Solved Possivle virus is present: Virus link was followed from email

Status
Not open for further replies.
mylonite

mylonite

Posts: 45   +0
Hi there, another problem with the same computer, The computers language is Japanese. A virus sent a link to a seemingly virus free Italian website. The link was opened a few moments before I had time to say don't open it. The website however came up as clean on a couple of website scanners AVG, Kaspersky etc on urlvoid.com

As this email was later identified to have been created by a virus on a close friends computer, I would like to be sure that there isn't a virus still on this computer.

I am still unable to use malwarebytes on this computer, the message that comes up is that the program is short on memory? 'or something along these lines,' and needs to close, this is usually whilst searching through the system 32 folder, a common place for viruses to hide, etc.

I have after several tries got the GMER scan to work, as the computer would for the last tries come up with a similar message and struggle to load the save window, once the scan finished. I gave it a fair amount of time to lead today and as a result managed to let the window load. The computer also really got the fans working and ran exceptionally slowly after running a scan, and is also running much slower than usual.

Here are the scans as follows:
 
Actually, the GMER log is empty, so it seems it unable to run it successfully. I will try to run the scan again in safe mode and hopefully I will have more luck. I will post the DDS Logs.

ATTACH.txt

DDS (Ver_10-11-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2006/09/17 17:36:46
System Uptime: 2010/11/09 21:41:45 (0 hours ago)

Motherboard: Sony Corporation | | Q-Project
Processor: Intel(R) Celeron(R) M processor 1.60GHz | N/A | 1595/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 5.001 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 10.417 GiB free.
E: is CDROM ()
G: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 ネット アダプタ
Device ID: V1394\NIC1394\22C245E8004603
Manufacturer: Microsoft
Name: 1394 ネット アダプタ
PNP Device ID: V1394\NIC1394\22C245E8004603
Service: NIC1394

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
Manufacturer: Atheros
Name: Atheros Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_04061468&REV_01\4&AD1B67F&0&50F0
Service: AR5211

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer:
Name:
PNP Device ID: ROOT\SCSIADAPTER\0000
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================


「時事通信社・家庭の医学」「血液サラサラ健康事典」
AC3 Encoder / Decoder
Adobe Download Manager 2.2 (削除のみ)
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.0
Adobe(R) Photoshop(R) Album Mini 3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Wireless LAN
ATLAS 翻訳パーソナル 2006 LE
avast! Free Antivirus
Bonjour
CD Burning 4
Click to DVD 2.0.03 Menu Data
Click to DVD 2.5.30
Do VAIO
Do VAIO バックアップツール
DVgate Plus
Edy Viewer
ESET Online Scanner v3
FeliCaブラウザエクステンション
Google Chrome
Google Chrome フレーム
Google Earth
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google アップデータ
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HD革命/BackUp (バンドル版)
High Definition Audio Driver Package - KB835221
Hitman Pro 3.5
Hotfix for Windows Media Format 11 SDK (KB929399)
i-フィルター 4
IFL
Image Converter 2 Plus
Intel(R) Graphics Media Accelerator Driver for Mobile
InterActual Player
InterVideo WinDVD for VAIO
InterVideo WinDVDX
its-moNavi PC
iTunes
Java Auto Updater
Java(TM) 6 Update 21
LAME v3.98.2 for Audacity
LAN-Express AS IEEE 802.11 Wireless LAN
Last.fm 1.5.4.27091
Malwarebytes' Anti-Malware
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Japanese Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Home Style+
Microsoft Office Personal Edition 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mMHouse
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
NoteBurner 2.22
OCNスタートパック
OpenMG Secure Module 5.0.00
PC Suite
PictureGear Studio 2.0
QuickTime
Readiris Pro 10
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.0
Roxio DigitalMedia Audio
Roxio DigitalMedia Copy
Roxio DigitalMedia Data
Security Update for CAPICOM (KB931906)
Setting Utility Series
SFCard Viewer 2
Skype Toolbars
Skype? 4.2
Smart Network Ver. 2.2.02
So-net簡単スターターV2.3
SonicStage 4.4
Sony FeliCa リーダー/ライター ソフトウェア
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Step by Step Interactive Training 用セキュリティ更新プログラム (KB898458)
Step by Step Interactive Training 用セキュリティ更新プログラム (KB923723)
System Requirements Lab for Intel
VAIO Aqua Breeze Wallpaper
VAIO CameraVJ Screen Saver
VAIO Cozy Orange Wallpaper
VAIO Entertainment Platform
VAIO Event Service
VAIO Guide
VAIO Guide Movie Components
VAIO Hardware Diagnostics
VAIO Launcher
VAIO Long Battery Life Wallpaper
VAIO Media (再配布) 5.0
VAIO Media 5.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 5.0
VAIO Media Registration Tool 5.0
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
VAIO Photo Fall WIDE
VAIO Tender Green Wallpaper
VAIO Update
VAIO オンラインカスタマー登録
VAIO カメラユーティリティ
VAIO 省電力設定
VideoLAN VLC media player 0.8.6e
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 7 セキュリティ更新 (KB938127)
Windows Internet Explorer 7 セキュリティ更新 (KB950759)
Windows Internet Explorer 7 セキュリティ更新 (KB956390)
Windows Internet Explorer 7 セキュリティ更新 (KB958215)
Windows Internet Explorer 7 セキュリティ更新 (KB960714)
Windows Internet Explorer 7 セキュリティ更新 (KB961260)
Windows Internet Explorer 7 セキュリティ更新 (KB963027)
Windows Internet Explorer 7 セキュリティ更新 (KB969897)
Windows Internet Explorer 8
Windows Internet Explorer 8 セキュリティ更新 (KB2183461)
Windows Internet Explorer 8 セキュリティ更新 (KB2360131)
Windows Internet Explorer 8 セキュリティ更新 (KB971961)
Windows Internet Explorer 8 セキュリティ更新 (KB976325)
Windows Internet Explorer 8 セキュリティ更新 (KB978207)
Windows Internet Explorer 8 セキュリティ更新 (KB981332)
Windows Internet Explorer 8 セキュリティ更新 (KB982381)
Windows Internet Explorer 8 更新 (KB975364)
Windows Internet Explorer 8 更新 (KB976662)
Windows Internet Explorer 8 更新 (KB980182)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
Windows Live へのリンク (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player (KB2378111) セキュリティ問題の修正プログラム
Windows Media Player (KB911564) セキュリティ問題の修正プログラム
Windows Media Player (KB952069) セキュリティ問題の修正プログラム
Windows Media Player (KB954155) セキュリティ問題の修正プログラム
Windows Media Player (KB968816) セキュリティ問題の修正プログラム
Windows Media Player (KB973540) セキュリティ問題の修正プログラム
Windows Media Player (KB975558) セキュリティ問題の修正プログラム
Windows Media Player (KB978695) セキュリティ問題の修正プログラム
Windows Media Player 10 (KB911565) セキュリティ問題の修正プログラム
Windows Media Player 10 (KB917734) セキュリティ問題の修正プログラム
Windows Media Player 11
Windows Media Player 11 (KB936782) セキュリティ問題の修正プログラム
Windows Media Player 11 (KB939683) ホットフィックス
Windows Media Player 11 (KB954154) セキュリティ問題の修正プログラム
Windows Media Player 11 (KB959772) 重要な更新
Windows Media Player 6.4 (KB925398) セキュリティ問題の修正プログラム
Windows XP (KB941569) セキュリティ問題の修正プログラム
Windows XP Service Pack 3
Windows XP セキュリティ更新 (KB2079403)
Windows XP セキュリティ更新 (KB2115168)
Windows XP セキュリティ更新 (KB2121546)
Windows XP セキュリティ更新 (KB2160329)
Windows XP セキュリティ更新 (KB2229593)
Windows XP セキュリティ更新 (KB2259922)
Windows XP セキュリティ更新 (KB2279986)
Windows XP セキュリティ更新 (KB2286198)
Windows XP セキュリティ更新 (KB2296011)
Windows XP セキュリティ更新 (KB2347290)
Windows XP セキュリティ更新 (KB2360937)
Windows XP セキュリティ更新 (KB2387149)
Windows XP セキュリティ更新 (KB923561)
Windows XP セキュリティ更新 (KB938464-v2)
Windows XP セキュリティ更新 (KB938464)
Windows XP セキュリティ更新 (KB946648)
Windows XP セキュリティ更新 (KB950760)
Windows XP セキュリティ更新 (KB950762)
Windows XP セキュリティ更新 (KB950974)
Windows XP セキュリティ更新 (KB951066)
Windows XP セキュリティ更新 (KB951376-v2)
Windows XP セキュリティ更新 (KB951698)
Windows XP セキュリティ更新 (KB951748)
Windows XP セキュリティ更新 (KB952004)
Windows XP セキュリティ更新 (KB952954)
Windows XP セキュリティ更新 (KB954211)
Windows XP セキュリティ更新 (KB954459)
Windows XP セキュリティ更新 (KB954600)
Windows XP セキュリティ更新 (KB955069)
Windows XP セキュリティ更新 (KB956391)
Windows XP セキュリティ更新 (KB956572)
Windows XP セキュリティ更新 (KB956744)
Windows XP セキュリティ更新 (KB956802)
Windows XP セキュリティ更新 (KB956803)
Windows XP セキュリティ更新 (KB956841)
Windows XP セキュリティ更新 (KB956844)
Windows XP セキュリティ更新 (KB957095)
Windows XP セキュリティ更新 (KB957097)
Windows XP セキュリティ更新 (KB958644)
Windows XP セキュリティ更新 (KB958687)
Windows XP セキュリティ更新 (KB958690)
Windows XP セキュリティ更新 (KB958869)
Windows XP セキュリティ更新 (KB959426)
Windows XP セキュリティ更新 (KB960225)
Windows XP セキュリティ更新 (KB960715)
Windows XP セキュリティ更新 (KB960803)
Windows XP セキュリティ更新 (KB960859)
Windows XP セキュリティ更新 (KB961371-v2)
Windows XP セキュリティ更新 (KB961371)
Windows XP セキュリティ更新 (KB961373)
Windows XP セキュリティ更新 (KB961501)
Windows XP セキュリティ更新 (KB968537)
Windows XP セキュリティ更新 (KB969059)
Windows XP セキュリティ更新 (KB969898)
Windows XP セキュリティ更新 (KB969947)
Windows XP セキュリティ更新 (KB970238)
Windows XP セキュリティ更新 (KB970430)
Windows XP セキュリティ更新 (KB971468)
Windows XP セキュリティ更新 (KB971486)
Windows XP セキュリティ更新 (KB971557)
Windows XP セキュリティ更新 (KB971633)
Windows XP セキュリティ更新 (KB971657)
Windows XP セキュリティ更新 (KB972270)
Windows XP セキュリティ更新 (KB973346)
Windows XP セキュリティ更新 (KB973354)
Windows XP セキュリティ更新 (KB973507)
Windows XP セキュリティ更新 (KB973525)
Windows XP セキュリティ更新 (KB973869)
Windows XP セキュリティ更新 (KB973904)
Windows XP セキュリティ更新 (KB974112)
Windows XP セキュリティ更新 (KB974318)
Windows XP セキュリティ更新 (KB974392)
Windows XP セキュリティ更新 (KB974571)
Windows XP セキュリティ更新 (KB975025)
Windows XP セキュリティ更新 (KB975467)
Windows XP セキュリティ更新 (KB975560)
Windows XP セキュリティ更新 (KB975561)
Windows XP セキュリティ更新 (KB975562)
Windows XP セキュリティ更新 (KB975713)
Windows XP セキュリティ更新 (KB977165)
Windows XP セキュリティ更新 (KB977816)
Windows XP セキュリティ更新 (KB977914)
Windows XP セキュリティ更新 (KB978037)
Windows XP セキュリティ更新 (KB978251)
Windows XP セキュリティ更新 (KB978262)
Windows XP セキュリティ更新 (KB978338)
Windows XP セキュリティ更新 (KB978542)
Windows XP セキュリティ更新 (KB978601)
Windows XP セキュリティ更新 (KB978706)
Windows XP セキュリティ更新 (KB979309)
Windows XP セキュリティ更新 (KB979482)
Windows XP セキュリティ更新 (KB979559)
Windows XP セキュリティ更新 (KB979683)
Windows XP セキュリティ更新 (KB979687)
Windows XP セキュリティ更新 (KB980195)
Windows XP セキュリティ更新 (KB980218)
Windows XP セキュリティ更新 (KB980232)
Windows XP セキュリティ更新 (KB980436)
Windows XP セキュリティ更新 (KB981322)
Windows XP セキュリティ更新 (KB981852)
Windows XP セキュリティ更新 (KB981957)
Windows XP セキュリティ更新 (KB981997)
Windows XP セキュリティ更新 (KB982132)
Windows XP セキュリティ更新 (KB982214)
Windows XP セキュリティ更新 (KB982665)
Windows XP セキュリティ更新 (KB982802)
Windows XP ホットフィックス (KB2158563)
Windows XP ホットフィックス (KB952287)
Windows XP ホットフィックス (KB970653-v3)
Windows XP ホットフィックス (KB976098-v2)
Windows XP ホットフィックス (KB979306)
Windows XP ホットフィックス (KB981793)
Windows XP 更新 (KB2141007)
Windows XP 更新 (KB2345886)
Windows XP 更新 (KB951072-v2)
Windows XP 更新 (KB951978)
Windows XP 更新 (KB955759)
Windows XP 更新 (KB955839)
Windows XP 更新 (KB967715)
Windows XP 更新 (KB968389)
Windows XP 更新 (KB971737)
Windows XP 更新 (KB973687)
Windows XP 更新 (KB973815)
WinRAR archiver
xrecode II 1.0.0.59
Yahoo! Internet Mail
Your Uninstaller! 2010
インテル(R) PROSet/Wireless ソフトウェア
えいご漬け 改訂版(体験版)
かざしてログオン
かざそうFeliCa
かざポン for VAIO
かんたん登録2
サンリオ タイニーパークV
スクリーンセーバーロック2
スマート メニュー (Windows Live Toolbar)
タイピング競馬 体験版
タブ ブラウズ (Windows Live Toolbar)
ドラネットキッズ入学準備 体験版
ドラネット小学一年生 体験版
パーソナルシェルター
バイオの設定
バイオ電子マニュアル
バイオ電子マニュアル データベース
はじめよう! ワイヤレスLAN
ホットスポット・ツール
みんなでTV電話スタータ
わが家の家計簿
一太郎ビューア
駅すぱあと
学研電子辞典
静止画色補正
大富豪Plus5 体験版
筆ぐるめ Ver.13

