.0.00 4.0.00.06170 (InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C})
version: 67108864
version (major): 4
estimated size: 15101
install date: 20040818
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
install source: C:\remove\OpenMGSetup\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{6F1974D6-4249-43B6-88B0-9A9B8A33956C} /l1033 UNINSTALL
publisher: Sony Corporation

 

[mark w]

spybot log cont

Nokia Modem Options 5.06.005 (InstallShield_{75A59968-3D43-48ED-8AEA-86B94B6EAD99})
version: 84279301
version (major): 5
version (minor): 6
estimated size: 182
install date: 20041125
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is5B\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{75A59968-3D43-48ED-8AEA-86B94B6EAD99} /l2057
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com
help telephone: 0
readme: Readme.txt

VAIO Product Survey (English) 1.1.1.1 (InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5})
version: 16842753
version (major): 1
version (minor): 1
estimated size: 837
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isD\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{9080C5D2-82FA-452A-87FA-CBB4B05D67A5} /l2057
publisher: Sony Corporation
comments: Your Voice Counts
contact: Customer Support Department: VAIO-Link
help link: http://www.vaio-link.com
help telephone: Please consult your Troubleshooting Guide

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=834707

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

Security Update for Windows XP (KB883939) 1 (KB883939)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB887797 20041018.133824 (KB887797)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887797

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050416
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB890923 1 (KB890923)
install date: 20050416
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890923

Windows Media Format SDK Hotfix - KB891122 (KB891122)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891122

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

Windows XP Hotfix - KB893066 1 (KB893066)
install date: 20050416
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050416
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

Windows Installer 3.1 (KB893803) 3.1 (KB893803)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050813
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

Hotfix for Windows XP (KB896344) 2 (KB896344)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896344

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Security Update for Windows XP (KB896688) 1 (KB896688)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896688

Update for Windows XP (KB896727) 1 (KB896727)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896727

Security Update for Step By Step Interactive Training (KB898458) 20050502.101010 (KB898458)
install date: 20050620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20050630
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Security Update for Windows XP (KB899588) 1 (KB899588)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899588

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20050814
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Update for Windows XP (KB900930) 1 (KB900930)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900930

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Security Update for Windows XP (KB901190) 1 (KB901190)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901190

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Security Update for Windows XP (KB903235) 1 (KB903235)
install date: 20050713
uninstall cmd: "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=903235

Security Update for Windows XP (KB904706) 1 (KB904706)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Update for Windows XP (KB904942) 2 (KB904942)
install date: 20060311
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20051017
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20051214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060110
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Microsoft Base Smart Card Cryptographic Service Provider Package (KB909520)
uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20051214
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

Security Update for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Hotfix for Windows XP (KB912475) 3 (KB912475)
install date: 20060311
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912475$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912475

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060106
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Update for Windows XP (KB912945) 1 (KB912945)
install date: 20060311
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912945

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060218
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446

LiveUpdate 3.0 (Symantec Corporation) 3.0.0.154 (LiveUpdate)
install location: "C:\Program Files\Symantec\LiveUpdate"
uninstall cmd: "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
publisher: Symantec Corporation

(Microsoft Interactive Training)
uninstall cmd: C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

(Microsoft NetShow Player 2.0)

(Mobile Application Link)

(MobileOptionPack)

MoodLogic (MoodLogic)
uninstall cmd: C:\WINDOWS\ml-uninstall-v10.exe

Sony USB Mouse (MouseSuite98)
uninstall cmd: PMUninst.exe MouseSuite98

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(NetMeeting)

OpenMG Limited Patch 4.0-04-07-14-01 (OpenMG HotFix4.0-04-06-21-01)
uninstall cmd: C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.0-04-07-14-01\HotFixSetup\setup.exe /u

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Intel(R) PRO Network Adapters and Drivers (PROSet)
uninstall cmd: Prounstl.exe

