悪代官の伏魔殿掲示板

対処方法を教えてください。

おはようございます。"のりしお"と申す者です。
今週の中間あたりでしょうか､インターネットで検索していたり､
サイトを閲覧する際､どこでもお構い無しに､以下の変なサイトに飛ばされる事が
非常に多くなりました｡

タブがspecialでhttp://pop.zilionfast.in/～

こんな感じです。サイトのアドレス等をインターネットオプションで､
ブロックしてみたりもしたのですが､改善されません｡
対処方法を教えてください｡お願い致します。

のりしお
2013/07/13 (Sat) 07:11:49

返信フォームへ

詳しく調べてみましょう

こんにちは、こちらで回答しておりますイルカです。管理人の悪代官さんではありませんがご勘弁を。

最近迷惑ソフト群の相談が急増していますので、おそらく同様の事例かと思いますが、調べないことには対処の仕様がありません。
まずは調べてみます。

■OTLによる解析
OTLと呼ばれる、高機能解析ツールを使って調べます。

1. 以下にある(直リンクです)解析ツール「OTL」(OldTimer Listit)をダウンロードし、デスクトップに置いてください。
ウイルス対策ソフトやブラウザから危険判定されるかもしれませんが、誤検知ですので気にしないで進めてください。
http://oldtimer.geekstogo.com/OTL.exe

2. 実行後、次の設定を変更してください。
・ウィンドウの上の方にある「Scan All Users」にチェックを入れる
・「Scan 64bit Files」があった場合には、それにもチェックを入れる
・「Extra Registry」を「Use SafeList」に設定する
・以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

DRIVES
BASESERVICES
CREATERESTOREPOINT

3. 左上の「Run Scan」を押してください。数分すると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に出来ます。

これらのファイルの内容を本文に貼り付けてください。結構長いので、分割しないと切れてしまいます。
途中の「[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]」あたりで分割してみてください。

イルカ
2013/07/13 (Sat) 11:27:46

返信フォームへ

Re: 対処方法を教えてください。

質問しておきながら、急用で出かけていた為、返事が送れて非常に申し訳ないです。
まずは｢OTL.txt｣の方です。

OTL logfile created on: 2013/07/15 20:38:46 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\keishi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.96 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 74.94% Memory free
15.93 Gb Paging File | 13.98 Gb Available in Paging File | 87.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 45.48 Gb Free Space | 40.72% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 99.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive E: | 831.51 Gb Total Space | 582.09 Gb Free Space | 70.00% Space Free | Partition Type: NTFS

Computer Name: KEISHI-PC | User Name: keishi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/07/13 06:41:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\keishi\Desktop\OTL.exe
PRC - [2013/07/12 19:50:43 | 000,308,816 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/05/11 19:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/01/24 04:58:25 | 000,348,160 | ---- | M] () -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
PRC - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/10/11 00:31:50 | 004,686,848 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
PRC - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/07 17:27:24 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/01/27 02:40:44 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/12/23 10:24:00 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/25 13:41:36 | 000,645,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
PRC - [2009/11/02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/07/11 03:25:27 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013/07/11 03:25:26 | 000,487,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5ff75dafe0bda546dc6c71d2cb2d5257\IAStorUtil.ni.dll
MOD - [2013/07/11 03:20:53 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
MOD - [2013/07/11 03:20:42 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/11 03:20:38 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/11 03:20:32 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/11 03:20:30 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/11 03:20:28 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/11 03:20:27 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/11 03:20:25 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/04 06:34:01 | 000,118,784 | ---- | M] () -- C:\ProgramData\SearchNewTab\51d498c9441d1.dll
MOD - [2013/07/04 06:33:18 | 000,118,784 | ---- | M] () -- C:\ProgramData\saafe save\51d4989e0cf13.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/24 20:25:02 | 001,044,480 | ---- | M] () -- c:\Program Files (x86)\WebSearch\sprotector.dll
MOD - [2013/01/24 20:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files (x86)\SafeSaver\sprotector.dll
MOD - [2011/12/23 10:24:00 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
MOD - [2011/11/25 13:42:50 | 000,499,976 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
MOD - [2011/11/25 13:29:32 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
MOD - [2011/11/25 13:28:26 | 000,484,352 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
MOD - [2011/11/25 13:26:14 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
MOD - [2011/08/17 16:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
MOD - [2011/08/17 16:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
MOD - [2011/08/17 16:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
MOD - [2011/08/15 20:17:30 | 009,224,704 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
MOD - [2011/08/15 20:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
MOD - [2011/08/15 20:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
MOD - [2011/08/15 20:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
MOD - [2011/08/15 19:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
MOD - [2011/07/19 16:05:40 | 014,978,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
MOD - [2011/07/19 16:04:56 | 000,317,952 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
MOD - [2011/06/21 22:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011/06/20 22:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011/06/20 20:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011/06/20 20:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011/06/20 20:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011/06/20 20:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011/05/26 18:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011/05/26 18:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
MOD - [2010/11/21 16:13:36 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_ja_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/13 08:18:15 | 000,348,160 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ja_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/11/02 14:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 14:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/02/09 16:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:[b]64bit:[/b] - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/06/12 13:16:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 19:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/06 01:36:06 | 000,666,720 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012/10/19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/10 01:18:00 | 004,020,736 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/07 17:27:24 | 000,121,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/07/13 06:35:27 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/04/19 02:08:04 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/09 16:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:[b]64bit:[/b] - [2012/02/09 16:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:[b]64bit:[/b] - [2012/02/09 16:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:[b]64bit:[/b] - [2012/01/27 02:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/01/27 02:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/01/27 02:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011/09/21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:[b]64bit:[/b] - [2011/08/23 22:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/11/18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchdwebs.info/?l=1&q={searchTerms}&pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={A9A81761-1DE3-11E2-AC23-BC5FF465D873}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.dospara.co.jp/top/ [binary data]
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.jp/
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 23 9E CD 1C A2 CD 01 [binary data]
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TWJA_jaJP505
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\..\SearchScopes\{8F689D93-61B4-4739-91C9-1679905E4907}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TWJA_jaJP505
IE - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK

