TechSpot

Possivle virus is present: Virus link was followed from email

Solved
By mylonite
Nov 9, 2010
  1. Hi there, another problem with the same computer, The computers language is Japanese. A virus sent a link to a seemingly virus free Italian website. The link was opened a few moments before I had time to say don't open it. The website however came up as clean on a couple of website scanners AVG, Kaspersky etc on urlvoid.com

    As this email was later identified to have been created by a virus on a close friends computer, I would like to be sure that there isn't a virus still on this computer.

    I am still unable to use malwarebytes on this computer, the message that comes up is that the program is short on memory? 'or something along these lines,' and needs to close, this is usually whilst searching through the system 32 folder, a common place for viruses to hide, etc.

    I have after several tries got the GMER scan to work, as the computer would for the last tries come up with a similar message and struggle to load the save window, once the scan finished. I gave it a fair amount of time to lead today and as a result managed to let the window load. The computer also really got the fans working and ran exceptionally slowly after running a scan, and is also running much slower than usual.

    Here are the scans as follows:
     
  2. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    Actually, the GMER log is empty, so it seems it unable to run it successfully. I will try to run the scan again in safe mode and hopefully I will have more luck. I will post the DDS Logs.

    ATTACH.txt

    DDS (Ver_10-11-01.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2006/09/17 17:36:46
    System Uptime: 2010/11/09 21:41:45 (0 hours ago)

    Motherboard: Sony Corporation | | Q-Project
    Processor: Intel(R) Celeron(R) M processor 1.60GHz | N/A | 1595/100mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 37 GiB total, 5.001 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 10.417 GiB free.
    E: is CDROM ()
    G: is Removable

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394 ネット アダプタ
    Device ID: V1394\NIC1394\22C245E8004603
    Manufacturer: Microsoft
    Name: 1394 ネット アダプタ
    PNP Device ID: V1394\NIC1394\22C245E8004603
    Service: NIC1394

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Atheros Wireless Network Adapter
    Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
    Manufacturer: Atheros
    Name: Atheros Wireless Network Adapter
    PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
    Service: AR5211

    Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
    Description:
    Device ID: ROOT\SCSIADAPTER\0000
    Manufacturer:
    Name:
    PNP Device ID: ROOT\SCSIADAPTER\0000
    Service:

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================


    「時事通信社・家庭の医学」「血液サラサラ健康事典」
    AC3 Encoder / Decoder
    Adobe Download Manager 2.2 (削除のみ)
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.0
    Adobe(R) Photoshop(R) Album Mini 3.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Wireless LAN
    ATLAS 翻訳パーソナル 2006 LE
    avast! Free Antivirus
    Bonjour
    CD Burning 4
    Click to DVD 2.0.03 Menu Data
    Click to DVD 2.5.30
    Do VAIO
    Do VAIO バックアップツール
    DVgate Plus
    Edy Viewer
    ESET Online Scanner v3
    FeliCaブラウザエクステンション
    Google Chrome
    Google Chrome フレーム
    Google Earth
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google アップデータ
    HDAUDIO SoftV92 Data Fax Modem with SmartCP
    HD革命/BackUp (バンドル版)
    High Definition Audio Driver Package - KB835221
    Hitman Pro 3.5
    Hotfix for Windows Media Format 11 SDK (KB929399)
    i-フィルター 4
    IFL
    Image Converter 2 Plus
    Intel(R) Graphics Media Accelerator Driver for Mobile
    InterActual Player
    InterVideo WinDVD for VAIO
    InterVideo WinDVDX
    its-moNavi PC
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 21
    LAME v3.98.2 for Audacity
    LAN-Express AS IEEE 802.11 Wireless LAN
    Last.fm 1.5.4.27091
    Malwarebytes' Anti-Malware
    mCore
    mDriver
    Memory Stick Formatter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Japanese Language Pack
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Home Style+
    Microsoft Office Personal Edition 2003
    Microsoft Office PowerPoint Viewer 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    mMHouse
    mPfMgr
    mProSafe
    MSN
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    mWlsSafe
    mXML
    NoteBurner 2.22
    OCNスタートパック
    OpenMG Secure Module 5.0.00
    PC Suite
    PictureGear Studio 2.0
    QuickTime
    Readiris Pro 10
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Roxio DigitalMedia Audio
    Roxio DigitalMedia Copy
    Roxio DigitalMedia Data
    Security Update for CAPICOM (KB931906)
    Setting Utility Series
    SFCard Viewer 2
    Skype Toolbars
    Skype? 4.2
    Smart Network Ver. 2.2.02
    So-net簡単スターターV2.3
    SonicStage 4.4
    Sony FeliCa リーダー/ライター ソフトウェア
    Sony MP4 Shared Library
    Sony USB Mouse
    Sony Utilities DLL
    Sony Video Shared Library
    Step by Step Interactive Training 用セキュリティ更新プログラム (KB898458)
    Step by Step Interactive Training 用セキュリティ更新プログラム (KB923723)
    System Requirements Lab for Intel
    VAIO Aqua Breeze Wallpaper
    VAIO CameraVJ Screen Saver
    VAIO Cozy Orange Wallpaper
    VAIO Entertainment Platform
    VAIO Event Service
    VAIO Guide
    VAIO Guide Movie Components
    VAIO Hardware Diagnostics
    VAIO Launcher
    VAIO Long Battery Life Wallpaper
    VAIO Media (再配布) 5.0
    VAIO Media 5.0
    VAIO Media AC3 Decoder 1.0
    VAIO Media Integrated Server 5.0
    VAIO Media Registration Tool 5.0
    VAIO Original Screen Saver
    VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
    VAIO Photo Fall WIDE
    VAIO Tender Green Wallpaper
    VAIO Update
    VAIO オンラインカスタマー登録
    VAIO カメラユーティリティ
    VAIO 省電力設定
    VideoLAN VLC media player 0.8.6e
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Internet Explorer 7 セキュリティ更新 (KB938127)
    Windows Internet Explorer 7 セキュリティ更新 (KB950759)
    Windows Internet Explorer 7 セキュリティ更新 (KB956390)
    Windows Internet Explorer 7 セキュリティ更新 (KB958215)
    Windows Internet Explorer 7 セキュリティ更新 (KB960714)
    Windows Internet Explorer 7 セキュリティ更新 (KB961260)
    Windows Internet Explorer 7 セキュリティ更新 (KB963027)
    Windows Internet Explorer 7 セキュリティ更新 (KB969897)
    Windows Internet Explorer 8
    Windows Internet Explorer 8 セキュリティ更新 (KB2183461)
    Windows Internet Explorer 8 セキュリティ更新 (KB2360131)
    Windows Internet Explorer 8 セキュリティ更新 (KB971961)
    Windows Internet Explorer 8 セキュリティ更新 (KB976325)
    Windows Internet Explorer 8 セキュリティ更新 (KB978207)
    Windows Internet Explorer 8 セキュリティ更新 (KB981332)
    Windows Internet Explorer 8 セキュリティ更新 (KB982381)
    Windows Internet Explorer 8 更新 (KB975364)
    Windows Internet Explorer 8 更新 (KB976662)
    Windows Internet Explorer 8 更新 (KB980182)
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
    Windows Live へのリンク (Windows Live Toolbar)
    Windows Media Format 11 runtime
    Windows Media Player (KB2378111) セキュリティ問題の修正プログラム
    Windows Media Player (KB911564) セキュリティ問題の修正プログラム
    Windows Media Player (KB952069) セキュリティ問題の修正プログラム
    Windows Media Player (KB954155) セキュリティ問題の修正プログラム
    Windows Media Player (KB968816) セキュリティ問題の修正プログラム
    Windows Media Player (KB973540) セキュリティ問題の修正プログラム
    Windows Media Player (KB975558) セキュリティ問題の修正プログラム
    Windows Media Player (KB978695) セキュリティ問題の修正プログラム
    Windows Media Player 10 (KB911565) セキュリティ問題の修正プログラム
    Windows Media Player 10 (KB917734) セキュリティ問題の修正プログラム
    Windows Media Player 11
    Windows Media Player 11 (KB936782) セキュリティ問題の修正プログラム
    Windows Media Player 11 (KB939683) ホットフィックス
    Windows Media Player 11 (KB954154) セキュリティ問題の修正プログラム
    Windows Media Player 11 (KB959772) 重要な更新
    Windows Media Player 6.4 (KB925398) セキュリティ問題の修正プログラム
    Windows XP (KB941569) セキュリティ問題の修正プログラム
    Windows XP Service Pack 3
    Windows XP セキュリティ更新 (KB2079403)
    Windows XP セキュリティ更新 (KB2115168)
    Windows XP セキュリティ更新 (KB2121546)
    Windows XP セキュリティ更新 (KB2160329)
    Windows XP セキュリティ更新 (KB2229593)
    Windows XP セキュリティ更新 (KB2259922)
    Windows XP セキュリティ更新 (KB2279986)
    Windows XP セキュリティ更新 (KB2286198)
    Windows XP セキュリティ更新 (KB2296011)
    Windows XP セキュリティ更新 (KB2347290)
    Windows XP セキュリティ更新 (KB2360937)
    Windows XP セキュリティ更新 (KB2387149)
    Windows XP セキュリティ更新 (KB923561)
    Windows XP セキュリティ更新 (KB938464-v2)
    Windows XP セキュリティ更新 (KB938464)
    Windows XP セキュリティ更新 (KB946648)
    Windows XP セキュリティ更新 (KB950760)
    Windows XP セキュリティ更新 (KB950762)
    Windows XP セキュリティ更新 (KB950974)
    Windows XP セキュリティ更新 (KB951066)
    Windows XP セキュリティ更新 (KB951376-v2)
    Windows XP セキュリティ更新 (KB951698)
    Windows XP セキュリティ更新 (KB951748)
    Windows XP セキュリティ更新 (KB952004)
    Windows XP セキュリティ更新 (KB952954)
    Windows XP セキュリティ更新 (KB954211)
    Windows XP セキュリティ更新 (KB954459)
    Windows XP セキュリティ更新 (KB954600)
    Windows XP セキュリティ更新 (KB955069)
    Windows XP セキュリティ更新 (KB956391)
    Windows XP セキュリティ更新 (KB956572)
    Windows XP セキュリティ更新 (KB956744)
    Windows XP セキュリティ更新 (KB956802)
    Windows XP セキュリティ更新 (KB956803)
    Windows XP セキュリティ更新 (KB956841)
    Windows XP セキュリティ更新 (KB956844)
    Windows XP セキュリティ更新 (KB957095)
    Windows XP セキュリティ更新 (KB957097)
    Windows XP セキュリティ更新 (KB958644)
    Windows XP セキュリティ更新 (KB958687)
    Windows XP セキュリティ更新 (KB958690)
    Windows XP セキュリティ更新 (KB958869)
    Windows XP セキュリティ更新 (KB959426)
    Windows XP セキュリティ更新 (KB960225)
    Windows XP セキュリティ更新 (KB960715)
    Windows XP セキュリティ更新 (KB960803)
    Windows XP セキュリティ更新 (KB960859)
    Windows XP セキュリティ更新 (KB961371-v2)
    Windows XP セキュリティ更新 (KB961371)
    Windows XP セキュリティ更新 (KB961373)
    Windows XP セキュリティ更新 (KB961501)
    Windows XP セキュリティ更新 (KB968537)
    Windows XP セキュリティ更新 (KB969059)
    Windows XP セキュリティ更新 (KB969898)
    Windows XP セキュリティ更新 (KB969947)
    Windows XP セキュリティ更新 (KB970238)
    Windows XP セキュリティ更新 (KB970430)
    Windows XP セキュリティ更新 (KB971468)
    Windows XP セキュリティ更新 (KB971486)
    Windows XP セキュリティ更新 (KB971557)
    Windows XP セキュリティ更新 (KB971633)
    Windows XP セキュリティ更新 (KB971657)
    Windows XP セキュリティ更新 (KB972270)
    Windows XP セキュリティ更新 (KB973346)
    Windows XP セキュリティ更新 (KB973354)
    Windows XP セキュリティ更新 (KB973507)
    Windows XP セキュリティ更新 (KB973525)
    Windows XP セキュリティ更新 (KB973869)
    Windows XP セキュリティ更新 (KB973904)
    Windows XP セキュリティ更新 (KB974112)
    Windows XP セキュリティ更新 (KB974318)
    Windows XP セキュリティ更新 (KB974392)
    Windows XP セキュリティ更新 (KB974571)
    Windows XP セキュリティ更新 (KB975025)
    Windows XP セキュリティ更新 (KB975467)
    Windows XP セキュリティ更新 (KB975560)
    Windows XP セキュリティ更新 (KB975561)
    Windows XP セキュリティ更新 (KB975562)
    Windows XP セキュリティ更新 (KB975713)
    Windows XP セキュリティ更新 (KB977165)
    Windows XP セキュリティ更新 (KB977816)
    Windows XP セキュリティ更新 (KB977914)
    Windows XP セキュリティ更新 (KB978037)
    Windows XP セキュリティ更新 (KB978251)
    Windows XP セキュリティ更新 (KB978262)
    Windows XP セキュリティ更新 (KB978338)
    Windows XP セキュリティ更新 (KB978542)
    Windows XP セキュリティ更新 (KB978601)
    Windows XP セキュリティ更新 (KB978706)
    Windows XP セキュリティ更新 (KB979309)
    Windows XP セキュリティ更新 (KB979482)
    Windows XP セキュリティ更新 (KB979559)
    Windows XP セキュリティ更新 (KB979683)
    Windows XP セキュリティ更新 (KB979687)
    Windows XP セキュリティ更新 (KB980195)
    Windows XP セキュリティ更新 (KB980218)
    Windows XP セキュリティ更新 (KB980232)
    Windows XP セキュリティ更新 (KB980436)
    Windows XP セキュリティ更新 (KB981322)
    Windows XP セキュリティ更新 (KB981852)
    Windows XP セキュリティ更新 (KB981957)
    Windows XP セキュリティ更新 (KB981997)
    Windows XP セキュリティ更新 (KB982132)
    Windows XP セキュリティ更新 (KB982214)
    Windows XP セキュリティ更新 (KB982665)
    Windows XP セキュリティ更新 (KB982802)
    Windows XP ホットフィックス (KB2158563)
    Windows XP ホットフィックス (KB952287)
    Windows XP ホットフィックス (KB970653-v3)
    Windows XP ホットフィックス (KB976098-v2)
    Windows XP ホットフィックス (KB979306)
    Windows XP ホットフィックス (KB981793)
    Windows XP 更新 (KB2141007)
    Windows XP 更新 (KB2345886)
    Windows XP 更新 (KB951072-v2)
    Windows XP 更新 (KB951978)
    Windows XP 更新 (KB955759)
    Windows XP 更新 (KB955839)
    Windows XP 更新 (KB967715)
    Windows XP 更新 (KB968389)
    Windows XP 更新 (KB971737)
    Windows XP 更新 (KB973687)
    Windows XP 更新 (KB973815)
    WinRAR archiver
    xrecode II 1.0.0.59
    Yahoo! Internet Mail
    Your Uninstaller! 2010
    インテル(R) PROSet/Wireless ソフトウェア
    えいご漬け 改訂版(体験版)
    かざしてログオン
    かざそうFeliCa
    かざポン for VAIO
    かんたん登録2
    サンリオ タイニーパークV
    スクリーンセーバーロック2
    スマート メニュー (Windows Live Toolbar)
    タイピング競馬 体験版
    タブ ブラウズ (Windows Live Toolbar)
    ドラネットキッズ入学準備 体験版
    ドラネット小学一年生 体験版
    パーソナルシェルター
    バイオの設定
    バイオ電子マニュアル
    バイオ電子マニュアル データベース
    はじめよう! ワイヤレスLAN
    ホットスポット・ツール
    みんなでTV電話スタータ
    わが家の家計簿
    一太郎ビューア
    駅すぱあと
    学研電子辞典
    静止画色補正
    大富豪Plus5 体験版
    筆ぐるめ Ver.13