(RealJukebox 1.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

RealPlayer (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

(RecordNow.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}

(SchedulingAgent)

(Sevinst)

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Suunto Dive Manager (Suunto Dive Manager)
uninstall cmd: C:\PROGRA~1\SDM\UNWISE.EXE C:\PROGRA~1\SDM\SDMINST.LOG

Norton Internet Security 2006 (Symantec Corporation) 9.1.0.33 (SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20})
install location: C:\Program Files\Norton Internet Security
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33
uninstall cmd: "C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe" /X
publisher: Symantec Corporation

Windows Genuine Advantage Validation Tool (WGA)
install date: 20060311
publisher: Microsoft Corporation
help link: http://www.microsoft.com/genuine

Microsoft ActiveSync 3.7 (Windows CE Services)
uninstall cmd: "C:\WINDOWS\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"

Windows Media Format Runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

 

[mark w]

spybot cont (really long report, sorry)

Windows Media Player 10 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows XP Service Pack 2 20040803.231319 (Windows XP Service Pack)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=811113

Windows Media Connect (WMCSetup)
uninstall cmd: "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=47544

Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

Microsoft Office 2000 Premium 9.00.2720 ({00000409-78E1-11D2-B60F-006097C998E7})
version: 150997664
version (major): 9
estimated size: 187813
install date: 20050515
install source: F:\Office 200\
uninstall cmd: MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Office\ofread9.txt

SonicStage Mastering Studio Audio Filter Custom Preset ({013E1BA8-C815-4E27-BCB9-D6B1B2E24094})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}\Setup.exe" -l0x9

VAIO SLIT-C Screen Saver ({01AF4645-78E6-46C4-B528-54863679CC40})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01AF4645-78E6-46C4-B528-54863679CC40}\Setup.exe" -l0x9

({0738CE6D-EBB5-4EDF-9508-59401B451351})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0738CE6D-EBB5-4EDF-9508-59401B451351}\Setup.exe"

ATI Control Panel 6.14.10.5115 ({0BEDBD4E-2D34-47B5-9973-57E62B29307C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"

Adobe Photoshop Album 2.0 Starter Edition 2.00.000 ({11B569C2-4BF6-4ED0-9D17-A4273943CB24})
version: 33554432
version (major): 2
estimated size: 15251
install date: 20040908
install source: C:\WINDOWS\Temp\VARU\Temp1\W-GA-0~1\ADOBEP~1\
uninstall cmd: MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
publisher: Adobe Systems, Inc.
readme: C:\Program Files\Adobe\Photoshop Album Starter Edition\2.0\readme.txt

({11E83B33-972B-4512-A447-FF0FD0246EE9})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x9

ccCommon 104.0.5.3 ({1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB})
version: 1744830469
version (major): 104
estimated size: 6095
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\ccCommon\
uninstall cmd: MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
publisher: Symantec

Norton Internet Security 9.1.0.33 ({12E2B9E9-05B1-407d-B0FD-B5F350535125})
version: 151060480
version (major): 9
version (minor): 1
estimated size: 24281
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Setup\
uninstall cmd: MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
publisher: Symantec Corporation

Norton WMI Update 2005.1.0.111 ({1526D87C-A955-4FAB-BF18-697BA457E352})
version (major): 2005
version (minor): 1
estimated size: 1984
install date: 20040818
install source: C:\remove\NORTON~2\
uninstall cmd: MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
publisher: Symantec Corporation

InterVideo WinDVDX ({1A91D1FA-B9B3-4556-9878-5C61059A19B2})
version (major): 5
install location: C:\Program Files\InterVideo\WinDVDX
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
publisher: InterVideo Inc.
VAIO Media 3.1 ({1EB317D8-8945-4FD6-B37F-DF470317C6AB})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\Setup.exe" -l0x9 UNINSTALL

({21B6F79B-2286-4BB0-B1E3-BA6B9498D110})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x9

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

({23EFDB58-0874-4883-9810-EDA510B19FAE})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9