[2013/07/04 02:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\keishi\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/06/30 17:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\keishi\AppData\Roaming\mozilla\firefox\profiles\extensions\trtv3@trtv.com.xpi
[2013/07/04 02:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://websearch.searchdwebs.info/?pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
CHR - plugin: (Enabled) = default_plugin
CHR - plugin: Error reading preferences file
CHR - Extension: Torntv 3 = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0\
CHR - Extension: YouTube = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Delta Toolbar = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: SweetIM for Facebook = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: saafe save = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: Gmail = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: SearchNewTab = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1\
CHR - Extension: Torntv 3 = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0\
CHR - Extension: YouTube = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Delta Toolbar = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: SweetIM for Facebook = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: saafe save = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: Gmail = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: SearchNewTab = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_1_0_5\Modules\ypho.dll (Yahoo Japan Corporation. )
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (saafe save) - {B59A52AD-C4AE-1DEC-38CA-B7654833A939} - C:\ProgramData\saafe save\51d4989e0cf13.dll ()
O2 - BHO: (SearchNewTab) - {D5FAB8FF-E960-AABF-2041-EE9BC4C5404F} - C:\ProgramData\SearchNewTab\51d498c9441d1.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yahoo!ツールバーヘルパー) - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_1_0_5\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_1_0_5\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001\..\Toolbar\WebBrowser: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_1_0_5\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1645485970-2540753912-3181428214-1001..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-21-1645485970-2540753912-3181428214-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1645485970-2540753912-3181428214-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} http://sample3.dmm.co.jp/downloader5/DMMDownloader.cab (DMM Downloader)
O16 - DPF: {414ABA36-99AD-4BEC-8E93-AEDC1A08D352} http://storage.capcom-networks.jp/member/contents/analyze/Fversion/MHReport.cab (MHReportObject Class)
O16 - DPF: {6FC19219-C47E-4880-9A70-D218A1C374F9} http://www.sdgundamcfo.jp/common/CJIJTransX.cab (CJIJTransX Control)
O16 - DPF: {8C2E6E01-D1F6-4A94-B314-7C5DF4EE1853} http://down.hangame.co.jp/jp/dist/hgstart/HGReport.cab (SpecAnalyzer Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FBA1568-2475-45BF-97B5-A4A7AEC2963F}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\safesa~1\sprote~1.dll) - c:\Program Files (x86)\SafeSaver\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