    ==== End Of File ===========================
     
  3. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    The DDS File:

    DDS


    DDS (Ver_10-11-01.01) - NTFSx86
    Run by YUKIKO at 21:51:47.95 on 2010/11/09
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1041.18.502.217 [GMT 11:00]

    AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\JUSTSYSTEM\PersonalShelter\TxVDrvSvc.exe
    C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ICO.EXE
    C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Sony\SetGamma\SetGamma.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\WINDOWS\system32\conime.exe
    C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Alwil Software\Avast5\setup\avast.setup
    C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr

    ============== Pseudo HJT Report ===============

    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uStart Page = hxxp://www.yahoo.co.jp/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: かんたん登録2: {0dd41ae7-6196-42e7-bde5-4f393997449e} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: 1 (0x1) - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: FeliCaブラウザエクステンション: {ec5d2125-d8ab-4a18-a599-d97d2731de19} - c:\program files\sony\felicabrowserextension\fbe.dll
    BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\7.0.517.43\npchrome_frame.dll
    TB: かんたん登録2 ツールバー: {833cfe4e-05bd-43a3-97a7-a4e80d742f0f} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
    TB: &Yahoo!ツールバー: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    TB: {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
    mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
    mRun: [Apoint] c:\program files\apoint\Apoint.exe
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Mouse Suite 98 Daemon] ICO.EXE
    mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
    mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
    mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
    mRun: [IMJPMIG9.0] c:\progra~1\common~1\micros~1\ime\imjp9\IMJPMIG.EXE /Preload /Migration32
    mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
    mRun: [SetGamma] c:\program files\sony\setgamma\SetGamma.exe
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [INPROCOMMWireless] c:\program files\atheros\wireless\utility\WlanUtil.exe
    dRun: [ctfmon.exe] ctfmon.exe
    IE: Google サイドウィキ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - c:\progra~1\yahoo!j\messen~1\YPagerj.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
    Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\7.0.517.43\npchrome_frame.dll
    Handler: msjwwdat - {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - c:\program files\microsoft office\home style\jww\JWWData.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: VESWinlogon - VESWinlogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-11 165584]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-11 17744]
    S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2006-7-10 16194]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-14 38224]
    S3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\qscnusb.sys [2010-8-23 103552]

    =============== Created Last 30 ================

    2010-10-18 12:22:00 -------- d-----w- c:\program files\Lame for Audacity
    2010-10-18 10:56:23 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
    2010-10-18 10:56:23 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
    2010-10-14 09:33:42 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
    2010-10-14 09:33:41 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2010-10-14 09:33:40 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2010-10-14 09:33:19 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
    2010-10-14 09:22:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-10-14 09:21:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-10-14 09:21:57 -------- d-----w- c:\program files\Malwarebytes - Anti-Malware
    2010-10-14 01:12:24 528096 ----a-w- c:\windows\system32\drivers\ar5211.sys
    2010-10-14 01:12:24 28544 ----a-w- c:\windows\system32\drivers\callistx.sys
    2010-10-14 01:12:23 -------- d-----w- c:\program files\Atheros
    2010-10-13 23:23:15 -------- d-----w- c:\docume~1\yukiko\applic~1\URSoft
    2010-10-13 23:23:07 -------- d-----w- c:\program files\Your Uninstaller 2010
    2010-10-13 01:13:14 -------- d-----w- c:\program files\ESET
    2010-10-12 03:56:07 38848 ----a-w- c:\windows\avastSS.scr
    2010-10-11 22:43:25 -------- d-sha-r- C:\cmdcons
    2010-10-11 06:04:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
    2010-10-10 23:17:16 12872 ----a-w- c:\windows\system32\bootdelete.exe
    2010-10-10 22:57:23 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-10-10 22:57:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
    2010-10-10 22:57:11 -------- d-----w- c:\program files\Hitman Pro 3.5
    2010-10-10 13:37:41 -------- d-----w- c:\docume~1\yukiko\applic~1\Malwarebytes
    2010-10-10 13:37:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2010-10-10 13:37:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    ==================== Find3M ====================

    2010-10-04 03:09:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-10-04 03:09:11 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-18 06:53:18 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53:18 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53:18 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-09-18 01:23:20 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-10 05:48:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:47:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:47:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-09-01 11:50:45 285824 ------w- c:\windows\system32\atmfd.dll
    2010-09-01 07:54:49 1852416 ----a-w- c:\windows\system32\win32k.sys
    2010-08-27 08:02:02 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:57:14 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-27 01:43:58 8192 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-08-23 16:11:44 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:44:09 590848 ----a-w- c:\windows\system32\rpcrt4.dll

    ============= FINISH: 21:53:49.64 ===============
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Is this the same system that Broni helped you with here:http://www.techspot.com/vb/topic154680.html

    If it is, I'm going to send a PM to him and let him assist you. It does look like there are more Japanese entries in these logs though.
     
