Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Brastk.exe


  • This topic is locked This topic is locked
18 replies to this topic

#1 Dave_Taurus

Dave_Taurus

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 21 November 2008 - 05:00 PM

Hi there,

My wife's laptop got infected with a pretty bad piece of spyware yesterday. I wrote about it here and here, but to summarise, she got a fake taskbar message saying her computer was infected. It also prevented her from using the internet - whenever she tried entering a url or clicking on a link she'd get redirected to a fake spyware site. It also prevented a lot of spyware software from running, until I changed the names of the .exe files. Eventually I managed to get rid of the taskbar message and restore internet access using SDfix, as advised in another thread. Then I followed all the instructions in the topic advising how to prepare a hijack this page - I ran spybot, panda, stinger, etc. loaded all the windows updates and so on.

Now I just want to make sure that her system is clean. If I run msconfig, for example, the brastk.exe still seems to be listed (but I unchecked it).

So anyway, the hijack this log follows, and any help would be greatly appreciated. Cheers!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:52:44, on 2008/11/21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Adobe\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [IMJPMIG9.0] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun の Java コンソール - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: リサーチ - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.vaio.sony.co.jp/
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1200600390873
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O18 - Protocol: msjwwdat - {BAAB02DC-913E-40AA-B9ED-8068DEE42CFA} - C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

--
End of file - 8921 bytes

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 26 November 2008 - 04:21 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
Download and Run OTViewit
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Run Kaspersky Online Scanner
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

In your next reply please include the following:
  • OTViewIt.txt
  • Extra.txt
  • Kaspersky's Log


Important Note: For other users who are reading this topic,the instructions provided in this topic are for the original topic starter ONLY. Even if you have similar problems or even log entries to those given here, please do not follow the directions, especially those involving specific tools and scripts. Doing so can result in serious damage to your computer. Instead, please start your own topic and feel free to link to any relevant topics as needed.Please Do NOT follow the instructions provided for this topic.

Thanks :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 26 November 2008 - 07:01 PM

Thanks so much for your help. Unfortunately, I haven't been able to run the Kaspersky scanner. When I go to the Kaspersky page it tells me that I need to install Java version 1.5 or later. So I followed the link from there to the Java page and the installer wouldn't work. So I tried to install it using the offline installer and then ran the Kaspersky test again. However, it still reckoned I had an earlier version of Java. So I uninstalled Java, and then reinstalled the latest version, and it still won't work and I don't know what I should do now.

I did, however, get OTViewIt to run and so here are the logs.

First, then, here's OTViewIt.txt:

OTViewIt logfile created on: 2008/11/26 23:05:48 - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 324.70 Mb Available Physical Memory | 42.81% Memory free
1.82 Gb Paging File | 1.49 Gb Available in Paging File | 82.21% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 0.67 Gb Free Space | 4.82% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 111.76 Gb Total Space | 58.85 Gb Free Space | 52.65% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2004/08/05 12:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
[2008/04/14 02:26:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2002/07/30 02:35:04 | 00,077,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe
[2004/06/29 04:17:04 | 00,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
[2004/06/29 12:45:12 | 00,180,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[2008/01/31 23:13:08 | 00,385,024 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2002/03/14 07:46:58 | 00,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
[2004/10/13 07:04:14 | 00,278,528 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2004/02/20 05:12:34 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
[2004/07/01 02:58:46 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2004/06/29 05:49:34 | 00,122,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
[2003/11/07 08:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
[2007/01/08 20:38:36 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2004/06/26 05:48:42 | 00,389,120 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
[2003/02/26 02:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
[2008/04/14 02:26:08 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2008/04/14 02:26:13 | 00,093,184 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
[2008/03/07 19:34:48 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Running])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC [On_Demand | Stopped])
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -- (Norton AntiVirus Server [Auto | Running])
[2003/07/28 03:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp [Auto | Running])
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP [Auto | Running])
[2008/04/14 02:26:27 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2004/11/03 00:59:48 | 00,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe -- (SymWSC [Auto | Stopped])
[2004/07/07 03:19:36 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
[2004/07/28 08:51:08 | 00,401,408 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler [On_Demand | Stopped])
[2004/07/07 03:10:36 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
[2004/07/07 03:09:24 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
[2004/07/09 08:28:14 | 01,826,816 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
[2004/06/15 18:42:34 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
[2004/06/22 02:58:14 | 00,733,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
[2004/06/15 18:41:06 | 00,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])

========== Driver Services ==========

[2003/12/11 14:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Running])
[2004/06/09 09:52:36 | 00,625,249 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2003/09/29 04:31:38 | 00,094,601 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
[2004/01/08 20:32:45 | 00,009,600 | R--- | M] (BUFFALO INC.) -- C:\WINDOWS\system32\BUFADPT.SYS -- (BUFADPT [Auto | Running])
[2000/12/05 07:18:02 | 00,003,952 | R--- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall [System | Running])
[2004/08/05 12:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga [System | Running])
[2004/09/14 05:38:26 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2003/10/14 07:08:22 | 00,197,120 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2003/10/14 07:04:16 | 01,043,072 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2004/07/01 03:26:16 | 00,724,221 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Running])
[2004/07/07 06:12:02 | 00,391,616 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS [On_Demand | Running])
[2007/10/12 01:00:44 | 00,041,752 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Stopped])
[2000/03/29 16:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.) -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT [Auto | Running])
[2008/10/22 16:10:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Stopped])
[2003/04/09 04:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2002/06/19 11:57:12 | 00,218,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navap.sys -- (NAVAP [On_Demand | Running])
[2002/06/19 11:57:14 | 00,029,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navapel.sys -- (NAVAPEL [Auto | Running])
[2008/11/21 09:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081121.003\NAVENG.SYS -- (NAVENG [On_Demand | Running])
[2008/11/21 09:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081121.003\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2002/06/28 09:21:40 | 00,017,251 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse [On_Demand | Stopped])
[2001/07/24 01:34:34 | 00,007,520 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELUSBlf.SYS -- (pelusblf [On_Demand | Stopped])
[2007/10/12 00:56:00 | 01,279,000 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI [On_Demand | Stopped])
[2004/08/05 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/13 07:54:44 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2003/11/07 01:28:34 | 00,067,712 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
[2008/04/13 18:40:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2007/11/13 10:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2000/11/09 10:15:08 | 00,048,896 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC [On_Demand | Running])
[2004/07/02 01:15:08 | 00,235,264 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYTVC.sys -- (SONYTVC [On_Demand | Stopped])
[2005/03/04 16:29:45 | 00,073,224 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
[2008/06/20 11:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6 [System | Running])
[2004/05/21 04:46:50 | 00,065,024 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony [On_Demand | Running])
[2008/04/13 18:56:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys -- (tunmp [On_Demand | Running])
[2008/04/13 18:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2003/10/14 07:05:48 | 00,679,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"CustomSearch"=http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/cs/*http://uk.docs.yahoo.com/info/bt_side.html
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

========== (O1) Hosts File ==========

HOSTS File = (287985 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
9926 more lines...

========== (O3) Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Apoint"=C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"IMJPMIG9.0"=C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32 (Microsoft Corporation)
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
"Mouse Suite 98 Daemon"=ICO.EXE (Primax Electronics Ltd.)
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary (Sony Corporation)
"vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe (Symantec Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"brastk"=C:\WINDOWS\system32\brastk.exe File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"brastk"=C:\WINDOWS\system32\brastk.exe File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

========== (O4) Startup Folders ==========

[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Administrator\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\All Users\スタート メニュー\プログラム\スタートアップ\オーディオフィルタ機能.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Default User\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun の Java コンソール -- %SystemRoot%\system32\msjava.dll [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: リサーチ -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- Reg Error: Key does not exist or could not be opened. File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
50 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/Facebo...toUploader5.cab -- Facebook Photo Uploader 5
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}: http://www.pandasecurity.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class
{556DDE35-E955-11D0-A707-000000521957}: http://www.xblock.com/download/xclean_micro.exe -- Reg Error: Key does not exist or could not be opened.
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://download.bitdefender.com/resources/scan8/oscan8.cab -- BDSCANONLINE Control
{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/Facebo...otoUploader.cab -- Facebook Photo Uploader Control
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftu...b?1200600390873 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}: http://ax.emsisoft.com/asquared.cab -- a-squared Scanner
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{1075593E-F29E-4AC0-9E46-82E2902054A1} (Servers: | Description: 1394 ネット アダプタ)
{56E714E8-2A78-4611-AC27-21D88F0A2A30} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{A62955F3-66BF-41D7-93C1-6C5182C05252} (Servers: | Description: )
{F24F7619-9242-4BA3-A427-BBF4FF1B46B8} (Servers: | Description: LAN-Express AS IEEE 802.11g miniPCI Adapter)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxsrvc.dll -- C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
NavLogon: "DllName" = C:\WINDOWS\system32\NavLogon.dll -- C:\WINDOWS\system32\NavLogon.dll ()

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/13 04:57:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/11/26 23:05:08 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/24 17:41:55 | 00,106,116 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\IMG_1924.JPG
[2008/11/24 17:40:16 | 00,123,885 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\IMG_1922.JPG
[2008/11/23 22:39:01 | 00,030,208 | -HS- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 18:40:10 | 01,536,498 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013615.JPG
[2008/11/23 18:39:48 | 00,038,851 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013607.JPG
[2008/11/23 18:39:08 | 00,051,071 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013601.JPG
[2008/11/23 18:38:56 | 00,045,798 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013600.JPG
[2008/11/23 18:30:28 | 00,045,448 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013619.JPG
[2008/11/23 18:29:56 | 00,042,872 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013616.JPG
[2008/11/23 18:29:05 | 00,045,304 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013612.JPG
[2008/11/23 18:25:00 | 00,050,267 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013609.JPG
[2008/11/23 00:01:29 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/21 21:19:43 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2008/11/21 21:09:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/21 20:56:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2008/11/21 20:56:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/11/21 20:56:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja
[2008/11/21 20:56:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/11/21 20:47:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/11/21 20:41:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/11/21 20:39:56 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 20:33:49 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/11/21 20:33:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2008/11/21 15:29:33 | 02,482,695 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 15:23:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2008/11/21 12:32:50 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/11/21 12:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2008/11/21 12:14:35 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:19 | 00,082,136 | ---- | C] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:08 | 93,640,604 | ---- | C] () -- C:\registrybackup.reg
[2008/11/21 11:58:43 | 05,738,016 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:23 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/21 11:52:08 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 11:50:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/11/21 04:53:04 | 79,533,2608 | -HS- | C] () -- C:\hiberfil.sys
[2008/11/21 04:44:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/11/21 04:40:34 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/11/21 04:40:13 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:35:27 | 00,000,000 | ---D | C] -- C:\Avenger
[2008/11/21 04:22:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Malwarebytes
[2008/11/21 04:21:18 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/21 04:21:18 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 04:21:15 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/21 04:10:40 | 00,003,348 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 04:09:34 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2008/11/21 04:09:34 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2008/11/21 04:09:34 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2008/11/21 04:09:34 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/11/21 04:09:34 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2008/11/21 04:09:34 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2008/11/21 04:09:34 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2008/11/21 04:09:34 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2008/11/21 04:09:34 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2008/11/21 04:09:34 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2008/11/21 03:47:47 | 01,581,247 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/11/21 03:08:01 | 00,001,208 | ---- | C] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:40 | 00,002,986 | ---- | C] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:19 | 00,008,712 | ---- | C] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:52:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\wsInspector
[2008/11/21 02:50:45 | 00,000,000 | ---D | C] -- D:\My Document\wsInspector
[2008/11/21 02:50:40 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:50:40 | 00,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2008/11/21 02:17:19 | 00,002,116 | ---- | C] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:01 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:46 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:31 | 00,007,136 | ---- | C] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:10 | 00,218,590 | ---- | C] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 21:26:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\Mozilla
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Mozilla
[2008/11/20 21:26:36 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 21:26:33 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/11/20 21:12:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\files
[2008/11/20 15:59:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/11/20 14:06:35 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2008/11/20 14:06:35 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/11/16 16:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2008/11/11 19:08:04 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/11/11 14:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\web
[2008/11/07 00:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2008/11/07 00:29:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\NCH Swift Sound
[2008/11/06 23:59:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\Joe Ford
[2008/11/01 17:09:12 | 00,000,000 | ---D | C] -- D:\My Document\PC
[2008/11/01 17:04:53 | 00,000,000 | ---D | C] -- D:\My Document\photography
[2008/11/01 16:55:11 | 00,000,000 | ---D | C] -- D:\My Document\invoice