のりしお
2013/07/15 (Mon) 20:43:59

返信フォームへ

Re: 対処方法を教えてください。

↓上記の続きです。↓

[2013/07/13 06:41:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\keishi\Desktop\OTL.exe
[2013/07/12 19:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/07/11 03:01:55 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/07/11 03:01:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/07/11 03:01:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/07/11 03:01:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/07/11 03:01:54 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/07/11 03:01:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 03:01:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/07/11 03:01:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/07/11 03:01:54 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/07/11 03:01:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/07/11 03:01:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/07/11 03:01:53 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/07/11 03:01:53 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/07/11 03:01:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/07/11 03:01:53 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/07/10 07:12:15 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013/07/10 07:12:15 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013/07/10 07:12:15 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013/07/10 07:12:15 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013/07/10 07:12:08 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/07/04 06:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013/07/04 06:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013/07/04 06:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
[2013/07/04 06:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSearch
[2013/07/04 06:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013/07/04 06:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SafeSaver
[2013/07/04 06:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\saafe save
[2013/07/04 06:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saafe save
[2013/07/04 06:30:43 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Local\Programs
[2013/07/04 06:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/07/04 02:58:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\searchplugins
[2013/07/04 02:58:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Extensions
[2013/07/04 02:58:27 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\BabSolution
[2013/07/04 02:58:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/04 02:58:12 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\Babylon
[2013/07/04 02:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/07/04 02:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/07/04 02:57:59 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\Mozilla
[2013/07/04 02:57:55 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
[2013/07/04 02:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TornTV.com
[2013/06/27 22:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/06/27 22:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/07/15 20:16:00 | 000,000,626 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 20:01:00 | 000,000,704 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 14:24:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/07/15 12:38:00 | 000,021,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 12:38:00 | 000,021,664 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 11:01:00 | 000,000,700 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/13 11:01:54 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/13 06:41:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\keishi\Desktop\OTL.exe
[2013/07/13 06:39:38 | 001,457,764 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/07/13 06:39:38 | 000,707,886 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/07/13 06:39:38 | 000,444,890 | ---- | M] () -- C:\windows\SysNative\perfh011.dat
[2013/07/13 06:39:38 | 000,150,036 | ---- | M] () -- C:\windows\SysNative\perfc011.dat
[2013/07/13 06:39:38 | 000,149,910 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/07/13 06:35:31 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/07/13 06:35:31 | 000,000,418 | -H-- | M] () -- C:\windows\tasks\schedule!3036567561.job
[2013/07/13 06:35:27 | 000,034,752 | ---- | M] () -- C:\windows\SysNative\drivers\WPRO_41_2001.sys
[2013/07/13 06:35:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/13 06:35:24 | 2118,438,911 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/11 03:20:10 | 000,293,840 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/07/04 06:31:17 | 000,000,418 | -H-- | C] () -- C:\windows\tasks\schedule!3036567561.job
[2013/06/27 22:38:41 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/21 22:38:07 | 000,000,036 | ---- | C] () -- C:\Users\keishi\AppData\Local\housecall.guid.cache
[2012/11/04 14:18:54 | 000,000,116 | ---- | C] () -- C:\windows\wininit.ini
[2012/10/04 20:23:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2012/08/09 16:40:32 | 000,065,576 | ---- | C] () -- C:\windows\SysWow64\bdmpegv.dll
[2012/08/09 16:40:28 | 000,022,560 | ---- | C] () -- C:\windows\SysWow64\bdmjpeg.dll
[2012/02/02 22:08:26 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 14:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 13:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: KINGMAX SSD 120GB
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST1000DM003-1CH162
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Generic- SD/MMC USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Generic- Compact Flash USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Generic- SM/xD-Picture USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE5 -
Interface type: USB
Media Type:
Model: Generic- MS/MS-Pro USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 112.00GB
Starting Offset: 105906176
Hidden sectors: 0

DeviceID: Disk #1, Partition #0
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 932.00GB
Starting Offset: 1048576
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2011/11/17 15:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/05/13 14:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/05/13 13:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2012/10/04 02:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2011/11/17 15:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2011/11/17 15:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2012/05/01 14:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2012/06/03 07:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< End of report >