  5. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    Yes this is the same system, noting much has changed. Though now I am not only unable to run malwarebytes (which seemingly didn't get resolved), I am also unable to run GMER.

    It wont run in safe mode nor normal mode, no matter how long I leave it.

    Is there any more steps that I should take?

    The computer system is running very slow and hot.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I have sent Broni a PM and asked him to pick up this thread, since you recently worked with him.
     
  7. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    I'm here :)

    Download SUPERAntiSpyware Free for Home Users:
    http://www.superantispyware.com/


    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
    • Close SUPERAntiSpyware.
    Restart computer in Safe Mode.
    To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

    • Open SUPERAntiSpyware.
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Copy and paste the Scan Log results in your next reply with a new HijackThis log.
    • Click Close to exit the program.

    Post SUPERAntiSpyware log.
     
  8. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    Not sure about this bit as you recommend on the instructions not to use this program? Perhaps an old bit of text you copied and pasted?

    anyway here is the log as per requested, though only tracking cookies were found.

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 11/11/2010 at 12:48 PM

    Application Version : 4.45.1000

    Core Rules Database Version : 5843
    Trace Rules Database Version: 3655

    Scan type : Complete Scan
    Total Scan Time : 00:37:06

    Memory items scanned : 285
    Memory threats detected : 0
    Registry items scanned : 7989
    Registry threats detected : 0
    File items scanned : 23240
    File threats detected : 218

    Adware.Tracking Cookie
    C:\Documents and Settings\YUKIKO\Cookies\yukiko@au.adserver.yahoo[1].txt
    C:\Documents and Settings\YUKIKO\Cookies\yukiko@richmedia.yahoo[1].txt
    .richmedia.yahoo.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .overture.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .overture.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .imrworldwide.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .imrworldwide.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .xiti.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .www7.addfreestats.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .yahoojapan.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .welva.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .wotifcom.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .valueclick.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .videoegg.adbureau.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .valueclick.ne.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .valueclick.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .tracking.keywordmax.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .trackword.biz [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .uk.sitestat.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .tnswvisitnswdev.122.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .sonystylejp.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .sonymarketingjp.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .startspublishing.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .softbankbb.122.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .sonymusic.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statse.webtrendslive.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .spylog.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .stats.paypal.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .sofmap.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .stat.dealtime.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
    .imrworldwide.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .ice.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .rakuten.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .oricon.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .f2network.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .shop.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .shop.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .virginmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .yieldmanager.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .maruivoi.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .avgtechnologies.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .richmedia.yahoo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .questionbox.jp.msn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .questionbox.jp.msn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .msnportal.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .www.hittracker.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .kaspersky.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    statse.webtrendslive.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    s05.flagcounter.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .www.burstnet.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    www.burstnet.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .apmebf.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    user.lucidmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adecn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .d3.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ext-us.bestofmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .xiti.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .adxpose.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .bs.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
     
  9. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Yes, sorry for that :)

    Let's try to fix MBAM.

    1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
    2. Restart your computer (very important).
    3. Download and run this utility.
    4. It will ask to restart your computer (please allow it to).
    5. After the computer restarts, install the latest version from here.
     
  10. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    OK all done.

    Should I attempt a scan? If so in normal mode or safe mode?

    Thankyou
     
  11. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Normal mode would be preferred.
     
     
  12. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    unfortunately the same error message pops up about insufficient memory.

    It appears that MBAM wont work on this laptop.

    What other steps can I take?
     
  13. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  14. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    There were no objects found.

    The log is as follows:

    2010/11/13 11:35:01.0078 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
    2010/11/13 11:35:01.0078 ================================================================================
    2010/11/13 11:35:01.0078 SystemInfo:
    2010/11/13 11:35:01.0078
    2010/11/13 11:35:01.0078 OS Version: 5.1.2600 ServicePack: 3.0
    2010/11/13 11:35:01.0078 Product type: Workstation
    2010/11/13 11:35:01.0078 ComputerName: TOYOMASU
    2010/11/13 11:35:01.0078 UserName: YUKIKO
    2010/11/13 11:35:01.0078 Windows directory: C:\WINDOWS
    2010/11/13 11:35:01.0078 System windows directory: C:\WINDOWS
    2010/11/13 11:35:01.0078 Processor architecture: Intel x86
    2010/11/13 11:35:01.0078 Number of processors: 1
    2010/11/13 11:35:01.0078 Page size: 0x1000
    2010/11/13 11:35:01.0078 Boot type: Normal boot
    2010/11/13 11:35:01.0078 ================================================================================
    2010/11/13 11:35:01.0906 Initialize success
    2010/11/13 11:35:05.0062 ================================================================================
    2010/11/13 11:35:05.0062 Scan started
    2010/11/13 11:35:05.0062 Mode: Manual;
    2010/11/13 11:35:05.0062 ================================================================================
    2010/11/13 11:35:08.0125 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
    2010/11/13 11:35:08.0828 ACPI (7a1cdb2db39841ad75bc7c7f0464efb2) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2010/11/13 11:35:09.0156 ACPIEC (8838eab3a389c0b096ee691130f5c6c3) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    2010/11/13 11:35:09.0468 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2010/11/13 11:35:09.0781 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
    2010/11/13 11:35:10.0171 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    2010/11/13 11:35:11.0515 ApfiltrService (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
    2010/11/13 11:35:12.0234 AR5211 (0314407ea5ecd8b348b82d1c96834f44) C:\WINDOWS\system32\DRIVERS\ar5211.sys
    2010/11/13 11:35:12.0671 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    2010/11/13 11:35:13.0578 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2010/11/13 11:35:13.0843 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
    2010/11/13 11:35:14.0296 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
    2010/11/13 11:35:14.0750 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
    2010/11/13 11:35:14.0843 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
    2010/11/13 11:35:15.0187 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2010/11/13 11:35:15.0359 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2010/11/13 11:35:16.0359 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2010/11/13 11:35:16.0906 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2010/11/13 11:35:17.0156 AWINDIS5 (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS
    2010/11/13 11:35:17.0546 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2010/11/13 11:35:17.0906 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2010/11/13 11:35:18.0359 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    2010/11/13 11:35:18.0625 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2010/11/13 11:35:19.0046 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2010/11/13 11:35:19.0156 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2010/11/13 11:35:19.0531 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    2010/11/13 11:35:20.0218 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    2010/11/13 11:35:21.0421 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2010/11/13 11:35:22.0125 dmboot (d2588be561221dc503eff3b4c49066af) C:\WINDOWS\system32\drivers\dmboot.sys
    2010/11/13 11:35:22.0812 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
    2010/11/13 11:35:23.0562 dmio (88991ec18e8d1e42c59a84d92e342d45) C:\WINDOWS\system32\drivers\dmio.sys
    2010/11/13 11:35:24.0031 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2010/11/13 11:35:24.0234 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2010/11/13 11:35:25.0000 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2010/11/13 11:35:25.0375 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2010/11/13 11:35:25.0578 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    2010/11/13 11:35:25.0875 Fips (225cb09b8c3a59fd177423fbe8d44b02) C:\WINDOWS\system32\drivers\Fips.sys
    2010/11/13 11:35:26.0031 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    2010/11/13 11:35:26.0406 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2010/11/13 11:35:26.0640 FsVga (9dd699bca7c08ca6c42d70b3ccbbb3f7) C:\WINDOWS\system32\DRIVERS\fsvga.sys
    2010/11/13 11:35:26.0859 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2010/11/13 11:35:27.0046 Ftdisk (7b32415cf596fe0306c90b05fe29f325) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2010/11/13 11:35:27.0406 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    2010/11/13 11:35:27.0593 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2010/11/13 11:35:28.0015 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    2010/11/13 11:35:28.0437 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2010/11/13 11:35:28.0593 HSFHWAZL (acc46dda7fece95a253ae88cea172e12) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    2010/11/13 11:35:28.0906 HSF_DPV (c9f4e7da78a02623abf78a4a34ce79b1) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    2010/11/13 11:35:29.0234 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2010/11/13 11:35:29.0625 i8042prt (e2960fb6d8e099be41a33374f3528aeb) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2010/11/13 11:35:29.0890 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    2010/11/13 11:35:30.0187 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2010/11/13 11:35:30.0843 IntcAzAudAddService (8443479648f804445e9dafef0f219231) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    2010/11/13 11:35:32.0484 IntelIde (241595c675ddcce96c6ee4da8fa8f7b8) C:\WINDOWS\system32\DRIVERS\intelide.sys
    2010/11/13 11:35:32.0906 intelppm (2d7d0f3eca9ef18200a7b42e9902b2f8) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2010/11/13 11:35:33.0062 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2010/11/13 11:35:33.0500 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2010/11/13 11:35:33.0687 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2010/11/13 11:35:34.0046 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2010/11/13 11:35:34.0500 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2010/11/13 11:35:34.0968 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2010/11/13 11:35:35.0359 isapnp (232774f529ef6e0b5d94a423de736812) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2010/11/13 11:35:35.0562 Kbdclass (bcfffeba2503a221741bfc49b8253fdc) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2010/11/13 11:35:35.0890 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2010/11/13 11:35:36.0109 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2010/11/13 11:35:36.0718 LEX_AS_NIC_SERVICE_YNOS (39ed22ee60eb121e1e0029e5e5e6f8d8) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
    2010/11/13 11:35:37.0281 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2010/11/13 11:35:37.0750 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    2010/11/13 11:35:38.0046 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2010/11/13 11:35:38.0625 MobileAdapter (83c97f6d9feb37af9d785ac099e41a42) C:\WINDOWS\system32\DRIVERS\qscnusb.sys
    2010/11/13 11:35:38.0828 Modem (60445bf3606095104f66e85723ff2dc8) C:\WINDOWS\system32\drivers\Modem.sys
    2010/11/13 11:35:39.0125 Mouclass (264c4cd6aa9237ce23b79200d5044909) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2010/11/13 11:35:39.0312 mouhid (52a831d0de5d6cc4655642ed13cccd43) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2010/11/13 11:35:39.0500 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2010/11/13 11:35:39.0640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2010/11/13 11:35:40.0031 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2010/11/13 11:35:40.0281 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2010/11/13 11:35:40.0546 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2010/11/13 11:35:40.0640 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2010/11/13 11:35:41.0000 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2010/11/13 11:35:41.0171 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2010/11/13 11:35:41.0437 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    2010/11/13 11:35:41.0656 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2010/11/13 11:35:42.0046 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    2010/11/13 11:35:42.0187 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2010/11/13 11:35:42.0375 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    2010/11/13 11:35:42.0578 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2010/11/13 11:35:42.0718 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2010/11/13 11:35:43.0000 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2010/11/13 11:35:43.0187 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
    2010/11/13 11:35:43.0453 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2010/11/13 11:35:43.0546 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2010/11/13 11:35:43.0750 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    2010/11/13 11:35:44.0046 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2010/11/13 11:35:44.0281 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2010/11/13 11:35:44.0750 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2010/11/13 11:35:44.0890 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2010/11/13 11:35:45.0062 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2010/11/13 11:35:45.0281 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
    2010/11/13 11:35:45.0359 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
    2010/11/13 11:35:45.0515 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
    2010/11/13 11:35:45.0609 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    2010/11/13 11:35:45.0750 Parport (bff867941573da75b046f0dfab96ca59) C:\WINDOWS\system32\drivers\Parport.sys
    2010/11/13 11:35:45.0843 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2010/11/13 11:35:45.0953 ParVdm (acd12767f76bb6e7109fe17b00823543) C:\WINDOWS\system32\drivers\ParVdm.sys
    2010/11/13 11:35:46.0078 PCI (dc51fa93029662b7b42d41a8d0750c0e) C:\WINDOWS\system32\DRIVERS\pci.sys
    2010/11/13 11:35:46.0406 PCIIde (72d152abf38eb26671488f9ba23c78a8) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2010/11/13 11:35:46.0671 Pcmcia (2bd31d5e6c7100d795eec72ac4feac14) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    2010/11/13 11:35:47.0265 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    2010/11/13 11:35:47.0484 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2010/11/13 11:35:47.0593 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2010/11/13 11:35:47.0656 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2010/11/13 11:35:47.0843 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2010/11/13 11:35:48.0843 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2010/11/13 11:35:49.0171 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2010/11/13 11:35:49.0359 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2010/11/13 11:35:49.0718 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2010/11/13 11:35:49.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2010/11/13 11:35:50.0359 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2010/11/13 11:35:50.0593 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2010/11/13 11:35:50.0937 redbook (c5927f08f38a8da6ce16b2d1017d8782) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2010/11/13 11:35:51.0296 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
    2010/11/13 11:35:51.0625 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    2010/11/13 11:35:51.0953 s24trans (2862adb14481ac28f98105ff33a99eb0) C:\WINDOWS\system32\DRIVERS\s24trans.sys
    2010/11/13 11:35:52.0234 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    2010/11/13 11:35:52.0296 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    2010/11/13 11:35:52.0812 sdcplh (b7ea2f12416693d2d9bffaaa5eff7037) C:\WINDOWS\system32\drivers\sdcplh.sys
    2010/11/13 11:35:53.0062 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2010/11/13 11:35:53.0421 Serial (32be213745551fb893713308a28e832e) C:\WINDOWS\system32\drivers\Serial.sys
    2010/11/13 11:35:53.0796 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
    2010/11/13 11:35:54.0671 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    2010/11/13 11:35:55.0296 SNC (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
    2010/11/13 11:35:55.0578 Sonyddpu (a19dfbf3213d9dd74941910458db6c81) C:\WINDOWS\system32\Drivers\Sonyddpu.sys
    2010/11/13 11:35:55.0968 SonyImgF (c483fc0add8b074286600b9620ef2c16) C:\WINDOWS\system32\DRIVERS\SonyImgF.sys
    2010/11/13 11:35:56.0593 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
    2010/11/13 11:35:57.0109 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2010/11/13 11:35:57.0265 sr (293f6452dbbd46d37bd0e1274dbe227e) C:\WINDOWS\system32\DRIVERS\sr.sys
    2010/11/13 11:35:57.0640 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    2010/11/13 11:35:57.0859 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    2010/11/13 11:35:58.0046 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2010/11/13 11:35:58.0187 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2010/11/13 11:35:58.0812 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2010/11/13 11:35:59.0265 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2010/11/13 11:35:59.0531 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2010/11/13 11:35:59.0812 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2010/11/13 11:35:59.0890 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2010/11/13 11:36:00.0046 tifmsony (2cfe4945e30455e5ad692ffa8593297f) C:\WINDOWS\system32\drivers\tifmsony.sys
    2010/11/13 11:36:00.0562 TxVDrv (e34f3611fe41b53c197d6c5901b8de6f) C:\WINDOWS\system32\drivers\TxVDrv.sys
    2010/11/13 11:36:00.0765 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2010/11/13 11:36:01.0171 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2010/11/13 11:36:01.0531 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2010/11/13 11:36:01.0765 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    2010/11/13 11:36:02.0093 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2010/11/13 11:36:02.0328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2010/11/13 11:36:02.0671 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2010/11/13 11:36:02.0828 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2010/11/13 11:36:03.0203 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2010/11/13 11:36:03.0718 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2010/11/13 11:36:04.0078 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2010/11/13 11:36:04.0468 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    2010/11/13 11:36:04.0812 usbvm321 (f9d550545afec1d581d2539f3488c4cd) C:\WINDOWS\system32\Drivers\usbvm321.sys
    2010/11/13 11:36:05.0500 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2010/11/13 11:36:05.0937 VolSnap (72a85441a8285ef8af2794c42d87935f) C:\WINDOWS\system32\drivers\VolSnap.sys
    2010/11/13 11:36:06.0796 w29n51 (68eb5bc07781a36a63633541c11e1ad6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
    2010/11/13 11:36:07.0140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2010/11/13 11:36:07.0296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2010/11/13 11:36:07.0546 winachsf (c1d5cbd8aa0d674da1ba1bb189696396) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    2010/11/13 11:36:07.0828 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    2010/11/13 11:36:08.0015 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    2010/11/13 11:36:08.0093 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2010/11/13 11:36:10.0890 ================================================================================
    2010/11/13 11:36:10.0890 Scan finished
    2010/11/13 11:36:10.0890 ================================================================================


    Thanks Broni :)
     
  15. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.pif
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
  16. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    ComboFix 10-11-12.01 - YUKIKO 2010/11/13 13:57:22.4.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1041.18.502.305 [GMT 11:00]
    Running from: c:\documents and settings\YUKIKO\デスクトップ\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    ((((((((((((((((((((((((( Files Created from 2010-10-13 to 2010-11-13 )))))))))))))))))))))))))))))))
    .

    2010-11-11 05:55 . 2010-04-29 04:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-11-11 05:55 . 2010-11-11 05:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-11 05:55 . 2010-04-29 04:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\documents and settings\YUKIKO\Application Data\SUPERAntiSpyware.com
    2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\program files\SUPERAntiSpyware
    2010-11-10 00:19 . 2010-11-10 00:21 -------- d-----w- c:\documents and settings\Administrator
    2010-10-18 12:22 . 2010-10-18 12:22 -------- d-----w- c:\program files\Lame for Audacity
    2010-10-18 10:56 . 2008-04-13 16:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
    2010-10-18 10:56 . 2008-04-13 16:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
    2010-10-14 09:33 . 2010-09-18 06:53 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
    2010-10-14 09:33 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
    2010-10-14 09:33 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
    2010-10-14 09:33 . 2010-08-23 16:11 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-10-13 05:19 . 2010-10-10 22:57 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2010-10-10 23:17 . 2010-10-10 23:17 12872 ----a-w- c:\windows\system32\bootdelete.exe
    2010-10-10 02:30 . 2010-10-10 02:30 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
    2010-10-04 03:09 . 2010-10-04 03:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-10-04 03:09 . 2010-10-04 03:09 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-18 06:53 . 2006-07-10 04:54 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53 . 2006-07-10 04:54 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53 . 2006-07-10 04:54 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-09-18 01:23 . 2006-07-10 04:54 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-10 05:48 . 2006-07-10 04:54 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:47 . 2006-07-10 04:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:47 . 2006-07-10 04:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-09-01 11:50 . 2006-07-10 04:53 285824 ------w- c:\windows\system32\atmfd.dll
    2010-09-01 07:54 . 2009-01-01 17:10 1852416 ----a-w- c:\windows\system32\win32k.sys
    2010-08-27 08:02 . 2006-07-10 04:54 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:57 . 2009-01-01 17:10 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-27 01:43 . 2008-05-04 22:25 8192 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-08-26 13:39 . 2009-01-01 17:09 357248 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-08-23 16:11 . 2009-01-01 17:10 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17 . 2006-07-10 04:54 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:44 . 2006-07-10 04:54 590848 ----a-w- c:\windows\system32\rpcrt4.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
    "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-08-05 94208]
    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-08-05 77824]
    "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-08-05 114688]
    "RTHDCPL"="RTHDCPL.EXE" [2005-08-09 14743552]
    "Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
    "SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 184320]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
    "IMJPMIG9.0"="c:\progra~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE" [2007-04-19 125792]
    "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]
    "SetGamma"="c:\program files\Sony\SetGamma\SetGamma.exe" [2005-08-10 94208]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="ctfmon.exe" [2008-04-14 15360]

    c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
    E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
    VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

    c:\documents and settings\Administrator\スタート メニュー\プログラム\スタートアップ\
    E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
    VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

    c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
    E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
    VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

    c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
    E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
    VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

    c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
    E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
    VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
    2006-03-09 05:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
    Ime File REG_SZ imjp9.ime

