win32.delf.cu (resolved) [Archive] - Safer-Networking Forums

View Full Version : win32.delf.cu (resolved)

Apostolia

2009-04-14, 01:06

Hi there. Before anything else, let me thank you all guys for your help and support, your work is really appreciated.

Well, my pc got infected recently with win32.delf. I have Windows XP. I tried SDFix but it didn`t work. At the same time, I have been having the following problems:

At start-up a small window pops up asking me for a password in order to enter to my account, even though I never changed any settings (I `ve never set or used a password either).

When I press OK without entering any password, it takes me to the desktop, where I get an error message from explorer, saying it needs to shut down and asking me to report that to Microsoft. I click OK, send the report and continue on the desktop (the pc doesnt shut down or anything else).

My pc is very slow and occasionally freezes, but Online Armor Firewall might be attributing to that.

I have two accounts on the pc, one Administrator and one named AQA. I am the only one using my computer, is it really necessary to have two different accounts?

Finally, I just can`t get the pc to show all files, meaning that I cannot see certain files when I right click on Start<Explorer, even though I know they exist. For example, I was searching for something through Search and it was in C<AQA<Application Data<Recent, but when I try to find manually the Application Data under AQA, it just isn`t there. The same happens with another file I have in D, which I use through a shortcut I managed to make on the desktop.

Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:40, on 2009-04-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Tall Emu\Online Armor\oacat.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\programmata\VoipWise\Voipwise\Voipwise.exe
C:\Program Files\Tall Emu\Online Armor\oahlp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\AQA\デスクトップ\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R3 - URLSearchHook: Yahoo! ､uｨ罔C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! ､uｨ罔C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Voipwise] "D:\programmata\VoipWise\Voipwise\Voipwise.exe" -nosplash -minimized
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\WINDOWS\system32\config\systemprofile\reader_s.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Image Converter 2 で転送 - C:\Program Files\Sony\Image Converter 2\menu.htm
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: リサーチ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/Owner/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221084880906
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Smart Network Service (BeService) - Sony Corporation - C:\Program Files\Sony\Smart Network\BeService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 10860 bytes

One more question: If I finally need to reformat the pc, could you please tell me which F key I need to use? When I got the pc it didnt come with a CD or anything, I was told I only need to press an F key which now I dont remember.

Thanx in advance for your time and support,

Apostolia

peku006

2009-04-18, 10:31

Hi Apostolia

Your System is infected with Virut!!
Virut is a file infecting virus which is able to modify itself each and every time it runs. In addition, when it infects, sometimes it will destroy the file it tries to latch onto.
For these reasons, you really can't truly fix Virut. You will need to format/reinstall the operating system on this machine.

More information:
http://free.avg.com/66558

There are bugs in the viral code. When the virus produces infected files, it also creates non-functional files that also contain the virus.
http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=143034

W32/Virut.h is a polymorphic, entry point obscuring (EPO) file infector with IRC bot functionality. It can accept commands to download other malware on the compromised machine.
It appends to the end of the last section of executable (PE) files an encrypted copy of its code. The decryptor is polymorphic and can be located either:
Immediately before the encrypted code at the end of the last section
At the end of the code section of the infected host in 'slack-space' (assuming there is any)
At the original entry point of the host (overwriting the original host code)
Miekiemoes, an expert for malware removal, and an MS-MVP, additionally has a blog post about Virut (http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html).

I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc..
Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...
This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.

Read here for instructions how to format and reinstall Windows:

http://web.mit.edu/ist/products/winxp/advanced/reinstall-format.html

Apostolia

2009-04-20, 01:26

Hi Peku006 :) Thanks for all the info and your time. Your help is very appreciated! :)

As it is, before I got your answer I ran Avast and apparently deleted some files that I shouldnt have. The result was that the pc would shut off immediately after start up and I couldnt access not even administrator account on safe mode. Recovery console wasnt accessible either. Bottom line, I already had to format and since my pc didnt come with a CD when I bought it, I used F10 (I have a Sony Vaio with Japanese OS and F10 took me to VAIO recovery), performed a check in the C,D drives (from the option) and then recovered C drive (NOT return to the state when originally bought).
The result is that my C drive was formatted and WindowsXP reinstalled, but I got my D drive and its content intact.

I did all possible windows and vaio/sony updates, got internet explorer 8, mozilla, ERUNT, installed java, flash and a couple of programs I consider safe. I have Spybot and Avast! and am thinking of installing Online Armor as well.
I also installed the Recovery Console (since I dont have a CD, I went Start<Run and I ran C:\WINDOWS\i386\winnt32.exe /cmdcons).

I scanned with Spybot and Avast and nothing came up, but I need your opinion about whether I may consider my pc safe at the moment.
Also, what should I do with Teatimer? I got it disabled according to the general instructions for posting here.

Here is the latest HJK log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:04:12, on 2009/04/20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\SetGamma\SetGamma.exe
C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ApostoliaTheodori\デスクトップ\HiJackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: InfoMaker Class - {C893A505-44D3-4184-9888-2179DFF75707} - C:\Program Files\Sony\EasyRegister\EasyRegister.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FeliCaブラウザエクステンション - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll
O3 - Toolbar: &Yahoo!ツールバー - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: リサーチ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/Owner/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240081846984
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 10244 bytes

Thanks again for your time!

Lia

peku006

2009-04-20, 13:17

Hi Lia

we can check that your computer really is clean

1 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) and save it to a convenient location.
Double click on mbam-setup.exe to install it.
Before clicking the Finish button, make sure that these 2 boxes are checked (ticked): Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
Select the Scanner tab. Click on Perform full scan, then click on Scan.
Leave the default options as it is and click on Start Scan.
When done, you will be prompted. Click OK, then click on Show Results.
Checked (ticked) all items except items in the System Volume Information folder and click on Remove Selected.

http://i35.photobucket.com/albums/d165/ndmmxiaomayi/mayi/mbam1.png

After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

2 - download and run RSIT

Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

4 - Status Check
Please reply with

1.the logs from RSIT (log.txt ,info.txt)
2. the Malwarebytes' Anti-Malware Log

Thanks peku006

Apostolia

2009-04-21, 21:31

Hi again peku006, thanx for your help and patience.

Just a bit of info: When I turned on the pc today I got an MS-DOS window titled C:¥WINDOWS¥system32¥msupdte.exe with the context:
Microsoft (R) KKCFUNC VERSION 1.10
Copyright (C) Microsoft Corp. 1991, 1993. All rights reserved.
KKCFUNC update
Microsoft KanaKanji version 2.51
(C) Copyright Microsoft Corp. 1992-1993

(reminder:I have a Sony Vaio with windows XP and Japanese OS)

Here is the PSIT log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by ApostoliaTheodori at 2009-04-20 21:13:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (26%) free of 19 GB
Total RAM: 1526 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:13:59, on 2009/04/20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\SetGamma\SetGamma.exe
C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ApostoliaTheodori\デスクトップ\RSIT.exe
C:\Program Files\trend micro\ApostoliaTheodori.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: InfoMaker Class - {C893A505-44D3-4184-9888-2179DFF75707} - C:\Program Files\Sony\EasyRegister\EasyRegister.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FeliCaブラウザエクステンション - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll
O3 - Toolbar: &Yahoo!ツールバー - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: リサーチ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/Owner/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240081846984
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 10629 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL [2005-04-11 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C893A505-44D3-4184-9888-2179DFF75707}]
InfoMaker Class - C:\Program Files\Sony\EasyRegister\EasyRegister.dll [2005-05-11 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC5D2125-D8AB-4a18-A599-D97D2731DE19}]
FeliCaブラウザエクステンション - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll [2005-06-07 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo!ツールバー - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL [2005-04-11 278528]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-06-09 6746112]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2003-11-07 114688]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-06-29 14720000]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-04-29 45056]
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2002-03-14 45056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-06-29 114688]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2005-05-14 184320]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-29 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-29 77824]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-05 44032]
"SetGamma"=C:\Program Files\Sony\SetGamma\SetGamma.exe [2005-01-25 94208]
"VZRemoteCommander"=C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe [2005-01-31 192512]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-18 148888]
"VAIO Update 4"=C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-08-24 870240]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-06 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"IMJPMIG9.0"=C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE [2003-07-14 118840]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-08 204288]

