I'm really concerned with my current situation and I'm unable to resolve the issue.
SYSTEM:
Sony Vaio Laptop with Windows XP SP3
PROBLEM DESCRIPTION:
1. Sometime during the past 7-14 days a pop-up began appearing on my computer whenever I pay a bill via a credit card or swipe a card using a USB card reader. The pop-up has the Visa logo, displays the title Advanced Verification, and captures/pre-populates the correct credit card number on the form. The form asks me to enter the cardholder's name, exp date, cvv info, etc.... Unless I close the form my transation will not complete. I'm afraid this malware/spyware is capturing my credit card info.
2. Within the last few days I have noticed a few strange things occuring on my PC such as:
a. the delete button no longer functions
b. Although I am entering my password correctly, I am forced to enter my hotmail password twice prior to logging on.
c. Copy & paste functions are working sporadically.
d. While I am typing, my cursor will jump all over the screen.
e. My PC will not hibernate.
My biggest concern is with potential credit card fraud and losing control of my PC, but I have a feeling that they are all related.
STEPS TAKEN:
1. I have a purchased version of ZoneAlarm Security. I ran the virus scan in normal and safe modes.
2. I downloaded Adaware and ran a full system scan in normal and safe modes.
3. I download Spybot Search & Destroy and ran a full system scan in normal and safe modes.
4. I'm not sure of the exact date, but within the last 7-10 days I upgraded from XP SP1 to XPSP3
5. have installed all windows updates.
6. I went from Windows IE6 to IE7
7. Reran the scans in steps 1 to 3. Whenever I run a scan items are identified by nothing has fixed the issue.
8. Found this site and took the following recommended steps:
a. Ran ATF Cleaner
b. Ran Malware bytes (see logs below)
c. Ran Super Anti Spyware (see logs below)
d. Ran online Panda Scan (see logs below)
e. Ran Hijack this (see log & uninstall list below)
MALWARE LOG
Malwarebytes' Anti-Malware 1.17
Database version: 846
11:45:46 AM 6/22/2008
mbam-log-6-22-2008 (11-45-46).txt
Scan type: Quick Scan
Objects scanned: 42810
Time elapsed: 9 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{def85c80-216a-43ab-af70-1665edbe2780} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f9df827a-8fa7-48a3-b268-ca4db563ea40} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f9df827a-8fa7-48a3-b268-ca4db563ea40} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\QdrDrive (Adware.ISM) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{f9df827a-8fa7-48a3-b268-ca4db563ea40} (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINDOWS\system32\nGpxx01 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive (Adware.AdBand) -> Quarantined and deleted successfully.
C:\Program Files\Windows AdStatus (Adware.AdStatus) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Windows AdStatus\Info.txt (Adware.AdStatus) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\000070.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmona.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
SUPERSPYWARE LOG
SUPERAntiSpyware Scan Log
Generated 06/22/2008 at 09:17 PM
Application Version : 3.6.1000
Core Rules Database Version : 3190
Trace Rules Database Version: 1200
Scan type : Complete Scan
Total Scan Time : 02:24:42
Memory items scanned : 375
Memory threats detected : 0
Registry items scanned : 6234
Registry threats detected : 12
File items scanned : 68207
File threats detected : 7
Adware.SideStep Toolbar
HKLM\Software\Classes\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\Implemented Categories
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\InprocServer32
HKCR\CLSID\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}\InprocServer32#ThreadingModel
C:\WINDOWS\DOWNLOADED PROGRAM FILES\SBCIE02A.DLL
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{83B28A74-640D-48F4-9F51-E80EED7CC7E0}
Adware.MediaMediatickets
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaTicketsInstaller.ocx
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaTicketsInstaller.ocx#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaTicketsInstaller.ocx#{9EB320CE-BE1D-4304-A081-4B4665414BEF}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.ocx [ ]
Trojan.Malware
C:\asdf.txt
Adware.Tracking Cookie
C:\Documents and Settings\Michael\Cookies\[email protected][1].txt
C:\Documents and Settings\Michael\Cookies\[email protected][1].txt
C:\Documents and Settings\Michael\Cookies\[email protected][3].txt
C:\Documents and Settings\Michael\Cookies\michael@specificclick[2].txt
Trojan.Unknown Origin
C:\WINDOWS\TEMPF.TXT
PANDA SCAN
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-06-23 22:02:58
PROTECTIONS: 1
MALWARE: 46
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
ZoneAlarm Anti-virus Antivirus 7.0.470.000 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00003992 spyware/adclicker Spyware No 1 Yes No c:\windows\usta32.ini
00003992 spyware/adclicker Spyware No 1 Yes No c:\windows\usta33.ini
00029767 adware/delfinmedia Adware No 1 Yes No c:\keys.ini
00029767 adware/delfinmedia Adware No 1 Yes No hkey_local_machine\software\skin
00029767 adware/delfinmedia Adware No 1 Yes No c:\windows\system32\vmss
00034463 adware/wupd Adware No 0 Yes No c:\program files\adstatus service
00034463 adware/wupd Adware No 0 Yes No hkey_local_machine\software\classes\winstatx.installer
00035753 adware/sidestep Adware No 0 Yes No c:\documents and settings\michael\start menu\sidestep.lnk
00035753 adware/sidestep Adware No 0 Yes No c:\documents and settings\michael\favorites\links\sidestep.url
00035753 adware/sidestep Adware No 0 Yes No c:\documents and settings\michael\application data\microsoft\internet explorer\quick launch\sidestep.lnk
00035753 adware/sidestep Adware No 0 Yes No c:\documents and settings\michael\start menu\programs\sidestep
00035753 adware/sidestep Adware No 0 Yes No c:\windows\downloaded program files\sbcie02a.inf
00035753 adware/sidestep Adware No 0 Yes No hkey_local_machine\software\microsoft\internet explorer\extensions\{3e230861-5c87-11d3-a1c6-00105a1b41b8}
