Solved Malware problem: Crashes DOS, Blocks Microsoft/Kaspersky/norton etc

Status
Not open for further replies.

mylonite

Posts: 45   +0
Hi all having an annoying problem with a laptop currently in my possession. I believe it's malware.

The problems I am facing are:

Crashes DOS
Blocks various websites such as microsoft, kaspersly and every other antivirus website I can think of.

So far I have run in this order:
Malwarebytes (This crashes upon the final minutes of a full scan (within the system32 folder, always in the same place whether in safe mode, or not. I have quick scanned the folder and it crashes the program everytime)
HitManPro35 (This picked up a .dll file and got rid of it)
TDSS Killer (This picks up no threats)

When I get back home I'm going to run windows-kb890830-v3.11.exe
(Microsoft® Windows® Malicious Software Removal Tool (KB890830) )

I am open to any suggestions if you care to lend a hand.

Thanks very much :)

warmest regards
 
Welcome aboard
yahooo.gif


From now on, don't use any tools other than prescribed here.

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Run all scans, you can.
 
Hi Broni thanks for your help. After a lengthy GMER scan (3 hours) I have what you asked for in Preliminary Removal Instructions.

Not sure if this is correct but I have added a second scan using GMER, this is because the first log it prompted me with was very short and I though it may be no use. I hope it's ok to post both.

GMER.log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-10-11 17:25:21
Windows 5.1.2600 Service Pack 3
Running: y4jmd1yj.exe; Driver: C:\DOCUME~1\YUKIKO\LOCALS~1\Temp\awlcipog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xA885650A]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xA885632E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xA8856468]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device aswSP.SYS (avast! self protection module/ALWIL Software)
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswRdr.SYS (avast! TDI RDR Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] adzirvbgb <-- ROOTKIT !!!

---- EOF - GMER 1.0.15 ----
 
GMER 2.log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-10-11 20:32:14
Windows 5.1.2600 Service Pack 3
Running: y4jmd1yj.exe; Driver: C:\DOCUME~1\YUKIKO\LOCALS~1\Temp\awlcipog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA92D2C08]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA92D2AC4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xA92D3078]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA92D2FA2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA92D269A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA92D2B9E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA92D25DA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA92D263E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA92D2CBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xA92D3146]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA92D2C7E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA92D2DFE]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdePort0 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdePort1 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sdcplh.sys

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Services - GMER 1.0.15 ----

Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] adzirvbgb <-- ROOTKIT !!!
 
CONTINUED

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Microsoft TV/\x30d3\x30c7\x30aa接続 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@RAS 非同期\x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xff910\xff710\xff830\xff880 \0\xff790\xff710\xff780\x30fb\x30fb\x30fb \0\xff9f0\xff8b0\xff9d0\x30fb\xff880\0\0\0 1?2?3?4?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (L2TP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPTP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPPOE) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xe326\xff65c\xff910\x30fb\x30fb\x30fb\0\0\0 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@1394 \x30cd\x30c3\x30c8 \x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IPX) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@DisplayName Helper Installer
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@Type 32
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb@Description ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\Services\adzirvbgb\Parameters@ServiceDll C:\WINDOWS\system32\mzales.dll
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Microsoft TV/\x30d3\x30c7\x30aa接続 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@RAS 非同期\x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xff910\xff710\xff830\xff880 \0\xff790\xff710\xff780\x30fb\x30fb\x30fb \0\xff9f0\xff8b0\xff9d0\x30fb\xff880\0\0\0 1?2?3?4?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (L2TP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPTP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPPOE) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xe326\xff65c\xff910\x30fb\x30fb\x30fb\0\0\0 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@1394 \x30cd\x30c3\x30c8 \x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IPX) 1?
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@DisplayName Helper Installer
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@Type 32
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@Start 2
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@ImagePath %SystemRoot%\system32\svchost.exe -k netsvcs
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@ObjectName LocalSystem
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb@Description ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\adzirvbgb\Parameters@ServiceDll C:\WINDOWS\system32\mzales.dll
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c802.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c803.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c802.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c801.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c801.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c801.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c804.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c801.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c802.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c802.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c803.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c803.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c803.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c804.icd 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\自宅名刺\x30ec\x30a4\x30a2\x30a6\x30c804.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls@C:\Program Files\Microsoft Office\InterConnect Lite\My Designs\Template\会社名刺\x30ec\x30a4\x30a2\x30a6\x30c804.gif 1
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0\16f\35g 49280
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0000\xf8f3\16f\35g 16512
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0\xff740\xff770\xff830\xff6f0 32896
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0000\xf8f3\xff740\xff770\xff830\xff6f0 128
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@@MS \x30b4\x30b7\x30c3\x30af 41088
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@@MS P\x30b4\x30b7\x30c3\x30af 8320

---- EOF - GMER 1.0.15 ----
 
DDS.txt


DDS (Ver_10-10-10.03) - NTFSx86
Run by YUKIKO at 20:32:41.03 on 2010/10/11
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1041.18.502.110 [GMT 11:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\JUSTSYSTEM\PersonalShelter\TxVDrvSvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Sony\SetGamma\SetGamma.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.yahoo.co.jp/
uDefault_Page_URL = hxxp://www.yahoo.co.jp/
uWindow Title = Windows Internet Explorer の提供元: Yahoo! JAPAN
mSearch Page =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = proxy.une.edu.au:8080
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: かんたん登録2: {0dd41ae7-6196-42e7-bde5-4f393997449e} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yahoo!ツールバーフィッシング警告: {1f68e72c-50e5-44b8-8f56-6a54d3af1da4} - c:\program files\yahoo!j\toolbar\7_2_0_5\modules\ypho.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FeliCaブラウザエクステンション: {ec5d2125-d8ab-4a18-a599-d97d2731de19} - c:\program files\sony\felicabrowserextension\fbe.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\6.0.472.63\npchrome_frame.dll
BHO: Yahoo!ツールバーヘルパー: {eeba90e6-2b14-413f-9bf8-61a8bdf92258} - c:\program files\yahoo!j\toolbar\7_2_0_5\modules\YahooToolBar.dll
TB: かんたん登録2 ツールバー: {833cfe4e-05bd-43a3-97a7-a4e80d742f0f} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo!ツールバー: {aef44653-c059-42cb-a5b7-41c640da4a67} - c:\program files\yahoo!j\toolbar\7_2_0_5\modules\YahooToolBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: &Yahoo!ツールバー: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [IMJPMIG9.0] c:\progra~1\common~1\micros~1\ime\imjp9\IMJPMIG.EXE /Preload /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [SetGamma] c:\program files\sony\setgamma\SetGamma.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album mini\3.0\apps\apdproxy.exe"
mRun: [VAIO Update 5] "c:\program files\sony\vaio update 5\VAIOUpdt.exe" /Stationary
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HitmanPro35] "c:\program files\hitman pro 3.5\HitmanPro35.exe" /scan:boot
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
dRun: [ctfmon.exe] ctfmon.exe
IE: Google サイドウィキ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - c:\progra~1\yahoo!j\messen~1\YPagerj.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\6.0.472.63\npchrome_frame.dll
Handler: msjwwdat - {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - c:\program files\microsoft office\home style\jww\JWWData.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\yukiko\applic~1\mozilla\firefox\profiles\ereofzvx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\yukiko\application data\mozilla\firefox\profiles\ereofzvx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\ytoolbar.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-11 162768]
R1 TxVDrv;TxVDrv;c:\windows\system32\drivers\TxVDrv.sys [2005-10-13 22272]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-11 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-11 40384]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-7-11 1251720]
R2 TxVDrvSvc;TXVDrv Service;c:\program files\justsystem\personalshelter\TxVDrvSvc.exe [2005-10-13 45056]
R3 Sonyddpu;Sony FeliCa Reader/Writer;c:\windows\system32\drivers\Sonyddpu.sys [2006-7-10 49664]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2006-7-10 30080]
S2 adzirvbgb;Helper Installer;c:\windows\system32\svchost.exe -k netsvcs [2006-7-10 14336]
S2 gupdate1c9f282e893c17c;Google アップデート サービス (gupdate1c9f282e893c17c);c:\program files\google\update\GoogleUpdate.exe [2009-6-22 133104]
S3 1c8be513-c822-4292-85e3-ffd0e13e4b16;1c8be513-c822-4292-85e3-ffd0e13e4b16;\??\f:\cds300\cds300.dll --> f:\cds300\cds300.dll [?]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-11 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-11 40384]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2006-7-10 16194]
S3 BeService;Smart Network Service;c:\program files\sony\smart network\BeService.exe [2005-10-13 77824]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-11 38224]
S3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\qscnusb.sys [2010-8-23 103552]
S3 VUAgent;VUAgent;c:\program files\sony\vaio update 5\VUAgent.exe [2010-1-17 722288]