C:\Documents and Settings\ApostoliaTheodori\スタートメニュー\プログラム\スタートアップ
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-06-29 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2006-09-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe"="C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-04-20 23:43:39 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-04-20 21:13:32 ----D---- C:\Program Files\trend micro
2009-04-20 21:13:29 ----D---- C:\rsit
2009-04-20 19:58:42 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Malwarebytes
2009-04-20 19:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-04-20 19:58:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-20 17:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-04-20 17:35:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-04-20 13:29:31 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-04-20 13:29:30 ----D---- C:\Program Files\Xvid
2009-04-20 13:29:30 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-04-20 13:20:20 ----D---- C:\Program Files\GSpot270a
2009-04-20 11:04:38 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Voipwise
2009-04-20 11:04:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-04-20 11:03:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-04-20 11:03:13 ----D---- C:\Program Files\Windows Media Connect 2
2009-04-20 11:02:54 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-04-20 11:01:28 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-04-20 11:00:06 ----D---- C:\WINDOWS\system32\LogFiles
2009-04-20 10:59:51 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-04-20 10:58:20 ----SHD---- C:\Config.Msi
2009-04-20 06:57:33 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\ShinyTales
2009-04-20 06:38:52 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\WinRAR
2009-04-20 06:37:44 ----D---- C:\Program Files\WinRAR
2009-04-19 23:12:06 ----D---- C:\Program Files\Wonderburg
2009-04-19 22:52:08 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\blg
2009-04-19 22:52:08 ----D---- C:\Documents and Settings\All Users\Application Data\blg
2009-04-19 22:50:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-19 22:49:57 ----D---- C:\Program Files\Spa Mania
2009-04-19 22:39:18 ----D---- C:\Program Files\bfgclient
2009-04-19 22:38:15 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2009-04-19 19:03:13 ----RASH---- C:\BOOT.BAK
2009-04-19 19:03:07 ----RSHD---- C:\cmdcons
2009-04-19 19:03:07 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-04-19 19:03:06 ----D---- C:\WINDOWS\setup.pss
2009-04-19 19:02:39 ----D---- C:\WINDOWS\setupupd
2009-04-19 18:55:14 ----A---- C:\WINDOWS\ODBC.INI
2009-04-19 18:55:11 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-04-19 18:54:03 ----D---- C:\Program Files\Microsoft ActiveSync
2009-04-19 18:53:57 ----D---- C:\Program Files\Common Files\DESIGNER
2009-04-19 18:53:12 ----D---- C:\WINDOWS\SHELLNEW
2009-04-19 18:53:11 ----D---- C:\Program Files\Microsoft.NET
2009-04-19 18:49:23 ----RHD---- C:\MSOCache
2009-04-19 18:29:30 ----D---- C:\WINDOWS\ERDNT
2009-04-19 18:28:48 ----D---- C:\Program Files\ERUNT
2009-04-19 16:32:52 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-04-19 16:32:52 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-04-19 15:41:49 ----A---- C:\WINDOWS\system32\CDDBUISony.dll
2009-04-19 15:41:48 ----A---- C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2009-04-19 15:41:48 ----A---- C:\WINDOWS\system32\CddbMusicIDSony.dll
2009-04-19 15:41:48 ----A---- C:\WINDOWS\system32\CddbLinkSony.dll
2009-04-19 15:41:48 ----A---- C:\WINDOWS\system32\CddbLangJASony.dll
2009-04-19 15:41:48 ----A---- C:\WINDOWS\system32\CDDBControlSony.dll
2009-04-19 15:40:18 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\InstallShield
2009-04-19 14:58:15 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2009-04-19 14:58:12 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Azureus
2009-04-19 14:57:01 ----D---- C:\Program Files\Voipwise.com
2009-04-19 14:50:45 ----A---- C:\WINDOWS\system32\SonyAIwo.dll
2009-04-19 14:50:45 ----A---- C:\WINDOWS\system32\SonyAIwd.dll
2009-04-19 14:50:45 ----A---- C:\WINDOWS\system32\SonyAIds.dll
2009-04-19 13:11:35 ----HDC---- C:\WINDOWS\ie8
2009-04-19 13:11:35 ----D---- C:\WINDOWS\system32\en-US
2009-04-19 12:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-04-19 12:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-04-19 12:51:57 ----D---- C:\WINDOWS\ie7updates
2009-04-19 12:51:00 ----D---- C:\WINDOWS\WBEM
2009-04-19 12:49:20 ----HDC---- C:\WINDOWS\ie7
2009-04-19 12:49:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-04-19 12:48:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-04-19 01:12:21 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Adobe
2009-04-19 00:44:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-19 00:44:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-19 00:23:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-04-19 00:23:28 ----D---- C:\Program Files\Common Files\Adobe
2009-04-19 00:11:08 ----A---- C:\WINDOWS\system32\MRT.exe
2009-04-19 00:11:03 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-04-19 00:10:07 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-04-18 23:04:06 ----D---- C:\WINDOWS\Prefetch
2009-04-18 22:52:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-18 22:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-04-18 22:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-18 22:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-18 22:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-18 22:52:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-18 22:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-18 22:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-18 22:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-04-18 22:51:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-04-18 22:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-04-18 22:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-04-18 22:51:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-18 22:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-04-18 22:51:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-04-18 22:51:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-04-18 22:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-04-18 22:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-18 22:50:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-18 22:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-04-18 22:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-04-18 22:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-04-18 22:50:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-04-18 22:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-04-18 22:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-04-18 22:50:04 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-18 22:47:44 ----D---- C:\WINDOWS\system32\ja-jp
2009-04-18 22:47:44 ----D---- C:\WINDOWS\l2schemas
2009-04-18 22:47:43 ----D---- C:\WINDOWS\system32\ja
2009-04-18 22:47:43 ----D---- C:\WINDOWS\system32\bits
2009-04-18 22:46:14 ----D---- C:\WINDOWS\ServicePackFiles
2009-04-18 22:43:42 ----D---- C:\WINDOWS\network diagnostic
2009-04-18 22:40:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-04-18 22:40:39 ----D---- C:\WINDOWS\EHome
2009-04-18 22:18:42 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-04-18 21:48:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-04-18 21:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-04-18 21:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2009-04-18 21:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-04-18 21:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961373_0$
2009-04-18 21:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-04-18 21:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-04-18 21:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-04-18 21:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-04-18 21:47:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-04-18 21:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-04-18 21:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2009-04-18 21:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2_0$
2009-04-18 21:46:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-04-18 21:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2009-04-18 21:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-04-18 21:44:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-04-18 21:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-04-18 21:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-04-18 21:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-04-18 21:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-04-18 21:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-04-18 21:43:32 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-04-18 21:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-04-18 21:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-04-18 21:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958690_0$
2009-04-18 21:36:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-04-18 21:34:35 ----HDC---- C:\WINDOWS\$NtUninstallKB886677$
2009-04-18 21:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-04-18 21:30:56 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2009-04-18 21:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-04-18 21:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-04-18 21:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-04-18 21:23:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-04-18 21:22:27 ----D---- C:\Program Files\MSXML 4.0
2009-04-18 21:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB963027_0$
2009-04-18 21:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-04-18 21:13:44 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-04-18 21:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-04-18 21:09:06 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-04-18 20:54:54 ----D---- C:\Program Files\NOS
2009-04-18 20:54:54 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-04-18 20:28:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-18 20:28:48 ----A---- C:\WINDOWS\system32\NicInst.dll
2009-04-18 20:28:48 ----A---- C:\WINDOWS\system32\NicCo.dll
2009-04-18 20:28:04 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Mozilla
2009-04-18 20:11:30 ----D---- C:\Update
2009-04-18 20:09:17 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Fujitsu
2009-04-18 19:54:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-18 19:54:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-18 19:54:40 ----A---- C:\WINDOWS\system32\java.exe
2009-04-18 19:54:40 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-04-18 19:54:22 ----D---- C:\Program Files\Java
2009-04-18 08:33:09 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Sun
2009-04-18 00:58:32 ----D---- C:\Program Files\Alwil Software
2009-04-18 00:49:52 ----D---- C:\Program Files\Mozilla Firefox
2009-04-18 00:35:35 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Macromedia
2009-04-18 00:35:14 ----D---- C:\WINDOWS\system32\PreInstall
2009-04-18 00:35:12 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-04-18 00:29:47 ----D---- C:\Program Files\Gakken
2009-04-18 00:29:07 ----D---- C:\Program Files\sanrioV
2009-04-18 00:28:10 ----D---- C:\Program Files\doranet_exp
2009-04-18 00:27:53 ----D---- C:\Program Files\PLATO
2009-04-18 00:27:40 ----D---- C:\Program Files\携帯万能１5　体験版
2009-04-18 00:27:08 ----D---- C:\Program Files\UNBALANCE
2009-04-18 00:26:26 ----D---- C:\Program Files\IBM Homepage Builder V9 Trial Installer
2009-04-18 00:25:59 ----D---- C:\Program Files\FRONTIER GROOVE
2009-04-18 00:25:22 ----D---- C:\Program Files\Digital Arts
2009-04-18 00:25:05 ----D---- C:\Program Files\NTTCom
2009-04-18 00:24:42 ----A---- C:\WINDOWS\system32\MSTEST40.DLL
2009-04-18 00:24:26 ----D---- C:\Program Files\Microsoft Office
2009-04-18 00:23:27 ----D---- C:\Program Files\i4
2009-04-18 00:20:41 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-04-18 00:20:32 ----D---- C:\Program Files\Office11
2009-04-17 15:23:27 ----D---- C:\Documents and Settings\All Users\Application Data\VAIO Media Platform
2009-04-17 15:20:13 ----A---- C:\WINDOWS\VAIOUpdt.INI
2009-04-17 15:18:56 ----A---- C:\WINDOWS\system32\CDDBUI.dll
2009-04-17 15:18:56 ----A---- C:\WINDOWS\system32\CddbLangJA.dll
2009-04-17 15:18:56 ----A---- C:\WINDOWS\system32\CDDBControl.dll
2009-04-17 15:18:06 ----D---- C:\Program Files\Yahoo!
2009-04-17 15:16:40 ----D---- C:\Program Files\時事通信社
2009-04-17 15:16:29 ----N---- C:\WINDOWS\system32\Native.exe
2009-04-17 15:16:28 ----D---- C:\Program Files\HDBackUp Bundle
2009-04-17 15:16:13 ----D---- C:\Program Files\NTT Communications
2009-04-17 15:14:38 ----D---- C:\Program Files\Common Files\Konica Uploader
2009-04-17 15:14:16 ----D---- C:\Program Files\Fgw12
2009-04-17 15:12:57 ----D---- C:\Documents and Settings\All Users\Application Data\FujisoftABC
2009-04-17 15:12:23 ----A---- C:\WINDOWS\system32\SfxBar.dll
2009-04-17 15:12:23 ----A---- C:\WINDOWS\system32\CmDlgJP.dll
2009-04-17 15:12:22 ----D---- C:\Program Files\mom4
2009-04-17 15:12:22 ----A---- C:\WINDOWS\system32\VB6JP.DLL
2009-04-17 15:12:07 ----D---- C:\Program Files\ZENRIN
2009-04-17 15:11:27 ----D---- C:\Program Files\ExpWin32
2009-04-17 15:10:24 ----A---- C:\WINDOWS\WININIT.INI
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\iplw7.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\iplpx.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\iplp6.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\iplm6.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\iplm5.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\ipla6.dll
2009-04-17 15:09:05 ----A---- C:\WINDOWS\system32\ipl.dll
2009-04-17 15:09:04 ----A---- C:\WINDOWS\system32\Cpuinf32.dll
2009-04-17 15:07:30 ----D---- C:\WINDOWS\Downloaded Installations
2009-04-17 15:07:22 ----A---- C:\WINDOWS\system32\ScrSaverLockHooker.dll
2009-04-17 15:07:00 ----D---- C:\Program Files\NETTIME
2009-04-17 15:06:54 ----D---- C:\Program Files\Edy
2009-04-17 15:03:33 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2009-04-17 15:03:33 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2009-04-17 15:03:27 ----A---- C:\WINDOWS\IsUninst.exe
2009-04-17 15:03:13 ----D---- C:\Program Files\Microsoft SQL Server
2009-04-17 15:01:44 ----ASH---- C:\Documents and Settings\ApostoliaTheodori\Application Data\desktop.ini
2009-04-17 15:01:42 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Identities
2009-04-17 15:01:41 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Symantec
2009-04-17 15:01:41 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Sony Corporation
2009-04-17 15:01:41 ----D---- C:\Documents and Settings\ApostoliaTheodori\Application Data\Microsoft
2009-04-17 15:00:20 ----D---- C:\Program Files\プログラムのショートカット
2009-04-17 14:59:33 ----A---- C:\WINDOWS\ModemLog_HDAUDIO SoftV92 Data Fax Modem with SmartCP.txt
2009-04-17 14:22:45 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-04-21 04:50:40 ----D---- C:\WINDOWS
2009-04-21 04:46:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-20 23:44:53 ----HD---- C:\WINDOWS\inf
2009-04-20 21:13:32 ----RD---- C:\Program Files
2009-04-20 21:12:09 ----D---- C:\WINDOWS\Temp
2009-04-20 21:10:51 ----D---- C:\WINDOWS\system32\Lang
2009-04-20 21:10:34 ----D---- C:\WINDOWS\system32
2009-04-20 21:09:36 ----D---- C:\WINDOWS\system32\drivers
2009-04-20 21:09:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-20 17:37:44 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-20 17:37:43 ----SHD---- C:\WINDOWS\Installer
2009-04-20 17:36:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-20 17:36:37 ----A---- C:\WINDOWS\imsins.BAK
2009-04-20 11:03:24 ----A---- C:\WINDOWS\win.ini
2009-04-20 11:03:12 ----D---- C:\Program Files\Windows Media Player
2009-04-20 11:03:04 ----D---- C:\WINDOWS\Help
2009-04-20 10:58:39 ----D---- C:\Program Files\Windows Media Connect
2009-04-19 20:54:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-19 19:03:14 ----RASH---- C:\boot.ini
2009-04-19 18:54:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-04-19 18:54:21 ----RSD---- C:\WINDOWS\Fonts
2009-04-19 18:53:57 ----D---- C:\Program Files\Common Files
2009-04-19 18:53:14 ----D---- C:\Program Files\Common Files\System
2009-04-19 18:53:11 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-19 18:53:11 ----D---- C:\WINDOWS\pchealth
2009-04-19 18:49:31 ----D---- C:\WINDOWS\system
2009-04-19 15:49:25 ----D---- C:\Program Files\Common Files\Sony Shared
2009-04-19 15:39:40 ----D---- C:\Program Files\Sony
2009-04-19 15:39:34 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-19 14:46:32 ----D---- C:\WINDOWS\security
2009-04-19 14:46:21 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-19 13:14:55 ----D---- C:\WINDOWS\Media
2009-04-19 13:14:55 ----D---- C:\Program Files\Internet Explorer
2009-04-19 12:51:32 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-19 12:51:05 ----D---- C:\WINDOWS\system32\config
2009-04-19 00:23:53 ----D---- C:\WINDOWS\WinSxS
2009-04-19 00:23:28 ----D---- C:\Program Files\Adobe
2009-04-19 00:11:10 ----D---- C:\WINDOWS\Debug
2009-04-18 23:06:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-18 23:04:54 ----A---- C:\WINDOWS\OEWABLog.txt
2009-04-18 23:04:02 ----A---- C:\WINDOWS\setuplog.txt
2009-04-18 23:03:30 ----D---- C:\WINDOWS\system32\Setup
2009-04-18 23:03:30 ----D---- C:\WINDOWS\AppPatch
2009-04-18 23:03:29 ----D---- C:\WINDOWS\system32\wbem
2009-04-18 22:50:19 ----D---- C:\Program Files\Messenger
2009-04-18 22:47:56 ----D---- C:\WINDOWS\ime
2009-04-18 22:47:44 ----D---- C:\WINDOWS\system32\usmt
2009-04-18 22:47:43 ----D---- C:\WINDOWS\PeerNet
2009-04-18 22:47:43 ----D---- C:\Program Files\Movie Maker
2009-04-18 22:46:07 ----D---- C:\WINDOWS\system32\Restore
2009-04-18 22:46:07 ----D---- C:\WINDOWS\system32\npp
2009-04-18 22:46:06 ----D---- C:\WINDOWS\msagent
2009-04-18 22:46:04 ----D---- C:\WINDOWS\srchasst
2009-04-18 22:45:59 ----D---- C:\Program Files\NetMeeting
2009-04-18 22:45:57 ----D---- C:\WINDOWS\system32\Com
2009-04-18 22:45:54 ----D---- C:\Program Files\Windows NT
2009-04-18 22:45:54 ----D---- C:\Program Files\Outlook Express
2009-04-18 22:45:35 ----D---- C:\WINDOWS\system32\oobe
2009-04-18 22:09:33 ----D---- C:\WINDOWS\SoftwareDistribution
2009-04-18 21:16:25 ----A---- C:\WINDOWS\system32\results.txt
2009-04-18 20:29:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-04-18 19:36:35 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-04-18 19:28:06 ----SD---- C:\WINDOWS\Tasks
2009-04-18 00:50:03 ----SHD---- C:\RECYCLER
2009-04-18 00:32:05 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2009-04-18 00:24:43 ----D---- C:\Program Files\Justsystem
2009-04-17 15:05:01 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-17 15:04:49 ----D---- C:\Program Files\InterVideo
2009-04-17 15:03:32 ----HD---- C:\Program Files\Uninstall Information
2009-04-17 15:01:40 ----D---- C:\Documents and Settings
2009-04-17 14:51:33 ----D---- C:\WINDOWS\Registration
2009-04-17 14:44:18 ----A---- C:\WINDOWS\system.ini
2009-03-21 17:07:24 ----A---- C:\WINDOWS\system32\kernel32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-06 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-06 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-06 51376]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 FsVga;FsVga; C:\WINDOWS\system32\DRIVERS\fsvga.sys [2004-08-05 12160]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 39552]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-18 21419]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-06 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-06 94032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-01 12544]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 Arp1394;1394 ARP Client プロトコル; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-06 23152]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-11-28 165760]
R3 HDAudBus;Microsoft UAA バスドライバ (High Definition Audio 用); C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-05-23 1034752]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-05-23 178048]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-29 1050140]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-29 3173888]
R3 LEX_AS_NIC_SERVICE_YNOS;LAN-Express AS IEEE 802.11g Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ExpasAG.sys [2005-02-10 456448]
R3 mouhid;マウス HID ドライバ; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-24 12160]
R3 NIC1394;1394 ネットドライバ; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 Sonyddpu;Sony FeliCa Reader/Writer; C:\WINDOWS\System32\Drivers\Sonyddpu.sys [2005-03-24 49664]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2007-02-28 80896]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-23 716288]
S3 CCDECODE;クローズドキャプションデコーダ; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/ビデオ接続; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-06-09 3192192]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYTVC;Sony MPEG RR-Engine; C:\WINDOWS\system32\DRIVERS\SONYTVC.sys [2005-03-18 237568]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 w29n51;Windows XP 用インテル(R) PRO/Wireless 2915ABG ネットワークコネクションドライバ; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-06 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-06 138680]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-01 434176]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-18 152984]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 7520337]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-01 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-08-01 937984]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2006-09-23 176128]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2005-06-15 167936]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2005-06-15 135168]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-08 902656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-06 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-06 352920]
R3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2005-04-27 143360]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2005-06-15 270336]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-06-09 127044]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-14 32768]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-04-05 32768]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-27 53248]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-27 53248]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [2007-12-17 107808]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-27 77824]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [2007-12-17 75040]
S3 VAIO Entertainment Task Scheduler;VAIO Entertainment Task Scheduler; C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe [2005-06-03 401408]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2005-06-15 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2005-06-07 1851392]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2005-06-06 57344]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2005-06-06 770048]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2005-06-06 188416]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Apostolia

2009-04-21, 21:33

And here is the RSIT info.txt

info.txt logfile of random's system information tool 1.06 2009-04-20 21:14:03

======Uninstall list======

「時事通信社・家庭の医学」「血液サラサラ健康事典」-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD818656-33B7-4B49-808C-7876E9484FAA}\setup.exe" -l0x11
-->C:\WINDOWS\IsUn0411.exe -fC:\WINDOWS\orun32.isu
-->Dummy
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A0401AB-20DB-4A74-BD56-EAFC643CD660}\setup.exe" -l0x11
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD836E74-7923-4174-A055-F97CD0F3BB46}\setup.exe" -l0x11
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3 Encoder / Decoder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C0EA18A-4C72-11D7-B65B-00C04F790F76}\setup.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Japanese-->MsiExec.exe /I{AC76BA86-7AD7-1041-7B44-A91000000001}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Click to DVD 2.0.03 Menu Data-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E407618-D9CD-4F39-9490-9ED45294073D}\setup.exe" -l0x11 -removeonly
Click to DVD 2.5.32-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E809063C-51A3-4269-8984-D1EB742F2151}\setup.exe" -l0x11 -removeonly
Do VAIO バックアップツール-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A63ABC92-D3C1-46C8-8DE2-9F752E9B6A3F}\setup.exe" -l0x11
Do VAIO リモコンユーティリティ-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E09E82C3-6C4D-45B0-8790-BBBEE39F1A3C}\Setup.exe" -l0x11
Do VAIO-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}\Setup.exe" -l0x11
DVgate Plus-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\setup.exe" -l0x11
Edy Viewer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D30F9503-071B-4354-827D-C72D8E75BB05}\Setup.exe" -l0x11 anything
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
FeliCaブラウザエクステンション-->MsiExec.exe /X{600D85D0-14E9-4B52-A125-F31668C6BE96}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -ISnyHDANk.inf
HD革命/BackUp (バンドル版)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05257AC0-DD20-11D2-AC05-0000F4ADD897}\setup.exe"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Documents and Settings\ApostoliaTheodori\デスクトップ\HijackThis.exe" /unin
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
ID Keyholder-->MsiExec.exe /I{D9336377-F86E-4A5F-8E85-15AE657E75B3}
IFL-->MsiExec.exe /X{2EF73726-9C12-42A0-952D-9753FBF86E58}
Image Converter 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{29999594-B540-4C88-A8D3-C99CA43809FC}\setup.exe" /UNINSTALL
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
InterVideo WinDVD for VAIO-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
InterVideo WinDVDX-->"C:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
its-moNavi PC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C99E6F22-FD0E-4D6E-925A-268AD1C050D6}\setup.exe" -l0x11 UNINSTALL
i-フィルター Personal Edition 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E482F89B-3E86-44EE-BAF0-181EB994B66F}\setup.exe" -l0x11 -PEUNINST
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
LAN-Express AS IEEE 802.11 Wireless LAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}\Setup.exe" -l0x11
Macromedia Flash Player-->MsiExec.exe /X{27579b3c-5470-4496-be6c-0c872674f19f}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Memory Stick Formatter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x11 /UNINSTALL
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Japanese Language Pack-->MsiExec.exe /X{AD0DDEC6-4798-4DE5-87DC-4367D694ED06}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Personal Edition 2003-->MsiExec.exe /I{90330411-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0411-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server Desktop Engine (VAIO_VEDB)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenMG Secure Module 5.0.00-->C:\Program Files\InstallShield Installation Information\{8ED3A392-28F1-4375-97AC-BF275B5855F9}\IS_Setup.exe -runfromtemp -l0x0409 /z"UNINSTALL"
PictureGear Studio 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88DA0A52-3372-4803-971A-ADFB961707E8}\setup.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x11 -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\setup.exe" -l0x11 UNINSTALL
SFCard Viewer 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED46C765-9EB0-4D4A-AD6C-29CF7E8007B0}\Setup.exe" -l0x11 /uninstall
Skype 1.3-->"C:\Program Files\Skype\Phone\unins000.exe"
SonicStage 4.4-->C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe -runfromtemp -l0x0011 /z UNINSTALL -removeonly
SonicStage Mastering Studio 1.4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF3B304B-8A18-452D-A19F-6012CA8418D7}\setup.exe" -l0x11
SonicStage Mastering Studio オーディオフィルタ機能カスタムプリセット-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}\Setup.exe" -l0x11
SonicStage Mastering Studio オーディオフィルタ機能-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x11
SonicStage Mastering Studio プラグイン-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}\Setup.exe" -l0x11
Sony FeliCa ﾘｰﾀﾞｰ/ﾗｲﾀｰｿﾌﾄｳｪｱ-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{156E4680-CA1F-4D45-AE9F-D6731E37C175}\setup.exe" -l0x11 /uninstall
Sony MP4 Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe" -l0x11 -removeonly
Sony USB Mouse-->Pmuninst.exe MouseSuite98
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\setup.exe" -l0x11 -removeonly
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}\setup.exe" -l0x11 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Step by Step Interactive Training 用セキュリティ更新プログラム (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Step by Step Interactive Training 用セキュリティ更新プログラム (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
VAIO Entertainment Platform-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}\setup.exe" -l0x11
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x11 -removeonly
VAIO Media (再配布) 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}\setup.exe" -l0x11 UNINSTALL
VAIO Media 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\setup.exe" -l0x11 UNINSTALL
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\setup.exe" -l0x11 UNINSTALL
VAIO Media Integrated Server 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A79D11B-FD82-4A5E-834F-20173515DD14}\setup.exe" -l0x11 UNINSTALL -removeonly
VAIO Media Registration Tool 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x11 UNINSTALL
VAIO Update 4-->"C:\Program Files\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0011 -removeonly
VAIO オンラインカスタマー登録-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2C94613-2E76-418B-A8E7-0FFFE9EADCDE}\setup.exe" -l0x11
VAIO 省電力設定-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\setup.exe" -l0x11 UNINSTALL
VAIOナビ-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{326DC400-1FC4-4D7D-946D-06D1EAB93200}\setup.exe" -l0x11
VAIOハードウェア診断ツール-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A947C2B3-7445-42C4-9063-EE704CACCB22}\setup.exe" -l0x11
VAIOランチャー-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A43F939E-A863-433D-AC78-0897E44CFEB2}\setup.exe" -l0x11
Voipwise-->"C:\Program Files\Voipwise.com\Voipwise\unins000.exe"
Windows Internet Explorer 7 セキュリティ更新 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player (KB952069) セキュリティ問題の修正プログラム-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Windows Media Player 10 (KB936782) セキュリティ問題の修正プログラム-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Windows Media Player 11 (KB954154) セキュリティ問題の修正プログラム-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Windows Media Player 11 (KB959772) 重要な更新-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP (KB941569) セキュリティ問題の修正プログラム-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Windows XP セキュリティ更新 (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Windows XP ホットフィックス (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Windows XP 更新 (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Windows XP 更新 (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows XP 更新 (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wonderburg-->"C:\Program Files\Wonderburg\Uninstall.exe"
Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo!ツールバー-->rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL,DllCommand ui
インテル(R) PROSet/Wireless ソフトウェア-->C:\WINDOWS\Installer\iProInst.exe
かざそうFeliCa-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F41C96F8-3D72-4F94-9E9E-0B4E8F2B0C61}\setup.exe" -l0x11
かんたん登録-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D855DB1-742C-4C8E-B4EF-0C3DCE1F50CA}\setup.exe" -l0x11 UNINSTALL
スクリーンセーバーロック-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52A55C16-F090-46A4-B08E-470FD6B0D70B}\setup.exe" -l0x11 uninstall
てきぱき家計簿マム４-->C:\PROGRA~1\mom4\UNINST.EXE C:\PROGRA~1\mom4\mom4INST.LOG
バイオの設定-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC37C108-821D-4EDE-8F40-D5B497586805}\Setup.exe" -l0x11
バイオ電子マニュアルデータベース-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}\Setup.exe" -l0x11
バイオ電子マニュアル-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}\setup.exe" -l0x11
はじめよう! ワイヤレスLAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}\Setup.exe" -l0x11
ホットスポット・ツール-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{205C23F0-0C22-4094-9464-460BC93AC9DC}\setup.exe"
ホットスポット紹介HTML-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87246AC6-09F0-46FA-8DCA-E425D51EFEAA}\setup.exe"
みんなでＴＶ電話スタータ-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D97B89AA-D399-4152-81CE-FBB9C3688E36}
一太郎ﾋﾞｭｰｱ-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F3B2A6-CB42-11D6-9161-00E02975BB40}\Setup.exe" -l0x11 TaroView
駅すぱあと-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0F33B730-E81D-11D3-B72E-00104BC853D6}\setup.exe" -l0x11 DeInstall
静止画色補正-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{463F8033-9083-4DCE-8A1A-CA588D8EF9AF}\Setup.exe" -l0x11
筆ぐるめ Ver.12-->MsiExec.exe /I{0C40A0E0-C1C6-4AE3-8C7B-E5473B0E130C}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090421-0]