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/26 23:05:00 | 00,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2008/11/26 19:44:15 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/11/26 19:32:53 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/11/26 19:32:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/11/26 19:32:49 | 79,533,2608 | -HS- | M] () -- C:\hiberfil.sys
[2008/11/24 17:42:10 | 00,106,116 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\IMG_1924.JPG
[2008/11/24 17:41:10 | 00,123,885 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\IMG_1922.JPG
[2008/11/23 22:39:04 | 00,030,208 | -HS- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 18:41:24 | 00,038,851 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013607.JPG
[2008/11/23 18:41:01 | 00,051,071 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013601.JPG
[2008/11/23 18:40:45 | 00,045,798 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013600.JPG
[2008/11/23 18:33:46 | 00,045,448 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013619.JPG
[2008/11/23 18:33:15 | 00,042,872 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013616.JPG
[2008/11/23 18:32:36 | 00,045,304 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013612.JPG
[2008/11/23 18:27:33 | 00,050,267 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013609.JPG
[2008/11/23 18:21:50 | 00,095,744 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/23 12:27:21 | 00,002,423 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Microsoft Office Word 2003 (2).lnk
[2008/11/23 00:01:30 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/22 14:44:35 | 00,049,264 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/21 21:23:39 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 21:14:20 | 00,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/21 21:14:20 | 00,154,096 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2008/11/21 21:14:20 | 00,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/21 21:14:20 | 00,041,164 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2008/11/21 21:14:18 | 00,557,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/21 21:13:16 | 00,000,081 | -HS- | M] () -- D:\My Document\desktop.ini
[2008/11/21 21:12:12 | 01,537,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/11/21 21:07:38 | 04,689,784 | -H-- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\IconCache.db
[2008/11/21 20:41:03 | 00,260,800 | RHS- | M] () -- C:\ntldr
[2008/11/21 15:29:34 | 02,482,695 | ---- | M] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 12:14:36 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:22 | 00,082,136 | ---- | M] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:19 | 93,640,604 | ---- | M] () -- C:\registrybackup.reg
[2008/11/21 11:58:52 | 05,738,016 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:21 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 05:45:02 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 05:12:04 | 00,287,985 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/11/21 04:48:22 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081121-051204.backup
[2008/11/21 04:39:02 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:10:41 | 00,003,348 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 03:47:10 | 01,581,247 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:08:04 | 00,001,208 | ---- | M] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:44 | 00,002,986 | ---- | M] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:23 | 00,008,712 | ---- | M] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:50:40 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:18:10 | 00,002,116 | ---- | M] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:06 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:47 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:34 | 00,007,136 | ---- | M] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:15 | 00,218,590 | ---- | M] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 23:27:48 | 00,000,631 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/20 23:27:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/20 23:27:48 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/11/20 21:26:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:36 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 17:30:54 | 01,536,498 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013615.JPG
[2008/11/20 14:06:35 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/11/20 14:06:35 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2008/11/12 01:56:19 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/12 01:56:19 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/03 16:10:26 | 17,318,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >


Next, here's extras.txt:

OTViewIt Extras logfile created on: 2008/11/26 23:05:48 - Run
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 324.70 Mb Available Physical Memory | 42.81% Memory free
1.82 Gb Paging File | 1.49 Gb Available in Paging File | 82.21% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 0.67 Gb Free Space | 4.82% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 111.76 Gb Total Space | 58.85 Gb Free Space | 52.65% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
"Use My Stylesheet"=
"User Stylesheet"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=1
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/10/13 07:12:04 | 08,759,808 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
File not found -- C:\Program Files\Yahoo!J\Messenger\YPagerj.exe:*:Enabled:Yahoo!???????
File not found -- C:\Program Files\Yahoo!J\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
File not found -- C:\Program Files\Yahoo!\Messenger\ypager.exe:*:Enabled:Yahoo! Messenger
File not found -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2007/12/12 15:20:48 | 21,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [PNRP Cloud Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [PNRP Name Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2000/06/27 01:51:06 | 00,212,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/05 12:49:00 | 00,141,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (msjwwdat:{BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} (HKLM) [JWWDataProtocol Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/05/10 13:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/12/12 15:20:48 | 01,934,672 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 13:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AF4645-78E6-46C4-B528-54863679CC40}"=VAIO SLIT-C Screen Saver
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{05257AC0-DD20-11D2-AC05-0000F4ADD897}"=HD革命/BackUp Lite
"{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}"=Symantec AntiVirus Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600"=Canon MP600
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}"=Windows Installer Clean Up
"{1526D87C-A955-4FAB-BF18-697BA457E352}"=Norton WMI Update
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}"=InterVideo WinDVDX
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}"=VAIO Media 3.1
"{202D7520-F356-11D3-99D3-00C04FCCB775}"=VAIO オンラインカスタマー登録
"{266AEE68-5718-4A31-BDD3-D356B1250C70}"=VAIO SLIT Pattern Wallpaper
"{27337663-2619-11D4-99DC-0000F49094C7}"=Memory Stick Formatter
"{27579b3c-5470-4496-be6c-0c872674f19f}"=Macromedia Flash Player
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2A7C09FB-109C-43D8-BE17-E6B83D1A654F}"=Caplio Software
"{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3600FB01-C63B-4A3D-B044-BB21792C6811}"=VAIO SLIT-B Screen Saver
"{3B07D847-8077-4242-91C7-DFA3CE5113E0}"=ImageMixer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}"=Adobe Photoshop CS3
"{48820099-ED7D-424B-890C-9A82EF00656D}"=VAIO Update 2
"{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{57AE6E85-0394-4141-B2E3-46AE32E0FD55}"=How to VAIO
"{597C68AF-3EF7-4310-8725-2E034914613B}"=Microsoft Office Home Style+
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype? 3.6
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}"=DVgate Plus
"{6990A2BF-D1D2-11D3-81BC-00609789C908}"=Sony Video Shared Library
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}"=VAIO Media (再配布) 3.1
"{7148F0A8-6813-11D6-A77B-00B0D0142050}"=Java 2 Runtime Environment, SE v1.4.2_05
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}"=SonicStage 2.1.00
"{7A79D11B-FD82-4A5E-834F-20173515DD14}"=VAIO Media Integrated Server 3.1
"{7C2F71B2-6C73-11D6-B659-00C04F790F76}"=Click to DVD 2.1.10
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}"=Intel® Extreme Graphics 2 Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8D324F1B-A39E-4D5A-BA58-147416FE019A}"=VAIO SLIT-A Screen Saver
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90120000-0020-0411-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{90330411-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Personal Edition 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD 5 for VAIO
"{936FADC9-C609-471A-B6F2-A33E2E660D1A}"=Sony Notebook Setup
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9559F7CA-5E34-4237-A2D9-D856464AD727}"=Project64 1.6
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{98A3A654-3AEF-42D9-BA91-DE5815EA5897}"=Click to DVD 2.0.01 Menu Data
"{9C0EA18A-4C72-11D7-B65B-00C04F790F76}"=AC3 Encoder / Decoder
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}"=VAIO 省電力設定
"{A17456ED-3432-49FF-A14D-E0F00A96A2AA}"=VAIO SLIT Scene Wallpaper
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A43F939E-A863-433D-AC78-0897E44CFEB2}"=VAIOランチャー
"{A947C2B3-7445-42C4-9063-EE704CACCB22}"=VAIOハードウェア診断ツール
"{AB467B85-4F52-48C2-AEED-0673D00417B0}"=SonicStage Mastering Studio オーディオフィルタ機能
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1041-7B44-A81200000003}"=Adobe Reader 8.1.2 - Japanese
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}"=バイオ電子マニュアル
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BB311F54-39D6-4A03-8E18-053D1B2833D7}"=HotKey Utility
"{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}"=SonicStage Mastering Studio 1.3
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}"=QuickTime
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
"{C3D6ED9E-F21F-43E2-BEFD-E28E33146900}"=i-フィルター Personal Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}"=VAIO Entertainment Platform
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1"=Uninstall Startup Inspector
"{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}"=バイオ電子マニュアル データベース
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}"=Do VAIO
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}"=SonicStage Mastering Studio プラグイン 1.3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}"=Sony Utilities DLL
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}"=LAN-Express AS IEEE 802.11 Wireless LAN
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}"=Adobe Setup
"ActiveScan 2.0"=Panda ActiveScan 2.0
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1"=Adobe Photoshop CS3
"CCleaner"=CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D"=SoftV92 Data Fax Modem
"HijackThis"=HijackThis 2.0.2
"InstallShield_{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"InstallShield_{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"InstallShield_{C062DBC7-009D-4D5E-B80E-5829650F7D24}"=iPod for Windows
"KeyHoleTV"=KeyHoleTV
"LiveUpdate"=LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MouseSuite98"=Sony USB Mouse
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MWASPI"=MicroStaff WINASPI
"OpenMG HotFix4.0-04-06-21-01"=OpenMG Limited Patch 4.0-04-07-14-01
"PodUtil_is1"=PodUtil 2.5.1
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"Windows XP Service Pack"=Windows XP Service Pack 3
"WinRAR archiver"=WinRAR アーカイバ
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2008/11/21 17:46:01 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/22 10:41:16 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/23 6:54:07 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/23 11:11:16 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/23 14:24:35 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/24 6:17:58 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/24 13:39:54 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/24 19:15:50 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/25 6:13:18 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/26 15:32:57 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

[ System Events ]
Error - 2008/11/24 6:17:59 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/11/24 19:15:46 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/11/24 19:15:47 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/11/24 19:15:51 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/11/25 6:13:14 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/11/25 6:13:15 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/11/25 6:13:18 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/11/26 15:32:57 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/11/26 15:32:58 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/11/26 15:33:00 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep


< End of report >



#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 26 November 2008 - 08:46 PM

That's fine.

