過去ログ（4）－ 2004年7月9日～2004年9月3日 [One Topic All View / ありがとうございました / Page: 0]

(現在過去ログ2 を表示中)

HOME HELP 新着記事トピック表示ファイル一覧検索過去ログ旧過去ログ

[ 最新記事及び返信フォームをトピックトップへ ]

■33948 / inTopicNo.1)

　IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 12:30:06)

はじめまして、さっそくですがここ１週間ほどIEを使用しているとタスクバーにAdvertising_Loadingとしつこく出るようになりました。Ad-aware やSpybot - Search & Destroy、ウイルスバスター２００４でやってはみたもののウイルスやスパイウェアは出ず症状は変化しませんでした。UPデートは欠かさずしていますもちろんWinndowsのほうもしています。システム復元、１次ファイル削除、クッキー削除、WEｂのリセットなどやれるだけやってみましたが変化ありませんでしたので、
ここに投稿させていただきました。どうか解消させてください。お願いいたします。
Hijack　ログ

Logfile of HijackThis v1.97.7
Scan saved at 11:37:31, on 2004/07/06
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\yqvthct.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\PCCGUIDE.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IDN Helper Object - {118CE65F-5D86-4AEA-A9BD-94F92B89119F} - C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL
O2 - BHO: (no name) - {1DA5335B-9F41-29ED-8257-605504D52C6C} - C:\WINDOWS\System32\iuuq.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [ara-key] C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe -StartUp
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [mypop_Free] C:\Program Files\UCAST\Free2\
O4 - HKCU\..\Run: [Yhycio] C:\WINDOWS\System32\yqvthct.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP 2 - http://cs.chat.yahoo.co.jp/c302/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {70A3ED4F-E41D-452F-8D59-0433205A754A} (MypopInstall Control) - http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

引用返信 [メール受信/ON] 編集キー/

■33952 / inTopicNo.2)

　Re[1]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 12:44:17)

すみません・・・
あせって途中で終わってしまいまいた。追加です

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックス パッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックス パッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックス パッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックス パッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.1"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Windows ムービー メーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="Panorama Boutique Light EPC"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココ パーソナル"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"


これでわかりますでしょうか？
削除部分などご教授ねがいます。

引用返信 [メール受信/OFF] 編集キー/

■33968 / inTopicNo.3)

　Re[1]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ かつ兄 -(2004/07/06(Tue) 15:04:51)

■No33948に返信(ぶりおさんの記事)
ファイル交換ソフトを使用していましたね。

> O4 - HKLM\..\Run: [ara-key] C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe -StartUp

ログに残骸があります。

ファイル交換ソフトを使用して入手したプログラムは、違法入手だから全てアンインストール。
ファイル交換ソフト類に関するフォルダ、データ類は全て破棄。
http://higaitaisaku.web.infoseek.co.jp/unknownuser.html
熟読してください。

もう一度、確認して、アンインストール情報、取り直したHijackthsのログ、startuplistを同一文書内に貼り付けてください。

http://higaitaisaku.web.infoseek.co.jp/startuplist.html
同一文書に収まらない場合は、startuplistのみ別にしても構わないです。
アンインストール情報は字が小さくて見にくいです。
縮小しないで貼り付けてください。

引用返信 [メール受信/OFF] 編集キー/

■33974 / inTopicNo.4)

　Re[2]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 15:44:27)

新たに取り直しました。
お願いいたします。

Logfile of HijackThis v1.97.7
Scan saved at 15:40:53, on 2004/07/06
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\yqvthct.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\PCCGUIDE.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IDN Helper Object - {118CE65F-5D86-4AEA-A9BD-94F92B89119F} - C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL
O2 - BHO: (no name) - {1DA5335B-9F41-29ED-8257-605504D52C6C} - C:\WINDOWS\System32\iuuq.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [ara-key] C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe -StartUp
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [mypop_Free] C:\Program Files\UCAST\Free2\
O4 - HKCU\..\Run: [Yhycio] C:\WINDOWS\System32\yqvthct.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP 2 - http://cs.chat.yahoo.co.jp/c302/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {70A3ED4F-E41D-452F-8D59-0433205A754A} (MypopInstall Control) - http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.1"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Windows ムービーメーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココパーソナル"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"

続きありです

引用返信 [メール受信/OFF] 編集キー/

■33976 / inTopicNo.5)

　Re[3]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 15:51:16)

StartupList report, 2004/07/06, 15:41:03
StartupList version: 1.52
Started from : C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\yqvthct.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\PCCGUIDE.EXE
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\河合　智和\スタートメニュー\プログラム\スタートアップ]
SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\スタートメニュー\プログラム\スタートアップ]
FEATHER.lnk = C:\Program Files\Canopus\FEATHER\CDVRS.exe
gwum.lnk = C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
RC Manager.lnk = C:\Program Files\Canopus\FEATHER\RcMan.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
LiveNote = livenote.exe
Anvshell = C:\WINDOWS\Anvshell.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
CloneCDElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray = "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
imjpmig = C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
CloneDVDElbyDelay = "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
DataCaching = C:\PROGRA~1\DATACA~1\FLashKsk.exe
ara-key = C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe -StartUp
pccguide.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
PCClient.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
TM Outbreak Agent = "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
B'sCLiP = C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
mypop_Free = C:\Program Files\UCAST\Free2\河合　智和\startup.exe
Yhycio = C:\WINDOWS\System32\yqvthct.exe

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ss3dfo.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
IDN Helper Object - C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL - {118CE65F-5D86-4AEA-A9BD-94F92B89119F}
(no name) - C:\WINDOWS\System32\iuuq.dll - {1DA5335B-9F41-29ED-8257-605504D52C6C}
SpywareGuard Download Protection - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[HgArcadePluginJP3 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HgArcadePluginJP3.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