======System event log======

Computer Name: YOUR-4F00A09FE8
Event Code: 7023
Message: Application Management は次のエラーで終了しました:
指定されたモジュールが見つかりません。

Record Number: 1104
Source Name: Service Control Manager
Time Written: 20090418083407.000000+180
Event Type: エラー
User:

Computer Name: YOUR-4F00A09FE8
Event Code: 7036
Message: Application Management サービスは、停止状態に入りました。

Record Number: 1103
Source Name: Service Control Manager
Time Written: 20090418083407.000000+180
Event Type: 情報
User:

Computer Name: YOUR-4F00A09FE8
Event Code: 7035
Message: Application Management サービスは、正常に開始コントロールを送信しました。

Record Number: 1102
Source Name: Service Control Manager
Time Written: 20090418083407.000000+180
Event Type: 情報
User: YOUR-4F00A09FE8\ApostoliaTheodori

Computer Name: YOUR-4F00A09FE8
Event Code: 7023
Message: Application Management は次のエラーで終了しました:
指定されたモジュールが見つかりません。

Record Number: 1101
Source Name: Service Control Manager
Time Written: 20090418083407.000000+180
Event Type: エラー
User:

Computer Name: YOUR-4F00A09FE8
Event Code: 7036
Message: Application Management サービスは、停止状態に入りました。

Record Number: 1100
Source Name: Service Control Manager
Time Written: 20090418083407.000000+180
Event Type: 情報
User:

=====Application event log=====

Computer Name: YOUR-4F00A09FE8
Event Code: 34
Message:
Record Number: 5
Source Name: ccEvtMgr
Time Written: 20090417150142.000000+180
Event Type: 情報
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4F00A09FE8
Event Code: 35
Message:
Record Number: 4
Source Name: ccSetMgr
Time Written: 20090417150142.000000+180
Event Type: 情報
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4F00A09FE8
Event Code: 34
Message:
Record Number: 3
Source Name: ccSetMgr
Time Written: 20090417150141.000000+180
Event Type: 情報
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4F00A09FE8
Event Code: 34
Message:
Record Number: 2
Source Name: ccProxy
Time Written: 20090417150141.000000+180
Event Type: 情報
User: NT AUTHORITY\SYSTEM

Computer Name: YOUR-4F00A09FE8
Event Code: 0
Message:
Record Number: 1
Source Name: EvtEng
Time Written: 20090417150139.000000+180
Event Type: 情報
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Justsystem\JSLIB32;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Common Files\Sony Shared\FeliCaLibrary;C:\Program Files\Edy\Edy Library;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SNY_LANGUAGE"=JPN
"SNY_OS"=WINXP_HOME
"SNYSPLST"=C:\Windows\System32\Snysplst.oem
"SNYRES"=C:\Windows\System32\Snyres.oem
"SNYERROR"=C:\Windows\Temp\Snyerr.log
"SNY_LOGONUSER"=Owner

-----------------EOF-----------------

Here is the Malwarebyte`s log

Malwarebytes' Anti-Malware 1.36
Database version: 2019
Windows 5.1.2600 Service Pack 3

2009/04/20 21:07:42
mbam-log-2009-04-20 (21-07-42).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 170808
Time elapsed: 45 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft winupdate (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\msupdte.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

I had msupdte.exe before I formatted the C drive. Is it possible that it survived in some other part of the pc?? How can I prevent this from happening again?

Thanx a bunch, I will be waiting for your answer

Lia

Apostolia

2009-04-21, 21:35

Finally, I dont know if it`s relevant, but during Malwarbyte`s scan I got an error: 731 (0,6), I clicked OK and continued with the scan.

Lia

peku006

2009-04-21, 21:59

Hi Lia
I'm not quite sure where msupdte.exe comes from......

Let us take a deeper look.

Download OTScanIt2 by Oldtimer (http://oldtimer.geekstogo.com/OTScanIt2.exe) to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt2 on your desktop.

NOTE: You must be logged on to the system with an account that has Administrator privileges to run this program.

Close ALL OTHER PROGRAMS.
Open the OTScanIt2 folder and double-click on OTScanIt2.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
Click the Scan All Users checkbox on the toolbar.
Do not change any other settings.
Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Close Notepad (saving the change if necessry).

NOTE:Use the Add Reply button and Attach the scan back here (do not copy/paste it as it will be too big to fit into the post). It will be located in the OTScanIt2 folder and named OTScanIt.txt.

Thanks peku006

Apostolia

2009-04-21, 23:29

Hi again, I did everything and have the report of OTScanIt2, but I wasnt able to spot the Format menu :red:
I tried to attache it nonetheless, but I got a message saying its too big...
Can you guide me through please?...
Lia

peku006

2009-04-22, 09:55

Hi Lia
Copy and paste the contents of that file, to a reply here. ..(may need to split it over two or more posts depending on how large it is. ...)

Thanks peku006

Apostolia

2009-04-22, 19:04

Hi again :) Here is the OTScanIt2 report:

[code]
OTScanIt2 logfile created on: 2009/04/20 23:15:52 - Run 1
OTScanIt2 by OldTimer - Version 1.0.14.0 Folder = C:\Documents and Settings\ApostoliaTheodori\デスクトップ\OTScanIt2\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

1.49 Gb Total Physical Memory | 0.92 Gb Available Physical Memory | 61.73% Memory free
3.34 Gb Paging File | 2.85 Gb Available in Paging File | 85.39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18.63 Gb Total Space | 4.77 Gb Free Space | 25.62% Space Free | Partition Type: NTFS
Drive D: | 49.37 Gb Total Space | 12.50 Gb Free Space | 25.32% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4F00A09FE8
Current User Name: ApostoliaTheodori
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
apntex.exe -> %ProgramFiles%\Apoint\Apntex.exe -> [2003/02/26 05:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.)
apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> [2003/11/07 11:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.)
ashdisp.exe -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe -> [2009/02/06 00:08:45 | 00,081,000 | ---- | M] (ALWIL Software)
ashmaisv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2009/02/06 00:08:26 | 00,254,040 | ---- | M] (ALWIL Software)
ashserv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2009/02/06 00:08:40 | 00,138,680 | ---- | M] (ALWIL Software)
ashwebsv.exe -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2009/02/06 00:06:04 | 00,352,920 | ---- | M] (ALWIL Software)
aswupdsv.exe -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2009/02/06 00:01:25 | 00,018,752 | ---- | M] (ALWIL Software)
avrmtctr.exe -> %ProgramFiles%\Sony\Do VAIO Remocon\AvRmtCtr.exe -> [2005/01/31 04:10:44 | 00,192,512 | ---- | M] (Sony Corporation)
conime.exe -> %SystemRoot%\system32\conime.exe -> [2008/04/14 05:26:08 | 00,027,648 | ---- | M] (Microsoft Corporation)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2006/08/01 18:39:20 | 00,434,176 | ---- | M] (Intel Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/04/14 05:26:11 | 01,027,072 | ---- | M] (Microsoft Corporation)
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> [2009/03/26 22:11:02 | 00,307,704 | ---- | M] (Mozilla Corporation)
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/06/29 08:33:40 | 00,077,824 | ---- | M] (Intel Corporation)
ico.exe -> %SystemRoot%\system32\ICO.EXE -> [2002/03/14 10:46:58 | 00,045,056 | ---- | M] (Primax Electronics Ltd.)
igfxext.exe -> %SystemRoot%\system32\igfxext.exe -> [2005/06/29 08:33:42 | 00,086,016 | ---- | M] (Intel Corporation)
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/06/29 08:33:42 | 00,114,688 | ---- | M] (Intel Corporation)
igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> [2005/06/29 08:33:46 | 00,155,648 | ---- | M] (Intel Corporation)
isbmgr.exe -> %ProgramFiles%\Sony\ISB Utility\ISBMgr.exe -> [2004/02/20 08:12:34 | 00,032,768 | ---- | M] (Sony Corporation)
jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/04/18 19:54:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2009/04/18 19:54:27 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
otscanit2.exe -> %UserProfile%\デスクトップ\OTScanIt2\OTScanIt2\OTScanIt2.exe -> [2009/04/11 16:32:52 | 00,494,080 | ---- | M] (OldTimer Tools)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2006/08/01 18:24:22 | 00,327,680 | ---- | M] (Intel Corporation)
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2005/06/29 07:25:30 | 14,720,000 | ---- | M] (Realtek Semiconductor Corp.)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2006/08/01 18:31:22 | 00,937,984 | ---- | M] (Intel Corporation )
setgamma.exe -> %ProgramFiles%\Sony\SetGamma\SetGamma.exe -> [2005/01/25 06:58:26 | 00,094,208 | ---- | M] (Sony Corporation)
spmgr.exe -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe -> [2005/05/14 23:51:24 | 00,184,320 | ---- | M] (Sony Corporation)
sqlservr.exe -> %ProgramFiles%\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -> [2002/12/17 11:57:10 | 07,520,337 | ---- | M] (Microsoft Corporation)
vcsw.exe -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -> [2005/06/15 05:17:38 | 00,270,336 | ---- | M] (Sony Corporation)
vesmgr.exe -> %ProgramFiles%\Sony\VAIO Event Service\VESMgr.exe -> [2006/09/23 09:24:34 | 00,176,128 | ---- | M] (Sony Corporation)
vzcdbsvc.exe -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -> [2005/06/15 05:17:44 | 00,167,936 | ---- | M] (Sony Corporation)
vzfw.exe -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -> [2005/06/15 05:17:44 | 00,135,168 | ---- | M] (Sony Corporation)
vzrs.exe -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -> [2005/04/27 12:29:38 | 00,143,360 | ---- | M] (Sony Corporation)
wmpnetwk.exe -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2007/01/08 14:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation)
wmpnscfg.exe -> %ProgramFiles%\Windows Media Player\WMPNSCFG.exe -> [2007/01/08 14:38:36 | 00,204,288 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -> [2004/07/14 19:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation)
(aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\aswUpdSv.exe -> [2009/02/06 00:01:25 | 00,018,752 | ---- | M] (ALWIL Software)
(avast! Antivirus) avast! Antivirus [Win32_Own | Auto | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashServ.exe -> [2009/02/06 00:08:40 | 00,138,680 | ---- | M] (ALWIL Software)
(avast! Mail Scanner) avast! Mail Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashMaiSv.exe -> [2009/02/06 00:08:26 | 00,254,040 | ---- | M] (ALWIL Software)
(avast! Web Scanner) avast! Web Scanner [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Alwil Software\Avast4\ashWebSv.exe -> [2009/02/06 00:06:04 | 00,352,920 | ---- | M] (ALWIL Software)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2006/08/01 18:39:20 | 00,434,176 | ---- | M] (Intel Corporation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 05:25:58 | 00,038,400 | ---- | M] (Microsoft Corporation)
(Image Converter video recording monitor for VAIO Entertainment) Image Converter video recording monitor for VAIO Entertainment [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\Image Converter 2\IcVzMon.exe -> [2005/04/05 07:06:36 | 00,032,768 | ---- | M] (Sony Corporation)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/04/18 19:54:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
(MSCSPTISRV) MSCSPTISRV [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\MSCSPTISRV.exe -> [2007/11/27 20:02:20 | 00,053,248 | ---- | M] (Sony Corporation)
(MSSQL$VAIO_VEDB) MSSQL$VAIO_VEDB [Win32_Own | Auto | Running] -> %ProgramFiles%\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -> [2002/12/17 11:57:10 | 07,520,337 | ---- | M] (Microsoft Corporation)
(MSSQLServerADHelper) MSSQLServerADHelper [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe -> [2002/12/17 11:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\nvsvc32.exe -> [2005/06/09 10:56:00 | 00,127,044 | ---- | M] (NVIDIA Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 06:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\PACSPTISVR.exe -> [2007/11/27 19:43:44 | 00,053,248 | ---- | M] (Sony Corporation)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2006/08/01 18:24:22 | 00,327,680 | ---- | M] (Intel Corporation)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2006/08/01 18:31:22 | 00,937,984 | ---- | M] (Intel Corporation )
(SonicStage Back-End Service) SonicStage Back-End Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AvLib\SsBeSvc.exe -> [2007/12/17 07:20:56 | 00,107,808 | ---- | M] (Sony Corporation)
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\SPTISRV.exe -> [2007/11/27 20:08:02 | 00,077,824 | ---- | M] (Sony Corporation)
(SQLAgent$VAIO_VEDB) SQLAgent$VAIO_VEDB [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -> [2002/12/17 11:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation)
(SSScsiSV) SonicStage SCSI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AvLib\SSScsiSV.exe -> [2007/12/17 07:21:00 | 00,075,040 | ---- | M] (Sony Corporation)
(VAIO Entertainment Aggregation and Control Service) VAIO Entertainment Aggregation and Control Service [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -> [2005/04/27 12:29:38 | 00,143,360 | ---- | M] (Sony Corporation)
(VAIO Entertainment Task Scheduler) VAIO Entertainment Task Scheduler [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Entertainment\VzTaskScheduler.exe -> [2005/06/03 03:57:36 | 00,401,408 | ---- | M] (Sony Corporation)
(VAIO Entertainment TV Device Arbitration Service) VAIO Entertainment TV Device Arbitration Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -> [2005/06/15 05:17:46 | 00,073,728 | ---- | M] (Sony Corporation)
(VAIO Event Service) VAIO Event Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\VAIO Event Service\VESMgr.exe -> [2006/09/23 09:24:34 | 00,176,128 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-AppServer) VAIO Media Integrated Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\VMISrv.exe -> [2005/06/07 03:58:28 | 01,851,392 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -> [2005/06/06 21:38:26 | 00,057,344 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -> [2005/06/06 21:44:10 | 00,770,048 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-Mobile-Gateway) VAIO Media Gateway Server [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -> [2005/06/06 21:37:14 | 00,188,416 | ---- | M] (Sony Corporation)
(Vcsw) VAIO Entertainment UPnP Client Adapter [Win32_Own | On_Demand | Running] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -> [2005/06/15 05:17:38 | 00,270,336 | ---- | M] (Sony Corporation)
(VzCdbSvc) VAIO Entertainment Database Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -> [2005/06/15 05:17:44 | 00,167,936 | ---- | M] (Sony Corporation)
(VzFw) VAIO Entertainment File Import Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -> [2005/06/15 05:17:44 | 00,135,168 | ---- | M] (Sony Corporation)
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2007/01/08 14:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2009/02/06 00:05:11 | 00,026,944 | ---- | M] (ALWIL Software)
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.5.3.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\AegisP.sys -> [2009/04/18 21:16:15 | 00,021,419 | ---- | M] (Meetinghouse Data Communications)
(ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\Apfiltr.sys -> [2003/09/29 07:31:38 | 00,094,601 | ---- | M] (Alps Electric Co., Ltd.)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> %SystemRoot%\system32\DRIVERS\aswFsBlk.sys -> [2009/02/06 00:07:12 | 00,020,560 | ---- | M] (ALWIL Software)
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2009/02/06 00:08:10 | 00,094,032 | ---- | M] (ALWIL Software)
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2009/02/06 00:06:10 | 00,023,152 | ---- | M] (ALWIL Software)
(aswSP) avast! Self Protection [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswSP.sys -> [2009/02/06 00:07:23 | 00,114,768 | ---- | M] (ALWIL Software)
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2009/02/06 00:06:20 | 00,051,376 | ---- | M] (ALWIL Software)
(DMICall) Sony DMI Call service [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\DMICall.sys -> [2000/12/05 10:18:02 | 00,003,952 | ---- | M] (Sony Corporation)
(E100B) Intel(R) PRO Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\e100b325.sys -> [2006/11/28 08:15:32 | 00,165,760 | ---- | M] (Intel Corporation)
(FsVga) FsVga [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\fsvga.sys -> [2004/08/05 15:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation)
(HDAudBus) Microsoft UAA バスドライバ (High Definition Audio 用) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 19:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSFHWAZL.sys -> [2005/05/23 04:30:48 | 00,178,048 | ---- | M] (Conexant Systems, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSF_DPV.sys -> [2005/05/23 04:31:46 | 01,034,752 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ialmnt5.sys -> [2005/06/29 08:33:40 | 01,050,140 | ---- | M] (Intel Corporation)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2005/06/29 08:35:10 | 03,173,888 | ---- | M] (Realtek Semiconductor Corp.)
(LEX_AS_NIC_SERVICE_YNOS) LAN-Express AS IEEE 802.11g Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ExpasAG.sys -> [2005/02/10 17:07:50 | 00,456,448 | ---- | M] (Atheros Communications, Inc.)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> [2004/03/17 06:04:14 | 00,013,059 | ---- | M] (Conexant)
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> [2005/06/09 10:56:00 | 03,192,192 | ---- | M] (NVIDIA Corporation)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/05 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2007/07/24 13:00:00 | 00,043,872 | ---- | M] (Sonic Solutions)
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\s24trans.sys -> [2006/08/01 19:27:48 | 00,012,544 | ---- | M] (Intel Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2008/04/13 19:39:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SNC) Sony Notebook Control Device [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SonyNC.sys -> [2000/11/09 13:15:08 | 00,048,896 | ---- | M] (Sony Corporation)
(Sonyddpu) Sony FeliCa Reader/Writer [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\Sonyddpu.sys -> [2005/03/24 10:26:20 | 00,049,664 | ---- | M] (Sony Corporation)
(SONYTVC) Sony MPEG RR-Engine [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\SONYTVC.sys -> [2005/03/18 04:01:32 | 00,237,568 | ---- | M] (Sony Corporation)
(tifmsony) tifmsony [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifmsony.sys -> [2007/02/28 08:42:00 | 00,080,896 | ---- | M] (Texas Instruments)
(w29n51) Windows XP 用インテル(R) PRO/Wireless 2915ABG ネットワークコネクションドライバ [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\w29n51.sys -> [2005/04/30 10:01:56 | 03,281,408 | ---- | M] (Intel® Corporation)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSF_CNXT.sys -> [2005/05/23 04:30:42 | 00,716,288 | ---- | M] (Conexant Systems, Inc.)