    [HKLM\~\startupfolder\C:^Documents and Settings^YUKIKO^スタート メニュー^プログラム^スタートアップ^Yahoo! Widget Engine.lnk]
    path=c:\documents and settings\YUKIKO\スタート メニュー\プログラム\スタートアップ\Yahoo! Widget Engine.lnk
    backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^YUKIKO^スタート メニュー^プログラム^スタートアップ^かざそうFeliCa.lnk]
    path=c:\documents and settings\YUKIKO\スタート メニュー\プログラム\スタートアップ\かざそうFeliCa.lnk
    backup=c:\windows\pss\かざそうFeliCa.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2010-09-20 12:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
    2005-06-30 07:50 57344 ----a-w- c:\program files\Adobe\Photoshop Album Mini\3.0\Apps\apdproxy.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2010-09-22 17:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
    2005-06-11 10:51 53248 ----a-w- c:\program files\Realtek\InstallShield\AzMixerSel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2009-03-27 03:28 133104 ----atw- c:\documents and settings\YUKIKO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro35]
    2010-10-13 05:19 6238016 ----a-w- c:\program files\Hitman Pro 3.5\HitmanPro35.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
    2008-04-14 02:26 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
    2004-02-20 05:12 32768 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2010-02-15 09:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NoteBurner]
    2008-08-03 23:13 4354048 ----a-w- c:\program files\NoteBurner\VTBurnerGUI.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2009-11-10 14:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2010-09-02 05:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Network]
    2003-07-29 12:30 163840 ----a-w- c:\program files\Sony\Smart Network\BeServe.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
    2007-12-17 02:20 476448 ----a-w- c:\progra~1\Sony\SONICS~1\SSAAD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2010-03-13 12:10 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 5]
    2010-04-07 23:45 1459568 ----a-w- c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2007-01-08 11:38 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
    "c:\\Program Files\\Adobe\\Photoshop Album Mini\\3.0\\Apps\\Photoshop Album Starter Edition.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    "c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
    "c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "2541:TCP"= 2541:TCP:lmzdxmfc

    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2010/02/18 5:25 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010/05/11 5:41 67656]
    R1 TxVDrv;TxVDrv;c:\windows\system32\drivers\TxVDrv.sys [2005/10/13 2:40 22272]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010/11/13 13:40 135336]
    R2 TxVDrvSvc;TXVDrv Service;c:\program files\Justsystem\PersonalShelter\TxVDrvSvc.exe [2005/10/13 2:40 45056]
    R3 Sonyddpu;Sony FeliCa Reader/Writer;c:\windows\system32\drivers\Sonyddpu.sys [2006/07/10 15:55 49664]
    R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2006/07/10 15:55 30080]
    S2 gupdate1c9f282e893c17c;Google アップデート サービス (gupdate1c9f282e893c17c);c:\program files\Google\Update\GoogleUpdate.exe [2009/06/22 2:13 133104]
    S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2006/07/10 17:08 16194]
    S3 BeService;Smart Network Service;c:\program files\Sony\Smart Network\BeService.exe [2005/10/13 2:43 77824]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010/11/11 16:55 38224]
    S3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\qscnusb.sys [2010/08/23 11:53 103552]
    S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010/01/17 19:24 722288]

    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - ANTIVIRSCHEDULERSERVICE
    *NewlyCreated* - ANTIVIRSERVICE
    *NewlyCreated* - AVGIO
    *NewlyCreated* - AVGNTFLT
    *NewlyCreated* - AVIPBB
    .
    Contents of the 'Scheduled Tasks' folder

    2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 15:13]

    2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 15:13]

    2010-11-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 13:09]

    2010-10-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 13:09]

    2010-11-13 c:\windows\Tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 19:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uStart Page = hxxp://www.yahoo.co.jp/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
    IE: Google サイドウィキ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - c:\progra~1\Yahoo!J\MESSEN~1\YPagerj.exe
    Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
    Handler: msjwwdat - {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - c:\program files\Microsoft Office\Home Style\JWW\JWWData.dll
    .
    - - - - ORPHANS REMOVED - - - -

    HKLM-Run-INPROCOMMWireless - c:\program files\Atheros\Wireless\Utility\WlanUtil.exe
    MSConfigStartUp-Messenger (Yahoo!) - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
    MSConfigStartUp-Skype for Outlook Express - c:\program files\Skype\toolbars\Skype for Outlook Express\SkypeOE.exe
    MSConfigStartUp-Skype for Outlook Expresss helper - c:\program files\Skype\toolbars\Skype for Outlook Express\SkypeOE.exe
    MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_07\bin\jusched.exe
    MSConfigStartUp-Yahoo! Pager - c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
    AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-11-13 14:05
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\.Default\AppEvents\Schemes\Apps\Conf\*・^\.Current]
    @="c:\\Program Files\\NetMeeting\\Blip.wav"

    [HKEY_USERS\LocalService\AppEvents\Schemes\Apps\Conf\*・^\.Current]
    @="c:\\Program Files\\NetMeeting\\Blip.wav"

    [HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Conf\*・^\.Current]
    @="c:\\Program Files\\NetMeeting\\Blip.wav"

    [HKEY_USERS\S-1-5-21-2665302396-3341232491-1889479886-1008\AppEvents\Schemes\Apps\Conf\*・^\.Current]
    @="c:\\Program Files\\NetMeeting\\Blip.wav"

    [HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*ウ0・ン0・ヘ0・ネ0\CLSID]
    @="{809B6661-94C4-49E6-B6EC-3F0F862215AA}"

    [HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*ウ0・ン0・ヘ0・ネ0\CurVer]
    @="BDATuner.コンポーネント.1"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\「0・、0・ケ0ネ0・・n0ミ0テ0ッ0「0テ0ラ0 *、0・・ク0]
    @="{67cf8cbd-e5c0-44f7-9de5-e1d599d626d8}"
    "Description"="このバージョンの Windows をアンインストールして前のオペレーティング システムに戻る場合は、これらのファイルが必要です。"
    "Display"="前のオペレーティング システムのバックアップ ファイル"
    "IconPath"=expand:"%SystemRoot%\\system32\\osuninst.EXE,0"

    [HKEY_LOCAL_MACHINE\software\UNBALANCE\ソ0、0ヤ0・ー0ャ・*SO唏r]
    "Install"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpertLandMarkDLL]
    "LandMarkPath"="c:\\Program Files\\ExpWin32\\"

    [HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpertMapDLL]
    "MapBasePath"="c:\\Program Files\\ExpWin32\\Map\\"

    [HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpLibDLL]
    "knbFilePath"="c:\\Program Files\\ExpWin32\\Knb\\"
    "knbFileName"="JPWIN"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(584)
    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    c:\windows\system32\VESWinlogon.dll
    c:\windows\system32\imjp9.ime
    c:\windows\system32\imjp9k.dll

    - - - - - - - > 'explorer.exe'(2156)
    c:\windows\system32\imjp9.ime
    c:\windows\system32\imjp9k.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    c:\program files\Microsoft Office\OFFICE11\msohev.dll
    .
    Completion time: 2010-11-13 14:09:41
    ComboFix-quarantined-files.txt 2010-11-13 03:09

    Pre-Run: 4,813,000,704 バイトの空き領域
    Post-Run: 4,785,111,040 バイトの空き領域

    - - End Of File - - 479C5B42D0B9C7CD8205E58E50A50AA1
     
  17. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    So far, all looks good :)

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  18. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    Hello again Broni, the computer is behaving very erratically. The windows xp explorer is freezing and has crashed completely on a couple of occasions. The computer is still running very hot, and OTL has failed to run twice, both times just stopping for an extended period with no insufficient memory warning coming up.

    I am running the OTL again, hopefully this time it will work, though if it doesn't can I run it it safe mode?

    edit: The crashes have now escalated to chrome and it is coming up with a strange message, i try and screen cap it but once it appears the whole system has frozen.
     
  19. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    So far, we didn't see anything malicious.
    You may have some other issues.

    Download System Information for Windows (SIW free version)
    No installation required.

    After it scans your computer, navigate to Hardware>Sensors and post all info from there.