[MypopInstall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MYPOPI~1.DLL
CODEBASE = http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB

[Yahoo! WebCam Upload Wrapper]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yuplapp.dll
CODEBASE = http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab

[HanGamePluginJP15 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HanGamePluginJP15.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

--------------------------------------------------

Enumerating Windows NT/2000/XP services

AFD ネットワークサポート環境: \SystemRoot\System32\drivers\afd.sys (autostart)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
DVD-RAM_Service: C:\WINDOWS\System32\DVDRAMSV.exe (autostart)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
EPSON Printer Status Agent2: C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (autostart)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
GEARSecurity: system32\gearsec.exe (autostart)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MTV Series GS Video Capture Driver: System32\DRIVERS\mtvcap.sys (autostart)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
Trend Micro Personal Firewall: C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe (autostart)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
Trend NT Realtime Service: "C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe" (autostart)
Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
Trend Micro Proxy Service: C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe (autostart)
Common Firewall Driver: \SystemRoot\System32\Drivers\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Vsapint: System32\drivers\Vsapint.sys (autostart)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\System32\upnpui.dll

--------------------------------------------------
End of report, 14,522 bytes
Report generated in 0.094 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
これで全部のはずです。
おねがいします

引用返信 [メール受信/OFF] 編集キー/

■34006 / inTopicNo.6)

　Re[3]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ かつ兄 -(2004/07/06(Tue) 19:48:02)

■No33974に返信(ぶりおさんの記事)
１．クッキーとインターネットキャッシュのクリア
http://higaitaisaku.web.infoseek.co.jp/icsakujyo.html

２．CoolWebShredder、Ad-aware、Spybotでごみ掃除
http://higaitaisaku.web.infoseek.co.jp/removecws.html#jyokyo
http://higaitaisaku.web.infoseek.co.jp/adaware.html
http://higaitaisaku.web.infoseek.co.jp/spybot2.html

３．Web設定のリセット
http://higaitaisaku.web.infoseek.co.jp/webreset.html

４．HijackThisに現れた以下のエントリーのうち、以下のものをFix
既になくなっているものは無視。
> O2 - BHO: IDN Helper Object - {118CE65F-5D86-4AEA-A9BD-94F92B89119F} - C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL
> O2 - BHO: (no name) - {1DA5335B-9F41-29ED-8257-605504D52C6C} - C:\WINDOWS\System32\iuuq.dll
> O4 - HKLM\..\Run: [ara-key] C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe -StartUp
> O4 - HKCU\..\Run: [Yhycio] C:\WINDOWS\System32\yqvthct.exe

５．PC再起動後、以下のファイルを初心者ツールを利用してごみ箱へ。
http://higaitaisaku.web.infoseek.co.jp/beginnertool.html
C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL
C:\WINDOWS\System32\iuuq.dll
C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe

６．ウイルスバスターでウイルススキャンを行って下さい。

７．状況変化の報告、アンインストール情報、取り直したHijackThisのログ、StartupListログを同一文書内に貼り付けて提出。
http://higaitaisaku.web.infoseek.co.jp/uninstallinfo.html
http://higaitaisaku.web.infoseek.co.jp/startuplist.html
必ず、「List also minor section(full)」にチェックを入れてください。

まだ、完治ではありませんから、勘違いしないように。

引用返信 [メール受信/OFF] 編集キー/

■34053 / inTopicNo.7)

　Re[4]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 23:38:33)

今のところAdvertising_Loadingは出てきません御指導の手順実行しましたが、
５．PC再起動後、以下のファイルを初心者ツールを利用してごみ箱へ。
C:\WINDOWS\DOWNLO~1\CNSMIN~1.DLL
C:\WINDOWS\System32\iuuq.dll
C:\Program Files\SANYO\Panorama Boutique Light EPC\PanoEPC2e7a.exe
のファイルがなく削除できませんでした。
Hijack ログ
Logfile of HijackThis v1.97.7
Scan saved at 23:25:50, on 2004/07/06
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O4 - HKCU\..\Run: [mypop_Free] C:\Program Files\UCAST\Free2\
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP 2 - http://cs.chat.yahoo.co.jp/c302/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {70A3ED4F-E41D-452F-8D59-0433205A754A} (MypopInstall Control) - http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.1"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Windows ムービーメーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココパーソナル"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"

引用返信 [メール受信/ON] 編集キー/

■34056 / inTopicNo.8)

　Re[5]: IE使用中にAdvertising_Loadingとタスクバーに出てくるのですが

▲▼■

□投稿者/ ぶりお -(2004/07/06(Tue) 23:41:34)

文字数オーバーでしたので追記します
StartupList report, 2004/07/06, 23:25:56
StartupList version: 1.52
Started from : C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\conime.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\河合　智和\スタートメニュー\プログラム\スタートアップ]
SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\スタートメニュー\プログラム\スタートアップ]
FEATHER.lnk = C:\Program Files\Canopus\FEATHER\CDVRS.exe
gwum.lnk = C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
RC Manager.lnk = C:\Program Files\Canopus\FEATHER\RcMan.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
LiveNote = livenote.exe
Anvshell = C:\WINDOWS\Anvshell.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
CloneCDElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray = "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
imjpmig = C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
CloneDVDElbyDelay = "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
DataCaching = C:\PROGRA~1\DATACA~1\FLashKsk.exe
pccguide.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
PCClient.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
TM Outbreak Agent = "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
B'sCLiP = C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
mypop_Free = C:\Program Files\UCAST\Free2\河合　智和\startup.exe