We don't need the Kaspersky scan right now. Give me some time to look over your logs.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 26 November 2008 - 09:32 PM

Will do - thanks again!

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 28 November 2008 - 10:02 AM

Hello.

Sorry for the delay.

From what I see so far. Your log looks fine. :thumbsup:

From your previous threads it seems you have ran Malwarebytes anti-malware and Sdfix. They probably already fixed everything, there are some registry entries that we can take care of. :)

Download and Run OTMoveIT3
  • Please download OTMoveIt3 by OldTimer and save it to your desktop. If you are running on Vista, right click on the file and choose Run As Administrator.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :reg
    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "brastk"=-
    
    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "brastk"=-
    
    :commands
    [EmptyTemp]
  • Click the large Posted Image button.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
Note:If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Download and Run Scan with GMER

We will use GMER to scan for rootkits.
  • Download gmer.zip and save to your desktop.
    Alternate Download Site 1
    Alternate Download Site 2
  • Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.
  • When you have done this, disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Click on Settings, then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  • You will be prompted to restart your computer. Please do so.
After the reboot, run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All.
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply.
Important!:Please do not select the Show all checkbox during the scan..

Let's run a Kaspersky scan and see if it finds anything else.

Update Java to Version 6 Update 10

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 10...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u10-windows-i586-p.exe to install the newest version.
Run Scan with Kaspersky

Please do a scan with Kaspersky Online Scanner.

If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

Also can you post back you Malwarebytes anti-malware log if it is still there.

Open Malwarebytes anti-malware. Click the Logs tab. Locate the log that you recently ran and post it back to me.

Do you have any particular problems you have still?

Please post back with:
-OTMoveIT log
-GMER log
-Kaspersky scan log
-Malwarebytes anti-malware log
-Any problems you are still having?


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#7 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 28 November 2008 - 10:06 AM

Thanks so much for this - I'm currently away from the laptop for the weekend, but I'll run these scans on Monday and let you know how I get on.

#8 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 28 November 2008 - 10:20 AM

Okay, thanks for letting me know. See you when you get back :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#9 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 01 December 2008 - 08:44 PM

Okay, so sorry for taking so long to get back to you. But I've finally got round to running these scans. Unfortunately I can't install Java. As far as I can tell, all older versions have been removed, but when I try running the offline installer, I accept the terms and conditions, it then runs a progress bar, and then a message comes up saying that installation couldn't be completed.

The OTMoveIT3 log is as follows:

========== REGISTRY ==========
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\brastk deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\brastk not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JETF7A9.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETFC78.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_670.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 12022008_004703

Files moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\JETF7A9.tmp not found!
File C:\WINDOWS\temp\JETFC78.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_670.dat moved successfully.


And gmer.txt is as follows:

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-02 01:27:45
Windows 5.1.2600 Service Pack 3


---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Microsoft TV/\x30d3\x30c7\x30aa接続 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@RAS 非同期\x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xff910\xff710\xff830\xff880 \0\xff790\xff710\xff780\x30fb\x30fb\x30fb \0\xff9f0\xff8b0\xff9d0\x30fb\xff880\0\0\0 2?3?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (L2TP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPTP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPPOE) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xe326\xff65c\xff910\x30fb\x30fb\x30fb\0\0\0 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IP) 1?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@1394 \x30cd\x30c3\x30c8 \x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Microsoft TV/\x30d3\x30c7\x30aa接続 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@RAS 非同期\x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xff910\xff710\xff830\xff880 \0\xff790\xff710\xff780\x30fb\x30fb\x30fb \0\xff9f0\xff8b0\xff9d0\x30fb\xff880\0\0\0 2?3?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (L2TP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPTP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (PPPOE) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@\xe326\xff65c\xff910\x30fb\x30fb\x30fb\0\0\0 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (IP) 1?
Reg HKLM\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@1394 \x30cd\x30c3\x30c8 \x30a2\x30c0\x30d7\x30bf 1?
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0\16f\35g 49280
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0000\xf8f3\16f\35g 16512
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0\xff740\xff770\xff830\xff6f0 32896
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@-\xf8f33\xf8f3 \0000\xf8f3\xff740\xff770\xff830\xff6f0 128
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@@MS \x30b4\x30b7\x30c3\x30af 41088
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper@@MS P\x30b4\x30b7\x30c3\x30af 8320

---- EOF - GMER 1.0.14 ----



#10 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 02 December 2008 - 04:56 PM

Hello.

Glad your back :thumbsup:

Okay, I can't say much for the Java problem, I have seen it before and we'll see if someone else can help you afterwards in another forum. Don't worry about the Kaspersky scan for now, we will run a different scanner that doesn't require Java :)

Can you also post back the following, if it is still there.

Also can you post back you Malwarebytes anti-malware log if it is still there.

Open Malwarebytes anti-malware. Click the Logs tab. Locate the log that you recently ran and post it back to me.

Do you have any particular problems you have still?

Please post back with:
-Malwarebytes anti-malware log
-Any problems you are still having?
-Fresh RSIT logs


Please re-run RSIT and post back with the log.txt also.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#11 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 02 December 2008 - 05:40 PM

Sorry for not posting those already. I'm almost certain I'm being stupid, but what's rsit? I've run so many different things that I've lost track of them all and I can't find any rsit.exe on the desktop...

As for the Malwarbytes log, I think it's this one:

Malwarebytes' Anti-Malware 1.30
Database version: 1306
Windows 5.1.2600 Service Pack 2

2008/11/21 4:33:48
mbam-log-2008-11-21 (04-33-48).txt

Scan type: Quick Scan
Objects scanned: 51847
Time elapsed: 9 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wini10806.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSScfum.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSfxwp.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSnrsr.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSofxh.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSriqp.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSStkdv.log (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\TDSSmhct.sys (Rootkit.Agent) -> Delete on reboot.



#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 02 December 2008 - 05:47 PM

Hello.

No Problem, glad you posted it.

what's rsit

Sorry, that was my mistake. I meant to say:

Please re-run OTViewIT.exe and post me back the logs.

Sorry for the confusion, sometimes I tell others to run too many different tools I loose track myself too.

Please post back with:
-OTViewIT logs

Thanks :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 02 December 2008 - 06:39 PM

Phew, it's not my brain then!

Okay, so here are the logs.

First, OTViewIt.Txt:

OTViewIt logfile created on: 2008/12/02 23:01:51 - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 366.65 Mb Available Physical Memory | 48.34% Memory free
1.82 Gb Paging File | 1.50 Gb Available in Paging File | 82.36% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.40 Gb Free Space | 9.99% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 111.76 Gb Total Space | 58.88 Gb Free Space | 52.69% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2002/07/30 02:35:04 | 00,077,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe
[2004/06/29 04:17:04 | 00,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
[2004/06/29 12:45:12 | 00,180,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[2008/01/31 23:13:08 | 00,385,024 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2002/03/14 07:46:58 | 00,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
[2004/10/13 07:04:14 | 00,278,528 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2004/02/20 05:12:34 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
[2004/07/01 02:58:46 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2004/06/29 05:49:34 | 00,122,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
[2003/11/07 08:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
[2007/01/08 20:38:36 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2004/06/26 05:48:42 | 00,389,120 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
[2003/02/26 02:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
[2008/04/14 02:26:08 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/04/14 02:26:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2004/08/05 12:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
[2008/04/14 02:26:13 | 00,093,184 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
[2008/03/07 19:34:48 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Running])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC [On_Demand | Stopped])
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -- (Norton AntiVirus Server [Auto | Running])
[2003/07/28 03:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp [Auto | Running])
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP [Auto | Running])
[2008/04/14 02:26:27 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2004/11/03 00:59:48 | 00,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe -- (SymWSC [Auto | Stopped])
[2004/07/07 03:19:36 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
[2004/07/28 08:51:08 | 00,401,408 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler [On_Demand | Stopped])
[2004/07/07 03:10:36 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
[2004/07/07 03:09:24 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
[2004/07/09 08:28:14 | 01,826,816 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
[2004/06/15 18:42:34 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
[2004/06/22 02:58:14 | 00,733,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
[2004/06/15 18:41:06 | 00,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])

========== Driver Services ==========

[2003/12/11 14:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Running])
[2004/06/09 09:52:36 | 00,625,249 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2003/09/29 04:31:38 | 00,094,601 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
[2004/01/08 20:32:45 | 00,009,600 | R--- | M] (BUFFALO INC.) -- C:\WINDOWS\system32\BUFADPT.SYS -- (BUFADPT [Auto | Running])
[2000/12/05 07:18:02 | 00,003,952 | R--- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall [System | Running])
[2004/08/05 12:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga [System | Running])
[2004/09/14 05:38:26 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/12/02 01:06:41 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [System | Running])
[2003/10/14 07:08:22 | 00,197,120 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2003/10/14 07:04:16 | 01,043,072 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2004/07/01 03:26:16 | 00,724,221 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Running])
[2004/07/07 06:12:02 | 00,391,616 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS [On_Demand | Running])
[2007/10/12 01:00:44 | 00,041,752 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Running])
[2000/03/29 16:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.) -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT [Auto | Running])
[2003/04/09 04:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2002/06/19 11:57:12 | 00,218,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navap.sys -- (NAVAP [On_Demand | Running])
[2002/06/19 11:57:14 | 00,029,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navapel.sys -- (NAVAPEL [Auto | Running])
[2008/11/27 09:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081127.016\NAVENG.SYS -- (NAVENG [On_Demand | Running])
[2008/11/27 09:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081127.016\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2002/06/28 09:21:40 | 00,017,251 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse [On_Demand | Stopped])
[2001/07/24 01:34:34 | 00,007,520 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELUSBlf.SYS -- (pelusblf [On_Demand | Stopped])
[2007/10/12 00:56:00 | 01,279,000 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI [On_Demand | Running])
[2004/08/05 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/13 07:54:44 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2003/11/07 01:28:34 | 00,067,712 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
[2008/04/13 18:40:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2007/11/13 10:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2000/11/09 10:15:08 | 00,048,896 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC [On_Demand | Running])
[2004/07/02 01:15:08 | 00,235,264 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYTVC.sys -- (SONYTVC [On_Demand | Stopped])
[2005/03/04 16:29:45 | 00,073,224 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
[2008/06/20 11:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6 [System | Running])
[2004/05/21 04:46:50 | 00,065,024 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony [On_Demand | Running])
[2008/04/13 18:56:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys -- (tunmp [On_Demand | Running])
[2008/04/13 18:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
[2003/10/14 07:05:48 | 00,679,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"CustomSearch"=http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/cs/*http://uk.docs.yahoo.com/info/bt_side.html
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

========== (O1) Hosts File ==========

HOSTS File = (287985 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
9926 more lines...