Apostolia

2009-04-22, 19:05

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.vaio.sony.co.jp/Owner/ ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.vaio.sony.co.jp/Owner/ ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://www.vaio.sony.co.jp/Owner/ ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: Main\\"Start Page" -> http://www.vaio.sony.co.jp/Owner/ ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\: Main\\"Page_Transitions" -> Reg Error: Invalid data type. ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\: Main\\"Start Page" -> http://www.google.com/ ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\: "ProxyEnable" -> 0 ->
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\ApostoliaTheodori\Application Data\Mozilla\FireFox\Profiles\cr2v74hj.default\prefs.js ->
browser.startup.homepage -> "http://www.google.com/" ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 ->
extensions.enabledItems -> jqs@sun.com:1.0 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8 ->
extensions.enabledItems -> {F587B2D4-7C09-4a23-AC4A-8D6E3CE8C7DA}:3.2 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\extensions -> ->
HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com -> %ProgramFiles%\JAVA\JRE6\LIB\DEPLOY\JQS\FF [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/04/18 19:54:27 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components -> %ProgramFiles%\MOZILLA FIREFOX\COMPONENTS [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/04/18 20:28:05 | 00,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins -> %ProgramFiles%\MOZILLA FIREFOX\PLUGINS [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/04/19 18:54:26 | 00,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
-> C:\Documents and Settings\ApostoliaTheodori\Application Data\mozilla\Extensions -> [2009/04/18 20:28:06 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\ApostoliaTheodori\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2009/04/18 20:28:06 | 00,000,000 | ---D | M]
-> C:\Documents and Settings\ApostoliaTheodori\Application Data\mozilla\Firefox\Profiles\cr2v74hj.default\extensions -> [2009/04/19 12:31:12 | 00,096,148 | ---- | M] ()
-> C:\Documents and Settings\ApostoliaTheodori\Application Data\mozilla\Firefox\Profiles\cr2v74hj.default\extensions\{F587B2D4-7C09-4a23-AC4A-8D6E3CE8C7DA} -> [2009/04/19 12:31:12 | 00,096,148 | ---- | M] ()
-> C:\Documents and Settings\ApostoliaTheodori\Application Data\mozilla\Firefox\Profiles\cr2v74hj.default\extensions\{F587B2D4-7C09-4a23-AC4A-8D6E3CE8C7DA}\chrome\mozapps\extensions -> [2009/04/19 20:39:03 | 00,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
-> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions -> [2009/03/26 22:11:20 | 09,732,600 | ---- | M] (Mozilla Foundation)
-> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/03/26 22:11:20 | 09,732,600 | ---- | M] (Mozilla Foundation)
-> C:\PROGRAM FILES\MOZILLA FIREFOX\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/03/26 22:11:20 | 09,732,600 | ---- | M] (Mozilla Foundation)
< FireFox Components [Program Folders] > ->
C:\PROGRAM FILES\MOZILLA FIREFOX\components\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\components -> [2009/04/18 20:28:05 | 00,000,000 | ---D | M]
browserdirprovider.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\browserdirprovider.dll -> [2009/03/26 22:11:21 | 00,023,032 | ---- | M] (Mozilla Foundation)
brwsrcmp.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\components\brwsrcmp.dll -> [2009/03/26 22:11:22 | 00,134,648 | ---- | M] (Mozilla Foundation)
< FireFox Plugins [Program Folders] > ->
C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins -> [2009/04/19 18:54:26 | 00,000,000 | ---D | M]
npdeploytk.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npdeploytk.dll -> [2009/04/18 19:54:27 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.)
npnul32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\npnul32.dll -> [2009/03/26 22:11:24 | 00,065,528 | ---- | M] (mozilla.org)
NPOFFICE.DLL -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\NPOFFICE.DLL -> [2003/07/14 16:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation)
nppdf32.dll -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppdf32.dll -> [2009/02/27 06:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.)
nppdf32.JPN -> C:\PROGRAM FILES\MOZILLA FIREFOX\plugins\nppdf32.JPN -> [2009/02/27 10:44:04 | 00,005,632 | ---- | M] ()
< FireFox SearchPlugins [Program Folders] > ->
C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\ -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins -> [2009/04/18 20:27:29 | 00,000,000 | ---D | M]
amazondotcom.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\amazondotcom.xml -> [2009/03/26 21:56:22 | 00,001,394 | ---- | M] ()
answers.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\answers.xml -> [2009/03/26 21:56:22 | 00,002,193 | ---- | M] ()
creativecommons.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\creativecommons.xml -> [2009/03/26 21:56:22 | 00,001,534 | ---- | M] ()
eBay.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\eBay.xml -> [2009/03/26 21:56:22 | 00,002,343 | ---- | M] ()
google.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\google.xml -> [2009/03/26 21:56:22 | 00,001,706 | ---- | M] ()
wikipedia.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\wikipedia.xml -> [2009/03/26 21:56:22 | 00,001,178 | ---- | M] ()
yahoo.xml -> C:\PROGRAM FILES\MOZILLA FIREFOX\searchplugins\yahoo.xml -> [2009/03/26 21:56:22 | 00,000,792 | ---- | M] ()
< HOSTS File > (305173 bytes and 10553 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
Reset Hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\ycomp5_3_15_0.dll [Yahoo! Companion BHO] -> [2005/04/11 05:53:02 | 00,278,528 | ---- | M] (Yahoo! Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 06:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 09:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
{C893A505-44D3-4184-9888-2179DFF75707} [HKLM] -> %ProgramFiles%\Sony\EasyRegister\EasyRegister.dll [InfoMaker Class] -> [2005/05/11 08:37:08 | 00,200,704 | ---- | M] (Sony Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/04/18 19:54:26 | 00,035,840 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/04/18 19:54:27 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
{EC5D2125-D8AB-4a18-A599-D97D2731DE19} [HKLM] -> %ProgramFiles%\Sony\FeliCaBrowserExtension\fbe.dll [FeliCaブラウザエクステンション] -> [2005/06/07 09:25:26 | 00,495,616 | ---- | M] (Sony Corp.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\ycomp5_3_15_0.dll [&Yahoo!ツールバー] -> [2005/04/11 05:53:02 | 00,278,528 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\ycomp5_3_15_0.dll [&Yahoo!ツールバー] -> [2005/04/11 05:53:02 | 00,278,528 | ---- | M] (Yahoo! Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 11:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
"Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2005/05/03 12:43:28 | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.)
"Apoint" -> %ProgramFiles%\Apoint\Apoint.exe [C:\Program Files\Apoint\Apoint.exe] -> [2003/11/07 11:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.)
"avast!" -> %ProgramFiles%\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2009/02/06 00:08:45 | 00,081,000 | ---- | M] (ALWIL Software)
"AzMixerSel" -> %ProgramFiles%\Realtek\InstallShield\AzMixerSel.exe [C:\Program Files\Realtek\InstallShield\AzMixerSel.exe] -> [2005/04/29 08:56:44 | 00,045,056 | ---- | M] (Realtek Semiconductor Corp.)
"HotKeysCmds" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/06/29 08:33:40 | 00,077,824 | ---- | M] (Intel Corporation)
"IgfxTray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005/06/29 08:33:46 | 00,094,208 | ---- | M] (Intel Corporation)
"IMEKRMIG6.1" -> %SystemRoot%\ime\imkr6_1\IMEKRMIG.EXE [C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE] -> [2004/08/05 15:00:00 | 00,044,032 | ---- | M] (Microsoft Corporation)
"IMJPMIG8.1" -> %SystemRoot%\IME\imjp8_1\IMJPMIG.EXE ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] -> [2008/04/14 05:26:14 | 00,208,952 | ---- | M] (Microsoft Corporation)
"IMJPMIG9.0" -> %CommonProgramFiles%\Microsoft Shared\IME\IMJP9\IMJPMIG.EXE [C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32] -> [2003/07/14 16:57:42 | 00,118,840 | ---- | M] (Microsoft Corporation)
"ISBMgr.exe" -> %ProgramFiles%\Sony\ISB Utility\ISBMgr.exe [C:\Program Files\Sony\ISB Utility\ISBMgr.exe] -> [2004/02/20 08:12:34 | 00,032,768 | ---- | M] (Sony Corporation)
"Mouse Suite 98 Daemon" -> %SystemRoot%\system32\ICO.EXE [ICO.EXE] -> [2002/03/14 10:46:58 | 00,045,056 | ---- | M] (Primax Electronics Ltd.)
"MSPY2002" -> [C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC] -> File not found
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2005/06/09 10:56:00 | 06,746,112 | ---- | M] (NVIDIA Corporation)
"Persistence" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/06/29 08:33:42 | 00,114,688 | ---- | M] (Intel Corporation)
"PHIME2002A" -> %SystemRoot%\system32\IME\TINTLGNT\TINTSETP.EXE [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName] -> [2004/08/05 15:00:00 | 00,455,168 | ---- | M] (Microsoft Corporation)
"PHIME2002ASync" -> [C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC] -> File not found
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2005/06/29 07:25:30 | 14,720,000 | ---- | M] (Realtek Semiconductor Corp.)
"SetGamma" -> %ProgramFiles%\Sony\SetGamma\SetGamma.exe [C:\Program Files\Sony\SetGamma\SetGamma.exe] -> [2005/01/25 06:58:26 | 00,094,208 | ---- | M] (Sony Corporation)
"SonyPowerCfg" -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] -> [2005/05/14 23:51:24 | 00,184,320 | ---- | M] (Sony Corporation)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/04/18 19:54:27 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.)
"VAIO Update 4" -> ["C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary] -> File not found
"VZRemoteCommander" -> %ProgramFiles%\Sony\Do VAIO Remocon\AvRmtCtr.exe [C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe] -> [2005/01/31 04:10:44 | 00,192,512 | ---- | M] (Sony Corporation)
< Run [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"WMPNSCFG" -> %ProgramFiles%\Windows Media Player\WMPNSCFG.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2007/01/08 14:38:36 | 00,204,288 | ---- | M] (Microsoft Corporation)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\スタートメニュー\プログラム\スタートアップ ->
< ApostoliaTheodori Startup Folder > -> C:\Documents and Settings\ApostoliaTheodori\スタートメニュー\プログラム\スタートアップ ->
%UserProfile%\スタートメニュー\プログラム\スタートアップ\ERUNT AutoBackup.lnk -> %ProgramFiles%\ERUNT\AUTOBACK.EXE -> [2005/10/20 06:04:08 | 00,038,912 | ---- | M] ()
< Default User Startup Folder > -> C:\Documents and Settings\Default User\スタートメニュー\プログラム\スタートアップ ->
%SystemDrive%\Documents and Settings\Default User\スタートメニュー\プログラム\スタートアップ\E-Flyer.lnk -> %ProgramFiles%\Sony\E-Flyer\E-Flyer.exe -> [2005/01/18 13:13:46 | 00,491,520 | ---- | M] (Sony Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ ->
Microsoft Excel にエクスポート(&X) -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2003/08/12 20:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ ->
Microsoft Excel にエクスポート(&X) -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2003/08/12 20:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\Software\Microsoft\Internet Explorer\MenuExt\ ->
Microsoft Excel にエクスポート(&X) -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> [2003/08/12 20:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: リサーチ] -> [2003/07/14 16:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 09:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 05:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 05:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}" [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> [2009/01/26 09:31:02 | 01,879,896 | ---- | M] (Safer Networking Limited)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 05:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5481 domain(s) found. ->
49 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5480 domain(s) found. ->
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5480 domain(s) found. ->
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5480 domain(s) found. ->
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\] > -> HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-1220155894-2208596125-1286895483-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240081846984 [MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] ->
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab [Java Plug-in 1.6.0_13] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{127E5B60-33B5-4E31-9B9B-6B97146109E9} -> (Intel(R) PRO/100 VE Network Connection) ->
{181B584D-99F5-4FCC-A547-8291E859E624} -> (1394 ネットアダプタ) ->
{35EE5E1F-D454-4EE8-8033-BA274B8E2EC6} -> () ->
{F240B857-B29D-494E-B82A-B39ACBFDD2B9} -> (LAN-Express AS IEEE 802.11g miniPCI Adapter) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> %SystemRoot%\Explorer.exe -> [2008/04/14 05:26:11 | 01,027,072 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/06/29 08:33:42 | 00,131,072 | ---- | M] (Intel Corporation)
VESWinlogon -> %SystemRoot%\system32\VESWinlogon.dll -> [2006/09/23 09:24:34 | 00,073,728 | ---- | M] (Sony Corporation)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 05:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 21:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 05:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2005/06/13 13:59:00 | 17,589,288 | ---- | M] ()
"C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -> C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe [C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise] -> [2008/12/08 09:02:12 | 08,974,128 | ---- | M] (Voipwise)
"C:\Program Files\Vuze\Azureus.exe" -> C:\Program Files\Vuze\Azureus.exe [C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus] -> File not found
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM ドライバ ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 21:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2005/07/11 07:28:17 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->