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ss3dfo.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
SpywareGuard Download Protection - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[HgArcadePluginJP3 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HgArcadePluginJP3.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

[MypopInstall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MYPOPI~1.DLL
CODEBASE = http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB

[Yahoo! WebCam Upload Wrapper]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yuplapp.dll
CODEBASE = http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab

[HanGamePluginJP15 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HanGamePluginJP15.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

--------------------------------------------------

Enumerating Windows NT/2000/XP services

AFD ネットワークサポート環境: \SystemRoot\System32\drivers\afd.sys (autostart)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
DVD-RAM_Service: C:\WINDOWS\System32\DVDRAMSV.exe (autostart)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
EPSON Printer Status Agent2: C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (autostart)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
GEARSecurity: system32\gearsec.exe (autostart)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MTV Series GS Video Capture Driver: System32\DRIVERS\mtvcap.sys (autostart)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
Trend Micro Personal Firewall: C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe (autostart)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
Trend NT Realtime Service: "C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe" (autostart)
Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
Trend Micro Proxy Service: C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe (autostart)
Common Firewall Driver: \SystemRoot\System32\Drivers\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Vsapint: System32\drivers\Vsapint.sys (autostart)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\ ﾍ @~1\LOCALS~1\Temp\GLB1A2B.EXE

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\System32\upnpui.dll

--------------------------------------------------
End of report, 14,442 bytes
Report generated in 0.094 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

引用返信 [メール受信/OFF] 編集キー/

■34350 / inTopicNo.9)

　mypop

▲▼■

□投稿者/ Pascal -(2004/07/08(Thu) 19:29:54)

O4 - HKCU\..\Run: [mypop_Free] C:\Program Files\UCAST\Free2\
O16 - DPF: {70A3ED4F-E41D-452F-8D59-0433205A754A} (MypopInstall Control) - http://cdc006.ucast.mypop.jp/ucast/client/install_files/MYPOP.CAB

heto２さんのこちらのサイトを参考にしてください。
http://fine.tok2.com/home/heto2/SpywareZukan/014Mypop/001.htm
http://fine.tok2.com/home/heto2/SpywareZukan/014Mypop/002.htm
http://fine.tok2.com/home/heto2/SpywareZukan/014Mypop/003.htm

症状の変化と最新のログを貼ってください

引用返信 [メール受信/OFF] 編集キー/

■34401 / inTopicNo.10)

　Re[7]: mypop

▲▼■

□投稿者/ ぶりお -(2004/07/08(Thu) 21:50:31)

Logfile of HijackThis v1.97.7
Scan saved at 21:28:07, on 2004/07/08
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP 2 - http://cs.chat.yahoo.co.jp/c302/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.1"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Windows ムービーメーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココパーソナル"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"
やはり文字オーバーしますので追記します。

引用返信 [メール受信/ON] 編集キー/

■34402 / inTopicNo.11)

　Re[7]: mypop

▲▼■

□投稿者/ ぶりお -(2004/07/08(Thu) 21:53:43)

追記です
StartupList report, 2004/07/08, 21:28:24
StartupList version: 1.52
Started from : C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Yahoo!J\Messenger\ymsgr_tray.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\河合　智和\スタートメニュー\プログラム\スタートアップ]
SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\スタートメニュー\プログラム\スタートアップ]
FEATHER.lnk = C:\Program Files\Canopus\FEATHER\CDVRS.exe
gwum.lnk = C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
RC Manager.lnk = C:\Program Files\Canopus\FEATHER\RcMan.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
LiveNote = livenote.exe
Anvshell = C:\WINDOWS\Anvshell.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
CloneCDElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray = "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
imjpmig = C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
CloneDVDElbyDelay = "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
DataCaching = C:\PROGRA~1\DATACA~1\FLashKsk.exe
pccguide.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
PCClient.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
TM Outbreak Agent = "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
B'sCLiP = C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ss3dfo.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
SpywareGuard Download Protection - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[HgArcadePluginJP3 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HgArcadePluginJP3.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

[Yahoo! WebCam Upload Wrapper]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yuplapp.dll
CODEBASE = http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab

[HanGamePluginJP15 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HanGamePluginJP15.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

--------------------------------------------------

Enumerating Windows NT/2000/XP services

AFD ネットワークサポート環境: \SystemRoot\System32\drivers\afd.sys (autostart)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
DVD-RAM_Service: C:\WINDOWS\System32\DVDRAMSV.exe (autostart)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
EPSON Printer Status Agent2: C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (autostart)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
GEARSecurity: system32\gearsec.exe (autostart)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MTV Series GS Video Capture Driver: System32\DRIVERS\mtvcap.sys (autostart)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
Trend Micro Personal Firewall: C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe (autostart)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
Trend NT Realtime Service: "C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe" (autostart)
Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
Trend Micro Proxy Service: C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe (autostart)
Common Firewall Driver: \SystemRoot\System32\Drivers\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Vsapint: System32\drivers\Vsapint.sys (autostart)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\ ﾍ @~1\LOCALS~1\Temp\GLB1A2B.EXE||c:\documents and settings\ ﾍ @ q a\cookies\ ﾍ @ q a@promo.match[1].txt

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\System32\upnpui.dll

--------------------------------------------------
End of report, 14,270 bytes
Report generated in 0.109 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
今のところはAdvertising_Loadingは出てきていません。
もしまだ削除するところあれば指摘してください。
引き続きご指導お願いいたします。

引用返信 [メール受信/ON] 編集キー/

■34718 / inTopicNo.12)

　Re[8]: 潜伏ウイルスのチェック

▲▼■

□投稿者/ かつ兄 -(2004/07/10(Sat) 07:26:23)