のりしお
2013/07/15 (Mon) 20:47:30

返信フォームへ

Re: 対処方法を教えてください。

次は「Extras.txt」の方です。何度かやったのですが、こちらの方は後半に、エラーらしき物が出てしまいます。

OTL Extras logfile created on: 2013/07/15 20:38:46 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\keishi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.96 Gb Total Physical Memory | 5.97 Gb Available Physical Memory | 74.94% Memory free
15.93 Gb Paging File | 13.98 Gb Available in Paging File | 87.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 45.48 Gb Free Space | 40.72% Space Free | Partition Type: NTFS
Drive D: | 100.00 Gb Total Space | 99.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive E: | 831.51 Gb Total Space | 582.09 Gb Free Space | 70.00% Space Free | Partition Type: NTFS

Computer Name: KEISHI-PC | User Name: keishi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048C9781-3D5C-46B1-93C8-B1A75F37BDAF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0DBD7F04-F986-4B0E-89E5-21210B4D20A6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1641C1ED-F247-44CF-B8F0-9A8DE97340FE}" = rport=138 | protocol=17 | dir=out | app=system |
"{19E51BC1-ED41-49F9-B056-3D67FE8CFDCD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E4FE289-112C-416E-837D-A749A074AA61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{260EDB5C-DF2D-4054-A543-BD7189E6BEC4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3043878B-C347-4B19-93A4-F9E952B65AF6}" = lport=137 | protocol=17 | dir=in | app=system |
"{398FEFE3-3126-4F64-ADF1-AAB56B02F8F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B358716-D948-4DC3-A33E-3EE7F9E48748}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C203C82-E656-4B96-97CE-9E031AC4A307}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{41EAC3E6-84E3-4CD6-AC03-3FFB73159E81}" = lport=445 | protocol=6 | dir=in | app=system |
"{5589A28D-4144-4211-9BB0-D070EE39BEA6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5851F049-A64A-4867-9334-0A084E78F974}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{69677C38-56FB-46C5-A96C-81477B063EC0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F0116F6-3610-42AC-842C-7A6E89FCCED1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{716BC237-372F-4405-8623-FE7388917EA6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80C96C07-92EE-4567-BB97-E25331A2A807}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81CEB8B1-62B4-445C-A4C6-A9E735DAB40B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{854F2E4A-7EF5-46AE-B025-B75F34E6D894}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{87838895-FB58-4F64-8067-F0B7D50CDFC6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8FCE671E-A29C-48EB-8573-01DAE600E6E8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{92887211-0385-43C5-8A4E-014EEFF0D1CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{9C43B289-C27F-4B7D-9D44-4C6595E31D1A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D3121D4-2C56-460A-B19B-F82AC783CE34}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9F4CBBD-6BC1-4E36-B0E6-1577BD7E7A4D}" = rport=445 | protocol=6 | dir=out | app=system |
"{CE9CF03E-821E-408A-BF57-66B05E7F234D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1628895-65FA-4680-8F9E-339EB5330EB7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D2B5F13B-8CEA-4170-9648-B99F727FF15A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5B808DD-5E26-4E1E-8801-B55F2D8F152E}" = lport=139 | protocol=6 | dir=in | app=system |
"{E297C721-E017-41F6-8882-FE887A0CF838}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2C4560D-89B6-49E0-8D96-8EF736FF542B}" = rport=137 | protocol=17 | dir=out | app=system |
"{F147B878-76EC-4FD2-BEAF-8586698BA323}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F386E4CF-E0EE-4AE6-A916-EDAB43BCD353}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016EA2A8-A84C-4838-8AFE-B92E5EAFBA9A}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{06840F2F-A686-418F-8C02-AB72AB6F7EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0DB8EEA6-8903-4A07-849A-F1A173156B65}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1A4DF30C-5D0B-4C51-BA19-95426229E437}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{1D5BA282-A261-4A45-A154-AB37260DAAD9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{24698612-1AF7-422D-938A-4A9C48ED6E72}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2BB24303-FEED-4717-9586-1364D4D77BBC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{322D21BB-EDC0-4DEE-9066-836E2899EAA6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3644DA4B-02F3-44E9-AC5D-9C2330E1C44E}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{38599CD1-A719-48B4-B027-93E2B31FDDC7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38DBB841-BCC1-4B6F-A630-227E501A2106}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E156AB1-D3B7-4E44-931F-843A9691A863}" = protocol=17 | dir=in | app=c:\cjij\sdgo\gonline.exe |
"{59147768-D27B-4A19-937F-8C0584CD99C6}" = protocol=6 | dir=out | app=system |
"{6515DE3A-5CCB-44D0-A5CE-F2F59FB3351F}" = protocol=6 | dir=in | app=c:\cjij\sdgo\gonline.exe |