VAIO SLIT Pattern Wallpaper ({266AEE68-5718-4A31-BDD3-D356B1250C70})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{266AEE68-5718-4A31-BDD3-D356B1250C70}\Setup.exe" -l0x9

Memory Stick Formatter ({27337663-2619-11D4-99DC-0000F49094C7})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x9 /UNINSTALL

Macromedia Flash Player 7.0.19.0 ({27579b3c-5470-4496-be6c-0c872674f19f})
version: 117440531
version (major): 7
estimated size: 990
install date: 20040818
install source: C:\remove\MYINFO~1\FLASHP~1\
uninstall cmd: MsiExec.exe /X{27579b3c-5470-4496-be6c-0c872674f19f}
publisher: Macromedia, Inc.

Wireless Switch Setting Utility ({2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5})
install location: C:\Program Files\Sony\Wireless Switch Setting Utility
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\Setup.exe" -l0x9

({2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9

({2BFBC62A-3353-443D-93BE-7AC641D9F342})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x9

SymNet 6.0.2.211 ({2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2})
version: 100663298
version (major): 6
estimated size: 2726
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\SymNet\
uninstall cmd: MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
publisher: Symantec Corporation

Logitech SetPoint 2.13 ({2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3})
version: 34406400
install location: C:\Program Files\Logitech\SetPoint
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9

CC_ccProxyExt 104.0.5.3 ({2EBF25F1-F8A2-40EA-92BE-931C142A44E2})
version: 1744830469
version (major): 104
estimated size: 688
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\Proxy\
uninstall cmd: MsiExec.exe /I{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}
publisher: Symantec

ccPxyCore 104.0.5.3 ({30738666-9805-4926-A78F-91DA33B6C437})
version: 1744830469
version (major): 104
estimated size: 2826
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\Proxy\
uninstall cmd: MsiExec.exe /I{30738666-9805-4926-A78F-91DA33B6C437}
publisher: Symantec

WebFldrs XP 9.50.6513 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154278257
version (major): 9
version (minor): 50
estimated size: 2476
install date: 20040818
install source: C:\WINDOWS\System32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

VAIO SLIT-B Screen Saver ({3600FB01-C63B-4A3D-B044-BB21792C6811})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3600FB01-C63B-4A3D-B044-BB21792C6811}\Setup.exe" -l0x9

Norton AntiSpam 2006.2.0.150 ({3B29A786-5803-4E9E-9B58-3014A5B4E519})
version (major): 2006
version (minor): 2
estimated size: 1553
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Setup\
uninstall cmd: MsiExec.exe /I{3B29A786-5803-4E9E-9B58-3014A5B4E519}
publisher: Symantec Corporation

Nokia Connectivity Cable Driver 1.00.150.2 ({3D249F10-79EC-48D4-93E5-C470ABE523FA})
version: 16777366
version (major): 1
estimated size: 337
install date: 20050713
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is33\
publisher: Nokia
contact: 0
help link: http://www.nokia.com/pcsuite
help telephone: 0
readme: 0

Norton Internet Security 9.1.0.33 ({48185814-A224-447a-81DA-71BD20580E1B})
version: 151060480
version (major): 9
version (minor): 1
estimated size: 4159
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Setup\
uninstall cmd: MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
publisher: Symantec Corporation

VAIO Update 2 ({48820099-ED7D-424B-890C-9A82EF00656D})
install location: C:\Program Files\sony\vaio update 2
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\Setup.exe" -l0x9

SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version 1.00.6.7 ({48E9DE14-39D1-4974-91A6-D4E1836F648D})
version: 16777222
version (major): 1
estimated size: 6191
install date: 20040908
install source: C:\WINDOWS\Temp\VARU\Temp1\W-TP-0~1\
uninstall cmd: MsiExec.exe /X{48E9DE14-39D1-4974-91A6-D4E1836F648D}
publisher: Utimaco Safeware AG
contact: Utimaco Safeware AG
help telephone: +49(0)6171/88-0

iPAQ WLAN Firmware Update 0.100.5.39 ({4B466016-9535-4643-ACEB-26BB4CB693DD})
version: 6553605
version (minor): 100
estimated size: 96
install date: 20050525
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is92\
uninstall cmd: MsiExec.exe /I{4B466016-9535-4643-ACEB-26BB4CB693DD}
publisher: Hewlett-Packard
help link: http://www.hp.com

({503AA035-41E2-4858-B31F-1E49AC66C309})

x-black LCD 1.4.1.0 ({546CCE4F-3620-47A8-98C9-4D6FD8F311AF})
version: 17039361
version (major): 1
version (minor): 4
estimated size: 440
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isB\
publisher: Sony Corporation
comments: Multilingual
contact: Customer Support Department
help link: http://www.vaio-link.com
help telephone: 0

Norton AntiSpam 2006.2.0.153 ({5677563D-0CB1-485F-9E18-C5025306BB3F})
version (major): 2006
version (minor): 2
estimated size: 8956
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Setup\
uninstall cmd: MsiExec.exe /I{5677563D-0CB1-485F-9E18-C5025306BB3F}
publisher: Symantec Corporation

DV Studio3 ({5DF68560-292A-11D5-99D1-00010256D40E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DF68560-292A-11D5-99D1-00010256D40E}\setup.exe"

Nokia PC Suite 6.60.16 ({617095DB-B523-4D11-BBFD-2D74C2AD98B8})
version: 104595472
version (major): 6
version (minor): 60
estimated size: 30852
install date: 20050713
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is15\
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com/pcsuite
help telephone: -
readme: C:\Program Files\Nokia\Nokia PC Suite 6\Readme.htm

My Info Centre 1.5.4.0 ({62B715BC-01F5-4CC9-9811-D24ED44C16D4})
version: 17104900
version (major): 1
version (minor): 5
estimated size: 3025
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isD\
publisher: Sony
comments: Please install Macromedia Flash Player version 7 or higher first
contact: Customer Support Department
help link: http://www.vaio-link.com
help telephone: 0

USB Driver for Panasonic DVC 1.00.0000 ({6304CCF6-3343-4DA5-96B6-84B3A644B93B})
version: 16777216
version (major): 1
install date: 20041128
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is31\
publisher: Panasonic
comments: Your Comments
contact: Customer Support Department
help link: http://www.yourcompany.com/help
help telephone: 1-555-555-4505

VOR 4.3.2.2 ({668B1BD6-4593-4959-970E-249AFFE6F35C})
version: 67305474
version (major): 4
version (minor): 3
estimated size: 1694
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_is5\
publisher: Sony Corporation
comments: Register with Club VAIO
contact: Customer Support Department: VAIO-Link
help link: http://www.vaio-link.com
help telephone: Please consult your Troubleshooting Guide

DVgate Plus ({685BCC47-B8EC-45EC-BBCE-77DF2451502C})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\Setup.exe" -l0x9

Sony Video Shared Library ({6990A2BF-D1D2-11D3-81BC-00609789C908})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6990A2BF-D1D2-11D3-81BC-00609789C908}\setup.exe"

EPSON Smart Panel ({6C11D561-620B-47DA-A693-4C597F3CDF40})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\setup.exe" -l0x9 Uninstall

OpenMG Secure Module 4.0.00 4.0.00.06170 ({6F1974D6-4249-43B6-88B0-9A9B8A33956C})
version: 67108864
version (major): 4
estimated size: 14701
install date: 20040818
install location: C:\Program Files\Sony Corporation\OpenMG Secure Module\
install source: C:\remove\OpenMGSetup\
publisher: Sony Corporation

 

[mark w]

spybot log (last bit)

VAIO Media Redistribution 3.1 ({7128C69B-8F7E-4336-8698-3FD3CDD955EC})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}\Setup.exe" -l0x9 UNINSTALL