Apostolia

2009-04-22, 19:06

[Files/Folders - Created Within 30 Days]
5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
OTScanIt2 -> %UserProfile%\デスクトップ\OTScanIt2 -> [2009/04/20 23:13:32 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\デスクトップ\OTScanIt2.exe -> [2009/04/20 23:11:22 | 00,665,196 | ---- | C] ()
trend micro -> %ProgramFiles%\trend micro -> [2009/04/20 21:13:32 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2009/04/20 21:13:29 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2009/04/20 19:58:42 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/04/20 19:58:40 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\デスクトップ\Malwarebytes' Anti-Malware.lnk -> [2009/04/20 19:58:40 | 00,000,696 | ---- | C] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/04/20 19:58:38 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2009/04/20 19:58:36 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/04/20 19:58:35 | 00,000,000 | ---D | C]
info.doc -> %UserProfile%\デスクトップ\info.doc -> [2009/04/20 16:03:37 | 00,019,968 | ---- | C] ()
xvidcore.dll -> %SystemRoot%\System32\xvidcore.dll -> [2009/04/20 13:29:31 | 00,815,104 | ---- | C] ()
xvidvfw.dll -> %SystemRoot%\System32\xvidvfw.dll -> [2009/04/20 13:29:30 | 00,180,224 | ---- | C] ()
xvid.ax -> %SystemRoot%\System32\xvid.ax -> [2009/04/20 13:29:30 | 00,077,824 | ---- | C] ()
Xvid -> %ProgramFiles%\Xvid -> [2009/04/20 13:29:30 | 00,000,000 | ---D | C]
GSpot270a -> %ProgramFiles%\GSpot270a -> [2009/04/20 13:20:20 | 00,000,000 | ---D | C]
Voipwise -> %AppData%\Voipwise -> [2009/04/20 11:04:38 | 00,000,000 | ---D | C]
spmsg.dll -> %SystemRoot%\System32\spmsg.dll -> [2009/04/20 11:04:18 | 00,016,760 | ---- | C] (Microsoft Corporation)
Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [2009/04/20 11:03:13 | 00,000,000 | ---D | C]
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009/04/20 11:00:23 | 00,000,000 | -H-- | C] ()
UMDF -> %SystemRoot%\System32\drivers\UMDF -> [2009/04/20 11:00:07 | 00,000,000 | ---D | C]
LogFiles -> %SystemRoot%\System32\LogFiles -> [2009/04/20 11:00:06 | 00,000,000 | ---D | C]
Config.Msi -> %SystemDrive%\Config.Msi -> [2009/04/20 10:58:20 | 00,000,000 | -HSD | C]
My Videos -> %UserProfile%\My Documents\My Videos -> [2009/04/20 10:39:56 | 00,000,000 | R--D | C]
My Videos -> %AllUsersProfile%\Documents\My Videos -> [2009/04/20 10:39:56 | 00,000,000 | R--D | C]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/04/20 10:37:29 | 00,007,680 | ---- | C] ()
RSIT.exe -> %UserProfile%\デスクトップ\RSIT.exe -> [2009/04/20 10:30:01 | 00,781,909 | ---- | C] ()
mbam-setup.exe -> %UserProfile%\デスクトップ\mbam-setup.exe -> [2009/04/20 10:29:31 | 02,967,800 | ---- | C] (Malwarebytes Corporation )
matrimonio_230409.doc -> %UserProfile%\デスクトップ\matrimonio_230409.doc -> [2009/04/20 07:23:34 | 00,084,480 | ---- | C] ()
ShinyTales -> %AppData%\ShinyTales -> [2009/04/20 06:57:33 | 00,000,000 | ---D | C]
WinRAR -> %AppData%\WinRAR -> [2009/04/20 06:38:52 | 00,000,000 | ---D | C]
WinRAR -> %ProgramFiles%\WinRAR -> [2009/04/20 06:37:44 | 00,000,000 | ---D | C]
Play Wonderburg.lnk -> %AllUsersProfile%\デスクトップ\Play Wonderburg.lnk -> [2009/04/19 23:12:57 | 00,001,580 | ---- | C] ()
Wonderburg -> %ProgramFiles%\Wonderburg -> [2009/04/19 23:12:06 | 00,000,000 | ---D | C]
blg -> %AppData%\blg -> [2009/04/19 22:52:08 | 00,000,000 | ---D | C]
blg -> %AllUsersProfile%\Application Data\blg -> [2009/04/19 22:52:08 | 00,000,000 | ---D | C]
TEMP -> %AllUsersProfile%\Application Data\TEMP -> [2009/04/19 22:50:29 | 00,000,000 | ---D | C]
Spa Mania -> %ProgramFiles%\Spa Mania -> [2009/04/19 22:49:57 | 00,000,000 | ---D | C]
Play My Games.lnk -> %AllUsersProfile%\デスクトップ\Play My Games.lnk -> [2009/04/19 22:39:19 | 00,001,572 | ---- | C] ()
bfgclient -> %ProgramFiles%\bfgclient -> [2009/04/19 22:39:18 | 00,000,000 | ---D | C]
BigFishGamesCache -> %AllUsersProfile%\Application Data\BigFishGamesCache -> [2009/04/19 22:38:15 | 00,000,000 | ---D | C]
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [2009/04/19 19:03:13 | 00,000,211 | RHS- | C] ()
cmldr -> %SystemDrive%\cmldr -> [2009/04/19 19:03:11 | 00,260,272 | RHS- | C] ()
cmdcons -> %SystemDrive%\cmdcons -> [2009/04/19 19:03:07 | 00,000,000 | RHSD | C]
setup.pss -> %SystemRoot%\setup.pss -> [2009/04/19 19:03:06 | 00,000,000 | ---D | C]
setupupd -> %SystemRoot%\setupupd -> [2009/04/19 19:02:39 | 00,000,000 | ---D | C]
ODBC.INI -> %SystemRoot%\ODBC.INI -> [2009/04/19 18:55:14 | 00,000,385 | ---- | C] ()
mdimon.dll -> %SystemRoot%\System32\mdimon.dll -> [2009/04/19 18:55:11 | 00,017,920 | ---- | C] (Microsoft Corporation)
Microsoft ActiveSync -> %ProgramFiles%\Microsoft ActiveSync -> [2009/04/19 18:54:03 | 00,000,000 | ---D | C]
DESIGNER -> %CommonProgramFiles%\DESIGNER -> [2009/04/19 18:53:57 | 00,000,000 | ---D | C]
SHELLNEW -> %SystemRoot%\SHELLNEW -> [2009/04/19 18:53:12 | 00,000,000 | ---D | C]
Microsoft.NET -> %ProgramFiles%\Microsoft.NET -> [2009/04/19 18:53:11 | 00,000,000 | ---D | C]
MSOCache -> %SystemDrive%\MSOCache -> [2009/04/19 18:49:23 | 00,000,000 | RH-D | C]
ERDNT -> %SystemRoot%\ERDNT -> [2009/04/19 18:29:30 | 00,000,000 | ---D | C]
ERUNT AutoBackup.lnk -> %UserProfile%\スタートメニュー\プログラム\スタートアップ\ERUNT AutoBackup.lnk -> [2009/04/19 18:29:03 | 00,000,767 | ---- | C] ()
NTREGOPT.lnk -> %UserProfile%\デスクトップ\NTREGOPT.lnk -> [2009/04/19 18:28:48 | 00,000,611 | ---- | C] ()
ERUNT.lnk -> %UserProfile%\デスクトップ\ERUNT.lnk -> [2009/04/19 18:28:48 | 00,000,592 | ---- | C] ()
ERUNT -> %ProgramFiles%\ERUNT -> [2009/04/19 18:28:48 | 00,000,000 | ---D | C]
HiJackThis.exe -> %UserProfile%\デスクトップ\HiJackThis.exe -> [2009/04/19 17:46:52 | 00,401,720 | ---- | C] (Trend Micro Inc.)
mucltui.dll -> %SystemRoot%\System32\mucltui.dll -> [2009/04/19 16:32:52 | 00,268,648 | ---- | C] (Microsoft Corporation)
mucltui.dll.mui -> %SystemRoot%\System32\mucltui.dll.mui -> [2009/04/19 16:32:52 | 00,023,400 | ---- | C] (Microsoft Corporation)
vssver2.scc -> %SystemRoot%\System32\vssver2.scc -> [2009/04/19 15:49:25 | 00,000,164 | -HS- | C] ()
CDDBUISony.dll -> %SystemRoot%\System32\CDDBUISony.dll -> [2009/04/19 15:41:49 | 00,770,048 | ---- | C] (Gracenote)
CDDBControlSony.dll -> %SystemRoot%\System32\CDDBControlSony.dll -> [2009/04/19 15:41:48 | 00,655,360 | ---- | C] (Gracenote, Inc.)
CddbMusicIDSony.dll -> %SystemRoot%\System32\CddbMusicIDSony.dll -> [2009/04/19 15:41:48 | 00,589,824 | ---- | C] (Gracenote)
CddbPlaylist2Sony.dll -> %SystemRoot%\System32\CddbPlaylist2Sony.dll -> [2009/04/19 15:41:48 | 00,532,480 | ---- | C] ()
CddbLangJASony.dll -> %SystemRoot%\System32\CddbLangJASony.dll -> [2009/04/19 15:41:48 | 00,077,824 | ---- | C] (Gracenote)
CddbLinkSony.dll -> %SystemRoot%\System32\CddbLinkSony.dll -> [2009/04/19 15:41:48 | 00,073,728 | ---- | C] (Gracenote)
InstallShield -> %AppData%\InstallShield -> [2009/04/19 15:40:18 | 00,000,000 | ---D | C]
Azureus -> %AllUsersProfile%\Application Data\Azureus -> [2009/04/19 14:58:15 | 00,000,000 | ---D | C]
Azureus -> %AppData%\Azureus -> [2009/04/19 14:58:12 | 00,000,000 | ---D | C]
Voipwise.lnk -> %UserProfile%\デスクトップ\Voipwise.lnk -> [2009/04/19 14:57:04 | 00,000,745 | ---- | C] ()
Voipwise.com -> %ProgramFiles%\Voipwise.com -> [2009/04/19 14:57:01 | 00,000,000 | ---D | C]
SonyAIwo.dll -> %SystemRoot%\System32\SonyAIwo.dll -> [2009/04/19 14:50:45 | 00,155,648 | ---- | C] (QSound Labs, Inc.)
SonyAIds.dll -> %SystemRoot%\System32\SonyAIds.dll -> [2009/04/19 14:50:45 | 00,147,456 | ---- | C] (QSound Labs, Inc.)
SonyAIwd.dll -> %SystemRoot%\System32\SonyAIwd.dll -> [2009/04/19 14:50:45 | 00,086,016 | ---- | C] (QSound Labs, Inc.)
PrivacIE -> %UserProfile%\PrivacIE -> [2009/04/19 13:19:13 | 00,000,000 | -HSD | C]
IETldCache -> %UserProfile%\IETldCache -> [2009/04/19 13:15:06 | 00,000,000 | -HSD | C]
ie8 -> %SystemRoot%\ie8 -> [2009/04/19 13:11:35 | 00,000,000 | -H-D | C]
en-US -> %SystemRoot%\System32\en-US -> [2009/04/19 13:11:35 | 00,000,000 | ---D | C]
ie7updates -> %SystemRoot%\ie7updates -> [2009/04/19 12:51:57 | 00,000,000 | ---D | C]
msfeedsbs.dll -> %SystemRoot%\System32\dllcache\msfeedsbs.dll -> [2009/04/19 12:51:18 | 00,055,296 | ---- | C] (Microsoft Corporation)
ieframe.dll -> %SystemRoot%\System32\dllcache\ieframe.dll -> [2009/04/19 12:51:17 | 11,063,808 | ---- | C] (Microsoft Corporation)
ieapfltr.dat -> %SystemRoot%\System32\dllcache\ieapfltr.dat -> [2009/04/19 12:51:17 | 03,698,584 | ---- | C] (Microsoft Corporation)
iertutil.dll -> %SystemRoot%\System32\dllcache\iertutil.dll -> [2009/04/19 12:51:17 | 01,985,024 | ---- | C] (Microsoft Corporation)
ieframe.dll.mui -> %SystemRoot%\System32\dllcache\ieframe.dll.mui -> [2009/04/19 12:51:17 | 01,241,088 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> %SystemRoot%\System32\dllcache\msfeeds.dll -> [2009/04/19 12:51:17 | 00,594,432 | ---- | C] (Microsoft Corporation)
ieapfltr.dll -> %SystemRoot%\System32\dllcache\ieapfltr.dll -> [2009/04/19 12:51:17 | 00,445,952 | ---- | C] (Microsoft Corporation)
icardie.dll -> %SystemRoot%\System32\dllcache\icardie.dll -> [2009/04/19 12:51:17 | 00,059,904 | ---- | C] (Microsoft Corporation)
ieudinit.exe -> %SystemRoot%\System32\dllcache\ieudinit.exe -> [2009/04/19 12:51:17 | 00,013,824 | ---- | C] (Microsoft Corporation)
WBEM -> %SystemRoot%\WBEM -> [2009/04/19 12:51:00 | 00,000,000 | ---D | C]
ie7 -> %SystemRoot%\ie7 -> [2009/04/19 12:49:20 | 00,000,000 | -H-D | C]
$NtServicePackUninstallIDNMitigationAPIs$ -> %SystemRoot%\$NtServicePackUninstallIDNMitigationAPIs$ -> [2009/04/19 12:49:01 | 00,000,000 | -H-D | C]
$NtServicePackUninstallNLSDownlevelMapping$ -> %SystemRoot%\$NtServicePackUninstallNLSDownlevelMapping$ -> [2009/04/19 12:48:28 | 00,000,000 | -H-D | C]
diafora -> %UserProfile%\デスクトップ\diafora -> [2009/04/19 01:17:43 | 00,000,000 | ---D | C]
Adobe -> %AppData%\Adobe -> [2009/04/19 01:12:21 | 00,000,000 | ---D | C]
Spybot - Search & Destroy.lnk -> %UserProfile%\デスクトップ\Spybot - Search & Destroy.lnk -> [2009/04/19 00:45:05 | 00,000,963 | ---- | C] ()
Spybot - Search & Destroy -> %ProgramFiles%\Spybot - Search & Destroy -> [2009/04/19 00:44:59 | 00,000,000 | ---D | C]
Spybot - Search & Destroy -> %AllUsersProfile%\Application Data\Spybot - Search & Destroy -> [2009/04/19 00:44:59 | 00,000,000 | ---D | C]
Adobe -> %AllUsersProfile%\Application Data\Adobe -> [2009/04/19 00:23:48 | 00,000,000 | ---D | C]
Adobe -> %CommonProgramFiles%\Adobe -> [2009/04/19 00:23:28 | 00,000,000 | ---D | C]
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/04/19 00:11:08 | 24,921,544 | ---- | C] (Microsoft Corporation)
Microsoft CAPICOM 2.1.0.2 -> %ProgramFiles%\Microsoft CAPICOM 2.1.0.2 -> [2009/04/19 00:11:03 | 00,000,000 | ---D | C]
avast! Antivirus.lnk -> %AllUsersProfile%\デスクトップ\avast! Antivirus.lnk -> [2009/04/19 00:10:31 | 00,001,709 | ---- | C] ()
aswTdi.sys -> %SystemRoot%\System32\drivers\aswTdi.sys -> [2009/04/19 00:10:30 | 00,051,376 | ---- | C] (ALWIL Software)
aswRdr.sys -> %SystemRoot%\System32\drivers\aswRdr.sys -> [2009/04/19 00:10:30 | 00,023,152 | ---- | C] (ALWIL Software)
aavmker4.sys -> %SystemRoot%\System32\drivers\aavmker4.sys -> [2009/04/19 00:10:29 | 00,026,944 | ---- | C] (ALWIL Software)
AvastSS.scr -> %SystemRoot%\System32\AvastSS.scr -> [2009/04/19 00:10:28 | 00,097,480 | ---- | C] (ALWIL Software)
aswSP.sys -> %SystemRoot%\System32\drivers\aswSP.sys -> [2009/04/19 00:10:27 | 00,114,768 | ---- | C] (ALWIL Software)
aswmon2.sys -> %SystemRoot%\System32\drivers\aswmon2.sys -> [2009/04/19 00:10:27 | 00,094,032 | ---- | C] (ALWIL Software)
aswmon.sys -> %SystemRoot%\System32\drivers\aswmon.sys -> [2009/04/19 00:10:27 | 00,093,296 | ---- | C] (ALWIL Software)
aswFsBlk.sys -> %SystemRoot%\System32\drivers\aswFsBlk.sys -> [2009/04/19 00:10:27 | 00,020,560 | ---- | C] (ALWIL Software)
aswBoot.exe -> %SystemRoot%\System32\aswBoot.exe -> [2009/04/19 00:10:07 | 01,256,296 | ---- | C] (ALWIL Software)
actskin4.ocx -> %SystemRoot%\System32\actskin4.ocx -> [2009/04/19 00:10:07 | 00,380,928 | ---- | C] ()
Prefetch -> %SystemRoot%\Prefetch -> [2009/04/18 23:04:06 | 00,000,000 | ---D | C]
l2schemas -> %SystemRoot%\l2schemas -> [2009/04/18 22:47:44 | 00,000,000 | ---D | C]
ja-jp -> %SystemRoot%\System32\ja-jp -> [2009/04/18 22:47:44 | 00,000,000 | ---D | C]
ja -> %SystemRoot%\System32\ja -> [2009/04/18 22:47:43 | 00,000,000 | ---D | C]
bits -> %SystemRoot%\System32\bits -> [2009/04/18 22:47:43 | 00,000,000 | ---D | C]
ServicePackFiles -> %SystemRoot%\ServicePackFiles -> [2009/04/18 22:46:14 | 00,000,000 | ---D | C]
network diagnostic -> %SystemRoot%\network diagnostic -> [2009/04/18 22:43:42 | 00,000,000 | ---D | C]
$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [2009/04/18 22:40:40 | 00,000,000 | -H-D | C]
EHome -> %SystemRoot%\EHome -> [2009/04/18 22:40:39 | 00,000,000 | ---D | C]
netwlan5.img -> %SystemRoot%\System32\drivers\netwlan5.img -> [2009/04/18 22:32:26 | 00,067,866 | ---- | C] ()
cxthsfs2.cty -> %SystemRoot%\System32\drivers\cxthsfs2.cty -> [2009/04/18 22:32:14 | 00,129,045 | ---- | C] ()
ativmc20.cod -> %SystemRoot%\System32\drivers\ativmc20.cod -> [2009/04/18 22:31:43 | 00,064,352 | ---- | C] ()
Windows Genuine Advantage -> %AllUsersProfile%\Application Data\Windows Genuine Advantage -> [2009/04/18 22:18:42 | 00,000,000 | ---D | C]
UserData -> %UserProfile%\UserData -> [2009/04/18 22:09:25 | 00,000,000 | -HSD | C]
MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [2009/04/18 21:22:27 | 00,000,000 | ---D | C]
Intel -> %AllUsersProfile%\Application Data\Intel -> [2009/04/18 21:09:06 | 00,000,000 | ---D | C]
Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [2009/04/18 20:55:15 | 00,000,000 | ---D | C]
NOS -> %ProgramFiles%\NOS -> [2009/04/18 20:54:54 | 00,000,000 | ---D | C]
NOS -> %AllUsersProfile%\Application Data\NOS -> [2009/04/18 20:54:54 | 00,000,000 | ---D | C]
DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [2009/04/18 20:28:48 | 00,000,000 | ---D | C]
Mozilla -> %AppData%\Mozilla -> [2009/04/18 20:28:04 | 00,000,000 | ---D | C]
Mozilla Firefox.lnk -> %AllUsersProfile%\デスクトップ\Mozilla Firefox.lnk -> [2009/04/18 20:27:32 | 00,001,602 | ---- | C] ()
Update -> %SystemDrive%\Update -> [2009/04/18 20:11:30 | 00,000,000 | ---D | C]
Fujitsu -> %UserProfile%\Local Settings\Application Data\Fujitsu -> [2009/04/18 20:09:17 | 00,000,000 | ---D | C]
Fujitsu -> %AppData%\Fujitsu -> [2009/04/18 20:09:17 | 00,000,000 | ---D | C]
Java -> %ProgramFiles%\Java -> [2009/04/18 19:54:22 | 00,000,000 | ---D | C]
Sun -> %AppData%\Sun -> [2009/04/18 08:33:09 | 00,000,000 | ---D | C]
OA190Free.exe -> %UserProfile%\デスクトップ\OA190Free.exe -> [2009/04/18 08:28:26 | 13,229,544 | ---- | C] (Tall Emu Pty Ltd )
wmiprvse.exe -> %SystemRoot%\System32\dllcache\wmiprvse.exe -> [2009/04/18 01:49:28 | 00,227,840 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> %SystemRoot%\System32\dllcache\ntoskrnl.exe -> [2009/04/18 01:49:27 | 02,189,056 | ---- | C] (Microsoft Corporation)
rpcss.dll -> %SystemRoot%\System32\dllcache\rpcss.dll -> [2009/04/18 01:49:26 | 00,401,408 | ---- | C] (Microsoft Corporation)
pdh.dll -> %SystemRoot%\System32\dllcache\pdh.dll -> [2009/04/18 01:49:26 | 00,294,912 | ---- | C] (Microsoft Corporation)