"{69785711-0475-4521-A9D4-7A245F2F9C77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A06D811-61C3-47B0-A76D-518AF12AEAB2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73043FB3-CA7C-487F-835B-D5AC8DE05ABF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7618A4CC-AACD-42F4-B8D1-16CBC91EDDD9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{7F1E3CA1-E457-4266-B258-D3061970DCB7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{814745B3-EFD1-4C71-9985-663A61846D5A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{81B79953-684B-4412-BC0B-9371F151542F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A0C50A7F-8551-4557-A1A1-C61AE05E4EC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9A76E8C-3FB1-4E21-85C9-BFDD42F4CFEB}" = protocol=6 | dir=in | app=c:\cjij\sdgo\gonline.exe |
"{B0C84EBE-DF12-4C85-9729-E55156951B7A}" = protocol=17 | dir=in | app=c:\cjij\sdgo\gonline.exe |
"{B50C281E-6DED-4380-8502-6A23181A21D9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B83744DD-700B-48DC-8C6E-0BB2667C6694}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BBD7CF5C-F9CD-4D0B-8E84-762E56933B6C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C0C62CAF-4276-4AD5-9F46-4BBDDBDAEA64}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C27DDE9C-C716-46DC-9234-1AE866EFD793}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3EEAE0F-D842-4D74-B77D-9B65779895AA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CEC319F4-E6DA-4995-9F87-4195582C8D36}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D21DBF02-115E-4E82-B062-EBE9FFED2E21}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D612FDA2-1A46-4D04-96F4-2C567F17479F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCAA1B4C-B801-456E-9FA8-81FFA5FFD030}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DDE24045-B906-4CC4-80CD-CD6BB18BD916}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E59EB568-90FD-4A08-9275-9F460679E41A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EC39A05C-6300-4E66-9E97-1863A8FCF4C9}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{EC3C95EF-DF1C-4972-82A8-85A0560506F3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EC46081D-DBDD-4530-91C5-E9F002CA4649}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EE432064-6892-4E36-BF9C-F66F9E7A0887}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FB7808B9-E5E8-4C40-BA17-29921D7153D9}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{FDFCAE0B-BA2B-4B08-9C33-16A8595B2405}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{5D820040-35C4-4DE7-9455-A612D8E3ABB2}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"TCP Query User{A9049753-C85B-42A3-9BFC-10671EF34690}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"TCP Query User{C995D0D7-174C-4F1A-B210-AF9BA1553372}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{48C2E4FC-FC33-48F6-9662-626553827236}C:\program files (x86)\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veoh\veohclient.exe |
"UDP Query User{557CEBFA-1C7A-4C36-BF62-3D2F92CBBFD2}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"UDP Query User{B0B22037-5FE0-4FE9-BCD1-B7A910BC5284}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{91436EBB-9DB5-467E-9BA7-BA896D0E45A8}" = Intel(R) Smart Connect Technology 2.0 x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F1F4E90-5808-3CA8-8FF6-A5B0E60AF268}" = Microsoft .NET Framework 4 Client Profile JPN Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロールパネル 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックスドライバー 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラードライバー 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システムソフトウェア 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA アップデート 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオドライバー 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile JPN Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - 日本語
"OptimizerPro" = OptimizerPro
"PC-Doctor for Windows" = パソコン診断ソフト PC-Doctor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{0C1FCCB3-BE26-4F7A-9B46-3811FB674D5A}" = モンスターハンターフロンティアオンライン
"{16B6F570-96D0-4633-9D90-2A1E8483452E}" = SDGO
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG CyberLink Media Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live アップロードツール
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{283276C7-67EF-4EE4-8663-E46013148330}" = Windows Live サインインアシスタント
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{457C231F-853D-4FB6-8E8D-72B73A113637}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5989FF4A-7579-4E9A-9E0F-548B279CAE17}" = OpenOffice.org 3.4.1
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8644F312-3393-423A-89CB-250C0FE58C09}" = Windows Live メール
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90FD3224-976C-42AE-AFD1-69F91D4915DF}" = Windows Live ムービーメーカー
"{924C3DC2-8E4E-432E-F973-9A2174A39774}" = saafe save
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Japanese
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AEDA8B17-9571-4839-9240-F93E41198E19}" = Windows Live Sync
"{B8ED7934-A409-485D-8A9B-B6E13FD70649}" = Windows Live おすすめパック
"{B9CF1C2E-6B3C-409C-A12B-836DAFC18059}" = Windows Live フォトギャラリー
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" = SearchNewTab
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FC05D86B-2D16-477D-A3D2-7D12970583D0}" = Windows Live Writer
"{FF7DB6B3-1288-4A82-A42A-14F76420DC42}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"CravingExplorer_is1" = Craving Explorer Version 1.5.0
"Game Booster_is1" = Game Booster 3
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"SP_f5d3e0aa" = SafeSaver 1.74
"Veoh Web Player Beta" = Veoh Web Player
"WinLiveSuite_Wave3" = Windows Live おすすめパック
"Yahoo!Jツールバー" = Yahoo!ツールバー