Java 2 Runtime Environment, SE v1.4.2_05 1.4.2_05 ({7148F0A8-6813-11D6-A77B-00B0D0142050})
version (major): 1
version (minor): 4
estimated size: 138692
install date: 20040818
install source: C:\Documents and Settings\Owner\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142050}\
uninstall cmd: MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
publisher: Sun Microsystems, Inc.
comments: http://www.java.com
contact: http://www.java.com
help link: http://www.java.com
help telephone: http://www.java.com
readme: Readme.txt

SonicStage 2.1.00 ({71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\Setup.exe" -l0x9 UNINSTALL

Nokia Modem Options 5.06.005 ({75A59968-3D43-48ED-8AEA-86B94B6EAD99})
version: 84279301
version (major): 5
version (minor): 6
estimated size: 182
install date: 20041125
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\_is5B\
publisher: Nokia
comments: -
contact: Customer Support Department
help link: http://www.nokia.com
help telephone: 0
readme: Readme.txt

VAIO Edit Components ({761C9026-14F0-4352-8658-934558272404})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{761C9026-14F0-4352-8658-934558272404}\setup.exe"

Microsoft Works 7.0 07.02.0620 ({764D06D8-D8DE-411E-A1C8-D9E9380F8A84})
version: 117572204
version (major): 7
version (minor): 2
estimated size: 205579
install date: 20040908
install source: C:\PROGRA~1\MICROS~2\Setup\
uninstall cmd: MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
publisher: Microsoft Corporation
comments: Microsoft Works 7.0 installation.
help link: http://support.microsoft.com/support/works
help telephone:

({775FFF70-4A8C-4500-908D-3C34DBEB11D5})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9

SPBBC 2.1.0.4 ({77772678-817F-4401-9301-ED1D01A8DA56})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 3367
install date: 20060224
install location: C:\Program Files\Norton Internet Security\Norton AntiVirus\
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\SPBBC\
uninstall cmd: MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
publisher: Symantec Corporation

Adobe Premiere Standard 7.0 ({7998F67D-655B-42E3-B651-18D96DD17268})
version: 117440512
version (major): 7
install location: C:\Program Files\Adobe\Premiere Standard
install source: C:\WINDOWS\Temp\VARU\Temp1\W-GA-0~1\ADOBEP~2\
uninstall cmd: RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{7998F67D-655B-42E3-B651-18D96DD17268}\setup.exe"
publisher: Adobe Systems, Inc.

VAIO Media Integrated Server 3.1 ({7A79D11B-FD82-4A5E-834F-20173515DD14})
version: 50397184
install location: C:\Program Files\Sony\VAIO Media Integrated Server
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A79D11B-FD82-4A5E-834F-20173515DD14}\setup.exe" -l0x9 UNINSTALL

Click to DVD 2.1.10 ({7C2F71B2-6C73-11D6-B659-00C04F790F76})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C2F71B2-6C73-11D6-B659-00C04F790F76}\setup.exe"

Norton Protection Center 1.4.4 ({82A5BF38-8461-4A5C-B2C9-24F5256D92A6})
version: 17039364
version (major): 1
version (minor): 4
estimated size: 3870
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\NSC\
uninstall cmd: MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
publisher: Symantec Corp

PictureGear Studio 2.0 ({88DA0A52-3372-4803-971A-ADFB961707E8})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88DA0A52-3372-4803-971A-ADFB961707E8}\Setup.exe"

VAIO SLIT-A Screen Saver ({8D324F1B-A39E-4D5A-BA58-147416FE019A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D324F1B-A39E-4D5A-BA58-147416FE019A}\Setup.exe" -l0x9

Logitech Desktop Messenger 2.30.04 ({900B1197-53F5-4F46-A882-2CFFFE2EEDCB})
version: 16777258
install location: C:\Program Files\Logitech\Desktop Messenger
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x9 UNINSTALL
publisher: Logitech, Inc.
contact: Logitech Customer Support
help link: www.logitech.com/support