services.exe -> %SystemRoot%\System32\dllcache\services.exe -> [2009/04/18 01:49:26 | 00,110,592 | ---- | C] (Microsoft Corporation)
sc.exe -> %SystemRoot%\System32\dllcache\sc.exe -> [2009/04/18 01:49:26 | 00,035,328 | ---- | C] (Microsoft Corporation)
advapi32.dll -> %SystemRoot%\System32\dllcache\advapi32.dll -> [2009/04/18 01:49:25 | 00,674,304 | ---- | C] (Microsoft Corporation)
fastprox.dll -> %SystemRoot%\System32\dllcache\fastprox.dll -> [2009/04/18 01:49:25 | 00,473,600 | ---- | C] (Microsoft Corporation)
lsasrv.dll -> %SystemRoot%\System32\dllcache\lsasrv.dll -> [2009/04/18 01:49:24 | 00,713,728 | ---- | C] (Microsoft Corporation)
ntdll.dll -> %SystemRoot%\System32\dllcache\ntdll.dll -> [2009/04/18 01:49:24 | 00,636,416 | ---- | C] (Microsoft Corporation)
wmiprvsd.dll -> %SystemRoot%\System32\dllcache\wmiprvsd.dll -> [2009/04/18 01:49:24 | 00,453,120 | ---- | C] (Microsoft Corporation)
ntkrnlmp.exe -> %SystemRoot%\System32\dllcache\ntkrnlmp.exe -> [2009/04/18 01:49:23 | 02,145,280 | ---- | C] (Microsoft Corporation)
ntkrpamp.exe -> %SystemRoot%\System32\dllcache\ntkrpamp.exe -> [2009/04/18 01:49:22 | 02,023,936 | ---- | C] (Microsoft Corporation)
msadce.dll -> %SystemRoot%\System32\dllcache\msadce.dll -> [2009/04/18 01:43:53 | 00,331,776 | ---- | C] (Microsoft Corporation)
inetcomm.dll -> %SystemRoot%\System32\dllcache\inetcomm.dll -> [2009/04/18 01:43:35 | 00,691,712 | ---- | C] (Microsoft Corporation)
bthport.sys -> %SystemRoot%\System32\drivers\bthport.sys -> [2009/04/18 01:40:23 | 00,270,464 | ---- | C] (Microsoft Corporation)
bthport.sys -> %SystemRoot%\System32\dllcache\bthport.sys -> [2009/04/18 01:40:23 | 00,270,464 | ---- | C] (Microsoft Corporation)
Alwil Software -> %ProgramFiles%\Alwil Software -> [2009/04/18 00:58:32 | 00,000,000 | ---D | C]
rmcast.sys -> %SystemRoot%\System32\dllcache\rmcast.sys -> [2009/04/18 00:56:23 | 00,203,136 | ---- | C] (Microsoft Corporation)
mrxsmb.sys -> %SystemRoot%\System32\dllcache\mrxsmb.sys -> [2009/04/18 00:56:11 | 00,455,296 | ---- | C] (Microsoft Corporation)
srv.sys -> %SystemRoot%\System32\dllcache\srv.sys -> [2009/04/18 00:50:21 | 00,333,952 | ---- | C] (Microsoft Corporation)
nsreg.dat -> %SystemRoot%\nsreg.dat -> [2009/04/18 00:50:07 | 00,000,000 | ---- | C] ()
Mozilla -> %UserProfile%\Local Settings\Application Data\Mozilla -> [2009/04/18 00:50:03 | 00,000,000 | ---D | C]
Mozilla Firefox -> %ProgramFiles%\Mozilla Firefox -> [2009/04/18 00:49:52 | 00,000,000 | ---D | C]
strmdll.dll -> %SystemRoot%\System32\dllcache\strmdll.dll -> [2009/04/18 00:42:37 | 00,247,326 | ---- | C] (Microsoft Corporation)
msxml3.dll -> %SystemRoot%\System32\dllcache\msxml3.dll -> [2009/04/18 00:42:18 | 01,106,944 | ---- | C] (Microsoft Corporation)
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [2009/04/18 00:38:02 | 01,203,922 | ---- | C] ()
wordpad.exe -> %SystemRoot%\System32\dllcache\wordpad.exe -> [2009/04/18 00:38:01 | 00,210,944 | ---- | C] (Microsoft Corporation)
Macromedia -> %AppData%\Macromedia -> [2009/04/18 00:35:35 | 00,000,000 | ---D | C]
PreInstall -> %SystemRoot%\System32\PreInstall -> [2009/04/18 00:35:14 | 00,000,000 | ---D | C]
netapi32.dll -> %SystemRoot%\System32\dllcache\netapi32.dll -> [2009/04/18 00:34:31 | 00,337,408 | ---- | C] (Microsoft Corporation)
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/04/18 00:32:18 | 00,053,480 | ---- | C] ()
snyprmnd.oem -> %SystemRoot%\System32\snyprmnd.oem -> [2009/04/18 00:30:01 | 00,000,000 | ---- | C] ()
Gakken -> %ProgramFiles%\Gakken -> [2009/04/18 00:29:47 | 00,000,000 | ---D | C]
sanrioV -> %ProgramFiles%\sanrioV -> [2009/04/18 00:29:07 | 00,000,000 | ---D | C]
doranet_exp -> %ProgramFiles%\doranet_exp -> [2009/04/18 00:28:10 | 00,000,000 | ---D | C]
PLATO -> %ProgramFiles%\PLATO -> [2009/04/18 00:27:53 | 00,000,000 | ---D | C]
携帯万能１5　体験版 -> %ProgramFiles%\携帯万能１5　体験版 -> [2009/04/18 00:27:40 | 00,000,000 | ---D | C]
UNBALANCE -> %ProgramFiles%\UNBALANCE -> [2009/04/18 00:27:08 | 00,000,000 | ---D | C]
mouhid.sys -> %SystemRoot%\System32\drivers\mouhid.sys -> [2009/04/18 00:26:56 | 00,012,160 | ---- | C] (Microsoft Corporation)
mouhid.sys -> %SystemRoot%\System32\dllcache\mouhid.sys -> [2009/04/18 00:26:56 | 00,012,160 | ---- | C] (Microsoft Corporation)
hidusb.sys -> %SystemRoot%\System32\drivers\hidusb.sys -> [2009/04/18 00:26:46 | 00,010,368 | ---- | C] (Microsoft Corporation)
IBM Homepage Builder V9 Trial Installer -> %ProgramFiles%\IBM Homepage Builder V9 Trial Installer -> [2009/04/18 00:26:26 | 00,000,000 | ---D | C]
FRONTIER GROOVE -> %ProgramFiles%\FRONTIER GROOVE -> [2009/04/18 00:25:59 | 00,000,000 | ---D | C]
Digital Arts -> %ProgramFiles%\Digital Arts -> [2009/04/18 00:25:22 | 00,000,000 | ---D | C]
NTTCom -> %ProgramFiles%\NTTCom -> [2009/04/18 00:25:05 | 00,000,000 | ---D | C]
MSTEST40.DLL -> %SystemRoot%\System32\MSTEST40.DLL -> [2009/04/18 00:24:42 | 00,847,360 | ---- | C] (Microsoft Corporation)
Microsoft Office -> %ProgramFiles%\Microsoft Office -> [2009/04/18 00:24:26 | 00,000,000 | ---D | C]
i4 -> %ProgramFiles%\i4 -> [2009/04/18 00:23:27 | 00,000,000 | ---D | C]
SoftwareDistribution -> %SystemRoot%\System32\SoftwareDistribution -> [2009/04/18 00:20:41 | 00,000,000 | ---D | C]
Office11 -> %ProgramFiles%\Office11 -> [2009/04/18 00:20:32 | 00,000,000 | ---D | C]
VAIO Media Platform -> %AllUsersProfile%\Application Data\VAIO Media Platform -> [2009/04/17 15:23:27 | 00,000,000 | ---D | C]
VAIOUpdt.INI -> %SystemRoot%\VAIOUpdt.INI -> [2009/04/17 15:20:13 | 00,000,000 | ---- | C] ()
CDDBUI.dll -> %SystemRoot%\System32\CDDBUI.dll -> [2009/04/17 15:18:56 | 00,757,760 | ---- | C] (Gracenote)
CDDBControl.dll -> %SystemRoot%\System32\CDDBControl.dll -> [2009/04/17 15:18:56 | 00,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.))
CddbLangJA.dll -> %SystemRoot%\System32\CddbLangJA.dll -> [2009/04/17 15:18:56 | 00,086,016 | ---- | C] (Gracenote)
Yahoo! -> %ProgramFiles%\Yahoo! -> [2009/04/17 15:18:06 | 00,000,000 | ---D | C]
時事通信社 -> %ProgramFiles%\時事通信社 -> [2009/04/17 15:16:40 | 00,000,000 | ---D | C]
Native.exe -> %SystemRoot%\System32\Native.exe -> [2009/04/17 15:16:29 | 00,049,945 | ---- | C] ()
cloneboot.sys -> %SystemRoot%\System32\drivers\cloneboot.sys -> [2009/04/17 15:16:29 | 00,003,057 | ---- | C] (株式会社　アーク情報システム)
HDBackUp Bundle -> %ProgramFiles%\HDBackUp Bundle -> [2009/04/17 15:16:28 | 00,000,000 | ---D | C]
NTT Communications -> %ProgramFiles%\NTT Communications -> [2009/04/17 15:16:13 | 00,000,000 | ---D | C]
LTAP5FNR.BIN -> %SystemRoot%\System32\LTAP5FNR.BIN -> [2009/04/17 15:15:50 | 00,000,256 | -H-- | C] ()
Konica Uploader -> %CommonProgramFiles%\Konica Uploader -> [2009/04/17 15:14:38 | 00,000,000 | ---D | C]
筆ぐるめ -> %UserProfile%\My Documents\筆ぐるめ -> [2009/04/17 15:14:16 | 00,000,000 | ---D | C]
Fgw12 -> %ProgramFiles%\Fgw12 -> [2009/04/17 15:14:16 | 00,000,000 | ---D | C]
筆ぐるめ -> %AllUsersProfile%\Documents\筆ぐるめ -> [2009/04/17 15:12:57 | 00,000,000 | ---D | C]
FujisoftABC -> %AllUsersProfile%\Application Data\FujisoftABC -> [2009/04/17 15:12:57 | 00,000,000 | ---D | C]
SPR32X30.ocx -> %SystemRoot%\System32\SPR32X30.ocx -> [2009/04/17 15:12:23 | 01,028,096 | ---- | C] (FarPoint Technologies, Inc.)
VSPrint7.ocx -> %SystemRoot%\System32\VSPrint7.ocx -> [2009/04/17 15:12:23 | 00,339,968 | ---- | C] (ComponentOne)
ComDlg32.ocx -> %SystemRoot%\System32\ComDlg32.ocx -> [2009/04/17 15:12:23 | 00,152,848 | ---- | C] (Microsoft Corporation)
SfxBar.dll -> %SystemRoot%\System32\SfxBar.dll -> [2009/04/17 15:12:23 | 00,129,024 | ---- | C] (Software FX, Inc.)
CmDlgJP.dll -> %SystemRoot%\System32\CmDlgJP.dll -> [2009/04/17 15:12:23 | 00,028,160 | ---- | C] (Microsoft Corporation)
Cfx4032.ocx -> %SystemRoot%\System32\Cfx4032.ocx -> [2009/04/17 15:12:22 | 00,554,384 | ---- | C] (Software FX, Inc.)
VB6JP.DLL -> %SystemRoot%\System32\VB6JP.DLL -> [2009/04/17 15:12:22 | 00,102,160 | ---- | C] (Microsoft Corporation)
mom4 -> %ProgramFiles%\mom4 -> [2009/04/17 15:12:22 | 00,000,000 | ---D | C]
ZENRIN -> %ProgramFiles%\ZENRIN -> [2009/04/17 15:12:07 | 00,000,000 | ---D | C]
ExpWin32 -> %ProgramFiles%\ExpWin32 -> [2009/04/17 15:11:27 | 00,000,000 | ---D | C]
WININIT.INI -> %SystemRoot%\WININIT.INI -> [2009/04/17 15:10:24 | 00,000,059 | ---- | C] ()
Cpuinf32.dll -> %SystemRoot%\System32\Cpuinf32.dll -> [2009/04/17 15:09:04 | 00,019,968 | ---- | C] ()
Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [2009/04/17 15:07:30 | 00,000,000 | ---D | C]
NETTIME -> %ProgramFiles%\NETTIME -> [2009/04/17 15:07:00 | 00,000,000 | ---D | C]
Edy -> %ProgramFiles%\Edy -> [2009/04/17 15:06:54 | 00,000,000 | ---D | C]
ImageConverter2 -> %AllUsersProfile%\ImageConverter2 -> [2009/04/17 15:05:53 | 00,000,000 | ---D | C]
dbmsqlgc.dll -> %SystemRoot%\System32\dbmsqlgc.dll -> [2009/04/17 15:03:33 | 00,033,340 | ---- | C] (Microsoft Corporation)
dbmsgnet.dll -> %SystemRoot%\System32\dbmsgnet.dll -> [2009/04/17 15:03:33 | 00,024,576 | ---- | C] (Microsoft Corporation)
Microsoft SQL Server -> %ProgramFiles%\Microsoft SQL Server -> [2009/04/17 15:03:13 | 00,000,000 | ---D | C]
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/04/17 15:01:44 | 01,576,662 | -H-- | C] ()
fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [2009/04/17 15:01:44 | 00,000,140 | ---- | C] ()
desktop.ini -> %AppData%\desktop.ini -> [2009/04/17 15:01:44 | 00,000,062 | -HS- | C] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/04/17 15:01:43 | 00,000,088 | -HS- | C] ()
desktop.ini -> %UserProfile%\スタートメニュー\プログラム\スタートアップ\desktop.ini -> [2009/04/17 15:01:42 | 00,000,084 | -HS- | C] ()
Identities -> %AppData%\Identities -> [2009/04/17 15:01:42 | 00,000,000 | ---D | C]
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/04/17 15:01:41 | 04,980,736 | -H-- | C] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/04/17 15:01:41 | 00,000,178 | -HS- | C] ()
SendTo -> %UserProfile%\SendTo -> [2009/04/17 15:01:41 | 00,000,000 | RH-D | C]
Recent -> %UserProfile%\Recent -> [2009/04/17 15:01:41 | 00,000,000 | RH-D | C]
Application Data -> %AppData% -> [2009/04/17 15:01:41 | 00,000,000 | RH-D | C]
スタートメニュー -> %UserProfile%\スタートメニュー -> [2009/04/17 15:01:41 | 00,000,000 | R--D | C]
My Pictures -> %UserProfile%\My Documents\My Pictures -> [2009/04/17 15:01:41 | 00,000,000 | R--D | C]
My Music -> %UserProfile%\My Documents\My Music -> [2009/04/17 15:01:41 | 00,000,000 | R--D | C]
My Documents -> %UserProfile%\My Documents -> [2009/04/17 15:01:41 | 00,000,000 | R--D | C]
Favorites -> %UserProfile%\Favorites -> [2009/04/17 15:01:41 | 00,000,000 | R--D | C]
Cookies -> %UserProfile%\Cookies -> [2009/04/17 15:01:41 | 00,000,000 | -HSD | C]
Templates -> %UserProfile%\Templates -> [2009/04/17 15:01:41 | 00,000,000 | -H-D | C]
PrintHood -> %UserProfile%\PrintHood -> [2009/04/17 15:01:41 | 00,000,000 | -H-D | C]
NetHood -> %UserProfile%\NetHood -> [2009/04/17 15:01:41 | 00,000,000 | -H-D | C]
Local Settings -> %UserProfile%\Local Settings -> [2009/04/17 15:01:41 | 00,000,000 | -H-D | C]
デスクトップ -> %UserProfile%\デスクトップ -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
Symantec -> %AppData%\Symantec -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
Sony Corporation -> %AppData%\Sony Corporation -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
My Skype Pictures -> %UserProfile%\My Documents\My Skype Pictures -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
Microsoft -> %AppData%\Microsoft -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
{3248F0A6-6813-11D6-A77B-00B0D0150030} -> %UserProfile%\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150030} -> [2009/04/17 15:01:41 | 00,000,000 | ---D | C]
NTUSER.DAT -> %AllUsersProfile%\NTUSER.DAT -> [2009/04/17 15:00:30 | 00,262,144 | ---- | C] ()
Sony_VGN-FS22B.mrk -> %SystemRoot%\System32\drivers\Sony_VGN-FS22B.mrk -> [2009/04/17 15:00:29 | 00,000,000 | RH-- | C] ()
プログラムのショートカット -> %ProgramFiles%\プログラムのショートカット -> [2009/04/17 15:00:20 | 00,000,000 | ---D | C]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/04/17 14:41:48 | 16,006,38976 | -HS- | C] ()
System Volume Information -> %SystemDrive%\System Volume Information -> [2009/04/17 14:22:45 | 00,000,000 | -HSD | C]
smscfg.ini -> %SystemRoot%\smscfg.ini -> [2005/07/11 11:30:46 | 00,000,061 | ---- | C] ()
IVIresizeW7.dll -> %SystemRoot%\System32\IVIresizeW7.dll -> [2005/07/11 11:02:15 | 00,204,800 | ---- | C] ()
IVIresizeA6.dll -> %SystemRoot%\System32\IVIresizeA6.dll -> [2005/07/11 11:02:15 | 00,200,704 | ---- | C] ()
IVIresizeP6.dll -> %SystemRoot%\System32\IVIresizeP6.dll -> [2005/07/11 11:02:15 | 00,192,512 | ---- | C] ()
IVIresizeM6.dll -> %SystemRoot%\System32\IVIresizeM6.dll -> [2005/07/11 11:02:15 | 00,192,512 | ---- | C] ()
IVIresizePX.dll -> %SystemRoot%\System32\IVIresizePX.dll -> [2005/07/11 11:02:15 | 00,188,416 | ---- | C] ()
IVIresize.dll -> %SystemRoot%\System32\IVIresize.dll -> [2005/07/11 11:02:15 | 00,020,480 | ---- | C] ()
orun32.ini -> %SystemRoot%\orun32.ini -> [2005/07/11 10:55:49 | 00,000,840 | ---- | C] ()
WLANDLL.DLL -> %SystemRoot%\System32\WLANDLL.DLL -> [2005/07/11 09:35:18 | 00,143,360 | ---- | C] ()
OEMINFO.INI -> %SystemRoot%\System32\OEMINFO.INI -> [2005/07/11 07:14:41 | 00,002,166 | ---- | C] ()
msimek.sys -> %SystemRoot%\System32\msimek.sys -> [2005/07/11 07:14:26 | 00,065,392 | ---- | C] ()
$ias.sys -> %SystemRoot%\System32\$ias.sys -> [2005/07/11 07:14:26 | 00,054,700 | ---- | C] ()
msimei.sys -> %SystemRoot%\System32\msimei.sys -> [2005/07/11 07:14:26 | 00,044,496 | ---- | C] ()
key02.sys -> %SystemRoot%\System32\key02.sys -> [2005/07/11 07:14:26 | 00,042,841 | ---- | C] ()
keyax.sys -> %SystemRoot%\System32\keyax.sys -> [2005/07/11 07:14:26 | 00,042,633 | ---- | C] ()
msime.sys -> %SystemRoot%\System32\msime.sys -> [2005/07/11 07:14:26 | 00,039,808 | ---- | C] ()
appsicon.dll -> %SystemRoot%\System32\appsicon.dll -> [2005/07/11 07:14:26 | 00,027,956 | ---- | C] ()
$disp.sys -> %SystemRoot%\System32\$disp.sys -> [2005/07/11 07:14:26 | 00,020,688 | ---- | C] ()
msimed.sys -> %SystemRoot%\System32\msimed.sys -> [2005/07/11 07:14:26 | 00,013,597 | ---- | C] ()
kkcfunc.sys -> %SystemRoot%\System32\kkcfunc.sys -> [2005/07/11 07:14:26 | 00,004,701 | ---- | C] ()
$prnescp.sys -> %SystemRoot%\System32\$prnescp.sys -> [2005/07/11 07:14:26 | 00,004,125 | ---- | C] ()
disp_win.sys -> %SystemRoot%\System32\disp_win.sys -> [2005/07/11 07:14:26 | 00,002,990 | ---- | C] ()
ntfont.sys -> %SystemRoot%\System32\ntfont.sys -> [2005/07/11 07:14:26 | 00,000,901 | ---- | C] ()
font_win.sys -> %SystemRoot%\System32\font_win.sys -> [2005/07/11 07:14:26 | 00,000,852 | ---- | C] ()
win.ini -> %SystemRoot%\win.ini -> [2005/07/11 07:14:10 | 00,000,603 | ---- | C] ()
system.ini -> %SystemRoot%\system.ini -> [2005/07/11 07:14:07 | 00,000,231 | ---- | C] ()
lanman.drv -> %SystemRoot%\System32\lanman.drv -> [2005/07/11 07:13:47 | 00,229,088 | ---- | C] ()
OUTLPERF.INI -> %SystemRoot%\System32\OUTLPERF.INI -> [2003/02/19 09:36:06 | 00,005,099 | ---- | C] ()
LFFPX7.DLL -> %SystemRoot%\System32\LFFPX7.DLL -> [2001/03/09 12:00:00 | 00,338,944 | ---- | C] ()
LFKODAK.DLL -> %SystemRoot%\System32\LFKODAK.DLL -> [2001/03/09 12:00:00 | 00,118,784 | ---- | C] ()