=============== Created Last 30 ================

2010-10-11 06:04:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-10-10 23:17:16 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-10-10 22:57:23 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-10-10 22:57:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-10-10 22:57:11 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-10-10 13:37:41 -------- d-----w- c:\docume~1\yukiko\applic~1\Malwarebytes
2010-10-10 13:37:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-10 13:37:31 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-10 13:37:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-10 13:37:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-10 02:30:42 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-10-08 08:28:57 417792 ----a-w- c:\program files\windows media player\plugins\wmp_scrobbler.dll
2010-10-08 08:28:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\Last.fm
2010-10-08 08:26:46 -------- d-----w- c:\docume~1\yukiko\locals~1\applic~1\Last.fm
2010-10-08 08:26:16 -------- d-----w- c:\program files\Last.fm
2010-10-04 03:13:57 -------- d-----w- c:\program files\SystemRequirementsLab
2010-10-04 03:09:41 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-04 03:09:41 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-04 03:09:41 423656 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2010-10-01 06:03:25 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-01 06:03:25 -------- d-----w- c:\windows\system32\wbem\Repository

==================== Find3M ====================


============= FINISH: 20:34:00.20 ===============
 
Attach.txt


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2006/09/17 17:36:46
System Uptime: 2010/10/11 17:38:26 (3 hours ago)

Motherboard: Sony Corporation | | Q-Project
Processor: Intel(R) Celeron(R) M processor 1.60GHz | N/A | 1595/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 6.963 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 10.432 GiB free.
E: is CDROM ()
G: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_81F1104D&REV_10\4&AD1B67F&0&40F0
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_81F1104D&REV_10\4&AD1B67F&0&40F0
Service: RTL8023xp

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 ネット アダプタ
Device ID: V1394\NIC1394\22C245E8004603
Manufacturer: Microsoft
Name: 1394 ネット アダプタ
PNP Device ID: V1394\NIC1394\22C245E8004603
Service: NIC1394

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: LAN-Express AS IEEE 802.11g miniPCI Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
Manufacturer: LAN-Express
Name: LAN-Express AS IEEE 802.11g miniPCI Adapter
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
Service: LEX_AS_NIC_SERVICE_YNOS

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer:
Name:
PNP Device ID: ROOT\SCSIADAPTER\0000
Service:

==== System Restore Points ===================

RP1: 2010/09/14 20:30:02 - システム チェックポイント
RP2: 2010/09/21 18:11:49 - システム チェックポイント
RP3: 2010/09/22 20:21:33 - システム チェックポイント
RP4: 2010/09/24 0:07:53 - システム チェックポイント
RP5: 2010/10/01 12:54:29 - システム チェックポイント
RP6: 2010/10/01 16:02:20 - 復元操作
RP7: 2010/10/02 18:44:30 - システム チェックポイント
RP8: 2010/10/03 21:52:30 - システム チェックポイント
RP9: 2010/10/04 14:08:50 - Java(TM) 6 Update 21 をインストールしました
RP10: 2010/10/04 14:13:56 - Installed System Requirements Lab for Intel
RP11: 2010/10/05 18:32:30 - システム チェックポイント
RP12: 2010/10/06 21:09:32 - システム チェックポイント
RP13: 2010/10/07 21:16:31 - システム チェックポイント
RP14: 2010/10/09 0:03:45 - システム チェックポイント
RP15: 2010/10/10 13:04:59 - 削除済み SonicStage
RP16: 2010/10/10 13:05:28 - Installed Music Server Controller
RP17: 2010/10/10 13:05:58 - Installed OpenMG Secure Module
RP18: 2010/10/10 13:07:46 - インストール済み SonicStage
RP19: 2010/10/10 13:09:16 - インストール済み SonicStage Add-on
RP20: 2010/10/11 14:54:15 - システム チェックポイント
RP21: 2010/10/11 17:04:00 - avast! Free Antivirus Setup