========== (O3) Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Apoint"=C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"IMJPMIG9.0"=C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32 (Microsoft Corporation)
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
"Mouse Suite 98 Daemon"=ICO.EXE (Primax Electronics Ltd.)
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary (Sony Corporation)
"vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe (Symantec Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

========== (O4) Startup Folders ==========

[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Administrator\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\All Users\スタート メニュー\プログラム\スタートアップ\オーディオフィルタ機能.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Default User\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun の Java コンソール -- %SystemRoot%\system32\msjava.dll [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: リサーチ -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- Reg Error: Key does not exist or could not be opened. File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
50 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/Facebo...toUploader5.cab -- Facebook Photo Uploader 5
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}: http://www.pandasecurity.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class
{556DDE35-E955-11D0-A707-000000521957}: http://www.xblock.com/download/xclean_micro.exe -- Reg Error: Key does not exist or could not be opened.
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://download.bitdefender.com/resources/scan8/oscan8.cab -- BDSCANONLINE Control
{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/Facebo...otoUploader.cab -- Facebook Photo Uploader Control
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftu...b?1200600390873 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}: http://ax.emsisoft.com/asquared.cab -- a-squared Scanner
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{1075593E-F29E-4AC0-9E46-82E2902054A1} (Servers: | Description: 1394 ネット アダプタ)
{56E714E8-2A78-4611-AC27-21D88F0A2A30} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{A62955F3-66BF-41D7-93C1-6C5182C05252} (Servers: | Description: )
{F24F7619-9242-4BA3-A427-BBF4FF1B46B8} (Servers: | Description: LAN-Express AS IEEE 802.11g miniPCI Adapter)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxsrvc.dll -- C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
NavLogon: "DllName" = C:\WINDOWS\system32\NavLogon.dll -- C:\WINDOWS\system32\NavLogon.dll ()

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/13 04:57:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/12/02 10:17:48 | 00,000,000 | ---D | C] -- D:\My Document\D
[2008/12/02 01:06:43 | 00,000,345 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/02 01:06:41 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/12/02 01:06:41 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
[2008/12/02 01:06:41 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/02 01:06:41 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/02 01:03:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer
[2008/12/02 01:02:26 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer.zip
[2008/12/02 00:47:03 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/02 00:46:25 | 00,349,696 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTMoveIt3.exe
[2008/12/01 17:59:56 | 00,030,208 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\アイルランドで結婚式.doc
[2008/11/29 16:41:12 | 00,060,814 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012873.JPG
[2008/11/29 16:38:12 | 00,061,829 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SF china.JPG
[2008/11/29 15:48:53 | 00,055,854 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013173.JPG
[2008/11/29 15:21:04 | 00,066,107 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012924.JPG
[2008/11/29 13:55:25 | 00,060,245 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013078.JPG
[2008/11/29 13:54:05 | 00,059,491 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013161.JPG
[2008/11/29 13:53:47 | 00,065,253 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013160.JPG
[2008/11/29 13:53:00 | 00,058,990 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013116.JPG
[2008/11/29 13:52:36 | 00,049,425 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013105.JPG
[2008/11/29 13:52:04 | 00,065,083 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013093.JPG
[2008/11/29 13:51:08 | 00,061,829 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012878.JPG
[2008/11/29 13:49:29 | 00,023,349 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\08092008255.jpg
[2008/11/29 13:49:21 | 00,026,863 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\07092008252.jpg
[2008/11/29 13:45:21 | 00,042,200 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013067.JPG
[2008/11/29 13:41:44 | 00,036,450 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012997.JPG
[2008/11/29 13:41:25 | 00,039,059 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012966.JPG
[2008/11/29 01:46:10 | 00,091,648 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\chiristmas.doc
[2008/11/27 22:10:44 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dublin.doc
[2008/11/26 23:57:22 | 16,156,056 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\jre-6u10-windows-i586-p.exe
[2008/11/26 23:23:08 | 00,088,127 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\brastk forum post.rtf
[2008/11/26 23:05:08 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/23 22:39:01 | 00,030,208 | -HS- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 00:01:29 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/21 21:19:43 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2008/11/21 21:09:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/21 20:56:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2008/11/21 20:56:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/11/21 20:56:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja
[2008/11/21 20:56:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/11/21 20:47:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/11/21 20:41:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/11/21 20:39:56 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 20:33:49 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/11/21 20:33:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2008/11/21 15:29:33 | 02,482,695 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 15:23:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2008/11/21 12:32:50 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/11/21 12:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2008/11/21 12:14:35 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:19 | 00,082,136 | ---- | C] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:08 | 93,640,604 | ---- | C] () -- C:\registrybackup.reg
[2008/11/21 11:58:43 | 05,738,016 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:23 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/21 11:52:08 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 11:50:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/11/21 04:53:04 | 79,533,2608 | -HS- | C] () -- C:\hiberfil.sys
[2008/11/21 04:44:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/11/21 04:40:34 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/11/21 04:40:13 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:35:27 | 00,000,000 | ---D | C] -- C:\Avenger
[2008/11/21 04:22:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Malwarebytes
[2008/11/21 04:21:18 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/21 04:21:18 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 04:21:15 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/21 04:10:40 | 00,003,348 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 04:09:34 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2008/11/21 04:09:34 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2008/11/21 04:09:34 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2008/11/21 04:09:34 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/11/21 04:09:34 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2008/11/21 04:09:34 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2008/11/21 04:09:34 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2008/11/21 04:09:34 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2008/11/21 04:09:34 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2008/11/21 04:09:34 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2008/11/21 03:47:47 | 01,581,247 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/11/21 03:08:01 | 00,001,208 | ---- | C] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:40 | 00,002,986 | ---- | C] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:19 | 00,008,712 | ---- | C] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:52:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\wsInspector
[2008/11/21 02:50:45 | 00,000,000 | ---D | C] -- D:\My Document\wsInspector
[2008/11/21 02:50:40 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:50:40 | 00,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2008/11/21 02:17:19 | 00,002,116 | ---- | C] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:01 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:46 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:31 | 00,007,136 | ---- | C] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:10 | 00,218,590 | ---- | C] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 21:26:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\Mozilla
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Mozilla
[2008/11/20 21:26:36 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 21:26:33 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/11/20 21:12:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\files
[2008/11/20 15:59:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/11/20 14:06:35 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2008/11/20 14:06:35 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/11/16 16:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2008/11/11 19:08:04 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/11/11 14:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\web
[2008/11/07 00:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2008/11/07 00:29:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\NCH Swift Sound
[2008/11/06 23:59:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\Joe Ford

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/12/02 23:00:00 | 00,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2008/12/02 09:31:37 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/02 09:31:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/02 09:31:10 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/02 09:31:09 | 79,533,2608 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/02 01:14:03 | 00,000,345 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/12/02 01:10:16 | 01,537,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/02 01:06:41 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
[2008/12/02 01:06:41 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/02 01:06:41 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/02 01:02:34 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer.zip
[2008/12/02 00:46:31 | 00,349,696 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTMoveIt3.exe
[2008/12/01 17:59:56 | 00,030,208 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\アイルランドで結婚式.doc
[2008/11/29 23:43:15 | 00,061,829 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012878.JPG
[2008/11/29 23:42:59 | 00,066,107 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012924.JPG
[2008/11/29 23:42:41 | 00,039,059 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012966.JPG
[2008/11/29 23:42:25 | 00,060,245 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013078.JPG
[2008/11/29 23:42:03 | 00,042,200 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013067.JPG
[2008/11/29 23:41:42 | 00,036,450 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012997.JPG
[2008/11/29 23:41:17 | 00,058,990 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013116.JPG
[2008/11/29 23:40:49 | 00,055,854 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013173.JPG
[2008/11/29 23:40:15 | 00,065,253 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013160.JPG
[2008/11/29 23:39:47 | 00,059,491 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013161.JPG
[2008/11/29 23:39:23 | 00,049,425 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013105.JPG
[2008/11/29 17:16:45 | 00,023,349 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\08092008255.jpg
[2008/11/29 17:05:40 | 00,065,083 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013093.JPG
[2008/11/29 17:00:29 | 00,026,863 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\07092008252.jpg
[2008/11/29 16:41:44 | 00,060,814 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012873.JPG
[2008/11/29 16:38:13 | 00,061,829 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SF china.JPG
[2008/11/29 01:46:10 | 00,091,648 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\chiristmas.doc
[2008/11/28 20:57:48 | 00,002,423 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Microsoft Office Word 2003 (2).lnk
[2008/11/27 22:10:45 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dublin.doc
[2008/11/26 23:57:26 | 16,156,056 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\jre-6u10-windows-i586-p.exe
[2008/11/26 23:23:08 | 00,088,127 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\brastk forum post.rtf
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/23 22:39:04 | 00,030,208 | -HS- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 18:21:50 | 00,095,744 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/23 00:01:30 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/22 14:44:35 | 00,049,264 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/11/21 21:23:39 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 21:14:20 | 00,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/21 21:14:20 | 00,154,096 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2008/11/21 21:14:20 | 00,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/21 21:14:20 | 00,041,164 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2008/11/21 21:14:18 | 00,557,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/21 21:13:16 | 00,000,081 | -HS- | M] () -- D:\My Document\desktop.ini
[2008/11/21 21:07:38 | 04,689,784 | -H-- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\IconCache.db
[2008/11/21 20:41:03 | 00,260,800 | RHS- | M] () -- C:\ntldr
[2008/11/21 15:29:34 | 02,482,695 | ---- | M] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 12:14:36 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:22 | 00,082,136 | ---- | M] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:19 | 93,640,604 | ---- | M] () -- C:\registrybackup.reg
[2008/11/21 11:58:52 | 05,738,016 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:21 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 05:45:02 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 05:12:04 | 00,287,985 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/11/21 04:48:22 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081121-051204.backup
[2008/11/21 04:39:02 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:10:41 | 00,003,348 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 03:47:10 | 01,581,247 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:08:04 | 00,001,208 | ---- | M] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:44 | 00,002,986 | ---- | M] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:23 | 00,008,712 | ---- | M] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:50:40 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:18:10 | 00,002,116 | ---- | M] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:06 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:47 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:34 | 00,007,136 | ---- | M] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:15 | 00,218,590 | ---- | M] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 23:27:48 | 00,000,631 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/20 23:27:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/20 23:27:48 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/11/20 21:26:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:36 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 14:06:35 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/11/20 14:06:35 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2008/11/12 01:56:19 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/12 01:56:19 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2008/11/03 16:10:26 | 17,318,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
< End of report >


And next, Extras.Txt:

OTViewIt Extras logfile created on: 2008/12/02 23:01:51 - Run 2
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 366.65 Mb Available Physical Memory | 48.34% Memory free
1.82 Gb Paging File | 1.50 Gb Available in Paging File | 82.36% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.40 Gb Free Space | 9.99% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 111.76 Gb Total Space | 58.88 Gb Free Space | 52.69% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
"Use My Stylesheet"=
"User Stylesheet"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=1
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/10/13 07:12:04 | 08,759,808 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
File not found -- C:\Program Files\Yahoo!J\Messenger\YPagerj.exe:*:Enabled:Yahoo!???????
File not found -- C:\Program Files\Yahoo!J\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
File not found -- C:\Program Files\Yahoo!\Messenger\ypager.exe:*:Enabled:Yahoo! Messenger
File not found -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/12/12 15:20:48 | 21,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [PNRP Cloud Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [PNRP Name Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2000/06/27 01:51:06 | 00,212,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/05 12:49:00 | 00,141,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (msjwwdat:{BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} (HKLM) [JWWDataProtocol Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/05/10 13:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/12/12 15:20:48 | 01,934,672 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 13:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AF4645-78E6-46C4-B528-54863679CC40}"=VAIO SLIT-C Screen Saver
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{05257AC0-DD20-11D2-AC05-0000F4ADD897}"=HD革命/BackUp Lite
"{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}"=Symantec AntiVirus Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600"=Canon MP600
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}"=Windows Installer Clean Up
"{1526D87C-A955-4FAB-BF18-697BA457E352}"=Norton WMI Update
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}"=InterVideo WinDVDX
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}"=VAIO Media 3.1
"{202D7520-F356-11D3-99D3-00C04FCCB775}"=VAIO オンラインカスタマー登録
"{266AEE68-5718-4A31-BDD3-D356B1250C70}"=VAIO SLIT Pattern Wallpaper
"{27337663-2619-11D4-99DC-0000F49094C7}"=Memory Stick Formatter
"{27579b3c-5470-4496-be6c-0c872674f19f}"=Macromedia Flash Player
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2A7C09FB-109C-43D8-BE17-E6B83D1A654F}"=Caplio Software
"{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3600FB01-C63B-4A3D-B044-BB21792C6811}"=VAIO SLIT-B Screen Saver
"{3B07D847-8077-4242-91C7-DFA3CE5113E0}"=ImageMixer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}"=Adobe Photoshop CS3
"{48820099-ED7D-424B-890C-9A82EF00656D}"=VAIO Update 2
"{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{57AE6E85-0394-4141-B2E3-46AE32E0FD55}"=How to VAIO
"{597C68AF-3EF7-4310-8725-2E034914613B}"=Microsoft Office Home Style+
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype? 3.6
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}"=DVgate Plus
"{6990A2BF-D1D2-11D3-81BC-00609789C908}"=Sony Video Shared Library
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}"=VAIO Media (再配布) 3.1
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}"=SonicStage 2.1.00
"{7A79D11B-FD82-4A5E-834F-20173515DD14}"=VAIO Media Integrated Server 3.1
"{7C2F71B2-6C73-11D6-B659-00C04F790F76}"=Click to DVD 2.1.10
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}"=Intel® Extreme Graphics 2 Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8D324F1B-A39E-4D5A-BA58-147416FE019A}"=VAIO SLIT-A Screen Saver
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90120000-0020-0411-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{90330411-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Personal Edition 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD 5 for VAIO
"{936FADC9-C609-471A-B6F2-A33E2E660D1A}"=Sony Notebook Setup
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9559F7CA-5E34-4237-A2D9-D856464AD727}"=Project64 1.6
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{98A3A654-3AEF-42D9-BA91-DE5815EA5897}"=Click to DVD 2.0.01 Menu Data
"{9C0EA18A-4C72-11D7-B65B-00C04F790F76}"=AC3 Encoder / Decoder
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}"=VAIO 省電力設定
"{A17456ED-3432-49FF-A14D-E0F00A96A2AA}"=VAIO SLIT Scene Wallpaper
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A43F939E-A863-433D-AC78-0897E44CFEB2}"=VAIOランチャー
"{A947C2B3-7445-42C4-9063-EE704CACCB22}"=VAIOハードウェア診断ツール
"{AB467B85-4F52-48C2-AEED-0673D00417B0}"=SonicStage Mastering Studio オーディオフィルタ機能
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1041-7B44-A81200000003}"=Adobe Reader 8.1.2 - Japanese
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}"=バイオ電子マニュアル
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BB311F54-39D6-4A03-8E18-053D1B2833D7}"=HotKey Utility
"{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}"=SonicStage Mastering Studio 1.3
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}"=QuickTime
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
"{C3D6ED9E-F21F-43E2-BEFD-E28E33146900}"=i-フィルター Personal Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}"=VAIO Entertainment Platform
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1"=Uninstall Startup Inspector
"{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}"=バイオ電子マニュアル データベース
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}"=Do VAIO
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}"=SonicStage Mastering Studio プラグイン 1.3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}"=Sony Utilities DLL
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}"=LAN-Express AS IEEE 802.11 Wireless LAN
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}"=Adobe Setup
"ActiveScan 2.0"=Panda ActiveScan 2.0
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1"=Adobe Photoshop CS3
"CCleaner"=CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D"=SoftV92 Data Fax Modem
"HijackThis"=HijackThis 2.0.2
"InstallShield_{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"InstallShield_{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"InstallShield_{C062DBC7-009D-4D5E-B80E-5829650F7D24}"=iPod for Windows
"KeyHoleTV"=KeyHoleTV
"LiveUpdate"=LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MouseSuite98"=Sony USB Mouse
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MWASPI"=MicroStaff WINASPI
"OpenMG HotFix4.0-04-06-21-01"=OpenMG Limited Patch 4.0-04-07-14-01
"PodUtil_is1"=PodUtil 2.5.1
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"Windows XP Service Pack"=Windows XP Service Pack 3
"WinRAR archiver"=WinRAR アーカイバ
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2008/11/27 15:49:06 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/28 5:39:46 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/29 7:06:31 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/29 9:41:00 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/30 6:50:18 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/30 12:16:20 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 6:26:21 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 20:50:33 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 21:09:58 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/02 5:31:28 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

[ System Events ]
Error - 2008/12/01 6:26:22 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/01 20:50:31 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/12/01 20:50:32 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/12/01 20:50:35 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/01 21:09:52 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/12/01 21:09:54 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/12/01 21:09:59 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/02 5:31:18 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/12/02 5:31:22 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/12/02 5:31:28 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep


< End of report >



#14 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 03 December 2008 - 12:37 PM

Hello.

Log looks good so far :thumbsup:

Still need to see an online scan though.

Run ESET Online Scan
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Please go to ESET OnlineScan (NOD32)
  • You will then see the Terms of Use, tick the check-box infront of YES, I accept the Terms of Use
  • Now click Start. If you see a "Security Warning" that asks if you want to install and run a file called "OnlineScanner.cab", click Yes.
  • Click Start. The online scanner will now prepare itself for running on your pc.
  • To do a full-scan, tick: Remove found threats and Scan potentially unwanted applications.
  • Press Scan. The Onlinescan will now start and scan your computer. Please be patient as this a while.
  • When the scan has finished, it will show a screen with two tabs "overview" and "details" and the option to get information or buy software, just close the window.
  • Click Start, then Run.... The the box that appears type with the quotes:
    "C:\Program Files\EsetOnlineScanner\log.txt"
  • The scan results will now open in Notepad
  • Click into the text area, right-click and chose select all. Right-click again and chose Copy.
  • Post back with the log.txt in your next reply.
Install Firewall

Install a third-party firewall from the following selection of excellent programsThe main reason you would prefer a third-party firewall over the Windows XP Firewall is because Windows Firewall only stops incoming signals from accessing your computer. However, it will not stop Outgoing signles (possibly ones that could intrude your privacy) from sending information to the Internet or to other networks.

After you have installed one of the above firewalls, please disable your Windows Firewall, if you had it enabled.

*Note: If you choose the PC Tools Firewall Plus and you are asked to install ThreatFire do not do so.

For you next reply please include the following:
-ESET online scanner log
-New OTViewIT logs


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#15 Dave_Taurus

Dave_Taurus
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:07:33 AM

Posted 03 December 2008 - 09:57 PM

Okay, so first, the ESET Online scan log:

# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3662 (20081203)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=68c5ca8a7b09d645ac9002de45be6297
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2008-12-04 02:06:19
# local_time=2008-12-04 02:06:19 )
# country="Japan"
# osver=5.1.2600 NT Service Pack 3
# scanned=274282
# found=0
# scan_time=2427


Next, OTViewIt.Txt:

OTViewIt logfile created on: 2008/12/04 2:51:12 - Run 3
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 354.38 Mb Available Physical Memory | 46.73% Memory free
1.82 Gb Paging File | 1.46 Gb Available in Paging File | 80.55% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.18 Gb Free Space | 8.42% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/04/14 02:26:32 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
[2002/07/30 02:35:04 | 00,077,824 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\VPTray.exe
[2004/06/29 04:17:04 | 00,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
[2004/06/29 12:45:12 | 00,180,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
[2008/01/31 23:13:08 | 00,385,024 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
[2002/03/14 07:46:58 | 00,045,056 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
[2004/10/13 07:04:14 | 00,278,528 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2004/02/20 05:12:34 | 00,032,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
[2004/07/01 02:58:46 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
[2004/06/29 05:49:34 | 00,122,880 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKServ.exe
[2003/11/07 08:21:28 | 00,114,688 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
[2008/07/09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2007/01/08 20:38:36 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2004/06/26 05:48:42 | 00,389,120 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\HotKey Utility\HKWnd.exe
[2003/02/26 02:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
[2008/04/14 02:26:08 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
[2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
[2004/08/05 12:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe

========== (O23) Win32 Services ==========

[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2002/07/30 02:36:00 | 00,032,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe -- (DefWatch [Auto | Running])
[2008/03/07 19:34:48 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2004/10/13 07:03:54 | 00,327,680 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPodService [On_Demand | Running])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC [On_Demand | Stopped])
[2003/06/19 14:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
[2002/07/30 02:40:44 | 00,573,440 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe -- (Norton AntiVirus Server [Auto | Running])
[2003/07/28 03:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2004/08/05 12:00:00 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpsvcs.exe -- (SimpTcp [Auto | Running])
[2008/04/14 02:26:27 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP [Auto | Running])
[2008/04/14 02:26:27 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2004/11/03 00:59:48 | 00,316,544 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe -- (SymWSC [Auto | Stopped])
[2004/07/07 03:19:36 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -- (VAIO Entertainment Aggregation and Control Service [On_Demand | Stopped])
[2004/07/07 03:19:08 | 00,118,877 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -- (VAIO Entertainment File Import Service [Auto | Running])
[2004/07/28 08:51:08 | 00,401,408 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe -- (VAIO Entertainment Task Scheduler [On_Demand | Stopped])
[2004/07/07 03:10:36 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
[2004/07/07 03:09:24 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -- (VAIO Entertainment UPnP Client Adapter [On_Demand | Stopped])
[2004/07/09 08:28:14 | 01,826,816 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
[2004/06/15 18:42:34 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
[2004/06/22 02:58:14 | 00,733,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
[2004/06/15 18:41:06 | 00,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
[2008/07/09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
[2007/01/08 20:38:28 | 00,902,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])