VPS 1.1.1.1 ({9080C5D2-82FA-452A-87FA-CBB4B05D67A5})
version: 16842753
version (major): 1
version (minor): 1
estimated size: 837
install date: 20040818
install source: C:\DOCUME~1\Owner\LOCALS~1\Temp\_isD\
publisher: Sony Corporation
comments: Your Voice Counts
contact: Customer Support Department: VAIO-Link
help link: http://www.vaio-link.com
help telephone: Please consult your Troubleshooting Guide

InterVideo WinDVD 5 for VAIO 5.0-B11.247 ({91810AFC-A4F8-4EBA-A5AA-B198BBC81144})
version (major): 5
install location: C:\Program Files\InterVideo\WinDVD
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
publisher: InterVideo Inc.
contact: support@intervideo.com
help link: http://www.intervideo.com/jsp/Support.jsp

Sony Notebook Setup ({936FADC9-C609-471A-B6F2-A33E2E660D1A})
install location: C:\Program Files\sony\sony notebook setup
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{936FADC9-C609-471A-B6F2-A33E2E660D1A}\Setup.exe" -l0x9

EPSON Photo Print ({9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}\setup.exe" -l0x9 MyUninstall

Sonic RecordNow! 7.21 ({9541FED0-327F-4DF0-8B96-EF57EF622F19})
version: 118816768
version (major): 7
version (minor): 21
estimated size: 25405
install date: 20040908
install source: C:\WINDOWS\Temp\VARU\Temp1\W-4AB9~1\
uninstall cmd: MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
publisher: Sonic Solutions
help link: http://www.sonicjapan.co.jp/support/index.html

Click to DVD 2.0.01 Menu Data ({98A3A654-3AEF-42D9-BA91-DE5815EA5897})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98A3A654-3AEF-42D9-BA91-DE5815EA5897}\setup.exe"

EPSON TWAIN 5 ({9A3EABC0-CA06-11D4-BF77-00104B130C19})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" -l0x9 UNINSTALL

VAIO Power Management ({9E319E96-ED8E-4B01-9775-C521A1869A25})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\Setup.exe" -l0x9

VAIO SLIT Scene Wallpaper ({A17456ED-3432-49FF-A14D-E0F00A96A2AA})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A17456ED-3432-49FF-A14D-E0F00A96A2AA}\Setup.exe" -l0x9

VAIO Launcher ({A43F939E-A863-433D-AC78-0897E44CFEB2})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A43F939E-A863-433D-AC78-0897E44CFEB2}\setup.exe" -l0x9

Norton Internet Security 9.1.0.33 ({A93C9E60-29B6-49da-BA21-F70AC6AADE20})
version: 151060480
version (major): 9
version (minor): 1
estimated size: 37454
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Setup\
uninstall cmd: MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
publisher: Symantec Corporation

SonicStage Mastering Studio Audio Filter ({AB467B85-4F52-48C2-AEED-0673D00417B0})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x9

Adobe Reader 6.0.1 006.000.001 ({AC76BA86-7AD7-1033-7B44-A00000000001})
version: 100663297
version (major): 6
estimated size: 44628
install date: 20040818
install source: C:\remove\ADOBER~1\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
publisher: Adobe Systems Incorporated
comments:
contact: Customer Support Department
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 6.0\Reader\Readme.htm

Adobe Reader 7.0.5 7.0.5 ({AC76BA86-7AD7-1033-7B44-A70500000002})
version: 117440517
version (major): 7
estimated size: 65620
install date: 20051111
install location: C:\Program Files\Adobe\Acrobat 7.0\Reader\
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig705\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

({B100B05B-E290-41EF-9366-8BC4C76D7769})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x9

({B14F9B26-D695-4C4A-8B11-0FE6CDCC797B})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9