    [​IMG]
     
  20. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    OTL logfile created on: 2010/11/14 16:22:28 - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\YUKIKO\デスクトップ
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

    502.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
    1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
    Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 37.26 Gb Total Space | 4.45 Gb Free Space | 11.95% Space Free | Partition Type: NTFS
    Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.07% Space Free | Partition Type: NTFS

    Computer Name: TOYOMASU | User Name: YUKIKO | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
    PRC - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/08/02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/03/13 23:10:57 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    PRC - [2008/04/14 13:26:11 | 001,027,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008/04/14 13:26:08 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
    PRC - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    PRC - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    PRC - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    PRC - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
    PRC - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    PRC - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    PRC - [2005/12/27 15:58:10 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
    PRC - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe
    PRC - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    PRC - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    PRC - [2005/08/10 22:24:48 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SetGamma\SetGamma.exe
    PRC - [2005/08/05 12:56:58 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
    PRC - [2004/11/17 22:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
    PRC - [2004/08/19 11:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
    PRC - [2002/03/14 18:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
    MOD - [2010/08/24 03:11:42 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    MOD - [2007/05/10 15:42:30 | 000,851,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9K.DLL
    MOD - [2007/03/22 21:17:42 | 000,482,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9.IME


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/04/08 10:45:58 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
    SRV - [2007/12/17 13:20:56 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SsBeSvc.exe -- (SonicStage Back-End Service)
    SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SPTISRV.exe -- (SPTISRV)
    SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\MSCSPTISRV.exe -- (MSCSPTISRV)
    SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\PACSPTISVR.exe -- (PACSPTISVR)
    SRV - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
    SRV - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
    SRV - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
    SRV - [2006/06/13 10:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
    SRV - [2006/06/09 22:11:40 | 000,417,792 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler)
    SRV - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
    SRV - [2006/06/07 11:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
    SRV - [2006/05/18 12:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
    SRV - [2006/05/18 12:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
    SRV - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
    SRV - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
    SRV - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) [Auto | Running] -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe -- (TxVDrvSvc)
    SRV - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
    SRV - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
    SRV - [2005/11/25 15:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
    SRV - [2005/07/14 21:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
    SRV - [2003/07/10 19:45:32 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Smart Network\BeService.exe -- (BeService)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\YUKIKO\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - [2010/08/02 16:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
    DRV - [2010/08/02 16:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
    DRV - [2010/05/11 05:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2010/02/18 05:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/04/22 17:54:15 | 000,103,552 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qscnusb.sys -- (MobileAdapter)
    DRV - [2008/04/14 05:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
    DRV - [2008/04/14 03:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB オーディオ ドライバ (WDM)
    DRV - [2008/04/14 03:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) Microsoft UAA バス ドライバ (High Definition Audio 用)
    DRV - [2007/02/28 16:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
    DRV - [2006/11/15 08:00:58 | 000,528,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
    DRV - [2006/08/02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
    DRV - [2006/06/29 21:49:38 | 002,206,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Windows XP 用 インテル(R)
    DRV - [2006/05/02 23:46:28 | 000,022,272 | ---- | M] (Texim Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TxVDrv.sys -- (TxVDrv)
    DRV - [2006/03/06 20:39:00 | 000,030,080 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
    DRV - [2005/11/30 13:38:50 | 000,232,448 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm321.sys -- (usbvm321)
    DRV - [2005/10/18 18:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
    DRV - [2005/10/18 18:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
    DRV - [2005/10/18 18:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2005/08/09 18:43:46 | 003,855,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2005/06/24 15:11:12 | 000,040,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sdcplh.sys -- (sdcplh)
    DRV - [2005/03/24 18:26:20 | 000,049,664 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sonyddpu.sys -- (Sonyddpu)
    DRV - [2005/03/04 13:10:00 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
    DRV - [2005/01/04 22:24:44 | 000,394,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
    DRV - [2004/12/06 13:26:06 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
    DRV - [2004/11/22 15:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2004/08/05 23:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
    DRV - [2004/08/05 23:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
    DRV - [2004/08/05 23:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
    DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
    DRV - [2002/04/11 19:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)
    DRV - [2000/12/05 18:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
    DRV - [2000/11/09 21:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://my.yahoo.co.jp/ [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.jp/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
    FF - prefs.js..network.proxy.autoconfig_url: ""
    FF - prefs.js..network.proxy.ftp: ""
    FF - prefs.js..network.proxy.ftp_port: ""
    FF - prefs.js..network.proxy.gopher: ""
    FF - prefs.js..network.proxy.gopher_port: ""
    FF - prefs.js..network.proxy.http: ""
    FF - prefs.js..network.proxy.http_port: ""
    FF - prefs.js..network.proxy.no_proxies_on: ""
    FF - prefs.js..network.proxy.share_proxy_settings: ""
    FF - prefs.js..network.proxy.socks: ""
    FF - prefs.js..network.proxy.socks_port: ""
    FF - prefs.js..network.proxy.ssl: ""
    FF - prefs.js..network.proxy.ssl_port: ""


    [2010/05/10 21:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions
    [2008/07/06 00:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/10/14 10:07:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
    [2010/10/14 10:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/10/04 14:09:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/10/04 14:09:12 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

    O1 HOSTS File: ([2010/10/12 16:16:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (かんたん登録2) - {0DD41AE7-6196-42E7-BDE5-4F393997449E} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O2 - BHO: (FeliCaブラウザエクステンション) - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll (Sony Corp.)
    O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\7.0.517.44\npchrome_frame.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (かんたん登録2 ツールバー) - {833CFE4E-05BD-43A3-97A7-A4E80D742F0F} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
    O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\ShellBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\IMKR6_1\imekrmig.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
    O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
    O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
    O4 - HKLM..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe (Sony Corporation)
    O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
    O9 - Extra 'Tools' menuitem : Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
    O18 - Protocol\Handler\cf - No CLSID value found
    O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\7.0.517.44\npchrome_frame.dll (Google Inc.)
    O18 - Protocol\Handler\msjwwdat {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
    O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
    O24 - Desktop Components:0 (現在のホーム ページ) - About:Home
    O24 - Desktop WallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/07/10 16:09:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (56871556046913536)

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/11/14 13:14:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
    [2010/11/13 13:54:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
    [2010/11/13 13:54:17 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
    [2010/11/13 13:54:17 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
    [2010/11/13 13:54:17 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
    [2010/11/13 13:40:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
    [2010/11/13 13:40:45 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
    [2010/11/13 13:40:45 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
    [2010/11/13 13:40:45 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
    [2010/11/13 13:40:45 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
    [2010/11/13 13:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
    [2010/11/13 13:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
    [2010/11/13 13:08:15 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/11/13 11:34:56 | 001,330,776 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YUKIKO\デスクトップ\TDSSKiller.exe
    [2010/11/11 16:55:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2010/11/11 16:55:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2010/11/11 16:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2010/11/11 12:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\Application Data\SUPERAntiSpyware.com
    [2010/11/11 12:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    [2010/11/11 12:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/11/02 21:52:24 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC (1).exe
    [2010/10/18 23:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
    [2010/10/18 23:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\デスクトップ\Audacity

    ========== Files - Modified Within 30 Days ==========

    [2010/11/14 16:25:00 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job
    [2010/11/14 16:17:19 | 000,000,688 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2010/11/14 16:17:19 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
    [2010/11/14 16:17:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2010/11/14 16:17:11 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
    [2010/11/14 15:05:00 | 000,000,692 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
    [2010/11/13 13:11:26 | 000,003,009 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2010/11/13 13:07:07 | 003,908,597 | R--- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
    [2010/11/13 11:34:28 | 001,215,581 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\tdsskiller.zip
    [2010/11/13 11:30:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2010/11/11 16:43:57 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\mbam-clean.exe
    [2010/11/08 10:55:10 | 001,330,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YUKIKO\デスクトップ\TDSSKiller.exe
    [2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
    [2010/11/03 01:02:51 | 000,623,616 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
    [2010/11/03 01:01:22 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\56v9wdyi.exe
    [2010/11/02 21:52:25 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC (1).exe
    [2010/11/01 14:34:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing task2 rich nations and poor nations.doc
    [2010/10/31 23:02:01 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
    [2010/10/31 22:43:50 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Passenger railway journeys.doc
    [2010/10/31 20:32:02 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Microsoft Office Word 2003.lnk
    [2010/10/31 13:31:14 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task2 Media.doc
    [2010/10/30 14:19:34 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 reused rain water.doc
    [2010/10/22 19:04:40 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Shopping centre.doc
    [2010/10/19 11:11:27 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 P2 Japanese tourists.doc
    [2010/10/19 11:10:53 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Hydro-electric power.doc
    [2010/10/17 13:17:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 P2 Japanese tourists.doc
    [2010/10/17 13:16:40 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 Hydro-electric power.doc