ログは、きれいになっています。

１．ウイルスバスターでPC内を全スキャンしてください。

残りの２社のオンラインスキャンを行ってみます。

２．シマンテック・オンラインスキャン
http://security1.norton.com/ssc/vc_about.asp?langid=jp&venid=sym&plfid=20&pkj=PZMCWOBWYSHSFVIGMKI

３．マカフィー・フリースキャン
http://jp.mcafee.com/root/mfs/default.asp?cid=9992

ウイルスが発見された場合、ウイルス名と感染ファイル名のリストを作成して貼り付けて報告してください。
指示が無くても、HijackThisのログは取り直して貼り付けてください。

ウイルス名と感染ファイル名のリストを作成するときにファイル名の表示が全て表示されない場合があります。
そのときには、表示されたログファイルの項目名は可変になっているので、マウスを動かして十字になるところを探してください。

オンラインスキャンは三者三様ですから全て行って下さい。

引用返信 [メール受信/OFF] 編集キー/

■34770 / inTopicNo.13)

　作業してみました。

▲▼■

□投稿者/ ぶりお -(2004/07/10(Sat) 18:09:18)

ウイルスチェックした結果ウイルスは検出されませんでした。
しかし、Ad-awareで検索しましたらobj[0]=ﾌｧｲﾙ : c:\documents and settings\河合　智和\cookies\河合　智和@promo.match[1].txtが検出されました。これは影響はあるんでしょうか？
ログ貼ります
Logfile of HijackThis v1.97.7
Scan saved at 17:55:05, on 2004/07/10
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Canopus\FEATHER\CDVRS.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\conime.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Common Files\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP - http://cs3.chat.yahoo.co.jp/c214/chat.cab
O16 - DPF: Yahoo! Chat JP 2 - http://cs3.chat.yahoo.co.jp/c304/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4375/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.1"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Norton Internet Security (Symantec Corporation)"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="Norton Internet Security"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Norton AntiSpam"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Norton Internet Security"
"DisplayName"="Norton Internet Security"
"DisplayName"="Windows ムービーメーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Norton Internet Security"
"DisplayName"="Norton AntiSpam"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="Norton Internet Security"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="CC_ccProxyMSI"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="Norton Internet Security"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココパーソナル"
"DisplayName"="Norton AntiVirus"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Norton Internet Security"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="Norton Internet Security"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Norton Internet Security"
"DisplayName"="MSRedist"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"

マタ文字数オーバーですので追記します

引用返信 [メール受信/ON] 編集キー/

■34771 / inTopicNo.14)

　追記です

▲▼■

□投稿者/ ぶりお -(2004/07/10(Sat) 18:13:04)

StartupList report, 2004/07/10, 17:55:14
StartupList version: 1.52
Started from : C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Canopus\FEATHER\CDVRS.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\conime.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\河合　智和\スタートメニュー\プログラム\スタートアップ]
SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\スタートメニュー\プログラム\スタートアップ]
FEATHER.lnk = C:\Program Files\Canopus\FEATHER\CDVRS.exe
gwum.lnk = C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
RC Manager.lnk = C:\Program Files\Canopus\FEATHER\RcMan.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
LiveNote = livenote.exe
Anvshell = C:\WINDOWS\Anvshell.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
CloneCDElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray = "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
imjpmig = C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
CloneDVDElbyDelay = "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
DataCaching = C:\PROGRA~1\DATACA~1\FLashKsk.exe
pccguide.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
PCClient.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
TM Outbreak Agent = "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
B'sCLiP = C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
IS CfgWiz = C:\Program Files\Common Files\Symantec Shared\cfgwiz.exe /GUID NIS /CMDLINE "REBOOT"
URLLSTCK.exe = C:\Program Files\Norton Internet Security\UrlLstCk.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ss3dfo.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
SpywareGuard Download Protection - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[HgArcadePluginJP3 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HgArcadePluginJP3.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

[Yahoo! WebCam Upload Wrapper]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yuplapp.dll
CODEBASE = http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab

[HanGamePluginJP15 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HanGamePluginJP15.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[McFreeScan Class]
InProcServer32 = C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
CODEBASE = http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4375/mcfscan.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

--------------------------------------------------

Enumerating Windows NT/2000/XP services

AFD ネットワークサポート環境: \SystemRoot\System32\drivers\afd.sys (autostart)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
Symantec Network Proxy: "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe" (autostart)
Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
DVD-RAM_Service: C:\WINDOWS\System32\DVDRAMSV.exe (autostart)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
EPSON Printer Status Agent2: C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (autostart)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
GEARSecurity: system32\gearsec.exe (autostart)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MTV Series GS Video Capture Driver: System32\DRIVERS\mtvcap.sys (autostart)
Norton AntiVirus Auto Protect Service: "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe" (autostart)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
Trend Micro Personal Firewall: C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe (autostart)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
SAVRTPEL: \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS (autostart)
SAVScan: C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe (autostart)
ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
Symantec Core LC: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (autostart)
symlcbrd: \??\C:\WINDOWS\System32\drivers\symlcbrd.sys (autostart)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
Trend NT Realtime Service: "C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe" (autostart)
Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
Trend Micro Proxy Service: C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe (autostart)
Common Firewall Driver: \SystemRoot\System32\Drivers\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Vsapint: System32\drivers\Vsapint.sys (autostart)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\ ﾍ @~1\LOCALS~1\Temp\GLB1A2B.EXE

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\System32\upnpui.dll

--------------------------------------------------
End of report, 16,145 bytes
Report generated in 0.141 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
これが今の状態です。

引用返信 [メール受信/ON] 編集キー/

■34809 / inTopicNo.15)