==== End Of File ===========================
 
The DDS File:

DDS


DDS (Ver_10-11-01.01) - NTFSx86
Run by YUKIKO at 21:51:47.95 on 2010/11/09
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1041.18.502.217 [GMT 11:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\JUSTSYSTEM\PersonalShelter\TxVDrvSvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sony\SetGamma\SetGamma.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup
C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.yahoo.co.jp/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: かんたん登録2: {0dd41ae7-6196-42e7-bde5-4f393997449e} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FeliCaブラウザエクステンション: {ec5d2125-d8ab-4a18-a599-d97d2731de19} - c:\program files\sony\felicabrowserextension\fbe.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\7.0.517.43\npchrome_frame.dll
TB: かんたん登録2 ツールバー: {833cfe4e-05bd-43a3-97a7-a4e80d742f0f} - c:\progra~1\justsy~1\simple~1\AtInBnd.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: &Yahoo!ツールバー: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [IMJPMIG9.0] c:\progra~1\common~1\micros~1\ime\imjp9\IMJPMIG.EXE /Preload /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [SetGamma] c:\program files\sony\setgamma\SetGamma.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [INPROCOMMWireless] c:\program files\atheros\wireless\utility\WlanUtil.exe
dRun: [ctfmon.exe] ctfmon.exe
IE: Google サイドウィキ... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - c:\progra~1\yahoo!j\messen~1\YPagerj.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\7.0.517.43\npchrome_frame.dll
Handler: msjwwdat - {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - c:\program files\microsoft office\home style\jww\JWWData.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-11 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-11 17744]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2006-7-10 16194]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-10-14 38224]
S3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\qscnusb.sys [2010-8-23 103552]

=============== Created Last 30 ================

2010-10-18 12:22:00 -------- d-----w- c:\program files\Lame for Audacity
2010-10-18 10:56:23 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-10-18 10:56:23 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-10-14 09:33:42 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
2010-10-14 09:33:41 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-14 09:33:40 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-14 09:33:19 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-14 09:22:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-14 09:21:58 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-14 09:21:57 -------- d-----w- c:\program files\Malwarebytes - Anti-Malware
2010-10-14 01:12:24 528096 ----a-w- c:\windows\system32\drivers\ar5211.sys
2010-10-14 01:12:24 28544 ----a-w- c:\windows\system32\drivers\callistx.sys
2010-10-14 01:12:23 -------- d-----w- c:\program files\Atheros
2010-10-13 23:23:15 -------- d-----w- c:\docume~1\yukiko\applic~1\URSoft
2010-10-13 23:23:07 -------- d-----w- c:\program files\Your Uninstaller 2010
2010-10-13 01:13:14 -------- d-----w- c:\program files\ESET
2010-10-12 03:56:07 38848 ----a-w- c:\windows\avastSS.scr
2010-10-11 22:43:25 -------- d-sha-r- C:\cmdcons
2010-10-11 06:04:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-10-10 23:17:16 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-10-10 22:57:23 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-10-10 22:57:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-10-10 22:57:11 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-10-10 13:37:41 -------- d-----w- c:\docume~1\yukiko\applic~1\Malwarebytes
2010-10-10 13:37:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-10 13:37:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

==================== Find3M ====================

2010-10-04 03:09:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-04 03:09:11 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 06:53:18 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:18 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:18 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 01:23:20 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-10 05:48:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:47:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:47:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:50:45 285824 ------w- c:\windows\system32\atmfd.dll
2010-09-01 07:54:49 1852416 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:02 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:14 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43:58 8192 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:11:44 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44:09 590848 ----a-w- c:\windows\system32\rpcrt4.dll

============= FINISH: 21:53:49.64 ===============
 
Yes this is the same system, noting much has changed. Though now I am not only unable to run malwarebytes (which seemingly didn't get resolved), I am also unable to run GMER.