==== Installed Programs ======================


「時事通信社・家庭の医学」「血液サラサラ健康事典」
AC3 Encoder / Decoder
Adobe Download Manager 2.2 (削除のみ)
Adobe Flash Player 10 Plugin
Adobe Reader 9 - Japanese
Adobe(R) Photoshop(R) Album Mini 3.0
Amazon MP3 Downloader 1.0.0+6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATLAS 翻訳パーソナル 2006 LE
avast! Free Antivirus
Bonjour
CD Burning 4
Click to DVD 2.0.03 Menu Data
Click to DVD 2.5.30
Do VAIO
Do VAIO バックアップツール
DVgate Plus
Edy Viewer
FeliCaブラウザエクステンション
Google Chrome
Google Chrome フレーム
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google アップデータ
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HD革命/BackUp (バンドル版)
High Definition Audio Driver Package - KB835221
Hitman Pro 3.5
Hotfix for Windows Media Format 11 SDK (KB929399)
i-フィルター 4
IFL
Image Converter 2 Plus
Intel(R) Graphics Media Accelerator Driver for Mobile
InterActual Player
InterVideo WinDVD for VAIO
InterVideo WinDVDX
its-moNavi PC
iTunes
J2SE Runtime Environment 5.0 Update 7
Java Auto Updater
Java(TM) 6 Update 21
LAN-Express AS IEEE 802.11 Wireless LAN
Last.fm 1.5.4.24567
LiveUpdate 3.0 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Japanese Language Pack
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Home Style+
Microsoft Office Personal Edition 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mMHouse
Mozilla Firefox (2.0.0.20)
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
NoteBurner 2.22
OCNスタートパック
OpenMG Secure Module 5.0.00
PC Suite
PictureGear Studio 2.0
QuickTime
Readiris Pro 10
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Roxio DigitalMedia Audio
Roxio DigitalMedia Copy
Roxio DigitalMedia Data
Safari
Security Update for CAPICOM (KB931906)
Setting Utility Series
SFCard Viewer 2
Skype Toolbar for Outlook Express
Skype Toolbars
Skype? 4.2
Smart Network Ver. 2.2.02
So-net簡単スターターV2.3
SonicStage 4.4
SonicStage Mastering Studio 2.2
SonicStage Mastering Studio オーディオフィルタ機能
SonicStage Mastering Studio オーディオフィルタ機能 カスタムプリセット
SonicStage Mastering Studio プラグイン
Sony FeliCa リーダー/ライター ソフトウェア
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Step by Step Interactive Training 用セキュリティ更新プログラム (KB898458)
Step by Step Interactive Training 用セキュリティ更新プログラム (KB923723)
Symantec KB-DocID:2003093015493306
System Requirements Lab for Intel
VAIO Aqua Breeze Wallpaper
VAIO CameraVJ Screen Saver
VAIO Cozy Orange Wallpaper
VAIO Entertainment Platform
VAIO Event Service
VAIO Guide
VAIO Guide Movie Components
VAIO Hardware Diagnostics
VAIO Launcher
VAIO Long Battery Life Wallpaper
VAIO Media (再配布) 5.0
VAIO Media 5.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Registration Tool 5.0
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Photo Fall WIDE
VAIO Tender Green Wallpaper
VAIO Update
VAIO オンラインカスタマー登録
VAIO カメラユーティリティ
VAIO 省電力設定
VideoLAN VLC media player 0.8.6e
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 7 セキュリティ更新 (KB938127)
Windows Internet Explorer 7 セキュリティ更新 (KB950759)
Windows Internet Explorer 7 セキュリティ更新 (KB956390)
Windows Internet Explorer 7 セキュリティ更新 (KB958215)
Windows Internet Explorer 7 セキュリティ更新 (KB960714)
Windows Internet Explorer 7 セキュリティ更新 (KB961260)
Windows Internet Explorer 7 セキュリティ更新 (KB963027)
Windows Internet Explorer 7 セキュリティ更新 (KB969897)
Windows Internet Explorer 8
Windows Internet Explorer 8 セキュリティ更新 (KB971961)
Windows Internet Explorer 8 セキュリティ更新 (KB976325)
Windows Internet Explorer 8 セキュリティ更新 (KB978207)
Windows Internet Explorer 8 セキュリティ更新 (KB981332)
Windows Internet Explorer 8 セキュリティ更新 (KB982381)
Windows Internet Explorer 8 更新 (KB975364)
Windows Internet Explorer 8 更新 (KB976662)
Windows Internet Explorer 8 更新 (KB980182)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
Windows Live へのリンク (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player (KB911564) セキュリティ問題の修正プログラム
Windows Media Player (KB952069) セキュリティ問題の修正プログラム
Windows Media Player (KB954155) セキュリティ問題の修正プログラム
Windows Media Player (KB968816) セキュリティ問題の修正プログラム
Windows Media Player (KB973540) セキュリティ問題の修正プログラム
Windows Media Player (KB978695) セキュリティ問題の修正プログラム
Windows Media Player 10 (KB911565) セキュリティ問題の修正プログラム
Windows Media Player 10 (KB917734) セキュリティ問題の修正プログラム
Windows Media Player 11
Windows Media Player 11 (KB936782) セキュリティ問題の修正プログラム
Windows Media Player 11 (KB939683) ホットフィックス
Windows Media Player 11 (KB954154) セキュリティ問題の修正プログラム
Windows Media Player 11 (KB959772) 重要な更新
Windows Media Player 6.4 (KB925398) セキュリティ問題の修正プログラム
Windows XP (KB941569) セキュリティ問題の修正プログラム
Windows XP Service Pack 3
Windows XP セキュリティ更新 (KB2229593)
Windows XP セキュリティ更新 (KB2286198)
Windows XP セキュリティ更新 (KB923561)
Windows XP セキュリティ更新 (KB938464-v2)
Windows XP セキュリティ更新 (KB938464)
Windows XP セキュリティ更新 (KB946648)
Windows XP セキュリティ更新 (KB950760)
Windows XP セキュリティ更新 (KB950762)
Windows XP セキュリティ更新 (KB950974)
Windows XP セキュリティ更新 (KB951066)
Windows XP セキュリティ更新 (KB951376-v2)
Windows XP セキュリティ更新 (KB951698)
Windows XP セキュリティ更新 (KB951748)
Windows XP セキュリティ更新 (KB952004)
Windows XP セキュリティ更新 (KB952954)
Windows XP セキュリティ更新 (KB954211)
Windows XP セキュリティ更新 (KB954459)
Windows XP セキュリティ更新 (KB954600)
Windows XP セキュリティ更新 (KB955069)
Windows XP セキュリティ更新 (KB956391)
Windows XP セキュリティ更新 (KB956572)
Windows XP セキュリティ更新 (KB956744)
Windows XP セキュリティ更新 (KB956802)
Windows XP セキュリティ更新 (KB956803)
Windows XP セキュリティ更新 (KB956841)
Windows XP セキュリティ更新 (KB956844)
Windows XP セキュリティ更新 (KB957095)
Windows XP セキュリティ更新 (KB957097)
Windows XP セキュリティ更新 (KB958644)
Windows XP セキュリティ更新 (KB958687)
Windows XP セキュリティ更新 (KB958690)
Windows XP セキュリティ更新 (KB958869)
Windows XP セキュリティ更新 (KB959426)
Windows XP セキュリティ更新 (KB960225)
Windows XP セキュリティ更新 (KB960715)
Windows XP セキュリティ更新 (KB960803)
Windows XP セキュリティ更新 (KB960859)
Windows XP セキュリティ更新 (KB961371-v2)
Windows XP セキュリティ更新 (KB961371)
Windows XP セキュリティ更新 (KB961373)
Windows XP セキュリティ更新 (KB961501)
Windows XP セキュリティ更新 (KB968537)
Windows XP セキュリティ更新 (KB969059)
Windows XP セキュリティ更新 (KB969898)
Windows XP セキュリティ更新 (KB969947)
Windows XP セキュリティ更新 (KB970238)
Windows XP セキュリティ更新 (KB970430)
Windows XP セキュリティ更新 (KB971468)
Windows XP セキュリティ更新 (KB971486)
Windows XP セキュリティ更新 (KB971557)
Windows XP セキュリティ更新 (KB971633)
Windows XP セキュリティ更新 (KB971657)
Windows XP セキュリティ更新 (KB972270)
Windows XP セキュリティ更新 (KB973346)
Windows XP セキュリティ更新 (KB973354)
Windows XP セキュリティ更新 (KB973507)
Windows XP セキュリティ更新 (KB973525)
Windows XP セキュリティ更新 (KB973869)
Windows XP セキュリティ更新 (KB973904)
Windows XP セキュリティ更新 (KB974112)
Windows XP セキュリティ更新 (KB974318)
Windows XP セキュリティ更新 (KB974392)
Windows XP セキュリティ更新 (KB974571)
Windows XP セキュリティ更新 (KB975025)
Windows XP セキュリティ更新 (KB975467)
Windows XP セキュリティ更新 (KB975560)
Windows XP セキュリティ更新 (KB975561)
Windows XP セキュリティ更新 (KB975562)
Windows XP セキュリティ更新 (KB975713)
Windows XP セキュリティ更新 (KB977165)
Windows XP セキュリティ更新 (KB977816)
Windows XP セキュリティ更新 (KB977914)
Windows XP セキュリティ更新 (KB978037)
Windows XP セキュリティ更新 (KB978251)
Windows XP セキュリティ更新 (KB978262)
Windows XP セキュリティ更新 (KB978338)
Windows XP セキュリティ更新 (KB978542)
Windows XP セキュリティ更新 (KB978601)
Windows XP セキュリティ更新 (KB978706)
Windows XP セキュリティ更新 (KB979309)
Windows XP セキュリティ更新 (KB979482)
Windows XP セキュリティ更新 (KB979559)
Windows XP セキュリティ更新 (KB979683)
Windows XP セキュリティ更新 (KB980195)
Windows XP セキュリティ更新 (KB980218)
Windows XP セキュリティ更新 (KB980232)
Windows XP ホットフィックス (KB952287)
Windows XP ホットフィックス (KB970653-v3)
Windows XP ホットフィックス (KB976098-v2)
Windows XP ホットフィックス (KB979306)
Windows XP ホットフィックス (KB981793)
Windows XP 更新 (KB951072-v2)
Windows XP 更新 (KB951978)
Windows XP 更新 (KB955759)
Windows XP 更新 (KB955839)
Windows XP 更新 (KB967715)
Windows XP 更新 (KB968389)
Windows XP 更新 (KB971737)
Windows XP 更新 (KB973687)
Windows XP 更新 (KB973815)
WinRAR archiver
xrecode II 1.0.0.59
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo!7 Messenger
Yahoo!かんたんパソコン設定
Yahoo!ツールバー
Yahoo!メッセンジャー
インテル(R) PROSet/Wireless ソフトウェア
えいご漬け 改訂版(体験版)
かざしてログオン
かざそうFeliCa
かざポン for VAIO
かんたん登録2
サンリオ タイニーパークV
スクリーンセーバーロック2
スマート メニュー (Windows Live Toolbar)
タイピング競馬 体験版
タブ ブラウズ (Windows Live Toolbar)
ドラネットキッズ入学準備 体験版
ドラネット小学一年生 体験版
パーソナルシェルター
バイオの設定
バイオ電子マニュアル
バイオ電子マニュアル データベース
はじめよう! ワイヤレスLAN
ホットスポット・ツール
みんなでTV電話スタータ
わが家の家計簿
一太郎ビューア
駅すぱあと
学研電子辞典
静止画色補正
大富豪Plus5 体験版
筆ぐるめ Ver.13