EPSON Copy Utility ({B69CC1A5-0404-11D6-ABCB-005004C21D30})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x9 ADDREMOVEDLG

MSRedist 1.0.0.0 ({B7C61755-DB48-4003-948F-3D34DB8EAF69})
version: 16777216
version (major): 1
estimated size: 4507
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\Redist\
uninstall cmd: MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
publisher: Symantec Corporation

HotKey Utility ({BB311F54-39D6-4A03-8E18-053D1B2833D7})
install location: C:\Program Files\Sony\HotKey Utility
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB311F54-39D6-4A03-8E18-053D1B2833D7}\Setup.exe" -l0x9

SonicStage Mastering Studio 1.3 ({BF3B304B-8A18-452D-A19F-6012CA8418D7})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF3B304B-8A18-452D-A19F-6012CA8418D7}\Setup.exe" -l0x9

Norton AntiVirus 2006 12.2.0.13 ({C6F5B6CF-609C-428E-876F-CA83176C021B})
version: 201457664
version (major): 12
version (minor): 2
estimated size: 63295
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\NAV\
uninstall cmd: MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
publisher: Symantec Corporation

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 37015
install date: 20060311
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

({D3568156-59C3-42DF-A520-2C25B6706C91})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9

VAIO GrandBlue Wallpaper ({D8E2BDAE-4AEB-464D-A410-89AF090B08D9})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8E2BDAE-4AEB-464D-A410-89AF090B08D9}\Setup.exe" -l0x9

VAIO Entertainment Platform ({D917FD82-6CE5-489A-AAF8-C701AAC85C4D})
install location: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}\Setup.exe" -l0x9

VAIO TV Tuner Library 1.1 ({DC6E3CD5-A93D-44EA-85AE-894C1603B7E2})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC6E3CD5-A93D-44EA-85AE-894C1603B7E2}\Setup.exe"

({E213C271-AEFA-481D-A9B4-914D88925B8D})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9

Norton Internet Security 1.0.0 ({E3EFA461-EB83-4C3B-9C47-2C1D58A01555})
version: 16777216
version (major): 1
estimated size: 1484
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\HelpMSI\
uninstall cmd: MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
publisher: Symantec Corp.

Adobe Acrobat Elements 6.0 006.000.000 ({E5E6E687-1033-BA7E-6000-000000000001})
version: 100663296
version (major): 6
estimated size: 74413
install date: 20040908
install source: C:\WINDOWS\Temp\VARU\Temp1\W-GA-0~1\ADOBEA~1\
uninstall cmd: MsiExec.exe /I{E5E6E687-1033-BA7E-6000-000000000001}
publisher: Adobe Systems
comments:
contact: Customer Support
help link: http://www.adobe.com/support/main.html
help telephone:
readme: Acrobat Elements\ReadMe.htm

Norton Internet Security 9.1.0.33 ({E5EE9939-259F-4DE2-8023-5C49E16A4F43})
version: 151060480
version (major): 9
version (minor): 1
estimated size: 474
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\NAV\
uninstall cmd: MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
publisher: Symantec Corporation

Norton WMI Update 2005.1.2.20 ({E85FA9A1-C241-4698-893B-DD99509B8DB0})
version (major): 2005
version (minor): 1
estimated size: 613
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\SymSC\
uninstall cmd: MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0}
publisher: Symantec Corporation

ScanToWeb ({EBAE381B-60A6-4863-AA9F-FCAB755BC9E5})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG

VAIO Zone ({ED8D39F2-7FFA-45EC-B148-EF2472955BB4})
install location: C:\Program Files\sony\vaio entertainment
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}\Setup.exe" -l0x9

SonicStage Mastering Studio Plugins 1.3 ({EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}\Setup.exe" -l0x9

Sony Utilities DLL ({EF3D45BB-2260-4008-88EA-492E7744A9DF})
install location: C:\Program Files\Common Files\Sony Shared\Sony Utilities
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\Setup.exe" -l0x9