It wont run in safe mode nor normal mode, no matter how long I leave it.

Is there any more steps that I should take?

The computer system is running very slow and hot.
 
I have sent Broni a PM and asked him to pick up this thread, since you recently worked with him.
 
I'm here :)

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/


  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
  • Close SUPERAntiSpyware.
Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

  • Open SUPERAntiSpyware.
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Copy and paste the Scan Log results in your next reply with a new HijackThis log.
  • Click Close to exit the program.

Post SUPERAntiSpyware log.
 
Broni said:
    • Copy and paste the Scan Log results in your next reply with a new HijackThis log.
  • Click Close to exit the program.

Post SUPERAntiSpyware log.
Click to expand...

Not sure about this bit as you recommend on the instructions not to use this program? Perhaps an old bit of text you copied and pasted?

anyway here is the log as per requested, though only tracking cookies were found.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/11/2010 at 12:48 PM

Application Version : 4.45.1000

Core Rules Database Version : 5843
Trace Rules Database Version: 3655

Scan type : Complete Scan
Total Scan Time : 00:37:06

Memory items scanned : 285
Memory threats detected : 0
Registry items scanned : 7989
Registry threats detected : 0
File items scanned : 23240
File threats detected : 218

Adware.Tracking Cookie
C:\Documents and Settings\YUKIKO\Cookies\yukiko@au.adserver.yahoo[1].txt
C:\Documents and Settings\YUKIKO\Cookies\yukiko@richmedia.yahoo[1].txt
.richmedia.yahoo.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.xiti.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.www7.addfreestats.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.yahoojapan.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.welva.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.wotifcom.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.valueclick.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.videoegg.adbureau.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.valueclick.ne.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.valueclick.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.web-stats.jp [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.tracking.keywordmax.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.trackword.biz [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.uk.sitestat.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.tnswvisitnswdev.122.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.sonystylejp.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.sonymarketingjp.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.startspublishing.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.softbankbb.122.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.sonymusic.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statse.webtrendslive.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.spylog.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.stats.paypal.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.sofmap.112.2o7.net [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.stat.dealtime.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ice.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.rakuten.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.oricon.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.f2network.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.shop.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.shop.countryroad.com.au [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.virginmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.maruivoi.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.richmedia.yahoo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionbox.jp.msn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionbox.jp.msn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.msnportal.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.www.hittracker.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cast.trustclick.ne.jp [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kaspersky.122.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s05.flagcounter.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.burstnet.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
user.lucidmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.d3.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.112.2o7.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ext-us.bestofmedia.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
 
Perhaps an old bit of text you copied and pasted?
Click to expand...
Yes, sorry for that :)

Let's try to fix MBAM.

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility.
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here.
 
unfortunately the same error message pops up about insufficient memory.

It appears that MBAM wont work on this laptop.

What other steps can I take?
 
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
There were no objects found.

The log is as follows:

2010/11/13 11:35:01.0078 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/13 11:35:01.0078 ================================================================================
2010/11/13 11:35:01.0078 SystemInfo:
2010/11/13 11:35:01.0078
2010/11/13 11:35:01.0078 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/13 11:35:01.0078 Product type: Workstation
2010/11/13 11:35:01.0078 ComputerName: TOYOMASU
2010/11/13 11:35:01.0078 UserName: YUKIKO
2010/11/13 11:35:01.0078 Windows directory: C:\WINDOWS
2010/11/13 11:35:01.0078 System windows directory: C:\WINDOWS
2010/11/13 11:35:01.0078 Processor architecture: Intel x86
2010/11/13 11:35:01.0078 Number of processors: 1
2010/11/13 11:35:01.0078 Page size: 0x1000
2010/11/13 11:35:01.0078 Boot type: Normal boot
2010/11/13 11:35:01.0078 ================================================================================
2010/11/13 11:35:01.0906 Initialize success
2010/11/13 11:35:05.0062 ================================================================================
2010/11/13 11:35:05.0062 Scan started
2010/11/13 11:35:05.0062 Mode: Manual;
2010/11/13 11:35:05.0062 ================================================================================
2010/11/13 11:35:08.0125 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys
2010/11/13 11:35:08.0828 ACPI (7a1cdb2db39841ad75bc7c7f0464efb2) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/13 11:35:09.0156 ACPIEC (8838eab3a389c0b096ee691130f5c6c3) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2010/11/13 11:35:09.0468 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/13 11:35:09.0781 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/11/13 11:35:10.0171 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/13 11:35:11.0515 ApfiltrService (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2010/11/13 11:35:12.0234 AR5211 (0314407ea5ecd8b348b82d1c96834f44) C:\WINDOWS\system32\DRIVERS\ar5211.sys
2010/11/13 11:35:12.0671 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/11/13 11:35:13.0578 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010/11/13 11:35:13.0843 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys
2010/11/13 11:35:14.0296 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys
2010/11/13 11:35:14.0750 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys
2010/11/13 11:35:14.0843 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys
2010/11/13 11:35:15.0187 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/13 11:35:15.0359 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/13 11:35:16.0359 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/13 11:35:16.0906 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/13 11:35:17.0156 AWINDIS5 (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS
2010/11/13 11:35:17.0546 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/13 11:35:17.0906 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/13 11:35:18.0359 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/13 11:35:18.0625 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/13 11:35:19.0046 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/13 11:35:19.0156 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/13 11:35:19.0531 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/11/13 11:35:20.0218 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/11/13 11:35:21.0421 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/13 11:35:22.0125 dmboot (d2588be561221dc503eff3b4c49066af) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/13 11:35:22.0812 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
2010/11/13 11:35:23.0562 dmio (88991ec18e8d1e42c59a84d92e342d45) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/13 11:35:24.0031 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/13 11:35:24.0234 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/13 11:35:25.0000 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/13 11:35:25.0375 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/13 11:35:25.0578 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/11/13 11:35:25.0875 Fips (225cb09b8c3a59fd177423fbe8d44b02) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/13 11:35:26.0031 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/11/13 11:35:26.0406 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/13 11:35:26.0640 FsVga (9dd699bca7c08ca6c42d70b3ccbbb3f7) C:\WINDOWS\system32\DRIVERS\fsvga.sys
2010/11/13 11:35:26.0859 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/13 11:35:27.0046 Ftdisk (7b32415cf596fe0306c90b05fe29f325) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/13 11:35:27.0406 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/11/13 11:35:27.0593 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/13 11:35:28.0015 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/11/13 11:35:28.0437 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/13 11:35:28.0593 HSFHWAZL (acc46dda7fece95a253ae88cea172e12) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2010/11/13 11:35:28.0906 HSF_DPV (c9f4e7da78a02623abf78a4a34ce79b1) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2010/11/13 11:35:29.0234 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/13 11:35:29.0625 i8042prt (e2960fb6d8e099be41a33374f3528aeb) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/13 11:35:29.0890 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/11/13 11:35:30.0187 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/13 11:35:30.0843 IntcAzAudAddService (8443479648f804445e9dafef0f219231) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/11/13 11:35:32.0484 IntelIde (241595c675ddcce96c6ee4da8fa8f7b8) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/13 11:35:32.0906 intelppm (2d7d0f3eca9ef18200a7b42e9902b2f8) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/13 11:35:33.0062 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/13 11:35:33.0500 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/13 11:35:33.0687 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/13 11:35:34.0046 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/13 11:35:34.0500 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/13 11:35:34.0968 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/13 11:35:35.0359 isapnp (232774f529ef6e0b5d94a423de736812) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/13 11:35:35.0562 Kbdclass (bcfffeba2503a221741bfc49b8253fdc) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/13 11:35:35.0890 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/13 11:35:36.0109 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/13 11:35:36.0718 LEX_AS_NIC_SERVICE_YNOS (39ed22ee60eb121e1e0029e5e5e6f8d8) C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
2010/11/13 11:35:37.0281 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010/11/13 11:35:37.0750 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/11/13 11:35:38.0046 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/13 11:35:38.0625 MobileAdapter (83c97f6d9feb37af9d785ac099e41a42) C:\WINDOWS\system32\DRIVERS\qscnusb.sys
2010/11/13 11:35:38.0828 Modem (60445bf3606095104f66e85723ff2dc8) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/13 11:35:39.0125 Mouclass (264c4cd6aa9237ce23b79200d5044909) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/13 11:35:39.0312 mouhid (52a831d0de5d6cc4655642ed13cccd43) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/13 11:35:39.0500 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/13 11:35:39.0640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/13 11:35:40.0031 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/13 11:35:40.0281 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/13 11:35:40.0546 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/13 11:35:40.0640 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/13 11:35:41.0000 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/13 11:35:41.0171 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/13 11:35:41.0437 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/13 11:35:41.0656 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/13 11:35:42.0046 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/13 11:35:42.0187 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/13 11:35:42.0375 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/13 11:35:42.0578 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/13 11:35:42.0718 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/13 11:35:43.0000 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/13 11:35:43.0187 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/13 11:35:43.0453 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/13 11:35:43.0546 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/13 11:35:43.0750 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/11/13 11:35:44.0046 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/13 11:35:44.0281 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/13 11:35:44.0750 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/13 11:35:44.0890 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/13 11:35:45.0062 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/13 11:35:45.0281 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2010/11/13 11:35:45.0359 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2010/11/13 11:35:45.0515 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2010/11/13 11:35:45.0609 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/11/13 11:35:45.0750 Parport (bff867941573da75b046f0dfab96ca59) C:\WINDOWS\system32\drivers\Parport.sys
2010/11/13 11:35:45.0843 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/13 11:35:45.0953 ParVdm (acd12767f76bb6e7109fe17b00823543) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/13 11:35:46.0078 PCI (dc51fa93029662b7b42d41a8d0750c0e) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/13 11:35:46.0406 PCIIde (72d152abf38eb26671488f9ba23c78a8) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/13 11:35:46.0671 Pcmcia (2bd31d5e6c7100d795eec72ac4feac14) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2010/11/13 11:35:47.0265 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
2010/11/13 11:35:47.0484 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/13 11:35:47.0593 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/13 11:35:47.0656 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/13 11:35:47.0843 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/13 11:35:48.0843 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/13 11:35:49.0171 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/13 11:35:49.0359 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/13 11:35:49.0718 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/13 11:35:49.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/13 11:35:50.0359 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/13 11:35:50.0593 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/13 11:35:50.0937 redbook (c5927f08f38a8da6ce16b2d1017d8782) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/13 11:35:51.0296 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2010/11/13 11:35:51.0625 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2010/11/13 11:35:51.0953 s24trans (2862adb14481ac28f98105ff33a99eb0) C:\WINDOWS\system32\DRIVERS\s24trans.sys
2010/11/13 11:35:52.0234 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/11/13 11:35:52.0296 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/11/13 11:35:52.0812 sdcplh (b7ea2f12416693d2d9bffaaa5eff7037) C:\WINDOWS\system32\drivers\sdcplh.sys
2010/11/13 11:35:53.0062 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/13 11:35:53.0421 Serial (32be213745551fb893713308a28e832e) C:\WINDOWS\system32\drivers\Serial.sys
2010/11/13 11:35:53.0796 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2010/11/13 11:35:54.0671 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/13 11:35:55.0296 SNC (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
2010/11/13 11:35:55.0578 Sonyddpu (a19dfbf3213d9dd74941910458db6c81) C:\WINDOWS\system32\Drivers\Sonyddpu.sys
2010/11/13 11:35:55.0968 SonyImgF (c483fc0add8b074286600b9620ef2c16) C:\WINDOWS\system32\DRIVERS\SonyImgF.sys
2010/11/13 11:35:56.0593 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/11/13 11:35:57.0109 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/13 11:35:57.0265 sr (293f6452dbbd46d37bd0e1274dbe227e) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/13 11:35:57.0640 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/13 11:35:57.0859 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/13 11:35:58.0046 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/13 11:35:58.0187 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/13 11:35:58.0812 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/13 11:35:59.0265 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/13 11:35:59.0531 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/13 11:35:59.0812 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/13 11:35:59.0890 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/13 11:36:00.0046 tifmsony (2cfe4945e30455e5ad692ffa8593297f) C:\WINDOWS\system32\drivers\tifmsony.sys
2010/11/13 11:36:00.0562 TxVDrv (e34f3611fe41b53c197d6c5901b8de6f) C:\WINDOWS\system32\drivers\TxVDrv.sys
2010/11/13 11:36:00.0765 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/13 11:36:01.0171 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/13 11:36:01.0531 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/11/13 11:36:01.0765 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/11/13 11:36:02.0093 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/13 11:36:02.0328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/13 11:36:02.0671 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/13 11:36:02.0828 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/13 11:36:03.0203 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/13 11:36:03.0718 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/13 11:36:04.0078 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/13 11:36:04.0468 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2010/11/13 11:36:04.0812 usbvm321 (f9d550545afec1d581d2539f3488c4cd) C:\WINDOWS\system32\Drivers\usbvm321.sys
2010/11/13 11:36:05.0500 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/13 11:36:05.0937 VolSnap (72a85441a8285ef8af2794c42d87935f) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/13 11:36:06.0796 w29n51 (68eb5bc07781a36a63633541c11e1ad6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2010/11/13 11:36:07.0140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/13 11:36:07.0296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/13 11:36:07.0546 winachsf (c1d5cbd8aa0d674da1ba1bb189696396) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/11/13 11:36:07.0828 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/11/13 11:36:08.0015 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/13 11:36:08.0093 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/13 11:36:10.0890 ================================================================================
2010/11/13 11:36:10.0890 Scan finished
2010/11/13 11:36:10.0890 ================================================================================


Thanks Broni :)
 
Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
ComboFix 10-11-12.01 - YUKIKO 2010/11/13 13:57:22.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.932.81.1041.18.502.305 [GMT 11:00]
Running from: c:\documents and settings\YUKIKO\デスクトップ\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((( Files Created from 2010-10-13 to 2010-11-13 )))))))))))))))))))))))))))))))
.

2010-11-11 05:55 . 2010-04-29 04:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-11 05:55 . 2010-11-11 05:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-11 05:55 . 2010-04-29 04:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\documents and settings\YUKIKO\Application Data\SUPERAntiSpyware.com
2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-11-11 01:01 . 2010-11-11 01:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-11-10 00:19 . 2010-11-10 00:21 -------- d-----w- c:\documents and settings\Administrator
2010-10-18 12:22 . 2010-10-18 12:22 -------- d-----w- c:\program files\Lame for Audacity
2010-10-18 10:56 . 2008-04-13 16:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-10-18 10:56 . 2008-04-13 16:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2010-10-14 09:33 . 2010-09-18 06:53 954368 -c----w- c:\windows\system32\dllcache\mfc40.dll
2010-10-14 09:33 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-14 09:33 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-14 09:33 . 2010-08-23 16:11 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-13 05:19 . 2010-10-10 22:57 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-10-10 23:17 . 2010-10-10 23:17 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-10-10 02:30 . 2010-10-10 02:30 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-10-04 03:09 . 2010-10-04 03:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-04 03:09 . 2010-10-04 03:09 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 06:53 . 2006-07-10 04:54 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-07-10 04:54 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-07-10 04:54 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 01:23 . 2006-07-10 04:54 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-10 05:48 . 2006-07-10 04:54 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:47 . 2006-07-10 04:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:47 . 2006-07-10 04:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:50 . 2006-07-10 04:53 285824 ------w- c:\windows\system32\atmfd.dll
2010-09-01 07:54 . 2009-01-01 17:10 1852416 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2006-07-10 04:54 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2009-01-01 17:10 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-04 22:25 8192 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2009-01-01 17:09 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:11 . 2009-01-01 17:10 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2006-07-10 04:54 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44 . 2006-07-10 04:54 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-17 118784]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-08-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-08-05 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-08-05 114688]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-09 14743552]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 184320]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"IMJPMIG9.0"="c:\progra~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE" [2007-04-19 125792]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-05 44032]
"SetGamma"="c:\program files\Sony\SetGamma\SetGamma.exe" [2005-08-10 94208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-13 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

c:\documents and settings\Administrator\スタート メニュー\プログラム\スタートアップ\
E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

c:\documents and settings\Default User\スタート メニュー\プログラム\スタートアップ\
E-Flyer.lnk - c:\program files\Sony\E-Flyer\E-Flyer.exe [2006-7-11 491520]
VAIOランチャー.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2005-10-13 880640]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 05:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
Ime File REG_SZ imjp9.ime