　Re[10]: アンチウイルスソフトの同居

▲▼■

□投稿者/ かつ兄 -(2004/07/10(Sat) 22:21:16)

■No34770に返信(ぶりおさんの記事)
> しかし、Ad-awareで検索しましたらobj[0]=ﾌｧｲﾙ : c:\documents and settings\河合　智和\cookies\河合　智和@promo.match[1].txtが検出されました。これは影響はあるんでしょうか？
ただのクッキーです。心配要りません。
ad-awareの実行前には設定によりクッキーも削除しないと引っかかりますので。

"DisplayName"="SpywareBlaster v3.1"
バージョンアップされてます。
現在の設定を解除して、アンインストールします。
その後、新バージョンをインストールしてください。

現在の状況を詳細に説明してください。

ノートンとウイルスバスターが同居してますね。
同居はまずいですよ。
http://higaitaisaku.web.infoseek.co.jp/antivirus.html
熟読してください。

どちらのソフトにします？
出来るだけ、最新のものを残すようにしてほしいです。

残る作業はアンチウイルスソフトの件だけでしょう。

引用返信 [メール受信/OFF] 編集キー/

■34836 / inTopicNo.16)

　ログです

▲▼■

□投稿者/ ぶりお -(2004/07/10(Sat) 23:58:38)

ウイルスソフトはウイルスバスターを使い、ノートンは削除しました。
SpywareBlasterはV３．２に変えました。

Logfile of HijackThis v1.97.7
Scan saved at 0:00:50, on 2004/07/11
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Canopus\FEATHER\CDVRS.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

F0 - syst>m.ini: Shell=
F0 - R >ystem.ini: Shel>=
F0 - R >ystem.ini: UserInit=
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\ja\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [imjpmig] C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [DataCaching] C:\PROGRA~1\DATACA~1\FLashKsk.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: ちょこっとほんやく - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(独) - C:\Documents and Settings\
O8 - Extra context menu item: ちょこっとほんやく(韓) - C:\Documents and Settings\
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat JP - http://cs3.chat.yahoo.co.jp/c214/chat.cab
O16 - DPF: Yahoo! Chat JP 2 - http://cs3.chat.yahoo.co.jp/c304/chat.cab
O16 - DPF: {1C9D421B-ACBC-48BB-9CED-51368BC1CE31} (HgArcadePluginJP3 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! WebCam Upload Wrapper) - http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab
O16 - DPF: {B469C508-9A75-4A62-BFA9-62802D653A4B} (HanGamePluginJP15 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4375/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