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1645485970-2540753912-3181428214-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013/06/12 14:45:57 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "c:\program files (x86)\windows live\photo
gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/13 9:46:21 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "C:\Program Files (x86)\Windows Live\Photo
Gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/13 9:46:21 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "C:\Program Files (x86)\Windows Live\Photo
Gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/13 9:48:42 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "C:\Program Files (x86)\Windows Live\Photo
Gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/13 17:27:52 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "c:\program files (x86)\windows live\photo
gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/15 13:52:59 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "c:\program files (x86)\windows live\photo
gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/15 14:16:26 | Computer Name = keishi-PC | Source = ISCT Agent | ID = 1003
Description =

Error - 2013/06/15 14:18:11 | Computer Name = keishi-PC | Source = WinMgmt | ID = 10
Description =

Error - 2013/06/16 11:34:01 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "c:\program files (x86)\windows live\photo
gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2013/06/19 1:32:49 | Computer Name = keishi-PC | Source = SideBySide | ID = 16842787
Description = "c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "c:\program files (x86)\windows live\photo
gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

[ System Events ]
Error - 2013/03/22 2:47:13 | Computer Name = keishi-PC | Source = DCOM | ID = 10010
Description =

Error - 2013/04/02 12:49:46 | Computer Name = keishi-PC | Source = DCOM | ID = 10010
Description =

Error - 2013/04/10 18:19:05 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7023
Description = Function Discovery Resource Publication サービスは、次のエラーで終了しました: %%-2147014847

Error - 2013/04/12 14:02:36 | Computer Name = keishi-PC | Source = DCOM | ID = 10010
Description =

Error - 2013/04/16 2:45:54 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7000
Description = xhunter1 サービスを、次のエラーが原因で開始できませんでした: %%193

Error - 2013/04/18 11:03:34 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7000
Description = xhunter1 サービスを、次のエラーが原因で開始できませんでした: %%193

Error - 2013/04/20 16:27:17 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7000
Description = xhunter1 サービスを、次のエラーが原因で開始できませんでした: %%193

Error - 2013/05/01 2:56:39 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7000
Description = xhunter1 サービスを、次のエラーが原因で開始できませんでした: %%193

Error - 2013/05/11 12:57:18 | Computer Name = keishi-PC | Source = Service Control Manager | ID = 7000
Description = xhunter1 サービスを、次のエラーが原因で開始できませんでした: %%193

Error - 2013/05/12 3:19:15 | Computer Name = keishi-PC | Source = DCOM | ID = 10010
Description =

< End of report >

のりしお
2013/07/15 (Mon) 20:53:57

返信フォームへ

Re: 対処方法を教えてください。

定番のSptotector系とSearchNewTab系の複合型ですね。数が多いですが、まとめて駆除しましょう。

■ソフトウェアの更新
以下のソフトはバージョンが古いので、特別な理由のない限りアップデートを推奨します。
古いバージョンのソフトにはセキュリティ上の脆弱性があり、ウイルスに狙われる定番となっていますので。
使っていないのであればアンインストールしてもいいでしょう。

・Java 7 Update 21
・Skype™ 6.0
最新版に更新しましょう。
Javaは最新版を入れても旧版が残ってしまう場合がありますので、その場合は別途上記の旧版を削除してください。

・OpenOffice.org 3.4.1
すでに更新が停止していますので、後継のLibreOfficeかApache Open Officeへ移行されることをお勧めします。

■不要と思われるソフトウェアのアンインストール
コントロールパネルからで構いません。無ければ無視で。

・saafe save
・SearchNewTab
・Search Assistant WebSearch 1.74
・SafeSaver 1.74
・OptimizerPro
アドウェアのようです。アンインストールを推奨します。