[HKLM\~\startupfolder\C:^Documents and Settings^YUKIKO^スタート メニュー^プログラム^スタートアップ^Yahoo! Widget Engine.lnk]
path=c:\documents and settings\YUKIKO\スタート メニュー\プログラム\スタートアップ\Yahoo! Widget Engine.lnk
backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^YUKIKO^スタート メニュー^プログラム^スタートアップ^かざそうFeliCa.lnk]
path=c:\documents and settings\YUKIKO\スタート メニュー\プログラム\スタートアップ\かざそうFeliCa.lnk
backup=c:\windows\pss\かざそうFeliCa.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 12:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-30 07:50 57344 ----a-w- c:\program files\Adobe\Photoshop Album Mini\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-22 17:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2005-06-11 10:51 53248 ----a-w- c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-03-27 03:28 133104 ----atw- c:\documents and settings\YUKIKO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HitmanPro35]
2010-10-13 05:19 6238016 ----a-w- c:\program files\Hitman Pro 3.5\HitmanPro35.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-14 02:26 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2004-02-20 05:12 32768 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 09:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NoteBurner]
2008-08-03 23:13 4354048 ----a-w- c:\program files\NoteBurner\VTBurnerGUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 14:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 05:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Network]
2003-07-29 12:30 163840 ----a-w- c:\program files\Sony\Smart Network\BeServe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
2007-12-17 02:20 476448 ----a-w- c:\progra~1\Sony\SONICS~1\SSAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-13 12:10 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Update 5]
2010-04-07 23:45 1459568 ----a-w- c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2007-01-08 11:38 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Adobe\\Photoshop Album Mini\\3.0\\Apps\\Photoshop Album Starter Edition.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\YUKIKO\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2541:TCP"= 2541:TCP:lmzdxmfc

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2010/02/18 5:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010/05/11 5:41 67656]
R1 TxVDrv;TxVDrv;c:\windows\system32\drivers\TxVDrv.sys [2005/10/13 2:40 22272]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010/11/13 13:40 135336]
R2 TxVDrvSvc;TXVDrv Service;c:\program files\Justsystem\PersonalShelter\TxVDrvSvc.exe [2005/10/13 2:40 45056]
R3 Sonyddpu;Sony FeliCa Reader/Writer;c:\windows\system32\drivers\Sonyddpu.sys [2006/07/10 15:55 49664]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2006/07/10 15:55 30080]
S2 gupdate1c9f282e893c17c;Google アップデート サービス (gupdate1c9f282e893c17c);c:\program files\Google\Update\GoogleUpdate.exe [2009/06/22 2:13 133104]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2006/07/10 17:08 16194]
S3 BeService;Smart Network Service;c:\program files\Sony\Smart Network\BeService.exe [2005/10/13 2:43 77824]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010/11/11 16:55 38224]
S3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\qscnusb.sys [2010/08/23 11:53 103552]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010/01/17 19:24 722288]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ANTIVIRSCHEDULERSERVICE
*NewlyCreated* - ANTIVIRSERVICE
*NewlyCreated* - AVGIO
*NewlyCreated* - AVGNTFLT
*NewlyCreated* - AVIPBB
.
Contents of the 'Scheduled Tasks' folder

2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 15:13]

2010-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 15:13]

2010-11-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 13:09]

2010-10-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 13:09]

2010-11-13 c:\windows\Tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 19:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.yahoo.co.jp/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Google サイドウィキ... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - c:\progra~1\Yahoo!J\MESSEN~1\YPagerj.exe
Handler: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} -
Handler: msjwwdat - {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - c:\program files\Microsoft Office\Home Style\JWW\JWWData.dll
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-INPROCOMMWireless - c:\program files\Atheros\Wireless\Utility\WlanUtil.exe
MSConfigStartUp-Messenger (Yahoo!) - c:\program files\Yahoo!\Messenger\YahooMessenger.exe
MSConfigStartUp-Skype for Outlook Express - c:\program files\Skype\toolbars\Skype for Outlook Express\SkypeOE.exe
MSConfigStartUp-Skype for Outlook Expresss helper - c:\program files\Skype\toolbars\Skype for Outlook Express\SkypeOE.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_07\bin\jusched.exe
MSConfigStartUp-Yahoo! Pager - c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-13 14:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\AppEvents\Schemes\Apps\Conf\*・^\.Current]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_USERS\LocalService\AppEvents\Schemes\Apps\Conf\*・^\.Current]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-20\AppEvents\Schemes\Apps\Conf\*・^\.Current]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-21-2665302396-3341232491-1889479886-1008\AppEvents\Schemes\Apps\Conf\*・^\.Current]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*ウ0・ン0・ヘ0・ネ0\CLSID]
@="{809B6661-94C4-49E6-B6EC-3F0F862215AA}"

[HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*ウ0・ン0・ヘ0・ネ0\CurVer]
@="BDATuner.コンポーネント.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\「0・、0・ケ0ネ0・・n0ミ0テ0ッ0「0テ0ラ0 *、0・・ク0]
@="{67cf8cbd-e5c0-44f7-9de5-e1d599d626d8}"
"Description"="このバージョンの Windows をアンインストールして前のオペレーティング システムに戻る場合は、これらのファイルが必要です。"
"Display"="前のオペレーティング システムのバックアップ ファイル"
"IconPath"=expand:"%SystemRoot%\\system32\\osuninst.EXE,0"

[HKEY_LOCAL_MACHINE\software\UNBALANCE\ソ0、0ヤ0・ー0ャ・*SO唏r]
"Install"=dword:00000001

[HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpertLandMarkDLL]
"LandMarkPath"="c:\\Program Files\\ExpWin32\\"

[HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpertMapDLL]
"MapBasePath"="c:\\Program Files\\ExpWin32\\Map\\"

[HKEY_LOCAL_MACHINE\software\VAL Laboratory\ナ兀0q0B0h0W*i*n*\ExpLibDLL]
"knbFilePath"="c:\\Program Files\\ExpWin32\\Knb\\"
"knbFileName"="JPWIN"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(584)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\VESWinlogon.dll
c:\windows\system32\imjp9.ime
c:\windows\system32\imjp9k.dll

- - - - - - - > 'explorer.exe'(2156)
c:\windows\system32\imjp9.ime
c:\windows\system32\imjp9k.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
Completion time: 2010-11-13 14:09:41
ComboFix-quarantined-files.txt 2010-11-13 03:09

Pre-Run: 4,813,000,704 バイトの空き領域
Post-Run: 4,785,111,040 バイトの空き領域

- - End Of File - - 479C5B42D0B9C7CD8205E58E50A50AA1
 
So far, all looks good :)

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Hello again Broni, the computer is behaving very erratically. The windows xp explorer is freezing and has crashed completely on a couple of occasions. The computer is still running very hot, and OTL has failed to run twice, both times just stopping for an extended period with no insufficient memory warning coming up.

I am running the OTL again, hopefully this time it will work, though if it doesn't can I run it it safe mode?

edit: The crashes have now escalated to chrome and it is coming up with a strange message, i try and screen cap it but once it appears the whole system has frozen.
 
So far, we didn't see anything malicious.
You may have some other issues.

Download System Information for Windows (SIW free version)
No installation required.