========== Driver Services ==========

[2003/12/11 14:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS [On_Demand | Running])
[2004/06/09 09:52:36 | 00,625,249 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2003/09/29 04:31:38 | 00,094,601 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
[2004/01/08 20:32:45 | 00,009,600 | R--- | M] (BUFFALO INC.) -- C:\WINDOWS\system32\BUFADPT.SYS -- (BUFADPT [Auto | Running])
[2000/12/05 07:18:02 | 00,003,952 | R--- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall [System | Running])
[2004/08/05 12:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga [System | Running])
[2004/09/14 05:38:26 | 00,013,872 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/12/02 01:06:41 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [System | Running])
[2003/10/14 07:08:22 | 00,197,120 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2003/10/14 07:04:16 | 01,043,072 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2004/07/01 03:26:16 | 00,724,221 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm [On_Demand | Running])
[2007/07/19 15:10:28 | 00,127,768 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF [System | Running])
[2004/07/07 06:12:02 | 00,391,616 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\system32\drivers\ExpasAG.sys -- (LEX_AS_NIC_SERVICE_YNOS [On_Demand | Running])
[2007/10/12 01:00:44 | 00,041,752 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta [On_Demand | Stopped])
[2000/03/29 16:11:20 | 00,008,096 | ---- | M] (MicroStaff Co.,Ltd.) -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT [Auto | Running])
[2003/04/09 04:48:08 | 00,011,043 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2002/06/19 11:57:12 | 00,218,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navap.sys -- (NAVAP [On_Demand | Running])
[2002/06/19 11:57:14 | 00,029,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Navapel.sys -- (NAVAPEL [Auto | Running])
[2008/11/27 09:00:00 | 00,089,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081127.016\NAVENG.SYS -- (NAVENG [On_Demand | Running])
[2008/11/27 09:00:00 | 00,876,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20081127.016\NAVEX15.SYS -- (NAVEX15 [On_Demand | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2002/06/28 09:21:40 | 00,017,251 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS -- (pelmouse [On_Demand | Stopped])
[2001/07/24 01:34:34 | 00,007,520 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\drivers\PELUSBlf.SYS -- (pelusblf [On_Demand | Stopped])
[2007/10/12 00:56:00 | 01,279,000 | ---- | M] (Logicool Co., Ltd.) -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI [On_Demand | Stopped])
[2004/08/05 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2004/08/13 07:54:44 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
[2003/11/07 01:28:34 | 00,067,712 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
[2008/04/13 18:40:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port [Boot | Running])
[2007/11/13 10:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2000/11/09 10:15:08 | 00,048,896 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC [On_Demand | Running])
[2004/07/02 01:15:08 | 00,235,264 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYTVC.sys -- (SONYTVC [On_Demand | Stopped])
[2008/02/27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan [Boot | Running])
[2005/03/04 16:29:45 | 00,073,224 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent [On_Demand | Running])
[2008/06/20 11:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6 [System | Running])
[2004/05/21 04:46:50 | 00,065,024 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony [On_Demand | Running])
[2008/04/13 18:56:01 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tunmp.sys -- (tunmp [On_Demand | Running])
[2008/04/13 18:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2008/07/09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant [System | Running])
[2003/10/14 07:05:48 | 00,679,808 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"CustomSearch"=http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/cs/*http://uk.docs.yahoo.com/info/bt_side.html
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=gogl

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.vaio.sony.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.yahoo.co.jp/

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

========== (O1) Hosts File ==========

HOSTS File = (287985 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
9926 more lines...

========== (O3) Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"Apoint"=C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe (Sony Corporation)
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 (Microsoft Corporation)
"IMJPMIG9.0"=C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMJP9\IMJPMIG.EXE /Preload /Migration32 (Microsoft Corporation)
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
"Mouse Suite 98 Daemon"=ICO.EXE (Primax Electronics Ltd.)
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary (Sony Corporation)
"vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe (Symantec Corporation)
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (Zone Labs, LLC)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)

========== (O4) Startup Folders ==========

[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Administrator\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe
[2004/07/26 11:32:06 | 02,707,456 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\All Users\スタート メニュー\プログラム\スタートアップ\オーディオフィルタ機能.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
[2003/06/23 09:42:48 | 00,364,544 | ---- | M] (Sony Corporation) -- C:\Documents and Settings\Default User\スタート メニュー\プログラム\スタートアップ\E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"= [binary data]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\Software\Microsoft\Internet Explorer\MenuExt\]
Microsoft Excel にエクスポート(&X): C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2008/08/04 15:12:50 | 10,354,176 | ---- | M] (Microsoft Corporation)

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun の Java コンソール -- %SystemRoot%\system32\msjava.dll [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
{77BF5300-1474-4EC7-9980-D32B190E9B07}: Button: Skype -- %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: リサーチ -- %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search & Destroy Configuration -- Reg Error: Key does not exist or could not be opened. File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 18:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)
CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> [2007/12/12 15:20:48 | 01,372,160 | ---- | M] (Skype Technologies S.A.)
CmdMapping\\{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> [2008/01/09 15:01:48 | 00,053,248 | ---- | M] ()
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [リサーチ] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
CmdMapping\\{CEBF73C0-BA2E-11d4-A73A-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> [Spybot - Search & Destroy Configuration] -> File not found
CmdMapping\\{E1A8C070-A8DE-11d5-A760-00508B33FB82} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 02:26:19 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
50 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-3121218828-2581107593-3557250321-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0CCA191D-13A6-4E29-B746-314DEE697D83}: http://upload.facebook.com/controls/Facebo...toUploader5.cab -- Facebook Photo Uploader 5
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}: http://www.pandasecurity.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class
{556DDE35-E955-11D0-A707-000000521957}: http://www.xblock.com/download/xclean_micro.exe -- Reg Error: Key does not exist or could not be opened.
{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}: http://www.eset.eu/buxus/docs/OnlineScanner.cab -- OnlineScanner Control
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://download.bitdefender.com/resources/scan8/oscan8.cab -- BDSCANONLINE Control
{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/Facebo...otoUploader.cab -- Facebook Photo Uploader Control
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://www.update.microsoft.com/microsoftu...b?1200600390873 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}: http://ax.emsisoft.com/asquared.cab -- a-squared Scanner
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl...indows-i586.cab -- Java Plug-in 1.4.2_05
Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

========== (O17) DNS Name Servers ==========

{1075593E-F29E-4AC0-9E46-82E2902054A1} (Servers: | Description: 1394 ネット アダプタ)
{56E714E8-2A78-4611-AC27-21D88F0A2A30} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{A62955F3-66BF-41D7-93C1-6C5182C05252} (Servers: | Description: )
{F24F7619-9242-4BA3-A427-BBF4FF1B46B8} (Servers: | Description: LAN-Express AS IEEE 802.11g miniPCI Adapter)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxsrvc.dll -- C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
NavLogon: "DllName" = C:\WINDOWS\system32\NavLogon.dll -- C:\WINDOWS\system32\NavLogon.dll ()

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2004/08/13 04:57:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/12/04 02:42:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\D
[2008/12/04 02:30:19 | 00,000,032 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/04 02:30:16 | 00,069,664 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/04 02:23:22 | 00,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/04 02:23:13 | 00,050,576 | ---- | C] (Zone Labs Inc.) -- C:\WINDOWS\System32\vsutil_loc0411.dll
[2008/12/04 02:23:13 | 00,042,384 | ---- | C] (Zone Labs Inc.) -- C:\WINDOWS\zllsputility_loc0411.dll
[2008/12/04 02:23:13 | 00,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc0411.dll
[2008/12/04 02:23:13 | 00,017,808 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc0411.dll
[2008/12/04 02:23:09 | 00,075,248 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\zllsputility.exe
[2008/12/04 02:23:09 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\SpOrder.dll
[2008/12/04 02:22:55 | 00,127,768 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2008/12/04 02:22:46 | 00,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2008/12/04 02:22:45 | 00,071,144 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsregexp.dll
[2008/12/04 02:22:43 | 00,083,432 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\zlcomm.dll
[2008/12/04 02:22:43 | 00,071,144 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\zlcommdb.dll
[2008/12/04 02:22:39 | 00,046,568 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vswmi.dll
[2008/12/04 02:22:38 | 01,086,952 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\zpeng24.dll
[2008/12/04 02:22:38 | 00,099,816 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsxml.dll
[2008/12/04 02:22:37 | 00,275,944 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vspubapi.dll
[2008/12/04 02:22:37 | 00,103,912 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsmonapi.dll
[2008/12/04 02:22:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2008/12/04 02:22:37 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/12/04 02:22:36 | 00,394,952 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdatant.sys
[2008/12/04 02:22:36 | 00,358,382 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/04 02:21:15 | 00,083,432 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsdata.dll
[2008/12/04 02:21:14 | 00,472,552 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsutil.dll
[2008/12/04 02:21:14 | 00,157,160 | ---- | C] (Zone Labs, LLC) -- C:\WINDOWS\System32\vsinit.dll
[2008/12/04 02:21:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2008/12/04 02:13:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2008/12/04 02:13:27 | 03,894,336 | ---- | C] (Webroot Software, Inc. ) -- C:\Documents and Settings\SHINO HORI\デスクトップ\DesktopFirewallRegSetup.exe
[2008/12/04 01:24:26 | 00,000,000 | ---D | C] -- C:\Program Files\EsetOnlineScanner
[2008/12/02 10:17:48 | 00,000,000 | ---D | C] -- D:\My Document\D
[2008/12/02 01:06:43 | 00,000,345 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008/12/02 01:06:41 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008/12/02 01:06:41 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
[2008/12/02 01:06:41 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/02 01:06:41 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/02 01:03:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer
[2008/12/02 01:02:26 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer.zip
[2008/12/02 00:47:03 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/02 00:46:25 | 00,349,696 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTMoveIt3.exe
[2008/12/01 17:59:56 | 00,030,208 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\アイルランドで結婚式.doc
[2008/11/29 16:41:12 | 00,060,814 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012873.JPG
[2008/11/29 16:38:12 | 00,061,829 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SF china.JPG
[2008/11/29 15:48:53 | 00,055,854 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013173.JPG
[2008/11/29 15:21:04 | 00,066,107 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012924.JPG
[2008/11/29 13:55:25 | 00,060,245 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013078.JPG
[2008/11/29 13:54:05 | 00,059,491 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013161.JPG
[2008/11/29 13:53:47 | 00,065,253 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013160.JPG
[2008/11/29 13:53:00 | 00,058,990 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013116.JPG
[2008/11/29 13:52:36 | 00,049,425 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013105.JPG
[2008/11/29 13:52:04 | 00,065,083 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013093.JPG
[2008/11/29 13:51:08 | 00,061,829 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012878.JPG
[2008/11/29 13:49:29 | 00,023,349 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\08092008255.jpg
[2008/11/29 13:49:21 | 00,026,863 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\07092008252.jpg
[2008/11/29 13:45:21 | 00,042,200 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013067.JPG
[2008/11/29 13:41:44 | 00,036,450 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012997.JPG
[2008/11/29 13:41:25 | 00,039,059 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012966.JPG
[2008/11/29 01:46:10 | 00,091,648 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\chiristmas.doc
[2008/11/27 22:10:44 | 00,026,624 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dublin.doc
[2008/11/26 23:57:22 | 16,156,056 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\jre-6u10-windows-i586-p.exe
[2008/11/26 23:23:08 | 00,088,127 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\brastk forum post.rtf
[2008/11/26 23:05:08 | 00,422,400 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/23 22:39:01 | 00,030,208 | -HS- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 00:01:29 | 00,033,280 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/21 21:19:43 | 00,023,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2008/11/21 21:09:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/11/21 20:56:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2008/11/21 20:56:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/11/21 20:56:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja
[2008/11/21 20:56:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2008/11/21 20:47:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2008/11/21 20:41:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2008/11/21 20:39:56 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 20:33:49 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2008/11/21 20:33:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2008/11/21 15:29:33 | 02,482,695 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 15:23:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2008/11/21 12:32:50 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/11/21 12:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2008/11/21 12:14:35 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:19 | 00,082,136 | ---- | C] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:08 | 93,640,604 | ---- | C] () -- C:\registrybackup.reg
[2008/11/21 11:58:43 | 05,738,016 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:23 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/11/21 11:52:08 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 11:50:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/11/21 04:53:04 | 79,533,2608 | -HS- | C] () -- C:\hiberfil.sys
[2008/11/21 04:44:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/11/21 04:40:34 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/11/21 04:40:13 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:35:27 | 00,000,000 | ---D | C] -- C:\Avenger
[2008/11/21 04:22:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Malwarebytes
[2008/11/21 04:21:18 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/11/21 04:21:18 | 00,000,720 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 04:21:15 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/21 04:21:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/11/21 04:10:40 | 00,003,348 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 04:09:34 | 00,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2008/11/21 04:09:34 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2008/11/21 04:09:34 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2008/11/21 04:09:34 | 00,087,552 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\VACFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\o4Patch.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.exe
[2008/11/21 04:09:34 | 00,082,944 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\IEDFix.C.exe
[2008/11/21 04:09:34 | 00,082,432 | ---- | C] (S!Ri.URZ) -- C:\WINDOWS\System32\404Fix.exe
[2008/11/21 04:09:34 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2008/11/21 04:09:34 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2008/11/21 04:09:34 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2008/11/21 04:09:34 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2008/11/21 04:09:34 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2008/11/21 03:47:47 | 01,581,247 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:18:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/11/21 03:08:01 | 00,001,208 | ---- | C] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:40 | 00,002,986 | ---- | C] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:19 | 00,008,712 | ---- | C] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:52:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\wsInspector
[2008/11/21 02:50:45 | 00,000,000 | ---D | C] -- D:\My Document\wsInspector
[2008/11/21 02:50:40 | 00,000,750 | ---- | C] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:50:40 | 00,000,000 | ---D | C] -- C:\Program Files\Startup Inspector for Windows
[2008/11/21 02:17:19 | 00,002,116 | ---- | C] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:01 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:46 | 00,000,760 | ---- | C] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:31 | 00,007,136 | ---- | C] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:10 | 00,218,590 | ---- | C] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 21:26:47 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\Mozilla
[2008/11/20 21:26:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\Mozilla
[2008/11/20 21:26:36 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 21:26:33 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2008/11/20 21:12:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\files
[2008/11/20 15:59:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2008/11/20 14:06:35 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2008/11/20 14:06:35 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/11/16 16:54:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2008/11/11 19:08:04 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2008/11/11 14:39:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\web
[2008/11/07 00:30:13 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2008/11/07 00:29:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2008/11/07 00:29:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\Application Data\NCH Swift Sound
[2008/11/06 23:59:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\SHINO HORI\デスクトップ\Joe Ford