00035753 adware/sidestep Adware No 0 Yes No hkey_local_machine\software\microsoft\code store database\distribution units\{640b39c1-d713-464f-92c3-75bd972b95ee}
00035753 adware/sidestep Adware No 0 Yes No hkey_classes_root\clsid\{0837121a-6472-43bd-8a40-d9221ff1c4ce}
00035753 adware/sidestep Adware No 0 Yes No hkey_current_user\software\sidestep
00035753 adware/sidestep Adware No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0837121A-6472-43BD-8A40-D9221FF1C4CE}
00048546 adware/searchrelevancy Adware No 0 Yes No c:\program files\searchrelevant
00063665 adware/pacimedia Adware No 0 Yes No hkey_current_user\software\psof1
00063665 adware/pacimedia Adware No 0 Yes No c:\windows\system32\ps1.exe
00063665 adware/pacimedia Adware No 0 Yes No c:\windows\system32\psof1.exe
00130137 adware/adshooter Adware No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{C886256C-7A63-4213-AD2F-02AD3735DF06}
00130137 adware/adshooter Adware No 0 Yes No hkey_classes_root\clsid\{c886256c-7a63-4213-ad2f-02ad3735df06}
00135099 adware/powerstrip Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\extensions\CmdMapping\{669695BC-A811-4A9D-8CDF-BA8C795F261C}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc800.txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc799.txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc798.txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc413.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc470.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc469.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc468.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc464.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc465.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc466.txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc467.txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc385.txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc383.txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc384.txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc977.txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@247realmedia[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc291.txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc290.txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc497.txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc804.txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1058.txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc621.txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1021.txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc623.txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc622.txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc590.txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc591.txt
00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc416.txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc499.txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc500.txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc876.txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc437.txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc438.txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc439.txt
00167690 Cookie/Rightmedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1039.txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc388.txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc768.txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc769.txt
00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc448.txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc670.txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc970.txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc315.txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc316.txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc317.txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc377.txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc378.txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc357.txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc750.txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc749.txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\[email protected][1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc365.txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc364.txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc363.txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc973.txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc337.txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc335.txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc349.txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\[email protected][1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc350.txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc971.txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1037.txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc705.txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc687.txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1035.txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc686.txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc903.txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc904.txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc399.txt
00173992 Cookie/Zedo TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc402.txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc338.txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc336.txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc361.txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc362.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc540.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc541.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc1004.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc543.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc542.txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc544.txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc786.txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Application Data\Mozilla\Profiles\default\s3h4x0tm.slt\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc386.txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc978.txt