After it scans your computer, navigate to Hardware>Sensors and post all info from there.

p4467438.gif
 
OTL logfile created on: 2010/11/14 16:22:28 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\YUKIKO\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

502.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 4.45 Gb Free Space | 11.95% Space Free | Partition Type: NTFS
Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.07% Space Free | Partition Type: NTFS

Computer Name: TOYOMASU | User Name: YUKIKO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
PRC - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/08/02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/13 23:10:57 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/04/14 13:26:11 | 001,027,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 13:26:08 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
PRC - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
PRC - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2005/12/27 15:58:10 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe
PRC - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/08/10 22:24:48 | 000,094,208 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SetGamma\SetGamma.exe
PRC - [2005/08/05 12:56:58 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxext.exe
PRC - [2004/11/17 22:47:16 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/08/19 11:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2002/03/14 18:46:58 | 000,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe


========== Modules (SafeList) ==========

MOD - [2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
MOD - [2010/08/24 03:11:42 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007/05/10 15:42:30 | 000,851,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9K.DLL
MOD - [2007/03/22 21:17:42 | 000,482,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\IMJP9.IME


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/08 10:45:58 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2007/12/17 13:20:56 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Avlib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/08/02 00:39:20 | 000,434,176 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006/08/02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006/08/02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2006/06/13 10:03:42 | 002,084,864 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/09 22:11:40 | 000,417,792 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler)
SRV - [2006/06/09 20:49:02 | 000,143,360 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service)
SRV - [2006/06/07 11:51:50 | 000,155,648 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 12:22:26 | 000,770,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 12:22:26 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/04/13 15:36:36 | 000,176,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/04/04 16:55:18 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/12/14 14:00:00 | 000,045,056 | ---- | M] (Texim Corporarion.) [Auto | Running] -- C:\Program Files\Justsystem\PersonalShelter\TxVDrvSvc.exe -- (TxVDrvSvc)
SRV - [2005/11/28 15:39:32 | 000,118,784 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 15:39:30 | 000,131,072 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 15:08:54 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 21:10:16 | 000,032,768 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2003/07/10 19:45:32 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Smart Network\BeService.exe -- (BeService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\YUKIKO\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/08/02 16:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/08/02 16:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/05/11 05:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/02/18 05:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/04/22 17:54:15 | 000,103,552 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qscnusb.sys -- (MobileAdapter)
DRV - [2008/04/14 05:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/14 03:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB オーディオ ドライバ (WDM)
DRV - [2008/04/14 03:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) Microsoft UAA バス ドライバ (High Definition Audio 用)
DRV - [2007/02/28 16:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2006/11/15 08:00:58 | 000,528,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2006/08/02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/06/29 21:49:38 | 002,206,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Windows XP 用 インテル(R)
DRV - [2006/05/02 23:46:28 | 000,022,272 | ---- | M] (Texim Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\TxVDrv.sys -- (TxVDrv)
DRV - [2006/03/06 20:39:00 | 000,030,080 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2005/11/30 13:38:50 | 000,232,448 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvm321.sys -- (usbvm321)
DRV - [2005/10/18 18:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 18:52:34 | 000,202,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 18:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/08/09 18:43:46 | 003,855,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/24 15:11:12 | 000,040,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sdcplh.sys -- (sdcplh)
DRV - [2005/03/24 18:26:20 | 000,049,664 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sonyddpu.sys -- (Sonyddpu)
DRV - [2005/03/04 13:10:00 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/04 22:24:44 | 000,394,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS)
DRV - [2004/12/06 13:26:06 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004/11/22 15:31:10 | 000,108,767 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/08/05 23:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/05 23:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/05 23:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002/04/11 19:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)
DRV - [2000/12/05 18:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 21:15:08 | 000,048,896 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://my.yahoo.co.jp/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.jp/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - prefs.js..network.proxy.autoconfig_url: ""
FF - prefs.js..network.proxy.ftp: ""
FF - prefs.js..network.proxy.ftp_port: ""
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: ""
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: ""
FF - prefs.js..network.proxy.socks: ""
FF - prefs.js..network.proxy.socks_port: ""
FF - prefs.js..network.proxy.ssl: ""
FF - prefs.js..network.proxy.ssl_port: ""


[2010/05/10 21:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions
[2008/07/06 00:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\YUKIKO\Application Data\Mozilla\Firefox\Profiles\ereofzvx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/14 10:07:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/14 10:07:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/10/04 14:09:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/04 14:09:12 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/10/12 16:16:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (かんたん登録2) - {0DD41AE7-6196-42E7-BDE5-4F393997449E} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (FeliCaブラウザエクステンション) - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll (Sony Corp.)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\7.0.517.44\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (かんたん登録2 ツールバー) - {833CFE4E-05BD-43A3-97A7-A4E80D742F0F} - C:\Program Files\Justsystem\SimpleAutoInput\AtInBnd.dll (株式会社ジャストシステム)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\IMKR6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe (Sony Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
O9 - Extra 'Tools' menuitem : Yahoo!メッセンジャー - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\Program Files\Yahoo!J\Messenger\YPagerj.exe (Yahoo! Japan Corporation.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\7.0.517.44\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\msjwwdat {BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} - C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (現在のホーム ページ) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/10 16:09:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56871556046913536)

========== Files/Folders - Created Within 30 Days ==========

[2010/11/14 13:14:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
[2010/11/13 13:54:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/13 13:54:17 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/13 13:54:17 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/13 13:54:17 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/13 13:40:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010/11/13 13:40:45 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010/11/13 13:40:45 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/11/13 13:40:45 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010/11/13 13:40:45 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010/11/13 13:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/11/13 13:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/11/13 13:08:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/13 11:34:56 | 001,330,776 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YUKIKO\デスクトップ\TDSSKiller.exe
[2010/11/11 16:55:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/11 16:55:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/11 16:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/11 12:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\Application Data\SUPERAntiSpyware.com
[2010/11/11 12:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/11/11 12:01:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/11/02 21:52:24 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC (1).exe
[2010/10/18 23:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2010/10/18 23:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\YUKIKO\デスクトップ\Audacity

========== Files - Modified Within 30 Days ==========

[2010/11/14 16:25:00 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job
[2010/11/14 16:17:19 | 000,000,688 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/14 16:17:19 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
[2010/11/14 16:17:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/14 16:17:11 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/14 15:05:00 | 000,000,692 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/14 13:14:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\OTL.exe
[2010/11/13 13:11:26 | 000,003,009 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/11/13 13:07:07 | 003,908,597 | R--- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
[2010/11/13 11:34:28 | 001,215,581 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\tdsskiller.zip
[2010/11/13 11:30:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/11 16:43:57 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\mbam-clean.exe
[2010/11/08 10:55:10 | 001,330,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\YUKIKO\デスクトップ\TDSSKiller.exe
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/11/03 01:02:51 | 000,623,616 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
[2010/11/03 01:01:22 | 000,294,912 | ---- | M] () -- C:\Documents and Settings\YUKIKO\デスクトップ\56v9wdyi.exe
[2010/11/02 21:52:25 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\YUKIKO\デスクトップ\TFC (1).exe
[2010/11/01 14:34:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing task2 rich nations and poor nations.doc
[2010/10/31 23:02:01 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2665302396-3341232491-1889479886-1008.job
[2010/10/31 22:43:50 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Passenger railway journeys.doc
[2010/10/31 20:32:02 | 000,002,423 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Microsoft Office Word 2003.lnk
[2010/10/31 13:31:14 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task2 Media.doc
[2010/10/30 14:19:34 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 reused rain water.doc
[2010/10/22 19:04:40 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Shopping centre.doc
[2010/10/19 11:11:27 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 P2 Japanese tourists.doc
[2010/10/19 11:10:53 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Hydro-electric power.doc
[2010/10/17 13:17:47 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 P2 Japanese tourists.doc
[2010/10/17 13:16:40 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 Hydro-electric power.doc