■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。
最初の「:OTL」を抜かさないように。

実行するとプロセスがすべて強制終了されますので、アプリはできるだけ終了しておいてください。
また、ごみ箱が空になりますので、必要なファイルがある場合は先に救出してください。
なお、OTLがフリーズしてしまって先に進まない場合は、セーフモードでコンピュータを起動したうえで実行してください。

セーフモードへの入り方：
http://www.higaitaisaku.com/safemode.html

完了後、再起動を要求されますので、「OK」で再起動してください。再起動後、ログが出ますので、そちらを載せてください。なお、今回のログに関しては、そのまま貼り付けで構いません。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:OTL
PRC - [2013/01/24 04:58:25 | 000,348,160 | ---- | M] () -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
MOD - [2013/07/04 06:34:01 | 000,118,784 | ---- | M] () -- C:\ProgramData\SearchNewTab\51d498c9441d1.dll
MOD - [2013/07/04 06:33:18 | 000,118,784 | ---- | M] () -- C:\ProgramData\saafe save\51d4989e0cf13.dll
MOD - [2013/01/24 20:25:02 | 001,044,480 | ---- | M] () -- c:\Program Files (x86)\WebSearch\sprotector.dll
MOD - [2013/01/24 20:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files (x86)\SafeSaver\sprotector.dll
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchdwebs.info/?pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.searchdwebs.info/?l=1&q={searchTerms}&pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={A9A81761-1DE3-11E2-AC23-BC5FF465D873}
CHR - homepage: http://websearch.searchdwebs.info/?pid=518&r=2013/07/03&hid=1185969453&lg=EN&cc=JP&unqvl=22
CHR - Extension: Torntv 3 = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0\
CHR - Extension: Delta Toolbar = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: SweetIM for Facebook = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: saafe save = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: SearchNewTab = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1\
CHR - Extension: Torntv 3 = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0\
CHR - Extension: Delta Toolbar = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: SweetIM for Facebook = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: saafe save = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: SearchNewTab = C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1\
O2 - BHO: (saafe save) - {B59A52AD-C4AE-1DEC-38CA-B7654833A939} - C:\ProgramData\saafe save\51d4989e0cf13.dll ()
O2 - BHO: (SearchNewTab) - {D5FAB8FF-E960-AABF-2041-EE9BC4C5404F} - C:\ProgramData\SearchNewTab\51d498c9441d1.dll ()
O20 - AppInit_DLLs: (c:\progra~2\safesa~1\sprote~1.dll) - c:\Program Files (x86)\SafeSaver\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll ()
[2013/07/04 06:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013/07/04 06:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013/07/04 06:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
[2013/07/04 06:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebSearch
[2013/07/04 06:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013/07/04 06:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SafeSaver
[2013/07/04 06:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\saafe save
[2013/07/04 06:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saafe save
[2013/07/04 06:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/07/04 02:58:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\searchplugins
[2013/07/04 02:58:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Extensions
[2013/07/04 02:58:27 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\BabSolution
[2013/07/04 02:57:55 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
[2013/07/04 02:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TornTV.com
[2013/07/04 02:58:12 | 000,000,000 | ---D | C] -- C:\Users\keishi\AppData\Roaming\Babylon
[2013/07/04 02:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/07/04 02:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/07/04 06:31:17 | 000,000,418 | -H-- | C] () -- C:\windows\tasks\schedule!3036567561.job
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

:Files

:Commands
[emptytemp]
[createrestorepoint]
[reboot]