---------- UNINSTALLPROGRAMLIST
"DisplayName"="@BIOS"
"DisplayName"="Ad-aware 6 Personal"
"DisplayName"="Adobe Acrobat 5.0"
"DisplayName"="Adobe Acrobat eBook Reader"
"DisplayName"="AMIJ USB Modem for PDC"
"DisplayName"="Applet_App"
"DisplayName"="Applet_Copy"
"DisplayName"="Applet_Creativity"
"DisplayName"="Applet_Email"
"DisplayName"="Applet_Epp"
"DisplayName"="Applet_File"
"DisplayName"="Applet_OCR"
"DisplayName"="Applet_Web"
"DisplayName"="ArcSoft PhotoImpression 3.0"
"DisplayName"="ASUS Video Security"
"DisplayName"="Check for Customblocking Updates"
"DisplayName"="CloneCD"
"DisplayName"="CloneDVD"
"DisplayName"="Copy Utility"
"DisplayName"="DivX Codec"
"DisplayName"="DivX Player"
"DisplayName"="DMIView"
"DisplayName"="DVD Decrypter (Remove Only)"
"DisplayName"="DVD Shrink 3.1.7"
"DisplayName"="DVDXCopy 1.5.2 b636 (remove only)"
"DisplayName"="EasyTune4"
"DisplayName"="Emusic - 50 FREE MP3s from eMusic!"
"DisplayName"="Enable S3 for USB Device"
"DisplayName"="EPSON Easy Photo Print"
"DisplayName"="EPSON PM-970C 操作ｶﾞｲﾄﾞ"
"DisplayName"="EPSONﾌﾟﾘﾝﾀﾄﾞﾗｲﾊﾞ･ﾕｰﾃｨﾘﾃｨ"
"DisplayName"="EPSON Smart Panel"
"DisplayName"="Gigabyte Management Tools 2.0"
"DisplayName"="Gigabyte Windows Utility Manager"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Internet Explorer Q831167"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="ASUS GameFace"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="i ﾓｰﾄﾞ HTML ｼﾐｭﾚｰﾀ Ver6.0"
"DisplayName"="Windows XP Hotfix (SP2) [See KB810243 for more information]"
"DisplayName"="Advanced Networking Pack for Windows XP"
"DisplayName"="Windows XP ホットフィックス - KB820291"
"DisplayName"="Windows XP ホットフィックス - KB821253"
"DisplayName"="Windows XP ホットフィックス - KB821557"
"DisplayName"="Windows XP ホットフィックス - KB822603"
"DisplayName"="Windows XP ホットフィックス - KB823182"
"DisplayName"="Windows XP ホットフィックス - KB823559"
"DisplayName"="Windows XP ホットフィックス - KB824105"
"DisplayName"="Windows XP ホットフィックス - KB824141"
"DisplayName"="Windows XP ホットフィックス - KB824146"
"DisplayName"="Windows XP ホットフィックス - KB825119"
"DisplayName"="Windows XP ホットフィックス - KB826942"
"DisplayName"="Windows XP ホットフィックス - KB828028"
"DisplayName"="Windows XP ホットフィックス - KB828035"
"DisplayName"="Windows XP ホットフィックス - KB828741"
"DisplayName"="Windows XP ホットフィックス - KB833998"
"DisplayName"="Windows XP ホットフィックス - KB835732"
"DisplayName"="Windows XP ホットフィックス - KB837001"
"DisplayName"="Windows Media Player Hotfix [詳細については、KB837272 を参照してください]"
"DisplayName"="DirectX 9 修正プログラム - KB839643"
"DisplayName"="Windows XP ホットフィックス - KB840374"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Lhaplus Version 1.22"
"DisplayName"="MSN ツールバー"
"DisplayName"="NVIDIA Display Driver"
"DisplayName"="Outlook Express Q837009"
"DisplayName"="Direct Show Ogg Vorbis Filter (remove only)"
"DisplayName"="Intel(R) PRO Network Adapters and Drivers"
"DisplayName"="Windows XP Hotfix (SP2) Q322011"
"DisplayName"="Windows XP Hotfix (SP2) Q327979"
"DisplayName"="Windows XP Hotfix (SP2) Q328310"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329048 を参照してください]"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329115 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329170"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329390 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q329441"
"DisplayName"="Windows XP ホットフィックスパッケージ [詳細情報は Q329834 を参照してください]"
"DisplayName"="Windows XP Hotfix (SP2) Q810565"
"DisplayName"="Windows XP Hotfix (SP2) Q810577"
"DisplayName"="Windows XP Hotfix (SP2) Q810833"
"DisplayName"="Windows XP Hotfix (SP2) Q811493"
"DisplayName"="Windows XP Hotfix (SP2) Q814033"
"DisplayName"="Windows XP Hotfix (SP2) Q814995"
"DisplayName"="Windows XP Hotfix (SP2) Q815021"
"DisplayName"="Windows XP Hotfix (SP2) Q817606"
"DisplayName"="Windows Media Player Hotfix [詳細については、wm828026 を参照してください]"
"DisplayName"="QuickTime"
"DisplayName"="Spybot - Search & Destroy 1.3"
"DisplayName"="SpywareBlaster v3.2"
"DisplayName"="SpywareGuard v2.2"
"DisplayName"="Ulead COOL 3D 3.0"
"DisplayName"="USB Card Reader"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="午後のこ～だ"
"DisplayName"="XviD MPEG-4 Codec"
"DisplayName"="Yahoo! メッセンジャー"
"DisplayName"="携帯万能１０"
"DisplayName"="ASUS SmartDoctor"
"DisplayName"="MTV Series"
"DisplayName"="B.H.A B's CLiP"
"DisplayName"="DeepBurner v1.1.0.117"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="Canopus FEATHER"
"DisplayName"="WebFldrs XP"
"DisplayName"="Canopus CiRAgent"
"DisplayName"="ウイルスバスター2004"
"DisplayName"="Ulead PhotoImpact 8 SE"
"DisplayName"="Microsoft Windows Journal ビューア"
"DisplayName"="Windows ムービーメーカー 2.0"
"DisplayName"="見てぇ。"
"DisplayName"="Canopus X Pack Upgrade Installer"
"DisplayName"="Port Monitor"
"DisplayName"="USB-CCDCHAT"
"DisplayName"="ｵﾝﾗｲﾝﾏﾆｭｱﾙ for DVR-ABH4"
"DisplayName"="EPSON GT-7200 ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ"
"DisplayName"="ASUS GameFace"
"DisplayName"="EPSON PhotoQuicker3.5"
"DisplayName"="PowerDVD"
"DisplayName"="Ulead VideoStudio 7 SE"
"DisplayName"="EPSON PRINT Image Framer Tool2.0"
"DisplayName"="Microsoft IntelliType Pro 5.0"
"DisplayName"="BHA B's Recorder GOLD5 5.32"
"DisplayName"="Ulead DVD MovieWriter 2 SE"
"DisplayName"="AMIJ PDC USB Driver"
"DisplayName"="Microsoft Office XP Professional"
"DisplayName"="名刺ぷりんと for カラリオ"
"DisplayName"="Patin-Couffin 19"
"DisplayName"="EPSON TWAIN 5"
"DisplayName"="DVD-RAMドライバー"
"DisplayName"="InterVideo FilterSDK"
"DisplayName"="Intel(R) PROSet"
"DisplayName"="MSN Messenger 6.2"
"DisplayName"="Microsoft .NET Framework 1.1 Japanese Language Pack"
"DisplayName"="読んde!!ココパーソナル"
"DisplayName"="Microsoft .NET Framework 1.1"
"DisplayName"="Microsoft IntelliPoint 5.0"
"DisplayName"="imode HTML Simulator"
"DisplayName"="Windows Media エンコーダ 9 シリーズ"
"DisplayName"="EPSON CD Direct Print3"
"DisplayName"="PIF DESIGNER2.1"
"DisplayName"="ScanToWeb"
"DisplayName"="Mu"
"DisplayName"="Realtek AC'97 Audio"
"DisplayName"="Microsoft Windows XP CD 書き込みウィザード HighMAT Extension"
"DisplayName"="ねこのキャンバス"

引用返信 [メール受信/ON] 編集キー/

■34841 / inTopicNo.17)

　Re[12]: ログです

▲▼■

□投稿者/ ぶりお -(2004/07/11(Sun) 00:08:24)

StartupList report, 2004/07/11, 0:01:00
StartupList version: 1.52
Started from : C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\DATACA~1\FLashKsk.exe
C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe
C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Canopus\FEATHER\CDVRS.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\河合　智和\デスクトップ\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\河合　智和\スタートメニュー\プログラム\スタートアップ]
SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