========== Files Created - No Company Name ==========

[2010/11/13 13:54:17 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/13 13:54:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/13 13:54:17 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/13 13:54:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/13 13:54:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/13 13:07:07 | 003,908,597 | R--- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\ComboFix.exe
[2010/11/13 11:34:13 | 001,215,581 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\tdsskiller.zip
[2010/11/11 16:43:57 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\mbam-clean.exe
[2010/11/11 16:25:02 | 526,569,472 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/03 01:05:42 | 000,294,912 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\56v9wdyi.exe
[2010/11/03 01:02:51 | 000,623,616 | ---- | C] () -- C:\Documents and Settings\YUKIKO\デスクトップ\dds.scr
[2010/11/01 00:40:05 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing task2 rich nations and poor nations.doc
[2010/10/31 21:19:24 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Passenger railway journeys.doc
[2010/10/30 23:44:52 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task2 Media.doc
[2010/10/29 23:58:20 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 reused rain water.doc
[2010/10/22 17:39:34 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Shopping centre.doc
[2010/10/17 13:17:47 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 P2 Japanese tourists.doc
[2010/10/17 13:16:40 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\~$iting Task1 Hydro-electric power.doc
[2010/10/15 16:44:52 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\YUKIKO\My Documents\Writing Task1 Hydro-electric power.doc
[2010/10/11 09:57:23 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/08/01 23:36:41 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/10 00:23:58 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/26 23:56:28 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2007/12/28 18:03:22 | 000,000,057 | ---- | C] () -- C:\WINDOWS\NWDECDU.INI
[2007/12/28 18:02:34 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdcplh.sys
[2007/12/10 00:32:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/06/26 16:14:24 | 000,000,134 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2007/06/26 16:14:18 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/03/16 20:01:04 | 000,004,628 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/01/15 17:24:09 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\dm.ini
[2007/01/15 17:24:08 | 000,001,541 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Application Data\AdobeDLM.log
[2006/10/14 03:01:41 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/09/25 03:54:32 | 000,152,576 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/24 13:53:54 | 000,003,364 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/17 18:37:04 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\YUKIKO\Local Settings\Application Data\fusioncache.dat
[2006/07/11 12:57:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/11 11:52:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/11 11:52:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/11 11:52:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/11 11:52:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/11 11:52:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/07/10 17:08:48 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
[2006/07/10 16:23:19 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/10 16:02:41 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/10 15:54:57 | 000,002,144 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/10 15:54:43 | 000,065,392 | ---- | C] () -- C:\WINDOWS\System32\msimek.sys
[2006/07/10 15:54:43 | 000,054,700 | ---- | C] () -- C:\WINDOWS\System32\$ias.sys
[2006/07/10 15:54:43 | 000,044,496 | ---- | C] () -- C:\WINDOWS\System32\msimei.sys
[2006/07/10 15:54:43 | 000,042,841 | ---- | C] () -- C:\WINDOWS\System32\key02.sys
[2006/07/10 15:54:43 | 000,042,633 | ---- | C] () -- C:\WINDOWS\System32\keyax.sys
[2006/07/10 15:54:43 | 000,039,808 | ---- | C] () -- C:\WINDOWS\System32\msime.sys
[2006/07/10 15:54:43 | 000,027,956 | ---- | C] () -- C:\WINDOWS\System32\appsicon.dll
[2006/07/10 15:54:43 | 000,020,688 | ---- | C] () -- C:\WINDOWS\System32\$disp.sys
[2006/07/10 15:54:43 | 000,013,597 | ---- | C] () -- C:\WINDOWS\System32\msimed.sys
[2006/07/10 15:54:43 | 000,004,701 | ---- | C] () -- C:\WINDOWS\System32\kkcfunc.sys
[2006/07/10 15:54:43 | 000,004,125 | ---- | C] () -- C:\WINDOWS\System32\$prnescp.sys
[2006/07/10 15:54:43 | 000,002,990 | ---- | C] () -- C:\WINDOWS\System32\disp_win.sys
[2006/07/10 15:54:43 | 000,000,901 | ---- | C] () -- C:\WINDOWS\System32\ntfont.sys
[2006/07/10 15:54:43 | 000,000,852 | ---- | C] () -- C:\WINDOWS\System32\font_win.sys
[2006/07/10 15:54:07 | 000,229,088 | ---- | C] () -- C:\WINDOWS\System32\lanman.drv
[2006/07/05 12:07:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/10/13 03:16:19 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\IMX.DLL
[2005/10/13 03:03:04 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/13 02:52:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/10/13 02:51:41 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2005/10/13 02:43:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/10/13 02:41:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/10/13 02:38:53 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fsslckhk.dll
[2003/09/18 15:22:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\AmiJapanDataPilotUninstSupport.dll
[2003/04/03 14:00:02 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\VSPpg8.dll
[2003/02/19 17:36:06 | 000,005,099 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/11/13 13:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2005/10/13 02:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FujisoftABC
[2010/10/11 10:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2005/10/13 02:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JUSTSYSTEM
[2010/10/08 19:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2005/10/13 02:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MEGASOFT
[2010/10/14 19:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/28 18:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/02 05:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/10/26 23:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Audacity
[2006/10/24 18:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Fujitsu
[2007/03/07 20:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\InterVideo
[2008/03/22 02:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\ivivo
[2006/10/24 18:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Justsystem
[2006/10/15 03:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\Leadertech
[2008/02/04 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MEGASOFT
[2006/09/19 22:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\MSNInstaller
[2007/08/06 21:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\s-woman_ticker
[2010/08/25 18:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\UNBALANCE
[2010/10/14 10:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\YUKIKO\Application Data\URSoft
[2010/11/14 16:25:00 | 000,000,394 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BEF629C3-04D1-47E6-907A-43645553FC6E}.job

========== Purity Check ==========



========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/24 15:22:35 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2010/10/14 11:19:54 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/05 23:00:00 | 000,132,398 | RHS- | M] () -- C:\bootfont.bin
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/11/13 14:09:43 | 000,019,110 | ---- | M] () -- C:\ComboFix.txt
[2006/07/10 16:09:33 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/11/14 16:17:11 | 526,569,472 | -HS- | M] () -- C:\hiberfil.sys
[2006/10/14 03:01:48 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/10/13 11:29:59 | 000,008,193 | ---- | M] () -- C:\JavaRa.log
[2006/07/10 16:09:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/05 23:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/05/18 23:14:38 | 000,260,800 | RHS- | M] () -- C:\ntldr
[2010/11/14 16:17:09 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2008/08/21 21:27:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/08/21 22:43:12 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/08/25 19:00:27 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/01/05 01:58:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/08/01 01:31:25 | 000,000,280 | -H-- | M] () -- C:\sqmdata04.sqm
[2010/05/25 22:13:22 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2010/05/25 22:13:58 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2010/05/25 22:14:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/05/25 22:14:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/05/25 22:14:31 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/25 22:14:38 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/05/25 22:15:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2010/05/25 22:16:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2010/05/25 22:16:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2010/05/25 22:16:39 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2010/05/25 22:17:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2008/08/01 19:54:16 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2008/08/02 03:43:09 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2008/08/03 20:44:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2008/08/09 18:07:51 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2008/08/21 21:27:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/08/21 22:43:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/08/25 19:00:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/01/05 01:58:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/08/01 01:31:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010/05/25 22:13:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010/05/25 22:13:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010/05/25 22:14:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010/05/25 22:14:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/05/25 22:14:31 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/05/25 22:14:38 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/25 22:15:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/05/25 22:16:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010/05/25 22:16:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010/05/25 22:16:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010/05/25 22:17:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2008/08/01 19:54:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2008/08/02 03:43:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2008/08/03 20:44:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2008/08/09 18:07:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2010/11/13 11:38:33 | 000,042,668 | ---- | M] () -- C:\TDSSKiller.2.4.7.0_13.11.2010_11.35.01_log.txt
[2001/05/24 14:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2007/09/14 15:41:49 | 000,000,158 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/07/10 16:09:04 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
[14 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/04/09 15:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/10/10 14:38:05 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/07/11 01:00:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/07/11 01:00:34 | 000,626,688 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/07/11 01:00:33 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/17 18:37:21 | 000,000,125 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2006/07/10 16:12:56 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Application Data\Microsoft\Internet Explorer\Quick Launch\デスクトップの表示.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/09/17 18:37:20 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2009/05/24 15:04:24 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\desktop.ini
[2010/11/14 16:17:15 | 000,573,440 | ---- | M] () -- C:\Documents and Settings\YUKIKO\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/27 16:11:12 | 000,315,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2006/08/02 01:29:44 | 000,577,536 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 13:25:48 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 03:08:58 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 03:08:58 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/03 01:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/14 04:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 13:26:19 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 03:08:58 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 03:08:58 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 03:08:58 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 03:08:58 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 03:08:58 | 000,140,919 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm
[1 C:\Program Files\Messenger\*.tmp files -> C:\Program Files\Messenger\*.tmp -> ]

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >
 
OTL Extras logfile created on: 2010/11/14 16:22:28 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\YUKIKO\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

502.00 Mb Total Physical Memory | 172.00 Mb Available Physical Memory | 34.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 4.45 Gb Free Space | 11.95% Space Free | Partition Type: NTFS
Drive D: | 12.10 Gb Total Space | 10.42 Gb Free Space | 86.07% Space Free | Partition Type: NTFS

Computer Name: TOYOMASU | User Name: YUKIKO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22008
"2541:TCP" = 2541:TCP:*:Enabled:lmzdxmfc