==== End Of File ===========================


Hope the Japanese doesn't confuse you too much :)
 
Please, do NOT wrap logs in a code.

You have some Norton's leftovers.
Please, run Norton Removal Tool: http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN

=====================================================================

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

======================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000005c

Kernel Drivers (total 136):
0x804D9000 \WINDOWS\system32\ntkrnlpa.exe
0x806D2000 \WINDOWS\system32\hal.dll
0xF8A35000 \WINDOWS\system32\KDCOM.DLL
0xF8945000 \WINDOWS\system32\BOOTVID.dll
0xF8406000 ACPI.sys
0xF8A37000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF83F5000 pci.sys
0xF8535000 isapnp.sys
0xF8545000 ohci1394.sys
0xF8555000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF8949000 compbatt.sys
0xF894D000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF8AFD000 pciide.sys
0xF87B5000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF8A39000 intelide.sys
0xF83D7000 pcmcia.sys
0xF8565000 MountMgr.sys
0xF83B8000 ftdisk.sys
0xF8951000 ACPIEC.sys
0xF8AFE000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF87BD000 PartMgr.sys
0xF8575000 VolSnap.sys
0xF83A0000 atapi.sys
0xF8585000 disk.sys
0xF8595000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF8380000 fltmgr.sys
0xF836E000 sr.sys
0xF85A5000 PxHelp20.sys
0xF8357000 KSecDD.sys
0xF82CA000 Ntfs.sys
0xF829D000 NDIS.sys
0xF8283000 Mup.sys
0xF8605000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7AF9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF79D4000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF79C0000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7998000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF888D000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF7974000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF8895000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF7961000 \SystemRoot\system32\DRIVERS\Rtlnicxp.sys
0xF7943000 \SystemRoot\system32\drivers\tifmsony.sys
0xF889D000 \SystemRoot\System32\Drivers\SonyNC.sys
0xF8615000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF88A5000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7929000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0xF88AD000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF8625000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7AF1000 \SystemRoot\system32\drivers\pfc.sys
0xF8635000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF8645000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7906000 \SystemRoot\system32\DRIVERS\ks.sys
0xF88B5000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF7AE9000 \SystemRoot\system32\DRIVERS\fsvga.sys
0xF8BEB000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF8655000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7AE5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF78EF000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF8665000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF8675000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF88BD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF78DE000 \SystemRoot\system32\DRIVERS\psched.sys
0xF8685000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF88C5000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF88CD000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF8695000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF8A73000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF7880000 \SystemRoot\system32\DRIVERS\update.sys
0xF7AD5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF86A5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA355000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA331000 \SystemRoot\system32\drivers\portcls.sys
0xF86D5000 \SystemRoot\system32\drivers\drmk.sys
0xAA2FF000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xAA20B000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xAA15A000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF88D5000 \SystemRoot\System32\Drivers\Modem.SYS
0xF86E5000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8A77000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF8A79000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8B05000 \SystemRoot\System32\Drivers\Null.SYS
0xF8A7B000 \SystemRoot\System32\Drivers\Beep.SYS
0xF88F5000 \SystemRoot\System32\drivers\vga.sys
0xF8A7D000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8A7F000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF88FD000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF8905000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8A05000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9467000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA940E000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF86F5000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xA93E6000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF8A11000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xA93C4000 \SystemRoot\System32\drivers\afd.sys
0xF8705000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF890D000 \SystemRoot\System32\Drivers\TxVDrv.SYS
0xF8715000 \SystemRoot\System32\drivers\sdcplh.sys
0xA9371000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9301000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF8725000 \SystemRoot\System32\Drivers\Fips.SYS
0xA92DB000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF8735000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF8B5A000 \SystemRoot\system32\DRIVERS\DMICall.sys
0xA928C000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF891D000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF8745000 \SystemRoot\System32\Drivers\Sonyddpu.sys
0xA924F000 \SystemRoot\System32\Drivers\usbvm321.sys
0xF8755000 \SystemRoot\System32\Drivers\STREAM.SYS
0xF8925000 \SystemRoot\System32\Drivers\USBCAMD2.SYS
0xF892D000 \SystemRoot\system32\DRIVERS\SonyImgF.sys
0xF8775000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF7108000 \SystemRoot\System32\drivers\Dxapi.sys
0xF8935000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8B54000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF041000 \SystemRoot\System32\ialmdev5.DLL
0xBF075000 \SystemRoot\System32\ialmdd5.DLL
0xA918F000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF87E5000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xA9009000 \SystemRoot\system32\DRIVERS\nwlnkipx.sys
0xA921F000 \SystemRoot\system32\DRIVERS\nwlnknb.sys
0xA909B000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xA9005000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA8DEA000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA8E81000 \SystemRoot\system32\DRIVERS\nwlnkspx.sys
0xA8C1D000 \SystemRoot\system32\drivers\wdmaud.sys
0xA8F61000 \SystemRoot\system32\drivers\sysaudio.sys
0xA8920000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA88B7000 \SystemRoot\System32\Drivers\HTTP.sys
0xA8810000 \SystemRoot\system32\DRIVERS\srv.sys
0xA88AB000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF87FD000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x7C940000 \WINDOWS\system32\ntdll.dll