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\*.tmp files]
[2008/12/04 02:52:18 | 00,073,760 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2008/12/04 02:50:00 | 00,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2008/12/04 02:31:21 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/04 02:31:08 | 00,358,382 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2008/12/04 02:30:38 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/04 02:30:23 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/04 02:30:21 | 79,533,2608 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/04 02:30:21 | 00,000,032 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2008/12/04 02:28:16 | 00,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2008/12/04 02:13:33 | 03,894,336 | ---- | M] (Webroot Software, Inc. ) -- C:\Documents and Settings\SHINO HORI\デスクトップ\DesktopFirewallRegSetup.exe
[2008/12/04 00:24:13 | 00,002,423 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Microsoft Office Word 2003 (2).lnk
[2008/12/03 13:18:36 | 00,049,264 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/12/03 13:18:26 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/12/02 01:14:03 | 00,000,345 | ---- | M] () -- C:\WINDOWS\gmer.ini
[2008/12/02 01:10:16 | 01,537,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/02 01:06:41 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
[2008/12/02 01:06:41 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
[2008/12/02 01:06:41 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
[2008/12/02 01:02:34 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\gmer.zip
[2008/12/02 00:46:31 | 00,349,696 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTMoveIt3.exe
[2008/12/01 17:59:56 | 00,030,208 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\アイルランドで結婚式.doc
[2008/11/29 23:43:15 | 00,061,829 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012878.JPG
[2008/11/29 23:42:59 | 00,066,107 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012924.JPG
[2008/11/29 23:42:41 | 00,039,059 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012966.JPG
[2008/11/29 23:42:25 | 00,060,245 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013078.JPG
[2008/11/29 23:42:03 | 00,042,200 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013067.JPG
[2008/11/29 23:41:42 | 00,036,450 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012997.JPG
[2008/11/29 23:41:17 | 00,058,990 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013116.JPG
[2008/11/29 23:40:49 | 00,055,854 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013173.JPG
[2008/11/29 23:40:15 | 00,065,253 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013160.JPG
[2008/11/29 23:39:47 | 00,059,491 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013161.JPG
[2008/11/29 23:39:23 | 00,049,425 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013105.JPG
[2008/11/29 17:16:45 | 00,023,349 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\08092008255.jpg
[2008/11/29 17:05:40 | 00,065,083 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1013093.JPG
[2008/11/29 17:00:29 | 00,026,863 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\07092008252.jpg
[2008/11/29 16:41:44 | 00,060,814 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\R1012873.JPG
[2008/11/29 16:38:13 | 00,061,829 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SF china.JPG
[2008/11/29 01:46:10 | 00,091,648 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\chiristmas.doc
[2008/11/27 22:10:45 | 00,026,624 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dublin.doc
[2008/11/26 23:57:26 | 16,156,056 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\jre-6u10-windows-i586-p.exe
[2008/11/26 23:23:08 | 00,088,127 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\brastk forum post.rtf
[2008/11/26 23:05:14 | 00,422,400 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\SHINO HORI\デスクトップ\OTViewIt.exe
[2008/11/23 22:39:04 | 00,030,208 | -HS- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db
@Alternate Data Stream - 0 bytes -> C:\Documents and Settings\SHINO HORI\デスクトップ\Thumbs.db:encryptable
[2008/11/23 18:21:50 | 00,095,744 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/23 00:01:30 | 00,033,280 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Dwell oak veneer desk with matching drawers.doc
[2008/11/22 18:40:57 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\PINE.doc
[2008/11/21 21:23:39 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/11/21 21:14:20 | 00,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/11/21 21:14:20 | 00,154,096 | ---- | M] () -- C:\WINDOWS\System32\perfh011.dat
[2008/11/21 21:14:20 | 00,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/11/21 21:14:20 | 00,041,164 | ---- | M] () -- C:\WINDOWS\System32\perfc011.dat
[2008/11/21 21:14:18 | 00,557,652 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/11/21 21:13:16 | 00,000,081 | -HS- | M] () -- D:\My Document\desktop.ini
[2008/11/21 21:07:38 | 04,689,784 | -H-- | M] () -- C:\Documents and Settings\SHINO HORI\Local Settings\Application Data\IconCache.db
[2008/11/21 20:41:03 | 00,260,800 | RHS- | M] () -- C:\ntldr
[2008/11/21 15:29:34 | 02,482,695 | ---- | M] (McAfee Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\stinger.exe
[2008/11/21 12:14:36 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_1214b.reg
[2008/11/21 12:14:22 | 00,082,136 | ---- | M] () -- D:\My Document\cc_20081121_1214.reg
[2008/11/21 12:02:19 | 93,640,604 | ---- | M] () -- C:\registrybackup.reg
[2008/11/21 11:58:52 | 05,738,016 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SUPERAntiSpyware.exe
[2008/11/21 11:52:24 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\HijackThis.lnk
[2008/11/21 11:52:21 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\SHINO HORI\デスクトップ\HJTInstall.exe
[2008/11/21 05:45:02 | 00,000,720 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\annoying.lnk
[2008/11/21 05:12:04 | 00,287,985 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/11/21 04:48:22 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20081121-051204.backup
[2008/11/21 04:39:02 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SDFix.exe
[2008/11/21 04:10:41 | 00,003,348 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2008/11/21 03:47:10 | 01,581,247 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\SmitfraudFix.exe
[2008/11/21 03:18:22 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Spybot - Search & Destroy.lnk
[2008/11/21 03:08:04 | 00,001,208 | ---- | M] () -- D:\My Document\cc_20081121_0307c.reg
[2008/11/21 03:07:44 | 00,002,986 | ---- | M] () -- D:\My Document\cc_20081121_0307b.reg
[2008/11/21 03:07:23 | 00,008,712 | ---- | M] () -- D:\My Document\cc_20081121_0307.reg
[2008/11/21 02:50:40 | 00,000,750 | ---- | M] () -- C:\Documents and Settings\SHINO HORI\デスクトップ\Startup Inspector for Windows.lnk
[2008/11/21 02:18:10 | 00,002,116 | ---- | M] () -- D:\My Document\cc_20081121_0217e.reg
[2008/11/21 02:17:06 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216d.reg
[2008/11/21 02:16:47 | 00,000,760 | ---- | M] () -- D:\My Document\cc_20081121_0216c.reg
[2008/11/21 02:16:34 | 00,007,136 | ---- | M] () -- D:\My Document\cc_20081121_0216b.reg
[2008/11/21 02:16:15 | 00,218,590 | ---- | M] () -- D:\My Document\cc_20081121_0216.reg
[2008/11/20 23:27:48 | 00,000,631 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/11/20 23:27:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/11/20 23:27:48 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/11/20 21:26:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2008/11/20 21:26:36 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\デスクトップ\Mozilla Firefox.lnk
[2008/11/20 14:06:35 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2008/11/12 01:56:19 | 00,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2008/11/12 01:56:19 | 00,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
< End of report >


And finally, Extras.Txt:

OTViewIt Extras logfile created on: 2008/12/04 2:51:12 - Run 3
OTViewIt by OldTimer - Version 1.0.20.0 Folder = C:\Documents and Settings\SHINO HORI\デスクトップ
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