Shell folders Common Startup:
[C:\DOCUME~1\ALLUSE~1\スタートメニュー\プログラム\スタートアップ]
FEATHER.lnk = C:\Program Files\Canopus\FEATHER\CDVRS.exe
gwum.lnk = C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\gwum.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
RC Manager.lnk = C:\Program Files\Canopus\FEATHER\RcMan.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
LiveNote = livenote.exe
Anvshell = C:\WINDOWS\Anvshell.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
CloneCDElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
CloneCDTray = "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
imjpmig = C:\Program Files\Common Files\Microsoft Shared\IME\IMJP\imjpmig.exe /RemAdvDef /AIMEREG /Migration /SetPreload
type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe"
CloneDVDElbyDelay = "C:\Program Files\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
DataCaching = C:\PROGRA~1\DATACA~1\FLashKsk.exe
pccguide.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\pccguide.exe"
PCClient.exe = "C:\Program Files\Trend Micro\Virus Buster 2004\PCClient.exe"
TM Outbreak Agent = "C:\Program Files\Trend Micro\Virus Buster 2004\TMOAgent.exe" /run
B'sCLiP = C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
WinampAgent = C:\Program Files\Winamp\winampa.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ss3dfo.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
SpywareGuard Download Protection - C:\Program Files\SpywareGuard\dlprotect.dll - {4A368E80-174F-4872-96B5-0B27DDD11DB2}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[HgArcadePluginJP3 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HgArcadePluginJP3.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HgArcadePluginJP3.cab

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.microsoft.com/officeupdate/content/opuc.cab

[Yahoo! WebCam Upload Wrapper]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yuplapp.dll
CODEBASE = http://dl.msg.yahoo.co.jp/videoctl/yuplapp.cab

[HanGamePluginJP15 Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HanGamePluginJP15.dll
CODEBASE = http://down.hangame.co.jp/jp/dist/hgstart/HanGamePluginJP15.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[McFreeScan Class]
InProcServer32 = C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
CODEBASE = http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4375/mcfscan.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://dl.companion.yahoo.co.jp/dl/toolbar/yiebio4.cab

--------------------------------------------------

Enumerating Windows NT/2000/XP services

AFD ネットワークサポート環境: \SystemRoot\System32\drivers\afd.sys (autostart)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
DVD-RAM_Service: C:\WINDOWS\System32\DVDRAMSV.exe (autostart)
ElbyCDIO Driver: System32\Drivers\ElbyCDIO.sys (autostart)
EPSON Printer Status Agent2: C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (autostart)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
GEARSecurity: system32\gearsec.exe (autostart)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
MTV Series GS Video Capture Driver: System32\DRIVERS\mtvcap.sys (autostart)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
Trend Micro Personal Firewall: C:\Program Files\Trend Micro\Virus Buster 2004\PccPfw.exe (autostart)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
Trend NT Realtime Service: "C:\Program Files\Trend Micro\Virus Buster 2004\Tmntsrv.exe" (autostart)
Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
Trend Micro Proxy Service: C:\Program Files\Trend Micro\Virus Buster 2004\tmproxy.exe (autostart)
Common Firewall Driver: \SystemRoot\System32\Drivers\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Vsapint: System32\drivers\Vsapint.sys (autostart)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\System32\upnpui.dll

--------------------------------------------------
End of report, 14,117 bytes
Report generated in 0.172 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

これでいかがでしょうか？

引用返信 [メール受信/ON] 編集キー/

■34944 / inTopicNo.18)

　Re[13]: RegCheckSearch

▲▼■

□投稿者/ かつ兄 -(2004/07/11(Sun) 11:30:36)

もう、大丈夫ですね。

確認のため、RegCheckSearchの実行結果を提出してください。
http://higaitaisaku.web.infoseek.co.jp/regchecksearch.html

引用返信 [メール受信/OFF] 編集キー/

■34983 / inTopicNo.19)

　 RegCheckSearch

▲▼■

□投稿者/ ぶりお -(2004/07/11(Sun) 15:29:28)

RegCheckSearchの実行結果です。

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Enable_Disk_Cache"="yes"
"Cache_Percent_of_Disk"=hex:0a,00,00,00
"Delete_Temp_Files_On_Exit"="yes"
"Local Page"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,62,6c,61,6e,6b,2e,68,74,6d,00
"Anchor_Visitation_Horizon"=hex:01,00,00,00
"Use_Async_DNS"="yes"
"Placeholder_Width"=hex:1a,00,00,00
"Placeholder_Height"=hex:1a,00,00,00
"Start Page"="http://www.hangame.co.jp/"
"CompanyName"="Microsoft Corporation"
"Custom_Key"="MICROSO"
"Wizard_Version"="6.0.2600.0000"
"FullScreen"="no"
"Check_Associations"="yes"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds]
"400"=dword:00000200
"403"=dword:00000100
"404"=dword:00000200
"405"=dword:00000100
"406"=dword:00000200
"408"=dword:00000200
"409"=dword:00000200
"410"=dword:00000100
"500"=dword:00000200
"501"=dword:00000200
"505"=dword:00000200

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate]
"1"="www.%s.com"
"2"="www.%s.org"
"3"="www.%s.net"
"4"="www.%s.edu"