Processes (total 56):
0 System Idle Process
4 System
464 C:\WINDOWS\system32\smss.exe
512 csrss.exe
536 C:\WINDOWS\system32\winlogon.exe
580 C:\WINDOWS\system32\services.exe
592 C:\WINDOWS\system32\lsass.exe
744 C:\WINDOWS\system32\svchost.exe
800 svchost.exe
868 C:\WINDOWS\system32\svchost.exe
904 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1152 C:\WINDOWS\explorer.exe
1236 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
1292 svchost.exe
1376 svchost.exe
1484 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1880 C:\WINDOWS\system32\spoolsv.exe
1388 svchost.exe
1520 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
1536 C:\Program Files\Bonjour\mDNSResponder.exe
1856 C:\WINDOWS\system32\svchost.exe
1976 C:\Program Files\Java\jre6\bin\jqs.exe
184 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
628 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
372 C:\WINDOWS\system32\svchost.exe
1112 C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe
1140 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
1280 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
1532 wmpnetwk.exe
2100 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2184 igfxext.exe
2224 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
2232 igfxsrvc.exe
2724 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
2924 alg.exe
3104 C:\Program Files\Apoint\Apoint.exe
3120 C:\WINDOWS\system32\hkcmd.exe
3196 C:\WINDOWS\system32\igfxpers.exe
3324 C:\WINDOWS\RTHDCPL.EXE
3356 C:\WINDOWS\system32\ico.exe
3384 C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
3424 C:\Program Files\Sony\SetGamma\SetGamma.exe
3472 C:\Program Files\Apoint\ApntEx.exe
3496 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
3508 C:\WINDOWS\system32\conime.exe
3512 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
3584 C:\Program Files\iTunes\iTunesHelper.exe
3596 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3688 C:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
3720 C:\WINDOWS\system32\ctfmon.exe
3752 C:\Program Files\Windows Media Player\wmpnscfg.exe
4048 C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
2808 C:\Program Files\iPod\bin\iPodService.exe
2680 C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
4004 C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3880 C:\Documents and Settings\YUKIKO\

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`a1372600 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000a`f1dda400 (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHV2060BHPL, Rev: 00000029

Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!











Combofix coming
 
Are you familiar with this?
proxy.une.edu.au:8080

======================================================================

Do you use non-English Windows version?

=======================================================================

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
Driver::
adzirvbgb
1c8be513-c822-4292-85e3-ffd0e13e4b16

NetSvc::
adzirvbgb


Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adzirvbgb]


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
Yes proxy.une.edu.au on port 8080 is familiar to this computer, just an old local network that this was once used on. It still remains I guess.

Yes this computer does not use English as the main language, it's Japanese. I hope this will not hamper anything.

The log is attached as requested.
 

Attachments

  • COMBOFIX2.txt
    19.4 KB · Views: 1
It looks good now :)

I assume, you don't use that "proxy" anymore?

How is computer doing at the moment?

My bed time is coming, so I'll leave you with a "homework" :)

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
HI there Broni, thanks for your help. It's appreciated.

No the proxy is not used anymore, not for the last few months anyway,

The computer is running well, I can now access Kaspersky.com、Microsoft.com, Mcafee.com etc. So it seems you have beat the culprit that bought me here, for now anyway. This computer is well due for a reinstall sometime soon as it hasn't been managed well. Just need to locate the reinstall discs.

Here is one log:

OTL Log

OTL logfile created on: 2010/10/12 17:15:29 - Run 1
OTL by OldTimer - Version 3.2.15.1 Folder = C:\Documents and Settings\YUKIKO\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

502.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.66 Gb Free Space | 17.88% Space Free | Partition Type: NTFS
Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.06% Space Free | Partition Type: NTFS

Computer Name: TOYOMASU | User Name: YUKIKO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/12 17:06:11 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\My Documents\Downloads\OTL.exe
PRC - [2010/09/08 01:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/04/08 10:45:58 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2010/03/13 23:10:57 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/05/26 23:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/04/14 13:26:11 | 001,027,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 13:26:08 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
PRC - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
PRC - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2005/12/27 15:58:10 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe
PRC - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/08/10 22:24:48 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SetGamma\SetGamma.exe
PRC - [2005/08/05 12:56:58 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2005/06/30 18:50:40 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\apdproxy.exe
PRC - [2004/11/17 22:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/08/19 11:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2002/03/14 18:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


========== Modules (SafeList) ==========

MOD - [2010/10/12 17:06:11 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\My Documents\Downloads\OTL.exe
MOD - [2008/04/14 13:24:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/05/10 15:42:30 | 000,851,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9K.DLL
MOD - [2007/03/22 21:17:42 | 000,482,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9.IME
MOD - [2007/03/22 21:17:28 | 000,106,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\IME\IMJP9\DICTS\IMJPCD.DIC
MOD - [2007/03/22 21:17:22 | 000,048,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\IME\IMJP9\IMJPSQM.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/08 10:45:58 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2007/12/17 13:21:00 | 000,075,040 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/12/17 13:20:56 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/06/13 10:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/09 22:11:40 | 000,417,792 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler)
SRV - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2006/06/07 11:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 12:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 12:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) [Auto | Running] -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe -- (TxVDrvSvc)
SRV - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 15:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 21:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2003/07/10 19:45:32 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Smart Network\BeService.exe -- (BeService)
 
========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\YUKIKO\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/09/08 00:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/08 00:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/08 00:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/08 00:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/09/08 00:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/09/08 00:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/04/22 17:54:15 | 000,103,552 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qscnusb.sys -- (MobileAdapter)
DRV - [2008/04/14 05:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 03:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) Microsoft UAA バス ドライバ (High Definition Audio 用)
DRV - [2007/02/28 16:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2006/08/02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/06/29 21:49:38 | 002,206,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Windows XP 用 インテル(R)
DRV - [2006/05/02 23:46:28 | 000,022,272 | ---- | M] (Texim Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TxVDrv.sys -- (TxVDrv)
DRV - [2006/03/06 20:39:00 | 000,030,080 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2005/11/30 13:38:50 | 000,232,448 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm321.sys -- (usbvm321)
DRV - [2005/10/18 18:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 18:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 18:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/08/09 18:43:46 | 003,855,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/24 15:11:12 | 000,040,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sdcplh.sys -- (sdcplh)
DRV - [2005/03/24 18:26:20 | 000,049,664 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sonyddpu.sys -- (Sonyddpu)
DRV - [2005/03/04 13:10:00 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/04 22:24:44 | 000,394,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
DRV - [2004/12/06 13:26:06 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004/11/22 15:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/08/05 23:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/05 23:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/05 23:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002/04/11 19:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)
DRV - [2000/12/05 18:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 21:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://my.yahoo.co.jp/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.jp/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.une.edu.au:8080

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - prefs.js..network.proxy.autoconfig_url: "http;//proxy.une.edu.au/proxy"
FF - prefs.js..network.proxy.ftp: "proxy.une.edu.au"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "proxy.une.edu.au"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "proxy.une.edu.au"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy.une.edu.au"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "proxy.une.edu.au"
FF - prefs.js..network.proxy.ssl_port: 8080

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/13 23:12:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/28 18:05:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/09 15:44:43 | 000,000,000 | ---D | M]