[Files/Folders - Modified Within 30 Days]
5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
9 C:\Documents and Settings\ApostoliaTheodori\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\ApostoliaTheodori\Local Settings\Temp\*.tmp ->
1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
OTScanIt2.exe -> %UserProfile%\デスクトップ\OTScanIt2.exe -> [2009/04/20 23:11:25 | 00,665,196 | ---- | M] ()
info.doc -> %UserProfile%\デスクトップ\info.doc -> [2009/04/20 21:21:06 | 00,019,968 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/04/20 21:15:51 | 00,727,938 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/04/20 21:15:51 | 00,398,514 | ---- | M] ()
perfh011.dat -> %SystemRoot%\System32\perfh011.dat -> [2009/04/20 21:15:51 | 00,197,920 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/04/20 21:15:51 | 00,060,646 | ---- | M] ()
perfc011.dat -> %SystemRoot%\System32\perfc011.dat -> [2009/04/20 21:15:51 | 00,060,640 | ---- | M] ()
Perflib_Perfdata_840.dat -> %SystemRoot%\Temp\Perflib_Perfdata_840.dat -> [2009/04/20 21:11:08 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_514.dat -> %SystemRoot%\Temp\Perflib_Perfdata_514.dat -> [2009/04/20 21:11:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6d0.dat -> [2009/04/20 21:10:40 | 00,016,384 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/04/20 21:10:40 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/04/20 21:09:53 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/04/20 21:09:48 | 16,006,38976 | -HS- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/04/20 21:08:55 | 04,980,736 | -H-- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/04/20 21:08:55 | 00,000,178 | -HS- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\デスクトップ\Malwarebytes' Anti-Malware.lnk -> [2009/04/20 19:58:40 | 00,000,696 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/04/20 19:32:07 | 00,007,680 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/04/20 17:36:37 | 00,001,374 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/04/20 17:35:51 | 00,004,232 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/04/20 17:35:50 | 00,004,646 | ---- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/04/20 16:06:28 | 00,305,173 | R--- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/04/20 15:42:22 | 00,001,158 | ---- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/04/20 15:40:07 | 01,576,662 | -H-- | M] ()
hosts.20090420-160628.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090420-160628.backup -> [2009/04/20 15:38:53 | 00,305,173 | R--- | M] ()
hosts.20090420-153853.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090420-153853.backup -> [2009/04/20 13:31:26 | 00,305,173 | R--- | M] ()
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009/04/20 12:55:12 | 00,023,392 | ---- | M] ()
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009/04/20 12:55:12 | 00,016,832 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/04/20 11:03:24 | 00,000,603 | ---- | M] ()
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009/04/20 11:02:00 | 00,316,640 | ---- | M] ()
MsftWdf_user_01_00_00.Wdf -> %SystemRoot%\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf -> [2009/04/20 11:00:23 | 00,000,000 | -H-- | M] ()
InstallUtil.InstallLog -> %SystemRoot%\System32\InstallUtil.InstallLog -> [2009/04/20 10:58:34 | 00,001,228 | ---- | M] ()
fusioncache.dat -> %UserProfile%\Local Settings\Application Data\fusioncache.dat -> [2009/04/20 10:58:24 | 00,000,140 | ---- | M] ()
RSIT.exe -> %UserProfile%\デスクトップ\RSIT.exe -> [2009/04/20 10:30:07 | 00,781,909 | ---- | M] ()
mbam-setup.exe -> %UserProfile%\デスクトップ\mbam-setup.exe -> [2009/04/20 10:30:04 | 02,967,800 | ---- | M] (Malwarebytes Corporation )
matrimonio_230409.doc -> %UserProfile%\デスクトップ\matrimonio_230409.doc -> [2009/04/20 07:23:36 | 00,084,480 | ---- | M] ()
Play Wonderburg.lnk -> %AllUsersProfile%\デスクトップ\Play Wonderburg.lnk -> [2009/04/19 23:12:57 | 00,001,580 | ---- | M] ()
Play My Games.lnk -> %AllUsersProfile%\デスクトップ\Play My Games.lnk -> [2009/04/19 22:39:19 | 00,001,572 | ---- | M] ()
swt-gdip-win32-3448.dll -> %UserProfile%\Local Settings\Temp\swt-gdip-win32-3448.dll -> [2009/04/19 20:40:59 | 00,077,824 | ---- | M] (Eclipse Foundation)
swt-win32-3448.dll -> %UserProfile%\Local Settings\Temp\swt-win32-3448.dll -> [2009/04/19 20:40:46 | 00,335,872 | ---- | M] (Eclipse Foundation)
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/04/19 19:45:14 | 00,210,568 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/04/19 19:32:17 | 00,053,480 | ---- | M] ()
hosts.20090420-193126.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090420-193126.backup -> [2009/04/19 19:22:35 | 00,305,173 | R--- | M] ()
boot.ini -> %SystemDrive%\boot.ini -> [2009/04/19 19:03:14 | 00,000,283 | RHS- | M] ()
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2009/04/19 18:56:36 | 00,011,070 | ---- | M] ()
ODBC.INI -> %SystemRoot%\ODBC.INI -> [2009/04/19 18:55:14 | 00,000,385 | ---- | M] ()
ERUNT AutoBackup.lnk -> %UserProfile%\スタートメニュー\プログラム\スタートアップ\ERUNT AutoBackup.lnk -> [2009/04/19 18:29:03 | 00,000,767 | ---- | M] ()
NTREGOPT.lnk -> %UserProfile%\デスクトップ\NTREGOPT.lnk -> [2009/04/19 18:28:48 | 00,000,611 | ---- | M] ()
ERUNT.lnk -> %UserProfile%\デスクトップ\ERUNT.lnk -> [2009/04/19 18:28:48 | 00,000,592 | ---- | M] ()
hosts.20090420-012235.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090420-012235.backup -> [2009/04/19 18:16:58 | 00,305,173 | R--- | M] ()
HiJackThis.exe -> %UserProfile%\デスクトップ\HiJackThis.exe -> [2009/04/19 17:46:59 | 00,401,720 | ---- | M] (Trend Micro Inc.)
hosts.20090420-001658.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090420-001658.backup -> [2009/04/19 17:29:42 | 00,305,173 | R--- | M] ()
Spybot - Search & Destroy.lnk -> %UserProfile%\デスクトップ\Spybot - Search & Destroy.lnk -> [2009/04/19 16:32:23 | 00,000,963 | ---- | M] ()
Voipwise.lnk -> %UserProfile%\デスクトップ\Voipwise.lnk -> [2009/04/19 14:57:04 | 00,000,745 | ---- | M] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/04/19 13:15:13 | 00,000,088 | -HS- | M] ()
hosts.20090419-232942.backup -> %SystemRoot%\System32\drivers\etc\hosts.20090419-232942.backup -> [2009/04/19 01:12:41 | 00,305,173 | R--- | M] ()
avast! Antivirus.lnk -> %AllUsersProfile%\デスクトップ\avast! Antivirus.lnk -> [2009/04/19 00:10:31 | 00,001,709 | ---- | M] ()
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2009/04/19 00:10:27 | 00,003,058 | ---- | M] ()
ntldr -> %SystemDrive%\ntldr -> [2009/04/18 22:43:22 | 00,260,800 | RHS- | M] ()
Mozilla Firefox.lnk -> %AllUsersProfile%\デスクトップ\Mozilla Firefox.lnk -> [2009/04/18 20:27:32 | 00,001,602 | ---- | M] ()
OA190Free.exe -> %UserProfile%\デスクトップ\OA190Free.exe -> [2009/04/18 08:32:37 | 13,229,544 | ---- | M] (Tall Emu Pty Ltd )
nsreg.dat -> %SystemRoot%\nsreg.dat -> [2009/04/18 00:50:07 | 00,000,000 | ---- | M] ()
SNYSPLST.OEM -> %SystemRoot%\System32\SNYSPLST.OEM -> [2009/04/18 00:30:05 | 00,001,456 | ---- | M] ()
SNYINST.OEM -> %SystemRoot%\System32\SNYINST.OEM -> [2009/04/18 00:30:05 | 00,000,042 | ---- | M] ()
Snyres.oem -> %SystemRoot%\System32\Snyres.oem -> [2009/04/18 00:30:01 | 00,034,060 | ---- | M] ()
VAIOUpdt.INI -> %SystemRoot%\VAIOUpdt.INI -> [2009/04/17 15:20:13 | 00,000,000 | ---- | M] ()
LTAP5FNR.BIN -> %SystemRoot%\System32\LTAP5FNR.BIN -> [2009/04/17 15:15:50 | 00,000,256 | -H-- | M] ()
WININIT.INI -> %SystemRoot%\WININIT.INI -> [2009/04/17 15:10:25 | 00,000,059 | ---- | M] ()
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2009/04/17 15:00:34 | 00,000,164 | ---- | M] ()
NTUSER.DAT -> %AllUsersProfile%\NTUSER.DAT -> [2009/04/17 15:00:31 | 00,262,144 | ---- | M] ()
Sony_VGN-FS22B.mrk -> %SystemRoot%\System32\drivers\Sony_VGN-FS22B.mrk -> [2009/04/17 15:00:29 | 00,000,000 | RH-- | M] ()
BOOT.BAK -> %SystemDrive%\BOOT.BAK -> [2009/04/17 15:00:28 | 00,000,211 | RHS- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2009/04/17 14:44:18 | 00,000,231 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/04/06 01:57:26 | 24,921,544 | ---- | M] (Microsoft Corporation)
sysmain.sdb -> %SystemRoot%\System32\dllcache\sysmain.sdb -> [2009/03/27 09:48:27 | 01,203,922 | ---- | M] ()