00278769 Application/PRScheduler HackTools No 0 Yes No C:\DOCUMENTS AND SETTINGS\MICHAEL\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER.EXE
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc342.txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc341.txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc343.txt
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\RECYCLER\S-1-5-21-3450047428-1704894499-899711007-500\Dc353.txt
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
HIJACK THIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:15:54 PM, on 6/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files D Drive\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\sony\giga pocket\shwserv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\giga pocket\RM_SV.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Quicken\bagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files D Drive\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://wapp.verizon....mp;bm=yh_search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer by Cavalier Telephone, LLC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\MICHAEL\Application Data\Mozilla\Profiles\default\s3h4x0tm.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {0AB3A2C8-6237-43BE-A16F-8C48D33E4741} - C:\WINDOWS\System32\rqRJcAQj.dll (file missing)
O2 - BHO: (no name) - {303477A6-F9AE-4ED7-8E8A-9F492B8CA82B} - C:\WINDOWS\System32\ddcYonLe.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {554D06CB-75C0-43F4-821C-2BAF86D85124} - C:\WINDOWS\System32\rqRkIyxU.dll (file missing)
O2 - BHO: {09256972-c8f2-33aa-9a84-da96f25db176} - {671bd52f-69ad-48a9-aa33-2f8c27965290} - C:\WINDOWS\System32\aqhvonpc.dll (file missing)
O2 - BHO: (no name) - {6AC2D634-0D43-47DF-AF9F-364C2589FB7E} - C:\WINDOWS\System32\geBqRkIx.dll (file missing)
O2 - BHO: (no name) - {c9803b12-f0a0-11dc-95ff-0800200c9a66} - (no file)
O2 - BHO: (no name) - {F7EDE424-D0A6-405D-8531-1EDFCD07DEF8} - (no file)
O2 - BHO: (no name) - {FC8CF027-34ED-3136-E2A9-1B6471DD4DB5} - C:\WINDOWS\System32\jxjnpx.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\Windows\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Fazdz] C:\WINDOWS\System32\w?wexec.exe
O4 - HKCU\..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files D Drive\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: PowerPanel.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: ChatSpace Java Client 4.0.0.325 - http://chat.scout.co...va/cms40325.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep....42037/sb02a.cab
O16 - DPF: {64696FB5-BA15-4920-B789-F35D3FC0A36A} (myax Control) - http://www.icannnews.com/app/ST/ax.ocx
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1213760249984
O16 - DPF: {972BB342-14A7-4660-83C1-51DDBEE171DB} - http://www.pacimedia...ll/pcs_0002.exe
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://mindbodyonli...ort/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17B862B6-8450-4D45-8B32-78FC1B919154}: NameServer = 209.137.160.7,209.137.171.10
O18 - Protocol: intu-help-qb1 - {9B0F96C7-2E4B-433E-ABF3-043BA1B54AE3} - D:\Program Files D Drive\Quickbooks PRO2008\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O20 - Winlogon Notify: ssqQjjge - ssqQjjge.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files D Drive\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\sony\giga pocket\shwserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Perssv - Primax Electronics Ltd. - (no file)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\giga pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\giga pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 12733 bytes
HIJAXK UNINSTALL LIST
Ad-Aware
Adobe Reader 7.0.9
Adobe Shockwave Player
AnyDVD
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
BitComet 0.70
Bonjour
BUM
Canon MP Navigator 3.0
Canon MP600
Canon MP600 User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint
Chessmaster 9000
Click to DVD 1.3
CloneDVD2
C-Major Audio
CoreFLAC Audio Decoder+Source Filter (remove only)
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Drag'n Drop CD+DVD
DVgate Plus
Easy-WebPrint
eMusic Download Manager
EPSON Printer Software
Giga Pocket 5.5
Giga Pocket Demo Movie
Giga Pocket Hardware Library 5.5
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
HotKey Utility
InterVideo WinDVD 4
iPod for Windows 2005-03-23
iPod for Windows 2006-06-28
iTunes
IZArc 3.81
LAN-Express AS IEEE 802.11 Wireless LAN
Malwarebytes' Anti-Malware
Memory Stick Formatter
Messageware Plus Pack Base Component
Microsoft .NET Framework 2.0
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Project 98
Microsoft Works 7.0
MoodLogic
MSN Music Assistant
MSXML 4.0 SP2 Parser and SDK
Music Visualizer Library 1.4.00
Nero 6 Ultra Edition
Netscape (7.02)
NVIDIA Windows 2000/XP Display Drivers
oggcodecs 0.71.0946
OpenMG Limited Patch 3.2-03-02-21-08
OpenMG Limited Patch 3.2-03-03-18-01
OpenMG Limited Patch 3.2-03-04-14-02
OpenMG Secure Module 3.2
Panda ActiveScan 2.0
PictureGear Studio 2.0
PowerPanel
QuickBooks Pro 2008
Quicken 2007
QuickTime
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Shockwave
SideStep
SiS 900 PCI Fast Ethernet Adapter Driver
SoftK56 Data Fax
SonicStage 1.6.00
Sony Certificate PCH
Sony Notebook Setup
Sony on Yahoo! Essentials
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
ubi.com
Update for Windows XP (KB942763)
VAIO BrightColor Wallpaper
VAIO Help and Support
VAIO Media 2.6
VAIO Media Integrated Server 2.6
VAIO Media Redistribution 2.6
VAIO Registration
VAIO Remote Commander Utility 5.5
VAIO Support
VAIO Survey Standalone
Verizon Online
Viewpoint Media Player (Remove Only)
WD Diagnostics
WD Firewire HID Driver
WebEx
WebFastConnect
Welcome to VAIO life
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows XP Service Pack 3
Yahoo! Install Manager
Yahoo! Toolbar
ZoneAlarm Anti-virus