    ========== Files Created - No Company Name ==========

    [2010/11/13 13:54:17 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2010/11/13 13:54:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2010/11/13 13:54:17 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2010/11/13 13:54:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2010/11/13 13:54:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2010/11/13 13:07:07 | 003,908,597 | R--- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
    [2010/11/13 11:34:13 | 001,215,581 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\tdsskiller.zip
    [2010/11/11 16:43:57 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\mbam-clean.exe
    [2010/11/11 16:25:02 | 526,569,472 | -HS- | C] () -- C:\hiberfil.sys
    [2010/11/03 01:05:42 | 000,294,912 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\56v9wdyi.exe
    [2010/11/03 01:02:51 | 000,623,616 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
    [2010/11/01 00:40:05 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing task2 rich nations and poor nations.doc
    [2010/10/31 21:19:24 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Passenger railway journeys.doc
    [2010/10/30 23:44:52 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task2 Media.doc
    [2010/10/29 23:58:20 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 reused rain water.doc
    [2010/10/22 17:39:34 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Shopping centre.doc
    [2010/10/17 13:17:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 P2 Japanese tourists.doc
    [2010/10/17 13:16:40 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 Hydro-electric power.doc
    [2010/10/15 16:44:52 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Hydro-electric power.doc
    [2010/10/11 09:57:23 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
    [2010/08/01 23:36:41 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/06/10 00:23:58 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
    [2008/01/26 23:56:28 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
    [2007/12/28 18:03:22 | 000,000,057 | ---- | C] () -- C:\WINDOWS\NWDECDU.INI
    [2007/12/28 18:02:34 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdcplh.sys
    [2007/12/10 00:32:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
    [2007/06/26 16:14:24 | 000,000,134 | ---- | C] () -- C:\WINDOWS\Readiris.ini
    [2007/06/26 16:14:18 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
    [2007/03/16 20:01:04 | 000,004,628 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
    [2007/01/15 17:24:09 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\dm.ini
    [2007/01/15 17:24:08 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\AdobeDLM.log
    [2006/10/14 03:01:41 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
    [2006/09/25 03:54:32 | 000,152,576 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2006/09/24 13:53:54 | 000,003,364 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    [2006/09/17 18:37:04 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\fusioncache.dat
    [2006/07/11 12:57:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2006/07/11 11:52:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
    [2006/07/11 11:52:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
    [2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
    [2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
    [2006/07/11 11:52:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
    [2006/07/11 11:52:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
    [2006/07/10 17:08:48 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
    [2006/07/10 16:23:19 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2006/07/10 16:02:41 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2006/07/10 15:54:57 | 000,002,144 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2006/07/10 15:54:43 | 000,065,392 | ---- | C] () -- C:\WINDOWS\System32\msimek.sys
    [2006/07/10 15:54:43 | 000,054,700 | ---- | C] () -- C:\WINDOWS\System32\$ias.sys
    [2006/07/10 15:54:43 | 000,044,496 | ---- | C] () -- C:\WINDOWS\System32\msimei.sys
    [2006/07/10 15:54:43 | 000,042,841 | ---- | C] () -- C:\WINDOWS\System32\key02.sys
    [2006/07/10 15:54:43 | 000,042,633 | ---- | C] () -- C:\WINDOWS\System32\keyax.sys
    [2006/07/10 15:54:43 | 000,039,808 | ---- | C] () -- C:\WINDOWS\System32\msime.sys
    [2006/07/10 15:54:43 | 000,027,956 | ---- | C] () -- C:\WINDOWS\System32\appsicon.dll
    [2006/07/10 15:54:43 | 000,020,688 | ---- | C] () -- C:\WINDOWS\System32\$disp.sys
    [2006/07/10 15:54:43 | 000,013,597 | ---- | C] () -- C:\WINDOWS\System32\msimed.sys
    [2006/07/10 15:54:43 | 000,004,701 | ---- | C] () -- C:\WINDOWS\System32\kkcfunc.sys
    [2006/07/10 15:54:43 | 000,004,125 | ---- | C] () -- C:\WINDOWS\System32\$prnescp.sys
    [2006/07/10 15:54:43 | 000,002,990 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys
    [2006/07/10 15:54:43 | 000,000,901 | ---- | C] () -- C:\WINDOWS\System32\ntfont.sys
    [2006/07/10 15:54:43 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys
    [2006/07/10 15:54:07 | 000,229,088 | ---- | C] () -- C:\WINDOWS\System32\lanman.drv
    [2006/07/05 12:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2005/10/13 03:16:19 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\IMX.DLL
    [2005/10/13 03:03:04 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2005/10/13 02:52:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
    [2005/10/13 02:51:41 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
    [2005/10/13 02:43:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
    [2005/10/13 02:41:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
    [2005/10/13 02:38:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fsslckhk.dll
    [2003/09/18 15:22:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\AmiJapanDataPilotUninstSupport.dll
    [2003/04/03 14:00:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\VSPpg8.dll
    [2003/02/19 17:36:06 | 000,005,099 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

    ========== LOP Check ==========

    [2010/11/13 13:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
    [2005/10/13 02:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FujisoftABC
    [2010/10/11 10:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
    [2005/10/13 02:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JUSTSYSTEM
    [2010/10/08 19:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
    [2005/10/13 02:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MEGASOFT
    [2010/10/14 19:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
    [2010/03/28 18:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    [2009/08/02 05:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    [2008/10/26 23:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Audacity
    [2006/10/24 18:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Fujitsu
    [2007/03/07 20:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\InterVideo
    [2008/03/22 02:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\ivivo
    [2006/10/24 18:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Justsystem
    [2006/10/15 03:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Leadertech
    [2008/02/04 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MEGASOFT
    [2006/09/19 22:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MSNInstaller
    [2007/08/06 21:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\s-woman_ticker
    [2010/08/25 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\UNBALANCE
    [2010/10/14 10:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\URSoft
    [2010/11/14 16:25:00 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job

    ========== Purity Check ==========



    ========== Custom Scans ==========
     
  21. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    < %SYSTEMDRIVE%\*.* >
    [2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
    [2009/05/24 15:22:35 | 000,000,210 | ---- | M] () -- C:\Boot.bak
    [2010/10/14 11:19:54 | 000,000,327 | RHS- | M] () -- C:\boot.ini
    [2004/08/05 23:00:00 | 000,132,398 | RHS- | M] () -- C:\bootfont.bin
    [2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
    [2010/11/13 14:09:43 | 000,019,110 | ---- | M] () -- C:\ComboFix.txt
    [2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
    [2010/11/14 16:17:11 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
    [2006/10/14 03:01:48 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
    [2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [2010/10/13 11:29:59 | 000,008,193 | ---- | M] () -- C:\JavaRa.log
    [2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2004/08/05 23:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
    [2009/05/18 23:14:38 | 000,260,800 | RHS- | M] () -- C:\ntldr
    [2010/11/14 16:17:09 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
    [2008/08/21 21:27:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
    [2008/08/21 22:43:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
    [2008/08/25 19:00:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
    [2009/01/05 01:58:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
    [2009/08/01 01:31:25 | 000,000,280 | -H-- | M] () -- C:\sqmdata04.sqm
    [2010/05/25 22:13:22 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
    [2010/05/25 22:13:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
    [2010/05/25 22:14:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
    [2010/05/25 22:14:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
    [2010/05/25 22:14:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
    [2010/05/25 22:14:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
    [2010/05/25 22:15:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
    [2010/05/25 22:16:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
    [2010/05/25 22:16:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
    [2010/05/25 22:16:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
    [2010/05/25 22:17:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
    [2008/08/01 19:54:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
    [2008/08/02 03:43:09 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
    [2008/08/03 20:44:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
    [2008/08/09 18:07:51 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
    [2008/08/21 21:27:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
    [2008/08/21 22:43:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
    [2008/08/25 19:00:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
    [2009/01/05 01:58:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
    [2009/08/01 01:31:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
    [2010/05/25 22:13:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
    [2010/05/25 22:13:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
    [2010/05/25 22:14:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
    [2010/05/25 22:14:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
    [2010/05/25 22:14:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
    [2010/05/25 22:14:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
    [2010/05/25 22:15:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
    [2010/05/25 22:16:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
    [2010/05/25 22:16:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
    [2010/05/25 22:16:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
    [2010/05/25 22:17:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
    [2008/08/01 19:54:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
    [2008/08/02 03:43:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
    [2008/08/03 20:44:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
    [2008/08/09 18:07:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
    [2010/11/13 11:38:33 | 000,042,668 | ---- | M] () -- C:\TDSSKiller.2.4.7.0_13.11.2010_11.35.01_log.txt
    [2001/05/24 14:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
    [2007/09/14 15:41:49 | 000,000,158 | ---- | M] () -- C:\YServer.txt

    < %systemroot%\Fonts\*.com >

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2006/07/10 16:09:04 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
    [14 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2007/04/09 15:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >
    [2010/10/10 14:38:05 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\LastFlashConfig.WFC

    < %PROGRAMFILES%\*.* >

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2006/07/11 01:00:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
    [2006/07/11 01:00:34 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
    [2006/07/11 01:00:33 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2006/09/17 18:37:21 | 000,000,125 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
    [2006/07/10 16:12:56 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\デスクトップの表示.scf

    < %USERPROFILE%\Desktop\*.exe >

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2006/09/17 18:37:20 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Favorites\Desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

    < dir /b "%systemroot%\*.exe" | find /i " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >
    [2009/05/24 15:04:24 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\desktop.ini
    [2010/11/14 16:17:15 | 000,573,440 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\index.dat

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >
    [2007/06/27 16:11:12 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

    < %SYSTEMROOT%\Installer\*.exe >
    [2006/08/02 01:29:44 | 000,577,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >
    [2008/04/14 13:25:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
    [2004/08/04 03:08:58 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
    [2004/08/04 03:08:58 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
    [2008/05/03 01:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
    [2008/04/14 04:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
    [2008/04/14 13:26:19 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
    [2004/08/04 03:08:58 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
    [2004/08/04 03:08:58 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
    [2004/08/04 03:08:58 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
    [2004/08/04 03:08:58 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
    [2004/08/04 03:08:58 | 000,140,919 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm
    [1 C:\Program Files\Messenger\*.tmp files -> C:\Program Files\Messenger\*.tmp -> ]

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

    < End of report >
     
  22. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    OTL Extras logfile created on: 2010/11/14 16:22:28 - Run 1
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\YUKIKO\デスクトップ
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

    502.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
    1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
    Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 37.26 Gb Total Space | 4.45 Gb Free Space | 11.95% Space Free | Partition Type: NTFS
    Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.07% Space Free | Partition Type: NTFS

    Computer Name: TOYOMASU | User Name: YUKIKO | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22008
    "2541:TCP" = 2541:TCP:*:Enabled:lmzdxmfc