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe" = C:\Program Files\Adobe\Photoshop Album Mini\3.0\Apps\Photoshop Album Starter Edition.exe:*:Enabled:Adobe Photoshop Album Mini 3.0 -- (Adobe Systems Incorporated)
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\YUKIKO\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{05257AC0-DD20-11D2-AC05-0000F4ADD897}" = HD革命/BackUp (バンドル版)
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08E55380-1517-4A89-B1FA-CCE7E9EDE4E5}" = 筆ぐるめ Ver.13
"{0B59411E-1900-463C-AE64-AA106BB2BD58}" = えいご漬け 改訂版(体験版)
"{0F33B730-E81D-11D3-B72E-00104BC853D6}" = 駅すぱあと
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO カメラユーティリティ
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{156E4680-CA1F-4D45-AE9F-D6731E37C175}" = Sony FeliCa リーダー/ライター ソフトウェア
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2EF73726-9C12-42A0-952D-9753FBF86E58}" = IFL
"{31BBD146-CCC2-4E3F-B560-4D3906E2B041}" = CD Burning 4
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9CA789-3AAC-4F5E-B42D-EA4232DAC60F}" = Atheros Wireless LAN
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4021D88F-E224-402F-919E-B3F053B57724}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{463F8033-9083-4DCE-8A1A-CA588D8EF9AF}" = 静止画色補正
"{48D2C608-6E46-4978-A2D4-67E34F95E971}" = かんたん登録2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe(R) Photoshop(R) Album Mini 3.0
"{5299C5E1-70F9-3D1D-A1FA-BDECA4EC8015}" = Google Talk Plugin
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{582C5C46-399D-4A9D-AB9F-C36F6FEC85EA}" = VAIO CameraVJ Screen Saver
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media (再配布) 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{597C68AF-3EF7-4310-8725-2E034914613B}" = Microsoft Office Home Style+
"{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
"{5BEB5AA0-7B78-4D85-8D98-F84CA1E063E9}" = かざポン for VAIO
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5E862EC5-40B2-4A7E-A87D-B504E141318A}" = スクリーンセーバーロック2
"{600D85D0-14E9-4B52-A125-F31668C6BE96}" = FeliCaブラウザエクステンション
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = はじめよう! ワイヤレスLAN
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{63BE6BE8-C96D-4CCD-B6E3-416FEC883D59}" = i-フィルター 4
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E7A57D-89ED-4C16-A37C-AA53EF059F9A}" = かざしてログオン
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{70BF00E7-5187-4C30-8D57-BF9D9E4A5AD3}" = スマート メニュー (Windows Live Toolbar)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7D90730F-D29E-4386-95F0-BCF79ECF634E}" = Do VAIO バックアップツール
"{7FDA96DC-0EFF-4BB4-81BD-6CA64831CAA8}" = VAIO Photo Fall WIDE
"{802AE695-3C5A-48A2-99B4-066298E659A8}" = Smart Network Ver. 2.2.02
"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes
"{86579038-5AD4-4399-A34C-C6E2E57539E9}" = 大富豪Plus5 体験版
"{87246AC6-09F0-46FA-8DCA-E425D51EFEAA}" = ホットスポット・ツール
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8DF01556-CD47-418B-88AA-CBCADA8A8D6F}" = ドラネットキッズ入学準備 体験版
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{90330411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Personal Edition 2003
"{90AF0411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{940475B4-367E-4D27-8841-163E3C980F52}" = Windows Live へのリンク (Windows Live Toolbar)
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9C0EA18A-4C72-11D7-B65B-00C04F790F76}" = AC3 Encoder / Decoder
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO 省電力設定
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.4
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3CD0C7C-A012-48B6-BCD8-3756FA177BD4}" = サンリオ タイニーパークV
"{A5F3B2A6-CB42-11D6-9161-00E02975BB40}" = 一太郎ビューア
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AD0DDEC6-4798-4DE5-87DC-4367D694ED06}" = Microsoft .NET Framework 1.1 Japanese Language Pack
"{AD650226-3335-45BB-9640-D8C973366A1A}" = パーソナルシェルター
"{ADAB8F0D-D35B-4792-80A0-EF8749D8CF74}" = VAIO Guide Movie Components
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.59
"{AFF6B50E-C9C5-49BE-92E8-C9CEC98DE3D0}" = Do VAIO
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B6300A7D-C1B6-4A25-861D-4AED96202FCD}" = Readiris Pro 10
"{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}" = バイオ電子マニュアル
"{B971BB45-3FEC-4464-BF4F-B3203EC17BE2}" = タイピング競馬 体験版
"{BA4028C1-47C6-40C7-97A2-C2507675B0AD}" = Windows Live Toolbar RSS フィード検出 (Windows Live Toolbar)
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BDCF2850-450F-4643-9C64-2BFB3631AC83}" = タブ ブラウズ (Windows Live Toolbar)
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C58A56A1-33F5-48D0-A84D-88F75A351068}" = VAIO Launcher
"{C99E6F22-FD0E-4D6E-925A-268AD1C050D6}" = its-moNavi PC
"{C9D692F4-D762-4A56-801B-9B9EE0AF0C91}" = ATLAS 翻訳パーソナル 2006 LE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD818656-33B7-4B49-808C-7876E9484FAA}" = 「時事通信社・家庭の医学」「血液サラサラ健康事典」
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D30F9503-071B-4354-827D-C72D8E75BB05}" = Edy Viewer
"{D3B16DA0-1E93-11D5-A26F-009027CB933C}" = So-net簡単スターターV2.3
"{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E2AA57CD-A819-406F-B422-A9211DA758B5}" = Windows Live Toolbar
"{E2C94613-2E76-418B-A8E7-0FFFE9EADCDE}" = VAIO オンラインカスタマー登録
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}" = バイオ電子マニュアル データベース
"{E6AD2F37-3B4A-4EEC-ACDB-28BC08A81648}" = ドラネット小学一年生 体験版
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ED46C765-9EB0-4D4A-AD6C-29CF7E8007B0}" = SFCard Viewer 2
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F41C96F8-3D72-4F94-9E9E-0B4E8F2B0C61}" = かざそうFeliCa
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = バイオの設定
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AdobeESD" = Adobe Download Manager 2.2 (削除のみ)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"GDBase" = 学研電子辞典
"Google Chrome Frame" = Google Chrome フレーム
"Google Updater" = Google アップデータ
"HitmanPro35" = Hitman Pro 3.5
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"InstallShield_{D97B89AA-D399-4152-81CE-FBB9C3688E36}" = みんなでTV電話スタータ
"InterActual Player" = InterActual Player
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MouseSuite98" = Sony USB Mouse
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NoteBurner_is1" = NoteBurner 2.22
"OCNスタートパック" = OCNスタートパック
"PC Suite" = PC Suite
"ProInst" = インテル(R) PROSet/Wireless ソフトウェア
"RealPlayer 12.0" = RealPlayer
"VLC media player" = VideoLAN VLC media player 0.8.6e
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"YU2010_is1" = Your Uninstaller! 2010
"わが家の家計簿" = わが家の家計簿

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:11:07 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7023
Description = Application Management は次のエラーで終了しました: %%126

Error - 2010/11/12 22:56:31 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

Error - 2010/11/12 23:02:14 | Computer Name = TOYOMASU | Source = Service Control Manager | ID = 7031
Description = Windows Media Player Network Sharing Service サービスは予期せず終了しました。これは 1
回発生しています。次の修正動作が 30000 ミリ秒以内に行われます: サービスの再開

Error - 2010/11/13 22:04:54 | Computer Name = TOYOMASU | Source = sr | ID = 1
Description = ボリューム 'HarddiskVolume2' 上のファイル '' を処理中にシステムの復元フィルタに予期しないエラー '0xC000009A'
が発生しました。ボリュームの監視を停止しています。


< End of report >
 
I'm not sure what the problem is, though the current crashes have only started after the link was clicked from the email. The problems also only seem to occur as the computers systems warm up. It comes up with error messages with some file names that end in .dll or have the typical memory error jargon, so I'm really not sure what is going on. :|

here are the temps after I have just started the system and have rested after the last two attempts due to constant crashes.

seem cool and ok at the moment, but i'd gather that when this heats up again I wont be able to post this message as chrome either wont start or crashes.

52716356.png
 
Temperatures look OK.
Do those crashes result in BSOD?
If so....
Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

======================================================================

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

=====================================================================

OTL log looks perfectly fine, so I don't think we're dealing with any infection here.
 
The crashes don't result in a BSOD. They generally result in all text from the Taskbar, Start Menu and items on the desktop disappearing, whilst the symbols/icons stay. The computers fan runs very fast, and the system heats up quite a bit. The computer become extremely unresponsive, I.e. Programs wont start, and a warning box comes up saying the program can't be found or can't start, for example "paint.exe" , though most of the message is in Japanese so I can't read it. I can't capture a screen shot as it won't copy to the clipboard, nor will paint work after I try. The whole GUI eventually freezes up and not much happens, the windows ghost and it works very very very slowly or not at all. I generally just power it down and take out the battery so it can cool off for a while.
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
532
Mark Fuller
M
AnilD
Instagram is not loading on any desktop browser - here's a fix
Replies
0
Views
1K
AnilD
AnilD
I
  • Locked
Inactive Virus or rootkit on Windows and Linux
Replies
9
Views
2K
Broni
Broni

Latest posts

Back