Norton WMI Update 2005.1.2.20 ({F64306A5-4C32-41bb-B153-53986527FAB4})
version (major): 2005
version (minor): 1
estimated size: 613
install date: 20060224
install source: C:\DOCUME~1\MARK\LOCALS~1\Temp\NIS9.1.33\Support\SymSC\
uninstall cmd: MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
publisher: Symantec Corporation

({FAD9402A-1A9B-4ABE-A410-393A3622FA5A})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x9

Realtek AC'97 Audio ({FB08F381-6533-4108-B7DD-039E11FBC27E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

 

[mark w]

contents of C:\smitfiles.txt log

smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: 15/03/2006
The current time is: 19:01:05.07

Running from
C:\smitrem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}"="Prestige Software"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32]
@="C:\WINDOWS\system32\ginuerep.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Online Security Guide.url
Security Troubleshooting.url
Security Troubleshooting.url


~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
hp***.tmp


~~~ Icons in System32 ~~~

ts.ico
ot.ico


~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 772 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}"="Prestige Software"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\System32\browseui.dll"


[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32]
@="C:\WINDOWS\system32\ginuerep.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~


~~~ Wininet.dll ~~~

CLEAN!

 

[mark w]

Ewido log

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 20:21:56, 15/03/2006
+ Report-Checksum: D70451B6

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SpyFalcon -> Adware.SpyFalcon : Cleaned with backup
HKU\S-1-5-21-3302453815-4055598052-4283441845-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\MARK\Cookies\mark@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrt\0474NAV~.TMP -> Downloader.Small.ayl : Error during cleaning


::Report End

 

[mark w]

2nd Hijackthis report less the 018's

Logfile of HijackThis v1.99.1
Scan saved at 21:06:57, on 15/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\SpyFalcon\SpyFalcon.exe
C:\Program Files\SpyFalcon\SpyFalcon.exe
C:\Program Files\sony\VAIO Launcher\Launcher.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVW32.EXE
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SpyFalcon] C:\Program Files\SpyFalcon\SpyFalcon.exe /h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.jessopsphotoexpress.com/wpp/jessopsphotoexpress/app/opcuploader.cab

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

 

[LonnyRJones]

Hi

Right click on this link choose save target
FixSF.reg Download Link: http://www.bleepingcomputer.com/files/reg/FixSF.reg
Save it to your desktop

Restart the PC into safe mode

Double click the FixSF.reg and answer yes to the prompts

Run Smitrem again

Do a full system scan with Ewido then SpyBot , fix anything they should detect.

Restart back to a normal windows session, once here at the forums make and post Just a hijackthis log please.

 

[mark w]

Hi,
Followed your latest instructions and here is the Hijackthis log.
So far (I have only rebooted and come straight to forums) I have had no sign of spyfalcon or any virus/spyware messages yet.
Log split over two post due to size

Logfile of HijackThis v1.99.1
Scan saved at 19:19:11, on 16/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\sony\VAIO Launcher\Launcher.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\sony\VAIO Launcher\Launcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\sony\sonicstage mastering studio\audio filter\SSMSFilter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.jessopsphotoexpress.com/wpp/jessopsphotoexpress/app/opcuploader.cab

 

[mark w]

O18 - Protocol: bw+0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {727770DD-E3A8-420E-939E-A07014629734} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

 

[LonnyRJones]

Sounds good
Keep an eye out for problems over the next few days and post back then

Most folks uninstall Logitech's Desktop Messenger as its not realy needed

Prevention: Put in place a good hosts file
http://www.mvps.org/winhelp2002/hosts.htm
How To Download and Extract the HOSTS file:
http://www.mvps.org/winhelp2002/hosts2.htm
Replace it about once monthly to keep it updated

To help avoid reinfection see "So how did I get infected in the first place?"
http://forums.spybot.info/showthread.php?t=279