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=dword:00000000
"NoJITSetup"=dword:00000000
"Disable Script Debugger"="yes"
"Show_ChannelBand"="No"
"Anchor Underline"="yes"
"Cache_Update_Frequency"="Once_Per_Session"
"Display Inline Images"="yes"
"Do404Search"=hex:01,00,00,00
"Local Page"="C:\\WINDOWS\\System32\\blank.htm"
"Save_Session_History_On_Exit"="no"
"Show_FullURL"="no"
"Show_StatusBar"="yes"
"Show_ToolBar"="yes"
"Show_URLinStatusBar"="yes"
"Show_URLToolBar"="yes"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Use_DlgBox_Colors"="yes"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"NotifyDownloadComplete"="yes"
"FullScreen"="no"
"Window_Placement"=hex:2c,00,00,00,02,00,00,00,03,00,00,00,00,83,ff,ff,00,83,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ae,00,00,00,ae,00,00,00,06,03,00,00,42,02,00,\
00
"Use FormSuggest"="yes"
"AddToFavoritesExpanded"=dword:00000000
"Use Search Asst"="no"
"Use Custom Search URL"=dword:00000000
"Error Dlg Displayed On Every Error"="no"
"Error Dlg Details Pane Open"="no"
"FormSuggest Passwords"="yes"
"FormSuggest PW Ask"="yes"
"Friendly http errors"="yes"
"UseThemes"=dword:00000001
"ShowGoButton"="yes"
"NoWebJITSetup"=dword:00000000
"Enable Browser Extensions"="yes"
"AllowWindowReuse"=dword:00000001
"SmoothScroll"=dword:00000000
"Force Offscreen Composition"=dword:00000000
"Page_Transitions"=dword:00000001
"FavIntelliMenus"="no"
"NscSingleExpand"=dword:00000001
"Play_Animations"="yes"
"Play_Background_Sounds"="yes"
"Display Inline Videos"="yes"
"Enable_MyPics_Hoverbar"="yes"
"Enable AutoImageResize"="yes"
"Show image placeholders"=dword:00000000
"Move System Caret"="no"
"Expand Alt Text"="no"
"Print_Background"="no"
"Search Bar"="http://g.msn.co.jp/0SEJAJP/SAOS01"
"Check_Associations"="yes"
"AutoSearch"=dword:00000005
"LastCheckedHi"=dword:01c46692

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"OCustomizeSearch"="http://ie.search.msn.com/ja/srchasst/srchcust.htm"
"OSearchAssistant"="http://ie.search.msn.com/ja/srchasst/srchasst.htm"

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchProperties]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchProperties\ja]
"SettingsVersion"=hex:44,00
"Panel@Web"=hex:64,00,65,00,66,00,61,00,75,00,6c,00,74,00,03,00,6d,00,73,00,6e,\
00,04,00,62,00,69,00,67,00,67,00,6c,00,6f,00,62,00,65,00
"PanelOrder"=hex:57,00,65,00,62,00,01,00,50,00,72,00,65,00,76,00
"PreviousSearches"=hex:57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,75,00,\
6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,00,74,\
00,3d,00,d5,30,b8,30,c6,30,ec,30,d3,30,05,00,57,00,65,00,62,00,07,00,64,00,\
65,00,66,00,61,00,75,00,6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,00,68,\
00,54,00,65,00,78,00,74,00,3d,00,4c,00,49,00,54,00,45,00,4f,00,4e,00,05,00,\
57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,00,07,00,53,\
00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,00,74,00,3d,00,43,00,53,00,\
53,00,05,00,57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,\
00,07,00,53,00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,00,74,00,3d,00,\
49,00,4f,00,c7,30,fc,30,bf,30,05,00,57,00,65,00,62,00,07,00,64,00,65,00,66,\
00,61,00,75,00,6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,00,68,00,54,00,\
65,00,78,00,74,00,3d,00,56,00,42,00,36,00,e9,30,f3,30,bf,30,a4,30,e0,30,05,\
00,57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,00,07,00,\
53,00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,00,74,00,3d,00,df,30,b9,\
30,e6,30,cb,30,d0,30,fc,30,b9,30,e5,65,2c,67,05,00,57,00,65,00,62,00,07,00,\
64,00,65,00,66,00,61,00,75,00,6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,\
00,68,00,54,00,65,00,78,00,74,00,3d,00,69,00,2d,00,6d,00,6f,00,64,00,65,00,\
54,00,6f,00,6f,00,6c,00,39,65,05,00,57,00,65,00,62,00,07,00,64,00,65,00,66,\
00,61,00,75,00,6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,00,68,00,54,00,\
65,00,78,00,74,00,3d,00,aa,30,ec,30,f3,30,b8,30,6e,30,54,98,87,65,57,5b,05,\
00,57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,75,00,6c,00,74,00,07,00,\
53,00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,00,74,00,3d,00,57,00,49,\
00,4e,00,4e,00,59,00,05,00,57,00,65,00,62,00,07,00,64,00,65,00,66,00,61,00,\
75,00,6c,00,74,00,07,00,53,00,65,00,61,00,72,00,63,00,68,00,54,00,65,00,78,\
00,74,00,3d,00,53,00,70,00,79,00,62,00,6f,00,74,00

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"provider"=""
@="http://home.microsoft.com/access/autosearch.asp?p=%s"

引用返信 [メール受信/ON] 編集キー/

■34985 / inTopicNo.20)

　Re[15]: 問題無し

▲　■

□投稿者/ かつ兄 -(2004/07/11(Sun) 15:40:49)

大分、設定が多くなっていますが問題はないです。

定期的に、ウイルススキャン（オンラインスキャンも含む）を行って対処をしてください。

お約束のものです。
転ばぬ先の杖－さらなる被害を受けないためにhttp://higaitaisaku.web.infoseek.co.jp/korobanu.html

よろしければ、解決済みの処理を。

引用返信 [メール受信/OFF] 編集キー/

次の20件＞

トピック内ページ移動 / << 0 | 1 >>

[このトピックに返信]

HOME HELP 新着記事トピック表示ファイル一覧検索過去ログ旧過去ログ

【TOPに戻る】

- Child Tree -
（Mech.Mozilla改）