HoneyWhales nested

カテゴリ	時刻	プロセス	対象	Type
(絞り込み) データがありません
file	04/28 03:30:53	C:\Program Files\Internet Explorer\IEXPLORE.EXE	C:\WINDOWS\Temp\aychx.exe	-
registry	04/28 03:30:53	C:\WINDOWS\Temp\aychx.exe	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData	-
registry	04/28 03:30:53	C:\WINDOWS\Temp\aychx.exe	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData	-
registry	04/28 03:30:53	C:\WINDOWS\Temp\aychx.exe	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates	-
process	04/28 03:30:56	C:\WINDOWS\Temp\aychx.exe	C:\Documents and Settings\**\Local Settings\Application Data\ave.exe	-
process	04/28 03:30:54	UNKNOWN	C:\WINDOWS\Temp\aychx.exe	-
file	04/28 03:30:53	C:\WINDOWS\Temp\aychx.exe	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	-
registry	04/28 03:30:54	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData	-
registry	04/28 03:30:54	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData	-
registry	04/28 03:30:54	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DoNotAllowExceptions	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DisableNotifications	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\EnableFirewall	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DoNotAllowExceptions	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DisableNotifications	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Start	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusOverride	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify	-
file	04/28 03:30:54	System	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Security Center\FirewallOverride	-
registry	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify	-
file	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn	-
file	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn	-
file	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\WINDOWS\Temp\2Q2YXOxfn	-
file	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\******\Templates\2Q2YXOxfn	-
file	04/28 03:30:55	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\WINDOWS\Temp\aychx.exe	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\Content Type	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\DefaultIcon	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\open\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\runas\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\runas\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\start\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\start\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\Content Type	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\DefaultIcon	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\open\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\runas\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\runas\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\start\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\start\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\Content Type	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\DefaultIcon	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\open\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\runas\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\runas\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\start\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\.exe\shell\start\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\Content Type	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\DefaultIcon	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\open\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\runas\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\runas\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\start\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCR\secfile\shell\start\command\IsolatedCommand	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Clients\StartMenuInternet	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command	-
registry	04/28 03:30:56	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	HKCU\Software\Microsoft\Windows\Identity	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\In Process	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\video/quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\video/quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\video/quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Classes\MIME\Database\Content Type\video/quicktime\CLSID	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.mov	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qt	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\image/x-macpaint	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\image/x-macpaint	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\image/x-macpaint	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/x-macpaint\CLSID	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.pntg	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.pnt	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.mac	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\image/x-quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\image/x-quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\image/x-quicktime	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/x-quicktime\CLSID	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qtif	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qti	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\Names	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\Deferred	-
registry	04/28 03:30:59	C:\Program Files\QuickTime\qttask.exe	HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\In Process	-
file	04/28 03:31:02	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn	-
file	04/28 03:31:02	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn	-
file	04/28 03:31:02	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\WINDOWS\Temp\2Q2YXOxfn	-
file	04/28 03:31:02	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\******\Templates\2Q2YXOxfn	-
process	04/28 03:30:54	C:\WINDOWS\Temp\aychx.exe	C:\Documents and Settings\**\Local Settings\Application Data\ave.exe	-
file	04/28 03:31:13	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn	-
file	04/28 03:31:13	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn	-
file	04/28 03:31:13	C:\Documents and Settings\******\Local Settings\Application Data\ave.exe	C:\WINDOWS\Temp\2Q2YXOxfn	-

file

04/28 03:30:53

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\Temp\aychx.exe

-

registry

04/28 03:30:53

C:\WINDOWS\Temp\aychx.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData

-

registry

04/28 03:30:53

C:\WINDOWS\Temp\aychx.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData

-

registry

04/28 03:30:53

C:\WINDOWS\Temp\aychx.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates

-

process

04/28 03:30:56

C:\WINDOWS\Temp\aychx.exe

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

-

process

04/28 03:30:54

UNKNOWN

C:\WINDOWS\Temp\aychx.exe

-

file

04/28 03:30:53

C:\WINDOWS\Temp\aychx.exe

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

-

registry

04/28 03:30:54

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData

-

registry

04/28 03:30:54

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData

-

registry

04/28 03:30:54

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DoNotAllowExceptions

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DisableNotifications

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\EnableFirewall

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DoNotAllowExceptions

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DisableNotifications

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Start

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify

-

file

04/28 03:30:54

System

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Security Center\FirewallOverride

-

registry

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify

-

file

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn

-

file

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn

-

file

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\WINDOWS\Temp\2Q2YXOxfn

-

file

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\******\Templates\2Q2YXOxfn

-

file

04/28 03:30:55

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\WINDOWS\Temp\aychx.exe

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\Content Type

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\DefaultIcon

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\open\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\runas\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\runas\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\start\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\start\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\Content Type

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\DefaultIcon

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\open\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\runas\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\runas\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\start\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\start\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\Content Type

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\DefaultIcon

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\open\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\runas\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\runas\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\start\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\.exe\shell\start\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\Content Type

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\DefaultIcon

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\open\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\runas\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\runas\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\start\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCR\secfile\shell\start\command\IsolatedCommand

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Clients\StartMenuInternet

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command

-

registry

04/28 03:30:56

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

HKCU\Software\Microsoft\Windows\Identity

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\In Process

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\video/quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\video/quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\video/quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Classes\MIME\Database\Content Type\video/quicktime\CLSID

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.mov

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qt

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\image/x-macpaint

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\image/x-macpaint

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\image/x-macpaint

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/x-macpaint\CLSID

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.pntg

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.pnt

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.mac

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\ActiveX\Installed MIME Types\image/x-quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed MIME Types\image/x-quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKCU\Software\Microsoft\Internet Explorer\Media\MimeTypes\image/x-quicktime

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Classes\MIME\Database\Content Type\image/x-quicktime\CLSID

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qtif

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Microsoft\Internet Explorer\EmbedExtnToClsidMappings\.qti

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\Names

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\Deferred

-

registry

04/28 03:30:59

C:\Program Files\QuickTime\qttask.exe

HKLM\SOFTWARE\Apple Computer, Inc.\QuickTime\Installed Plugins\In Process

-

file

04/28 03:31:02

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn

-

file

04/28 03:31:02

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn

-

file

04/28 03:31:02

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\WINDOWS\Temp\2Q2YXOxfn

-

file

04/28 03:31:02

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\******\Templates\2Q2YXOxfn

-

process

04/28 03:30:54

C:\WINDOWS\Temp\aychx.exe

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

-

file

04/28 03:31:13

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\******\Local Settings\Application Data\2Q2YXOxfn

-

file

04/28 03:31:13

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\Documents and Settings\All Users\Application Data\2Q2YXOxfn

-

file

04/28 03:31:13

C:\Documents and Settings\******\Local Settings\Application Data\ave.exe

C:\WINDOWS\Temp\2Q2YXOxfn

-

PCへの影響 for http://thecubebar.com/news/alpha.html