[2010/05/10 21:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions
[2008/07/06 00:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/04 14:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/06 12:02:28 | 000,000,000 | ---D | M] (Yahoo!繝・・繝ォ繝舌・) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/04 14:09:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/03/26 13:33:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2008/04/06 12:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\yahoo-jp@partners.mozilla.com
[2009/03/26 13:32:23 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2009/03/26 13:32:23 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2009/03/26 13:32:24 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2009/03/26 13:32:32 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2009/03/26 13:32:33 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/10/04 14:09:12 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/03/26 13:33:19 | 000,001,989 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-jp.xml
[2009/03/26 13:33:20 | 000,000,886 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\goo.xml
[2009/03/26 13:33:20 | 000,002,650 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google-jp.xml
[2009/03/26 13:33:21 | 000,000,827 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\rakuten.xml
[2009/03/26 13:33:21 | 000,000,907 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-jp-auctions.xml
[2009/03/26 13:33:21 | 000,000,820 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-jp-shopping.xml
[2009/03/26 13:33:21 | 000,001,017 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-jp.xml

O1 HOSTS File: ([2010/10/12 16:16:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (かんたん登録2) - {0DD41AE7-6196-42E7-BDE5-4F393997449E} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (FeliCaブラウザエクステンション) - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll (Sony Corp.)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\6.0.472.63\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (かんたん登録2 ツールバー) - {833CFE4E-05BD-43A3-97A7-A4E80D742F0F} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\IMKR6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG9.0] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP9\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe (Sony Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIO Update 5] C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google サイドウィキ... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
O9 - Extra 'Tools' menuitem : Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\6.0.472.63\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msjwwdat {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (現在のホーム ページ) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/10 16:09:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corp.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56871556046913536)

========== Files/Folders - Created Within 90 Days ==========

[2010/10/12 14:56:07 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/10/12 09:43:25 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/12 09:41:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/12 09:41:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/12 09:41:00 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/12 09:41:00 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/12 09:40:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/12 09:40:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/11 17:04:58 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/10/11 17:04:58 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/10/11 17:04:56 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/10/11 17:04:55 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/10/11 17:04:53 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/10/11 17:04:53 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/10/11 17:04:52 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/10/11 17:04:24 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/10/11 17:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/11 17:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/10/11 16:50:17 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC.exe
[2010/10/11 10:17:16 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/10/11 09:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/10/11 09:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/10/11 00:37:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\Application Data\Malwarebytes
[2010/10/11 00:37:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/11 00:37:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/11 00:37:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/11 00:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/10 12:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2010/10/10 12:07:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2010/10/08 19:28:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2010/10/08 19:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Last.fm
[2010/10/08 19:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm
[2010/10/08 18:34:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\My Documents\ITP
[2010/10/04 14:13:57 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/10/04 14:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/08/25 18:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\Application Data\UNBALANCE
[2010/08/23 11:53:45 | 000,103,552 | R--- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\qscnusb.sys
[2010/08/23 11:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\PC Suite
[2010/07/21 22:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

========== Files - Modified Within 90 Days ==========

[2010/10/12 17:18:58 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job
[2010/10/12 16:59:00 | 000,000,692 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/12 16:16:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/12 16:15:56 | 000,000,688 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/12 16:15:56 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
[2010/10/12 16:15:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/12 16:15:43 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/12 15:02:39 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/10/12 14:56:09 | 000,003,058 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/10/12 14:35:16 | 003,877,241 | R--- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
[2010/10/12 09:43:36 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/12 09:35:04 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\MBRCheck.exe
[2010/10/11 17:36:48 | 000,544,768 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
[2010/10/11 17:07:12 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\y4jmd1yj.exe
[2010/10/11 16:50:18 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC.exe
[2010/10/11 10:17:16 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010/10/10 23:02:02 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
[2010/10/10 21:57:10 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Microsoft Office Word 2003.lnk
[2010/10/04 13:56:23 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/04 13:55:26 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Default.rdp
[2010/10/03 16:21:28 | 000,153,088 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/03 12:16:13 | 000,383,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/03 12:16:13 | 000,190,588 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2010/10/03 12:16:13 | 000,053,942 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/03 12:16:13 | 000,053,936 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2010/09/23 09:46:43 | 003,072,054 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp
[2010/09/08 01:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/08 01:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/08 00:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/08 00:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/08 00:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/08 00:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/08 00:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/08 00:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/08 00:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/07/15 03:05:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2010/10/12 09:43:36 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2010/10/12 09:43:29 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/12 09:41:00 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/12 09:41:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/12 09:41:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/12 09:41:00 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/12 09:41:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/12 09:36:40 | 003,877,241 | R--- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
[2010/10/12 09:36:40 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\MBRCheck.exe
[2010/10/11 21:07:42 | 007,358,422 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\XirrusWiFiMonitorXPWidget1.1.widget
[2010/10/11 17:36:47 | 000,544,768 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
[2010/10/11 17:09:28 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\y4jmd1yj.exe
[2010/10/11 11:24:38 | 526,569,472 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/11 09:57:23 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/10/04 13:55:26 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Default.rdp
[2010/08/01 23:36:41 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/10 00:23:58 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/26 23:56:28 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2007/12/28 18:03:22 | 000,000,057 | ---- | C] () -- C:\WINDOWS\NWDECDU.INI
[2007/12/28 18:02:34 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdcplh.sys
[2007/12/10 00:32:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/06/26 16:14:24 | 000,000,134 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2007/06/26 16:14:18 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/03/16 20:01:04 | 000,004,628 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/01/15 17:24:09 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\dm.ini
[2007/01/15 17:24:08 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\AdobeDLM.log
[2006/10/14 03:01:41 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/09/25 03:54:32 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/24 13:53:54 | 000,003,364 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/17 18:37:04 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\fusioncache.dat
[2006/07/11 12:57:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/11 11:52:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/11 11:52:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/11 11:52:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/11 11:52:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/07/10 17:08:48 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
[2006/07/10 16:23:19 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/10 16:02:41 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/10 15:54:57 | 000,002,144 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/10 15:54:43 | 000,065,392 | ---- | C] () -- C:\WINDOWS\System32\msimek.sys
[2006/07/10 15:54:43 | 000,054,700 | ---- | C] () -- C:\WINDOWS\System32\$ias.sys
[2006/07/10 15:54:43 | 000,044,496 | ---- | C] () -- C:\WINDOWS\System32\msimei.sys
[2006/07/10 15:54:43 | 000,042,841 | ---- | C] () -- C:\WINDOWS\System32\key02.sys
[2006/07/10 15:54:43 | 000,042,633 | ---- | C] () -- C:\WINDOWS\System32\keyax.sys
[2006/07/10 15:54:43 | 000,039,808 | ---- | C] () -- C:\WINDOWS\System32\msime.sys
[2006/07/10 15:54:43 | 000,027,956 | ---- | C] () -- C:\WINDOWS\System32\appsicon.dll
[2006/07/10 15:54:43 | 000,020,688 | ---- | C] () -- C:\WINDOWS\System32\$disp.sys
[2006/07/10 15:54:43 | 000,013,597 | ---- | C] () -- C:\WINDOWS\System32\msimed.sys
[2006/07/10 15:54:43 | 000,004,701 | ---- | C] () -- C:\WINDOWS\System32\kkcfunc.sys
[2006/07/10 15:54:43 | 000,004,125 | ---- | C] () -- C:\WINDOWS\System32\$prnescp.sys
[2006/07/10 15:54:43 | 000,002,990 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys
[2006/07/10 15:54:43 | 000,000,901 | ---- | C] () -- C:\WINDOWS\System32\ntfont.sys
[2006/07/10 15:54:43 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys
[2006/07/10 15:54:07 | 000,229,088 | ---- | C] () -- C:\WINDOWS\System32\lanman.drv
[2006/07/05 12:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/13 03:16:19 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\IMX.DLL
[2005/10/13 03:03:04 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/13 02:52:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/10/13 02:51:41 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2005/10/13 02:43:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/10/13 02:41:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/10/13 02:38:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fsslckhk.dll
[2003/09/18 15:22:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\AmiJapanDataPilotUninstSupport.dll
[2003/04/03 14:00:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\VSPpg8.dll
[2003/02/19 17:36:06 | 000,005,099 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========