758.42 Mb Total Physical Memory | 354.38 Mb Available Physical Memory | 46.73% Memory free
1.82 Gb Paging File | 1.46 Gb Available in Paging File | 80.55% Paging File free
Paging file location(s): C:\pagefile.sys 1140 2280;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 13.97 Gb Total Space | 1.18 Gb Free Space | 8.42% Space Free | Partition Type: NTFS
Drive D: | 55.90 Gb Total Space | 21.20 Gb Free Space | 37.92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHINOLAPTOP
Current User Name: SHINO HORI
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
"Use My Stylesheet"=
"User Stylesheet"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=0
"DoNotAllowExceptions"=1
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\IcmpSettings]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 02:26:25 | 00,139,264 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/10/13 07:12:04 | 08,759,808 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
File not found -- C:\Program Files\Yahoo!J\Messenger\YPagerj.exe:*:Enabled:Yahoo!???????
File not found -- C:\Program Files\Yahoo!J\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
File not found -- C:\Program Files\Yahoo!\Messenger\ypager.exe:*:Enabled:Yahoo! Messenger
File not found -- C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
[2006/02/28 11:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/04/13 18:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/12/12 15:20:48 | 21,686,568 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [PNRP Cloud Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000005 [PNRP Name Namespace Provider] -- C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000006 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2005/09/20 12:33:58 | 00,843,984 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2000/06/27 01:51:06 | 00,212,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2003/08/05 12:49:00 | 00,141,992 | ---- | M] (Microsoft Corporation) C:\Program Files\Microsoft Office\Home Style\JWW\JWWData.dll (msjwwdat:{BAAB02DC-913E-40aa-B9ED-8068DEE42CFA} (HKLM) [JWWDataProtocol Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/05/10 13:45:34 | 08,069,464 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/12/12 15:20:48 | 01,934,672 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll (skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} (HKLM) [IEProtocolHandler Class])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2007/04/19 13:57:40 | 00,046,432 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01AF4645-78E6-46C4-B528-54863679CC40}"=VAIO SLIT-C Screen Saver
"{04AF207D-9A77-465A-8B76-991F6AB66245}"=Adobe Help Viewer CS3
"{05257AC0-DD20-11D2-AC05-0000F4ADD897}"=HD革命/BackUp Lite
"{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
"{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}"=Symantec AntiVirus Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600"=Canon MP600
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}"=Windows Installer Clean Up
"{1526D87C-A955-4FAB-BF18-697BA457E352}"=Norton WMI Update
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}"=InterVideo WinDVDX
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}"=VAIO Media 3.1
"{202D7520-F356-11D3-99D3-00C04FCCB775}"=VAIO オンラインカスタマー登録
"{266AEE68-5718-4A31-BDD3-D356B1250C70}"=VAIO SLIT Pattern Wallpaper
"{27337663-2619-11D4-99DC-0000F49094C7}"=Memory Stick Formatter
"{27579b3c-5470-4496-be6c-0c872674f19f}"=Macromedia Flash Player
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
"{2A7C09FB-109C-43D8-BE17-E6B83D1A654F}"=Caplio Software
"{350C97B1-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{3600FB01-C63B-4A3D-B044-BB21792C6811}"=VAIO SLIT-B Screen Saver
"{3B07D847-8077-4242-91C7-DFA3CE5113E0}"=ImageMixer
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}"=Adobe Photoshop CS3
"{48820099-ED7D-424B-890C-9A82EF00656D}"=VAIO Update 2
"{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
"{57AE6E85-0394-4141-B2E3-46AE32E0FD55}"=How to VAIO
"{597C68AF-3EF7-4310-8725-2E034914613B}"=Microsoft Office Home Style+
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}"=Skype? 3.6
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}"=DVgate Plus
"{6990A2BF-D1D2-11D3-81BC-00609789C908}"=Sony Video Shared Library
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
"{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}"=VAIO Media (再配布) 3.1
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}"=SonicStage 2.1.00
"{7A79D11B-FD82-4A5E-834F-20173515DD14}"=VAIO Media Integrated Server 3.1
"{7C2F71B2-6C73-11D6-B659-00C04F790F76}"=Click to DVD 2.1.10
"{802771A9-A856-4A41-ACF7-1450E523C923}"=Adobe XMP Panels CS3
"{8A708DD8-A5E6-11D4-A706-000629E95E20}"=Intel® Extreme Graphics 2 Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
"{8D324F1B-A39E-4D5A-BA58-147416FE019A}"=VAIO SLIT-A Screen Saver
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
"{90120000-0020-0411-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
"{90330411-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Personal Edition 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office PowerPoint Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD 5 for VAIO
"{936FADC9-C609-471A-B6F2-A33E2E660D1A}"=Sony Notebook Setup
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}"=Sonic RecordNow!
"{9559F7CA-5E34-4237-A2D9-D856464AD727}"=Project64 1.6
"{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
"{98A3A654-3AEF-42D9-BA91-DE5815EA5897}"=Click to DVD 2.0.01 Menu Data
"{9C0EA18A-4C72-11D7-B65B-00C04F790F76}"=AC3 Encoder / Decoder
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}"=VAIO 省電力設定
"{A17456ED-3432-49FF-A14D-E0F00A96A2AA}"=VAIO SLIT Scene Wallpaper
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
"{A43F939E-A863-433D-AC78-0897E44CFEB2}"=VAIOランチャー
"{A947C2B3-7445-42C4-9063-EE704CACCB22}"=VAIOハードウェア診断ツール
"{AB467B85-4F52-48C2-AEED-0673D00417B0}"=SonicStage Mastering Studio オーディオフィルタ機能
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
"{AC76BA86-7AD7-1041-7B44-A81200000003}"=Adobe Reader 8.1.2 - Japanese
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B8C8E26C-D3DD-4B5B-A4A5-2BD5922C5169}"=バイオ電子マニュアル
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
"{BB311F54-39D6-4A03-8E18-053D1B2833D7}"=HotKey Utility
"{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}"=SonicStage Mastering Studio 1.3
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}"=QuickTime
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
"{C3D6ED9E-F21F-43E2-BEFD-E28E33146900}"=i-フィルター Personal Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}"=VAIO Entertainment Platform
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1"=Uninstall Startup Inspector
"{E5E329DF-6C0D-4B6C-8D96-AF0B3F2A40DA}"=バイオ電子マニュアル データベース
"{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}"=Do VAIO
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}"=SonicStage Mastering Studio プラグイン 1.3
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}"=Sony Utilities DLL
"{FB08F381-6533-4108-B7DD-039E11FBC27E}"=Realtek AC'97 Audio
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}"=LAN-Express AS IEEE 802.11 Wireless LAN
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}"=Adobe Setup
"ActiveScan 2.0"=Panda ActiveScan 2.0
"Adobe Flash Player ActiveX"=Adobe Flash Player ActiveX
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1"=Adobe Photoshop CS3
"CCleaner"=CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_818C104D"=SoftV92 Data Fax Modem
"EsetOnlineScanner"=ESET Online Scanner
"HijackThis"=HijackThis 2.0.2
"InstallShield_{06E73C0B-7DE7-4F41-860B-587033B75BD9}"=iPod Updater 2004-11-15
"InstallShield_{4ABE9A24-9914-46EB-8253-7963A78595DF}"=iPod for Windows User Guide 2.0
"InstallShield_{6F1974D6-4249-43B6-88B0-9A9B8A33956C}"=OpenMG Secure Module 4.0.00
"InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925}"=iTunes
"InstallShield_{C062DBC7-009D-4D5E-B80E-5829650F7D24}"=iPod for Windows
"KeyHoleTV"=KeyHoleTV
"LiveUpdate"=LiveUpdate 1.90 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MouseSuite98"=Sony USB Mouse
"Mozilla Firefox (3.0.4)"=Mozilla Firefox (3.0.4)
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MWASPI"=MicroStaff WINASPI
"OpenMG HotFix4.0-04-06-21-01"=OpenMG Limited Patch 4.0-04-07-14-01
"PodUtil_is1"=PodUtil 2.5.1
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"Windows XP Service Pack"=Windows XP Service Pack 3
"WinRAR archiver"=WinRAR アーカイバ
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm"=ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2008/11/29 9:41:00 | Computer Name = SHINOLAPTOP | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802c09b, debug? 0,
fault address 0x00012aeb.

Error - 2008/11/30 6:50:18 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/11/30 12:16:20 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 6:26:21 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 20:50:33 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/01 21:09:58 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/02 5:31:28 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

Error - 2008/12/03 22:13:45 | Computer Name = SHINOLAPTOP | Source = MsiInstaller | ID = 11327
Description = Product: Webroot Desktop Firewall -- Error 1327.Invalid Drive: H:\

Error - 2008/12/03 22:16:58 | Computer Name = SHINOLAPTOP | Source = MsiInstaller | ID = 11327
Description = Product: Sygate Personal Firewall -- Error 1327. Invalid Drive: H:\

Error - 2008/12/03 22:30:48 | Computer Name = SHINOLAPTOP | Source = VzFw | ID = 108
Description = フォルダの監視開始時にエラーが発生しました。(00000000) C:\Documents and Settings\All Users\Application
Data\Sony Corporation\PictureGear Studio\Samples\PhotoCollection\Samples

[ System Events ]
Error - 2008/12/01 21:09:59 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/02 5:31:18 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/12/02 5:31:22 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/12/02 5:31:28 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/03 22:30:40 | Computer Name = SHINOLAPTOP | Source = SRService | ID = 104
Description = システムの復元の初期化プロセスは失敗しました。

Error - 2008/12/03 22:30:47 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7023
Description = System Restore Service は次のエラーで終了しました: %%2

Error - 2008/12/03 22:30:56 | Computer Name = SHINOLAPTOP | Source = Service Control Manager | ID = 7026
Description = 次のブート開始ドライバまたはシステム開始ドライバを読み込むことができませんでした: Beep

Error - 2008/12/03 22:31:21 | Computer Name = SHINOLAPTOP | Source = NetBT | ID = 4321
Description = 名前 "MSHOME :1d" は、IP アドレス 192.168.1.74のインターフェイスに登録できませんでした。
IP
アドレス 192.168.1.73 のコンピュータは、その名前がこのコンピュータに付くことを 許可しませんでした。

Error - 2008/12/03 22:33:02 | Computer Name = SHINOLAPTOP | Source = NetBT | ID = 4321
Description = 名前 "MSHOME :1d" は、IP アドレス 192.168.1.74のインターフェイスに登録できませんでした。
IP
アドレス 192.168.1.73 のコンピュータは、その名前がこのコンピュータに付くことを 許可しませんでした。

Error - 2008/12/03 22:34:56 | Computer Name = SHINOLAPTOP | Source = NetBT | ID = 4321
Description = 名前 "MSHOME :1d" は、IP アドレス 192.168.1.74のインターフェイスに登録できませんでした。
IP
アドレス 192.168.1.73 のコンピュータは、その名前がこのコンピュータに付くことを 許可しませんでした。


< End of report >


Hope that helps!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users