I seem to have contracted this trojan.
[email protected]
There is a chance that some other unwanted items are in there as well. The above trojan is the only one I could identify.
I read some of the other posts regarding the removal and began the process but stopped when I realized that the solution will be specific to my computer.
Here is the HijackThis Log.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:00:35 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ben Morse\Desktop\HiJackThis_v2.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://ucsbuxa.ucsb.edu:9000/ucsblibrary
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: (no name) - {30B5CA37-CE3E-4926-A4EA-7DD010194436} - C:\WINDOWS\system32\opnol.dll
O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - (no file)
O2 - BHO: {91e80a1f-c73e-832b-77a4-b254100c8d09} - {90d8c001-452b-4a77-b238-e37cf1a08e19} - C:\WINDOWS\system32\ljuwmpet.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\rekdifev.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.5\BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\rekdifev.dll
O4 - HKLM\..\Run: [Hcontrol] -C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] -C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] -C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] -ICO.EXE
O4 - HKLM\..\Run: [VAIO Recovery] -C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] -C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SonyPowerCfg] -C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HKSERV.EXE] -C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Switcher.exe] -C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] -C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] -"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIOSurvey] -c:\program files\sony\vaio survey\surveysa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] -C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [HP Component Manager] -"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [VMConsole.exe] -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] -C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] -C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [MXOBG] -C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [RetroExpress] -C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe /h
O4 - HKLM\..\Run: [QuickTime Task] -"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZCfgSvc.exe] -C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] -C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] -
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [osCheck] -"C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [ALUAlert] -C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [3c2a1258] rundll32.exe "C:\WINDOWS\system32\uwwmdosp.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus C62 Series] -C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /A "C:\WINDOWS\system32\E_S1A4.tmp"
O4 - HKCU\..\Run: [Aim6] -
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O20 - Winlogon Notify: rekdifev - C:\WINDOWS\SYSTEM32\rekdifev.dll
O20 - Winlogon Notify: winoac32 - C:\WINDOWS\SYSTEM32\winoac32.dll
O20 - Winlogon Notify: yayvssr - yayvssr.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - -"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" (file missing)
O23 - Service: Giga Pocket Hardware Detector - Unknown owner - -C:\Program Files\Sony\Giga Pocket\shwserv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Unknown owner - -"C:\Program Files\Norton Internet Security\isPwdSvc.exe" (file missing)
O23 - Service: LiveUpdate - Unknown owner - -"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (file missing)
O23 - Service: MSCSPTISRV - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe" (file missing)
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - -C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: MD Simple Burner Service (NetMDSB) - Unknown owner - -C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - -C:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe" (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Unknown owner - -"C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe" (file missing)
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Unknown owner - -C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe (file missing)
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\BENMOR~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Sony TV Tuner Controller - Unknown owner - -C:\Program Files\Sony\Giga Pocket\halsv.exe (file missing)
O23 - Service: Sony TV Tuner Manager - Unknown owner - -C:\Program Files\Sony\Giga Pocket\RM_SV.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe" (file missing)
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe" (file missing)
O23 - Service: VAIO Entertainment File Import Service - Unknown owner - -C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe" (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter - Unknown owner - -C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe (file missing)
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (file missing)
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (file missing)
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server" (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP" (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (file missing)
O23 - Service: Viewpoint Manager Service - Unknown owner - -"C:\Program Files\Viewpoint\Common\ViewpointService.exe" (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)
--
End of file - 17138 bytes
Thanks for your help.
[email protected]
There is a chance that some other unwanted items are in there as well. The above trojan is the only one I could identify.
I read some of the other posts regarding the removal and began the process but stopped when I realized that the solution will be specific to my computer.
Here is the HijackThis Log.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:00:35 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ben Morse\Desktop\HiJackThis_v2.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://ucsbuxa.ucsb.edu:9000/ucsblibrary
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBho.dll
O2 - BHO: (no name) - {30B5CA37-CE3E-4926-A4EA-7DD010194436} - C:\WINDOWS\system32\opnol.dll
O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - (no file)
O2 - BHO: {91e80a1f-c73e-832b-77a4-b254100c8d09} - {90d8c001-452b-4a77-b238-e37cf1a08e19} - C:\WINDOWS\system32\ljuwmpet.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\rekdifev.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Program Files\BitComet Toolbar\v2.0.0.5\BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\rekdifev.dll
O4 - HKLM\..\Run: [Hcontrol] -C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] -C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] -C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] -ICO.EXE
O4 - HKLM\..\Run: [VAIO Recovery] -C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] -C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SonyPowerCfg] -C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HKSERV.EXE] -C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Switcher.exe] -C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [ISBMgr.exe] -C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] -"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIOSurvey] -c:\program files\sony\vaio survey\surveysa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EPSON Stylus C62 Series] -C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB001" /M "Stylus C62"
O4 - HKLM\..\Run: [HP Component Manager] -"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [VMConsole.exe] -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [SsAAD.exe] -C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] -C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [MXOBG] -C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [RetroExpress] -C:\PROGRA~1\Dantz\RETROS~1\RetroExpress.exe /h
O4 - HKLM\..\Run: [QuickTime Task] -"C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZCfgSvc.exe] -C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] -C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] -
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [osCheck] -"C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [ALUAlert] -C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [3c2a1258] rundll32.exe "C:\WINDOWS\system32\uwwmdosp.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus C62 Series] -C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /A "C:\WINDOWS\system32\E_S1A4.tmp"
O4 - HKCU\..\Run: [Aim6] -
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/EN/mdldetect/VaioInfo.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O20 - Winlogon Notify: rekdifev - C:\WINDOWS\SYSTEM32\rekdifev.dll
O20 - Winlogon Notify: winoac32 - C:\WINDOWS\SYSTEM32\winoac32.dll
O20 - Winlogon Notify: yayvssr - yayvssr.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - -"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" (file missing)
O23 - Service: Giga Pocket Hardware Detector - Unknown owner - -C:\Program Files\Sony\Giga Pocket\shwserv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (file missing)
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Unknown owner - -"C:\Program Files\Norton Internet Security\isPwdSvc.exe" (file missing)
O23 - Service: LiveUpdate - Unknown owner - -"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - -"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (file missing)
O23 - Service: MSCSPTISRV - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe" (file missing)
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - -C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: MD Simple Burner Service (NetMDSB) - Unknown owner - -C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - -C:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe" (file missing)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Retrospect Express HD Restore Helper (RetroExp Helper) - Unknown owner - -"C:\PROGRA~1\Dantz\RETROS~1\rthlpsvc.exe" (file missing)
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - Unknown owner - -C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe (file missing)
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\BENMOR~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Sony TV Tuner Controller - Unknown owner - -C:\Program Files\Sony\Giga Pocket\halsv.exe (file missing)
O23 - Service: Sony TV Tuner Manager - Unknown owner - -C:\Program Files\Sony\Giga Pocket\RM_SV.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe" (file missing)
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - -C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - -C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - -"C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" (file missing)
O23 - Service: VAIO Entertainment Aggregation and Control Service - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe" (file missing)
O23 - Service: VAIO Entertainment File Import Service - Unknown owner - -C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Unknown owner - -"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe" (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter - Unknown owner - -C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe (file missing)
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (file missing)
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (file missing)
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server" (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - -"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP" (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Unknown owner - -C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (file missing)
O23 - Service: Viewpoint Manager Service - Unknown owner - -"C:\Program Files\Viewpoint\Common\ViewpointService.exe" (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe" (file missing)
--
End of file - 17138 bytes
Thanks for your help.