[2010/10/11 17:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2005/10/13 02:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FujisoftABC
[2010/10/11 10:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2005/10/13 02:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JUSTSYSTEM
[2010/10/08 19:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2005/10/13 02:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MEGASOFT
[2009/04/08 13:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/28 18:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/02 05:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/10/26 23:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Audacity
[2006/10/24 18:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Fujitsu
[2007/03/07 20:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\InterVideo
[2008/03/22 02:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\ivivo
[2006/10/24 18:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Justsystem
[2006/10/15 03:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Leadertech
[2008/02/04 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MEGASOFT
[2006/09/19 22:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MSNInstaller
[2007/08/06 21:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\s-woman_ticker
[2010/08/25 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\UNBALANCE
[2010/10/12 17:18:58 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/24 15:22:35 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2010/10/12 09:43:36 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/05 23:00:00 | 000,132,398 | RHS- | M] () -- C:\bootfont.bin
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/12 16:24:16 | 000,019,854 | ---- | M] () -- C:\ComboFix.txt
[2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/10/12 16:15:43 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
[2006/10/14 03:01:48 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/05 23:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/05/18 23:14:38 | 000,260,800 | RHS- | M] () -- C:\ntldr
[2010/10/12 16:15:42 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2008/08/21 21:27:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/08/21 22:43:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/08/25 19:00:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/01/05 01:58:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/08/01 01:31:25 | 000,000,280 | -H-- | M] () -- C:\sqmdata04.sqm
[2010/05/25 22:13:22 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010/05/25 22:13:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010/05/25 22:14:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/05/25 22:14:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/05/25 22:14:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/25 22:14:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/05/25 22:15:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010/05/25 22:16:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010/05/25 22:16:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010/05/25 22:16:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010/05/25 22:17:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2008/08/01 19:54:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2008/08/02 03:43:09 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2008/08/03 20:44:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2008/08/09 18:07:51 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2008/08/21 21:27:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/08/21 22:43:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/08/25 19:00:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/01/05 01:58:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/08/01 01:31:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010/05/25 22:13:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010/05/25 22:13:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010/05/25 22:14:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010/05/25 22:14:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/05/25 22:14:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/05/25 22:14:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/25 22:15:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/05/25 22:16:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010/05/25 22:16:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010/05/25 22:16:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010/05/25 22:17:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2008/08/01 19:54:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2008/08/02 03:43:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2008/08/03 20:44:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2008/08/09 18:07:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010/10/11 10:18:33 | 000,079,958 | ---- | M] () -- C:\TDSSKiller.2.4.1.0_11.10.2010_10.17.42_log.txt
[2001/05/24 14:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2007/09/14 15:41:49 | 000,000,158 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/07/10 16:09:04 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
[14 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/04/09 15:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/09/08 01:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/10/10 14:38:05 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/07/11 01:00:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/07/11 01:00:34 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/07/11 01:00:33 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/17 18:37:21 | 000,000,125 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2006/07/10 16:12:56 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\デスクトップの表示.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/09/17 18:37:20 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/05/24 15:04:24 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\desktop.ini
[2010/10/12 17:18:55 | 000,573,440 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/27 16:11:12 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2006/08/02 01:29:44 | 000,577,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 13:25:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 03:08:58 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 03:08:58 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/03 01:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/14 04:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 13:26:19 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 03:08:58 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 03:08:58 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 03:08:58 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 03:08:58 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 03:08:58 | 000,140,919 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm
[1 C:\Program Files\Messenger\*.tmp files -> C:\Program Files\Messenger\*.tmp -> ]

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66E02052

< End of report >
 
OTL Extras logfile created on: 2010/10/12 17:15:29 - Run 1
OTL by OldTimer - Version 3.2.15.1 Folder = C:\Documents and Settings\YUKIKO\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

502.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 66.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.66 Gb Free Space | 17.88% Space Free | Partition Type: NTFS
Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.06% Space Free | Partition Type: NTFS

Computer Name: XXXXXXX | User Name: YUKIKO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22008
"2541:TCP" = 2541:TCP:*:Enabled:lmzdxmfc