---ここまで

イルカ
2013/07/15 (Mon) 22:50:37

返信フォームへ

Re: 対処方法を教えてください。

返事が遅れて申し訳ありません。

・不要ソフトのアンインストロール
・Java,skypeのバージョンアップ

これらは済ませました。

■Fixスクリプトによる処置の内容は以下のとおりでした。

All processes killed
========== OTL ==========
No active process named OptimizerPro.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Use Chrome's Settings page to change the HomePage.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 not found.
C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0 folder moved successfully.
C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1 folder moved successfully.
C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0 folder moved successfully.
C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1 folder moved successfully.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj\3.0_0 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncobonmmklooknkfpklmifniicehopjb\1 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0 not found.
File C:\Users\keishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmdcnmpppjimbmekhenpimjcjdbagmgo\1 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B59A52AD-C4AE-1DEC-38CA-B7654833A939}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B59A52AD-C4AE-1DEC-38CA-B7654833A939}\ not found.
C:\ProgramData\saafe save\51d4989e0cf13.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FAB8FF-E960-AABF-2041-EE9BC4C5404F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5FAB8FF-E960-AABF-2041-EE9BC4C5404F}\ not found.
C:\ProgramData\SearchNewTab\51d498c9441d1.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\safesa~1\sprote~1.dll deleted successfully.
File c:\Program Files (x86)\SafeSaver\sprotector.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\websea~1\sprote~1.dll deleted successfully.
File c:\Program Files (x86)\WebSearch\sprotector.dll not found.
C:\ProgramData\StarApp\Setup folder moved successfully.
C:\ProgramData\StarApp folder moved successfully.
C:\ProgramData\SearchNewTab\data folder moved successfully.
C:\ProgramData\SearchNewTab folder moved successfully.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab\ not found.
C:\Program Files (x86)\WebSearch folder moved successfully.
Folder C:\ProgramData\BetterSoft\ not found.
C:\Program Files (x86)\SafeSaver folder moved successfully.
C:\ProgramData\saafe save\data folder moved successfully.
C:\ProgramData\saafe save folder moved successfully.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saafe save\ not found.
C:\ProgramData\InstallMate\{0FFD0F1A-3FB8-449D-A676-779AD41E2DEC} folder moved successfully.
C:\ProgramData\InstallMate\97819C8D\cfg folder moved successfully.
C:\ProgramData\InstallMate\97819C8D folder moved successfully.
C:\ProgramData\InstallMate folder moved successfully.
C:\windows\SysWow64\searchplugins folder moved successfully.
C:\windows\SysWow64\Extensions folder moved successfully.
C:\Users\keishi\AppData\Roaming\BabSolution\Shared folder moved successfully.
C:\Users\keishi\AppData\Roaming\BabSolution\CR folder moved successfully.
C:\Users\keishi\AppData\Roaming\BabSolution folder moved successfully.
C:\Users\keishi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com folder moved successfully.
C:\Program Files (x86)\TornTV.com\Torrents folder moved successfully.
C:\Program Files (x86)\TornTV.com folder moved successfully.
C:\Users\keishi\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache folder moved successfully.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} folder moved successfully.
C:\ProgramData\Tarma Installer folder moved successfully.
File C:\windows\tasks\schedule!3036567561.job not found.
File delete failed. C:\windows\SysNative\WPRO_41_2001woem.tmp scheduled to be deleted on reboot.
C:\windows\msdownld.tmp folder deleted successfully.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07152013_233912

Files\Folders moved on Reboot...
C:\windows\SysNative\WPRO_41_2001woem.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

のりしお
2013/07/15 (Mon) 23:45:39

返信フォームへ

状況に変化はありましたか？

例のごとくOTLの処理が怪しいですが、まあ問題は無いでしょう。広告が出てくる症状は直りましたか？

数日様子を見て再発が無いようであれば、簡単ですが後片付けについて案内します。

イルカ
2013/07/16 (Tue) 21:58:50

返信フォームへ

Re: 対処方法を教えてください。

はい。現状報告ですが、あれだけ頻繁に出ていた広告も、現在出ていません。
もう少しだけ様子を見て、その後もう一度報告致します。

毎度ありがとうございます。

のりしお
2013/07/16 (Tue) 22:39:21

返信フォームへ

Re: 対処方法を教えてください。

お久しぶりです。あれから二週間経ちましたが、全く問題なく行けてます。

本当にありがとうございました。

のりしお
2013/07/25 (Thu) 21:36:53

返信フォームへ

後片付けをしましょう

直ったようですね。簡単ですが後片付けを。

■後片付け
使ったツールを削除します。

・OTL
OTLを起動後、上側にある「Clean Up」ボタンを押してください。
OTL自身も自動的に削除されます。

■転ばぬ先の杖
以下のリンク先の記載内容も、参考にされるとよいかと思います。
http://www.higaitaisaku.com/korobanu.html

以上です。作業お疲れ様でした。今後はお気をつけて。
何かあればまた返信をください。

イルカ
2013/07/25 (Thu) 23:38:18

返信フォームへ

返信フォーム

Template by マシマロック

名前件名 URL メールアドレス画像	メッセージプレビュー（投稿前に内容を確認）
	パスワード