[Alternate Data Streams]
@Alternate Data Stream - 102 bytes -> %AllUsersProfile%\Application Data\TEMP:663B62CA
@Alternate Data Stream - 109 bytes -> %AllUsersProfile%\Application Data\TEMP:F67AAFC5
< End of report >
[/code]

Apostolia

2009-04-22, 19:07

That`s all for now! Thanks for being so patient

Lia

peku006

2009-04-22, 19:24

Hi Lia

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Vuze

I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Make an uninstall list using HijackThis

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

http://img.bleepingcomputer.com/tutorials/hijackthis/uninstall-man.jpg

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply

Thanks peku006

Apostolia

2009-04-22, 23:34

Hi peku006 :) I had already uninstalled the program, but in any case here is the list:

「時事通信社・家庭の医学」「血液サラサラ健康事典」
AC3 Encoder / Decoder
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1 - Japanese
avast! Antivirus
Big Fish Games Client
Click to DVD 2.0.03 Menu Data
Click to DVD 2.5.32
Do VAIO
Do VAIO バックアップツール
Do VAIO リモコンユーティリティ
DVgate Plus
Edy Viewer
ERUNT 1.1j
FeliCaブラウザエクステンション
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HD革命/BackUp (バンドル版)
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
ID Keyholder
IFL
Image Converter 2
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PRO Network Connections Drivers
InterVideo WinDVD for VAIO
InterVideo WinDVDX
its-moNavi PC
i-フィルター Personal Edition 3
Java(TM) 6 Update 13
LAN-Express AS IEEE 802.11 Wireless LAN
Macromedia Flash Player
Malwarebytes' Anti-Malware
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 1.1 Japanese Language Pack
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Personal Edition 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft SQL Server Desktop Engine (VAIO_VEDB)
Microsoft User-Mode Driver Framework Feature Pack 1.0
mMHouse
Mozilla Firefox (3.0.8)
mPfMgr
mProSafe
MSXML 4.0 SP2 (KB954430)
mWlsSafe
mXML
NVIDIA Drivers
OpenMG Secure Module 5.0.00
PictureGear Studio 2.0
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Setting Utility Series
SFCard Viewer 2
Skype 1.3
SonicStage 4.4
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio オーディオフィルタ機能
SonicStage Mastering Studio オーディオフィルタ機能カスタムプリセット
SonicStage Mastering Studio プラグイン
Sony FeliCa ﾘｰﾀﾞｰ/ﾗｲﾀｰｿﾌﾄｳｪｱ
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
Step by Step Interactive Training 用セキュリティ更新プログラム (KB898458)
Step by Step Interactive Training 用セキュリティ更新プログラム (KB923723)
VAIO Entertainment Platform
VAIO Event Service
VAIO Media (再配布) 4.2
VAIO Media 4.2
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 4.2
VAIO Media Registration Tool 4.2
VAIO Update 4
VAIO オンラインカスタマー登録
VAIO 省電力設定
VAIOナビ
VAIOハードウェア診断ツール
VAIOランチャー
Voipwise
Windows Internet Explorer 7
Windows Internet Explorer 7 セキュリティ更新 (KB963027)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player (KB952069) セキュリティ問題の修正プログラム
Windows Media Player 10 (KB936782) セキュリティ問題の修正プログラム
Windows Media Player 11
Windows Media Player 11
Windows Media Player 11 (KB954154) セキュリティ問題の修正プログラム
Windows Media Player 11 (KB959772) 重要な更新
Windows XP (KB941569) セキュリティ問題の修正プログラム
Windows XP Service Pack 3
Windows XP セキュリティ更新 (KB923561)
Windows XP セキュリティ更新 (KB938464-v2)
Windows XP セキュリティ更新 (KB946648)
Windows XP セキュリティ更新 (KB950760)
Windows XP セキュリティ更新 (KB950762)
Windows XP セキュリティ更新 (KB950974)
Windows XP セキュリティ更新 (KB951066)
Windows XP セキュリティ更新 (KB951376-v2)
Windows XP セキュリティ更新 (KB951748)
Windows XP セキュリティ更新 (KB952004)
Windows XP セキュリティ更新 (KB952954)
Windows XP セキュリティ更新 (KB954459)
Windows XP セキュリティ更新 (KB954600)
Windows XP セキュリティ更新 (KB955069)
Windows XP セキュリティ更新 (KB956572)
Windows XP セキュリティ更新 (KB956802)
Windows XP セキュリティ更新 (KB956803)
Windows XP セキュリティ更新 (KB957097)
Windows XP セキュリティ更新 (KB958644)
Windows XP セキュリティ更新 (KB958687)
Windows XP セキュリティ更新 (KB958690)
Windows XP セキュリティ更新 (KB959426)
Windows XP セキュリティ更新 (KB960225)
Windows XP セキュリティ更新 (KB960715)
Windows XP セキュリティ更新 (KB960803)
Windows XP セキュリティ更新 (KB961373)
Windows XP セキュリティ更新 (KB963027)
Windows XP ホットフィックス (KB952287)
Windows XP 更新 (KB951978)
Windows XP 更新 (KB955839)
Windows XP 更新 (KB967715)
WinRAR archiver
Wonderburg
Xvid 1.2.1 final uninstall
Yahoo!ツールバー
インテル(R) PROSet/Wireless ソフトウェア
かざそうFeliCa
かんたん登録
スクリーンセーバーロック
てきぱき家計簿マム４
バイオの設定
バイオ電子マニュアル
バイオ電子マニュアルデータベース
はじめよう! ワイヤレスLAN
ホットスポット・ツール
ホットスポット紹介HTML
みんなでＴＶ電話スタータ
一太郎ﾋﾞｭｰｱ
駅すぱあと
静止画色補正
筆ぐるめ Ver.12

Thanx for the link, I read all the info. Please let me know if I need to do something more. :)

Lia

peku006

2009-04-23, 08:55

Hi Lia

1 - Clean temp files

Download and Run ATF Cleaner
Download ATF (Atribune Temp File) CleanerÂ© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

if you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

if you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program

2 - Kaspersky Online Scan

Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with

1. the Kaspersky online scanner report
2. a fresh HijackThis log
How's the computer running now? Any problems?

Thanks peku006

Apostolia

2009-04-25, 05:51

Hi peku006,sorry I couldnt write back earlier...
From what I see in the scan report the infected files are in drive D, in a file called programmata. That file was created by me in the long past but I cannot see it any more when I right click the start menu and click Explorer. Nor can I find it through Search. Please advice me what to do.
The pc however seems to be working just fine...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:43:14, on 2009/04/24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\SetGamma\SetGamma.exe
C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\ApostoliaTheodori\デスクトップ\HiJackThis.exe

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: InfoMaker Class - {C893A505-44D3-4184-9888-2179DFF75707} - C:\Program Files\Sony\EasyRegister\EasyRegister.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FeliCaブラウザエクステンション - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll
O3 - Toolbar: &Yahoo!ツールバー - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\YCOMP5~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [SetGamma] C:\Program Files\Sony\SetGamma\SetGamma.exe
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\Do VAIO Remocon\AvRmtCtr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: リサーチ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/Owner/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240081846984
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 10537 bytes

And here is the scan report
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Friday, April 24, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Friday, April 24, 2009 09:11:47
Records in database: 2074498
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 99201
Threat name: 1
Infected objects: 9
Suspicious objects: 0
Duration of the scan: 01:32:25

File name / Threat name / Threats count
D:\languages\english\pronunciation\1\Propower.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\games\Jigsaw\un-Kinkade.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\GSpot\GSpot.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\vlc\vlc.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\WinRAR\Rar.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\WinRAR\RarExtLoader.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\WinRAR\Uninstall.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\WinRAR\UnRAR.exe Infected: Virus.Win32.Virut.ce 1
D:\programmata\WinRAR\WinRAR.exe Infected: Virus.Win32.Virut.ce 1

The selected area was scanned.

Thanx,

Lia

peku006

2009-04-25, 14:55

Hi Lia

Virut is still on your computer,
all those infected files are on D drive, you need to format the D drive also

With that done run full scan with Kaspersky Online Scan and post back its report.
Thanks peku006

Apostolia

2009-04-25, 18:39

Hi peku006 :) thanx for getting back to me so fast :)

Is there any way I could format drive D alone, or do I have to do all the procedure from scratch and just render the pc to the condition when I bought it?
In any case, is it safe to back up the rest of the files in D that appear uninfected in a USB (photos and e-books, nothing with .exe or .rar extension)?

Thanx,

Lia

peku006

2009-04-25, 19:23

Hi Lia

Is there any way I could format drive D alone, or do I have to do all the procedure from scratch and just render the pc to the condition when I bought it?
it is the only sure way to format the whole computer

In any case, is it safe to back up the rest of the files in D that appear uninfected in a USB (photos and e-books, nothing with .exe or .rar extension)?
Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.

Also, avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

Recent variants also modify htm, html, asp and php files.

Thanks peku006

Apostolia

2009-04-27, 00:52

Hi again :) I opted to format only drive D. I did 2 scans it just in case, they were both clean.
I would like your opinion about a good antivirus program. Now I have the free edition of Avast! but I want to upgrade to something better. Should I stick with Avast! or should I get Kaspersky Internet Security package or something else? For the Kaspersky I was told that it really slows down the pc. Also, should I install Online Armor firewall?
Finally, of the programs we used during this session, should I keep some (I will keep ATF for sure) or can I uninstall them?

Here is the latest scan report.

KASPERSKY ONLINE SCANNER 7.0 REPORT
Sunday, April 26, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Sunday, April 26, 2009 16:04:28
Records in database: 2081286
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 71022
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:07:43

No malware has been detected. The scan area is clean.

The selected area was scanned.

Thanx

Lia

peku006

2009-04-27, 13:46

Hi Lia

you can keep both the ATF and mbam,they are both excellent programs

Here are some recommended free antivirus and firewall programs:

Antivir PersonalEdition Classic (http://www.free-av.com/)- Free anti-virus software for Windows. Free support.
avast! 4 Home Edition (http://www.avast.com/eng/avast_4_home.html) - Anti-virus program for Windows. The home edition is freeware for noncommercial users.
AVG Anti-Virus Free Edition (http://free.grisoft.com/ww.homepage) - Free edition of the AVG anti-virus program for Windows

Comodo (http://www.personalfirewall.comodo.com/download_firewall.html) (Uncheck during installation "Install COMODO Antivirus (Recommended)"!, "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage")
Online Armor (http://www.tallemu.com/online_armor_free.html)
PC Tools (http://www.pctools.com/firewall/download/)
Sunbelt/Kerio (http://www.sunbelt-software.com/Kerio-Download.cfm)
ZoneAlarm (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=US&lang=en&lid=nav_za) (uncheck ZoneAlarm Spy Blocker during installation if you choose this one)

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy
Download it from here (http://www.safer-networking.org/en/mirrors/index.html). Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here (http://www.bleepingcomputer.com/tutorials/tutorial43.html)

Install SpyWare Blaster
Download it from here (http://www.javacoolsoftware.com/spywareblaster.html)
Find here the tutorial on how to use Spyware Blaster here (http://www.bleepingcomputer.com/tutorials/tutorial49.html)

Install WinPatrol
Download it from here (http://www.winpatrol.com/download.html)
Here you can find information about how WinPatrol works here (http://www.winpatrol.com/features.html)

Install FireTrust SiteHound
You can find information and download it from here (http://www.firetrust.com/en/products/sitehound)

Install MVPS Hosts File from here (http://mvps.org/winhelp2002/hosts.htm)
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?" (http://forums.spybot.info/showthread.php?t=279)

Read some information here (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) how to prevent Malware.

Happy safe surfing! :bigthumb:

Apostolia

2009-04-27, 17:34

Hi peku006. Thanks for all your help, patience and recommendations, you`re great!
Take care,

Lia

katana

2009-05-02, 23:02

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.