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
    "C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe" = C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe:*:Enabled:Adobe Photoshop Album Mini 3.0 -- (Adobe Systems Incorporated)
    "C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
    "C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
    "{05257AC0-DD20-11D2-AC05-0000F4ADD897}" = HD革命/BackUp (バンドル版)
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
    "{08E55380-1517-4A89-B1FA-CCE7E9EDE4E5}" = 筆ぐるめ Ver.13
    "{0B59411E-1900-463C-AE64-AA106BB2BD58}" = えいご漬け 改訂版(体験版)
    "{0F33B730-E81D-11D3-B72E-00104BC853D6}" = 駅すぱあと
    "{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO カメラユーティリティ
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{156E4680-CA1F-4D45-AE9F-D6731E37C175}" = Sony FeliCa リーダー/ライター ソフトウェア
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
    "{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
    "{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
    "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
    "{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
    "{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
    "{2EF73726-9C12-42A0-952D-9753FBF86E58}" = IFL
    "{31BBD146-CCC2-4E3F-B560-4D3906E2B041}" = CD Burning 4
    "{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
    "{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3E9CA789-3AAC-4F5E-B42D-EA4232DAC60F}" = Atheros Wireless LAN
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{4021D88F-E224-402F-919E-B3F053B57724}" = Windows Live Messenger
    "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
    "{463F8033-9083-4DCE-8A1A-CA588D8EF9AF}" = 静止画色補正
    "{48D2C608-6E46-4978-A2D4-67E34F95E971}" = かんたん登録2
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe(R) Photoshop(R) Album Mini 3.0
    "{5299C5E1-70F9-3D1D-A1FA-BDECA4EC8015}" = Google Talk Plugin
    "{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
    "{582C5C46-399D-4A9D-AB9F-C36F6FEC85EA}" = VAIO CameraVJ Screen Saver
    "{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media (再配布) 5.0
    "{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
    "{597C68AF-3EF7-4310-8725-2E034914613B}" = Microsoft Office Home Style+
    "{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
    "{5BEB5AA0-7B78-4D85-8D98-F84CA1E063E9}" = かざポン for VAIO
    "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
    "{5E862EC5-40B2-4A7E-A87D-B504E141318A}" = スクリーンセーバーロック2
    "{600D85D0-14E9-4B52-A125-F31668C6BE96}" = FeliCaブラウザエクステンション
    "{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = はじめよう! ワイヤレスLAN
    "{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
    "{63BE6BE8-C96D-4CCD-B6E3-416FEC883D59}" = i-フィルター 4
    "{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69E7A57D-89ED-4C16-A37C-AA53EF059F9A}" = かざしてログオン
    "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
    "{70BF00E7-5187-4C30-8D57-BF9D9E4A5AD3}" = スマート メニュー (Windows Live Toolbar)
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
    "{7D90730F-D29E-4386-95F0-BCF79ECF634E}" = Do VAIO バックアップツール
    "{7FDA96DC-0EFF-4BB4-81BD-6CA64831CAA8}" = VAIO Photo Fall WIDE
    "{802AE695-3C5A-48A2-99B4-066298E659A8}" = Smart Network Ver. 2.2.02
    "{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
    "{86579038-5AD4-4399-A34C-C6E2E57539E9}" = 大富豪Plus5 体験版
    "{87246AC6-09F0-46FA-8DCA-E425D51EFEAA}" = ホットスポット・ツール
    "{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
    "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
    "{8DF01556-CD47-418B-88AA-CBCADA8A8D6F}" = ドラネットキッズ入学準備 体験版
    "{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
    "{90330411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Personal Edition 2003
    "{90AF0411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
    "{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
    "{940475B4-367E-4D27-8841-163E3C980F52}" = Windows Live へのリンク (Windows Live Toolbar)
    "{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9C0EA18A-4C72-11D7-B65B-00C04F790F76}" = AC3 Encoder / Decoder
    "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
    "{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO 省電力設定
    "{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
    "{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.4
    "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
    "{A3CD0C7C-A012-48B6-BCD8-3756FA177BD4}" = サンリオ タイニーパークV
    "{A5F3B2A6-CB42-11D6-9161-00E02975BB40}" = 一太郎ビューア
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
    "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
    "{AD0DDEC6-4798-4DE5-87DC-4367D694ED06}" = Microsoft .NET Framework 1.1 Japanese Language Pack
    "{AD650226-3335-45BB-9640-D8C973366A1A}" = パーソナルシェルター
    "{ADAB8F0D-D35B-4792-80A0-EF8749D8CF74}" = VAIO Guide Movie Components
    "{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
    "{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.59
    "{AFF6B50E-C9C5-49BE-92E8-C9CEC98DE3D0}" = Do VAIO
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
    "{B6300A7D-C1B6-4A25-861D-4AED96202FCD}" = Readiris Pro 10
    "{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}" = バイオ電子マニュアル
    "{B971BB45-3FEC-4464-BF4F-B3203EC17BE2}" = タイピング競馬 体験版
    "{BA4028C1-47C6-40C7-97A2-C2507675B0AD}" = Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
    "{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
    "{BDCF2850-450F-4643-9C64-2BFB3631AC83}" = タブ ブラウズ (Windows Live Toolbar)
    "{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
    "{C58A56A1-33F5-48D0-A84D-88F75A351068}" = VAIO Launcher
    "{C99E6F22-FD0E-4D6E-925A-268AD1C050D6}" = its-moNavi PC
    "{C9D692F4-D762-4A56-801B-9B9EE0AF0C91}" = ATLAS 翻訳パーソナル 2006 LE
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CD818656-33B7-4B49-808C-7876E9484FAA}" = 「時事通信社・家庭の医学」「血液サラサラ健康事典」
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D30F9503-071B-4354-827D-C72D8E75BB05}" = Edy Viewer
    "{D3B16DA0-1E93-11D5-A26F-009027CB933C}" = So-net簡単スターターV2.3
    "{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
    "{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
    "{E2AA57CD-A819-406F-B422-A9211DA758B5}" = Windows Live Toolbar
    "{E2C94613-2E76-418B-A8E7-0FFFE9EADCDE}" = VAIO オンラインカスタマー登録
    "{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}" = バイオ電子マニュアル データベース
    "{E6AD2F37-3B4A-4EEC-ACDB-28BC08A81648}" = ドラネット小学一年生 体験版
    "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
    "{ED46C765-9EB0-4D4A-AD6C-29CF7E8007B0}" = SFCard Viewer 2
    "{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
    "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
    "{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F41C96F8-3D72-4F94-9E9E-0B4E8F2B0C61}" = かざそうFeliCa
    "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
    "{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
    "{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
    "{FC37C108-821D-4EDE-8F40-D5B497586805}" = バイオの設定
    "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
    "{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "AdobeESD" = Adobe Download Manager 2.2 (削除のみ)
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
    "GDBase" = 学研電子辞典
    "Google Chrome Frame" = Google Chrome フレーム
    "Google Updater" = Google アップデータ
    "HitmanPro35" = Hitman Pro 3.5
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "ie7" = Windows Internet Explorer 7
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
    "InstallShield_{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
    "InterActual Player" = InterActual Player
    "LAME for Audacity_is1" = LAME v3.98.2 for Audacity
    "LastFM_is1" = Last.fm 1.5.4.27091
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "MouseSuite98" = Sony USB Mouse
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MSNINST" = MSN
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "NoteBurner_is1" = NoteBurner 2.22
    "OCNスタートパック" = OCNスタートパック
    "PC Suite" = PC Suite
    "ProInst" = インテル(R) PROSet/Wireless ソフトウェア
    "RealPlayer 12.0" = RealPlayer
    "VLC media player" = VideoLAN VLC media player 0.8.6e
    "Windows Live Toolbar" = Windows Live Toolbar
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Windows Media Player 11
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinRAR archiver" = WinRAR archiver
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "Yahoo! Internet Mail" = Yahoo! Internet Mail
    "YU2010_is1" = Your Uninstaller! 2010
    "わが家の家計簿" = わが家の家計簿

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ System Events ]
    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
    Description = Application Management は次のエラーで終了しました: %%126

    Error - 2010/11/12 22:56:31 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
    Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
    回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

    Error - 2010/11/12 23:02:14 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
    Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
    回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

    Error - 2010/11/13 22:04:54 | Computer Name = TOYOMASU | Source = sr | ID = 1
    Description = ボリューム 'HarddiskVolume2' 上のファイル '' を処理中にシステムの復元フィルタに予期しないエラー '0xC000009A'
    が発生しました。ボリュームの監視を停止しています。


    < End of report >
     
  23. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    I'm not sure what the problem is, though the current crashes have only started after the link was clicked from the email. The problems also only seem to occur as the computers systems warm up. It comes up with error messages with some file names that end in .dll or have the typical memory error jargon, so I'm really not sure what is going on. :|

    here are the temps after I have just started the system and have rested after the last two attempts due to constant crashes.

    seem cool and ok at the moment, but i'd gather that when this heats up again I wont be able to post this message as chrome either wont start or crashes.

    [​IMG]
     
  24. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Temperatures look OK.
    Do those crashes result in BSOD?
    If so....
    Download BlueScreenView (in Zip file)
    No installation required.
    Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
    When scanning is done, go Edit>Select All.
    Go File>Save Selected Items, and save the report as BSOD.txt.
    Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

    ======================================================================

    Update your Java version here: http://www.java.com/en/download/installed.jsp

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

    Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

    Now, we need to remove old Java version and its remnants...

    Download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
    • Accept any prompts.

    =====================================================================

    OTL log looks perfectly fine, so I don't think we're dealing with any infection here.
     
  25. mylonite

    mylonite TS Rookie Topic Starter Posts: 46

    The crashes don't result in a BSOD. They generally result in all text from the Taskbar, Start Menu and items on the desktop disappearing, whilst the symbols/icons stay. The computers fan runs very fast, and the system heats up quite a bit. The computer become extremely unresponsive, I.e. Programs wont start, and a warning box comes up saying the program can't be found or can't start, for example "paint.exe" , though most of the message is in Japanese so I can't read it. I can't capture a screen shot as it won't copy to the clipboard, nor will paint work after I try. The whole GUI eventually freezes up and not much happens, the windows ghost and it works very very very slowly or not at all. I generally just power it down and take out the battery so it can cool off for a while.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.