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe" = C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe:*:Enabled:Adobe Photoshop Album Mini 3.0 -- (Adobe Systems Incorporated)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio オーディオフィルタ機能 カスタムプリセット
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{05257AC0-DD20-11D2-AC05-0000F4ADD897}" = HD革命/BackUp (バンドル版)
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08E55380-1517-4A89-B1FA-CCE7E9EDE4E5}" = 筆ぐるめ Ver.13
"{0B59411E-1900-463C-AE64-AA106BB2BD58}" = えいご漬け 改訂版(体験版)
"{0F33B730-E81D-11D3-B72E-00104BC853D6}" = 駅すぱあと
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO カメラユーティリティ
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{156E4680-CA1F-4D45-AE9F-D6731E37C175}" = Sony FeliCa リーダー/ライター ソフトウェア
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2EF73726-9C12-42A0-952D-9753FBF86E58}" = IFL
"{31BBD146-CCC2-4E3F-B560-4D3906E2B041}" = CD Burning 4
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4021D88F-E224-402F-919E-B3F053B57724}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{463F8033-9083-4DCE-8A1A-CA588D8EF9AF}" = 静止画色補正
"{48D2C608-6E46-4978-A2D4-67E34F95E971}" = かんたん登録2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe(R) Photoshop(R) Album Mini 3.0
"{5299C5E1-70F9-3D1D-A1FA-BDECA4EC8015}" = Google Talk Plugin
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{582C5C46-399D-4A9D-AB9F-C36F6FEC85EA}" = VAIO CameraVJ Screen Saver
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media (再配布) 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{597C68AF-3EF7-4310-8725-2E034914613B}" = Microsoft Office Home Style+
"{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
"{5BEB5AA0-7B78-4D85-8D98-F84CA1E063E9}" = かざポン for VAIO
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5E862EC5-40B2-4A7E-A87D-B504E141318A}" = スクリーンセーバーロック2
"{600D85D0-14E9-4B52-A125-F31668C6BE96}" = FeliCaブラウザエクステンション
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = はじめよう! ワイヤレスLAN
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{63BE6BE8-C96D-4CCD-B6E3-416FEC883D59}" = i-フィルター 4
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E7A57D-89ED-4C16-A37C-AA53EF059F9A}" = かざしてログオン
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{70BF00E7-5187-4C30-8D57-BF9D9E4A5AD3}" = スマート メニュー (Windows Live Toolbar)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7D90730F-D29E-4386-95F0-BCF79ECF634E}" = Do VAIO バックアップツール
"{7FDA96DC-0EFF-4BB4-81BD-6CA64831CAA8}" = VAIO Photo Fall WIDE
"{802AE695-3C5A-48A2-99B4-066298E659A8}" = Smart Network Ver. 2.2.02
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{86579038-5AD4-4399-A34C-C6E2E57539E9}" = 大富豪Plus5 体験版
"{87246AC6-09F0-46FA-8DCA-E425D51EFEAA}" = ホットスポット・ツール
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8DF01556-CD47-418B-88AA-CBCADA8A8D6F}" = ドラネットキッズ入学準備 体験版
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{90330411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Personal Edition 2003
"{90AF0411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{940475B4-367E-4D27-8841-163E3C980F52}" = Windows Live へのリンク (Windows Live Toolbar)
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9C0EA18A-4C72-11D7-B65B-00C04F790F76}" = AC3 Encoder / Decoder
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO 省電力設定
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.4
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3CD0C7C-A012-48B6-BCD8-3756FA177BD4}" = サンリオ タイニーパークV
"{A5F3B2A6-CB42-11D6-9161-00E02975BB40}" = 一太郎ビューア
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio オーディオフィルタ機能
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1041-7B44-A90000000001}" = Adobe Reader 9 - Japanese
"{AD0DDEC6-4798-4DE5-87DC-4367D694ED06}" = Microsoft .NET Framework 1.1 Japanese Language Pack
"{AD650226-3335-45BB-9640-D8C973366A1A}" = パーソナルシェルター
"{ADAB8F0D-D35B-4792-80A0-EF8749D8CF74}" = VAIO Guide Movie Components
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.59
"{AFF6B50E-C9C5-49BE-92E8-C9CEC98DE3D0}" = Do VAIO
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B6300A7D-C1B6-4A25-861D-4AED96202FCD}" = Readiris Pro 10
"{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}" = バイオ電子マニュアル
"{B971BB45-3FEC-4464-BF4F-B3203EC17BE2}" = タイピング競馬 体験版
"{BA4028C1-47C6-40C7-97A2-C2507675B0AD}" = Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BDCF2850-450F-4643-9C64-2BFB3631AC83}" = タブ ブラウズ (Windows Live Toolbar)
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 2.2
"{C58A56A1-33F5-48D0-A84D-88F75A351068}" = VAIO Launcher
"{C99E6F22-FD0E-4D6E-925A-268AD1C050D6}" = its-moNavi PC
"{C9D692F4-D762-4A56-801B-9B9EE0AF0C91}" = ATLAS 翻訳パーソナル 2006 LE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD818656-33B7-4B49-808C-7876E9484FAA}" = 「時事通信社・家庭の医学」「血液サラサラ健康事典」
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D30F9503-071B-4354-827D-C72D8E75BB05}" = Edy Viewer
"{D3B16DA0-1E93-11D5-A26F-009027CB933C}" = So-net簡単スターターV2.3
"{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2AA57CD-A819-406F-B422-A9211DA758B5}" = Windows Live Toolbar
"{E2C94613-2E76-418B-A8E7-0FFFE9EADCDE}" = VAIO オンラインカスタマー登録
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}" = バイオ電子マニュアル データベース
"{E6AD2F37-3B4A-4EEC-ACDB-28BC08A81648}" = ドラネット小学一年生 体験版
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ED46C765-9EB0-4D4A-AD6C-29CF7E8007B0}" = SFCard Viewer 2
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio プラグイン
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F41C96F8-3D72-4F94-9E9E-0B4E8F2B0C61}" = かざそうFeliCa
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = バイオの設定
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AdobeESD" = Adobe Download Manager 2.2 (削除のみ)
"avast5" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"GDBase" = 学研電子辞典
"Google Chrome Frame" = Google Chrome フレーム
"Google Updater" = Google アップデータ
"HitmanPro35" = Hitman Pro 3.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"InstallShield_{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
"InterActual Player" = InterActual Player
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox (2.0.0.20)" = Mozilla Firefox (2.0.0.20)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NoteBurner_is1" = NoteBurner 2.22
"OCNスタートパック" = OCNスタートパック
"PC Suite" = PC Suite
"ProInst" = インテル(R) PROSet/Wireless ソフトウェア
"RealPlayer 12.0" = RealPlayer
"SkypeForOE_is1" = Skype Toolbar for Outlook Express
"VLC media player" = VideoLAN VLC media player 0.8.6e
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo!7 Messenger" = Yahoo!7 Messenger
"Yahoo!メッセンジャー" = Yahoo!メッセンジャー
"わが家の家計簿" = わが家の家計簿
 
========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010/10/11 4:49:33 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 4:54:33 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 4:59:33 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:04:36 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:09:37 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:14:39 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:19:41 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:24:41 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:29:41 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 2010/10/11 5:34:41 | Computer Name = TOYOMASU | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

[ System Events ]
Error - 2010/10/11 19:23:11 | Computer Name = TOYOMASU | Source = DCOM | ID = 10005
Description = サーバー: {4991D34B-80A1-4291-83B6-3328366B9097} を実行するために サービス BITS (引数
"") を起動しようとしたときに、DCOM でエラー "%1058" が発生しました。

Error - 2010/10/11 19:23:11 | Computer Name = TOYOMASU | Source = DCOM | ID = 10005
Description = サーバー: {4991D34B-80A1-4291-83B6-3328366B9097} を実行するために サービス BITS (引数
"") を起動しようとしたときに、DCOM でエラー "%1058" が発生しました。

Error - 2010/10/11 23:38:14 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

Error - 2010/10/11 23:43:56 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

Error - 2010/10/11 23:56:09 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7006
Description = ScRegSetValueExW の呼び出しは FailureActions により次のエラーで失敗しました: %%5

Error - 2010/10/11 23:56:09 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7006
Description = ScRegSetValueExW の呼び出しは FailureActions により次のエラーで失敗しました: %%5

Error - 2010/10/11 23:56:09 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7006
Description = ScRegSetValueExW の呼び出しは FailureActions により次のエラーで失敗しました: %%5

Error - 2010/10/11 23:59:06 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Helper Installer は次のエラーで終了しました: %%126

Error - 2010/10/12 1:04:24 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

Error - 2010/10/12 1:10:28 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開


< End of report >

Man that's a lot of posts, perhaps this forum could do with a slight upgrade on the characters allowed in a single post :D

Thanks for this
 
Only one problem now.DOS crashes when I RUN:

ipconfig /all from the RUN box, though when I run it from DOS it's fine.

Hmmmmm seems to be happening on my other computer as well.. Damn it!
 
I can't comment until we're done with a whole cleaning procedure....

We need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

==========================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.une.edu.au:8080
    FF - prefs.js..network.proxy.autoconfig_url: "http;//proxy.une.edu.au/proxy"
    FF - prefs.js..network.proxy.ftp: "proxy.une.edu.au"
    FF - prefs.js..network.proxy.ftp_port: 8080
    FF - prefs.js..network.proxy.gopher: "proxy.une.edu.au"
    FF - prefs.js..network.proxy.gopher_port: 8080
    FF - prefs.js..network.proxy.http: "proxy.une.edu.au"
    FF - prefs.js..network.proxy.http_port: 8080
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.socks: "proxy.une.edu.au"
    FF - prefs.js..network.proxy.socks_port: 8080
    FF - prefs.js..network.proxy.ssl: "proxy.une.edu.au"
    FF - prefs.js..network.proxy.ssl_port: 8080
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:66E02052
    
    
    :Services
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

======================================================================

Last scans.....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Status
Not open for further replies.
Back