悪代官の伏魔殿掲示板
Reimage Repair
steamクライアントを起動した時に
Reimage Repair等の広告が表示されるようになってしまいました、
ご指導お願いします。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:24:24, on 2015/08/29
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

FIREFOX: 40.0.3 (x86 ja)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\PeerCastStation-1.8.0\PeerCastStation.exe
C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Windows\system32\GWX\GWX.exe
C:\PROGRAM FILES\ASUS\TURBOV\TURBOV.EXE
D:\Firefox\firefox.exe
D:\Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\system32\SearchFilterHost.exe
D:\ダウンロード\HijackThis.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\tool\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\tool\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "D:\skin\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4104506114-555989637-4023910494-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4104506114-555989637-4023910494-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://magic.holysnow.net
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google アップデート サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: UMVPFSrv - Logicool Co., Ltd. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

--
End of file - 8325 bytes

以下CCleaner

Adobe AIR Adobe Systems Incorporated 2014/11/22 15.0.0.356
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/22 17.3 MB 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 2015/08/22 17.8 MB 18.0.0.232
Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/08/22 203 MB 11.0.12
Advanced SystemCare 5 IObit 2012/04/30 90.3 MB 5.2.0
AVG Security Toolbar AVG Technologies 2014/08/27 18.1.9.799
CCleaner Piriform 2015/08/29 5.09
EPSON PX-045A Series ユーザーズガイド 2014/04/21
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/04/21 1.20.0000
foobar2000 v1.1.5 Peter Pawlowski 2011/03/06 7.66 MB 1.1.5
Google Toolbar for Internet Explorer Google Inc. 2015/08/22 7.5.6710.2136
Google 日本語入力 Google Inc. 2014/09/23 77.4 MB 1.13.1641.0
GUILTY GEAR XX #RELOAD Sammy/Arc System Works Co., Ltd. 2011/05/18 767 MB 01.01.0007
ID Manager 2013/11/17
Jane Style Version 3.72 Jane, Inc. 2012/02/12 3.72
Java 7 Update 67 Oracle 2013/10/02 118 MB 7.0.670
KeePass Password Safe 1.26 Dominik Reichl 2013/11/17 3.66 MB 1.26
LimeChat 2 2013/12/01
Magic Workstation 0.94f Magic Technology 2014/05/03
marvell 91xx driver Marvell 2011/03/01 1.0.0.1034
Marvell Miniport Driver Marvell 2011/03/01 11.10.5.3
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/27 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2015/08/23 1.59 MB 4.0.40804.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2011/11/04 31.3 MB 3.5.92.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2011/09/21 6.03 MB 3.5.50.0
Microsoft Security Essentials Microsoft Corporation 2015/08/23 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/08/23 335 MB 5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/03/12 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/18 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/08/22 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/03/16 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/03/01 596 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/17 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/08/22 15.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/08/22 17.3 MB 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2015/08/22 8.03 MB 4.0.20823.0
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/08/29 84.7 MB 40.0.3
Mozilla Maintenance Service Mozilla 2015/08/29 233 KB 40.0.3
MTG GamePack for Magic Workstation Magic Technology 2014/05/03
NVIDIA 3D Vision コントローラー ドライバー 352.65 NVIDIA Corporation 2015/08/22 352.65
NVIDIA 3D Vision ドライバー 355.60 NVIDIA Corporation 2015/08/22 355.60
NVIDIA GeForce Experience 2.5.13.6 NVIDIA Corporation 2015/08/22 2.5.13.6
NVIDIA HD オーディオ ドライバー 1.3.34.3 NVIDIA Corporation 2015/08/22 1.3.34.3
NVIDIA PhysX システム ソフトウェア 9.15.0428 NVIDIA Corporation 2015/08/22 9.15.0428
NVIDIA グラフィックス ドライバー 355.60 NVIDIA Corporation 2015/08/22 355.60
Opera 12.17 Opera Software ASA 2014/04/24 12.17.1863
PHANTASY STAR ONLINE 2 SEGA 2014/11/02 7.24 MB
PHANTASY STAR ONLINE Blue Burst SEGA 2014/03/30
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2012/11/25 6.0.1.6738
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 2011/03/01 993 KB 2.0.4.0
Skype(TM) 7.8 Skype Technologies S.A. 2015/08/22 71.1 MB 7.8.102
Steam Valve Corporation 2015/08/29 2.10.91.91
Super Street Fighter IV: Arcade Edition CAPCOM U.S.A., INC 2012/01/08 1.0.0000.129
TechPowerUp GPU-Z TechPowerUp 2012/11/25
TurboV 2011/03/01 1.02.02
UOAssist 2011/03/13
Virtual Playtable version 0.8.6 Rune Games 2014/06/14 169 MB 0.8.6
Windows Live Essentials Microsoft Corporation 2011/03/12 15.4.3508.1109
Windows Media エンコーダ 9 シリーズ 2012/11/25
WinFast(R) Display Driver Leadtek Research Inc. 2011/09/25 1.00.000
WinRAR archiver 2011/04/04
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) Microsoft Corporation 2011/03/12 5.57 MB 15.4.5722.2
圧縮解凍ソフト Noah 2011/03/06
  • なす
  • 2015/08/29 (Sat) 04:48:59
返信フォームへ 
確認事項がございます
こんにちは、IVNOと申します。
ログを拝見いたしましたが、セキュリティソフトが確認できませんでした。
現在はどちらのセキュリティソフトをご利用でしょうか。
  • IVNO
  • MAIL
  • 2015/08/29 (Sat) 11:17:48
返信フォームへ 
Re: Reimage Repair
こんにちは。
現在はセキュリティソフトはMicrosoft Security Essentialsを使っています。
  • なす
  • 2015/08/29 (Sat) 11:32:50
返信フォームへ 
表面上は穏やかです
ログを再チェックしたらMSEが導入されていました。
見落とし失礼いたしました。
さて表面上ではvToolbarくらいで取り立てて酷い感染状態ではなさそうです。
ともあれ目に見えるところから処置していきましょう。

それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。

GeekUninstaller(通称:GU)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGUなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

準備できたら作業を開始しましょう。

まずは以下URLの「Javaアンインストール・ツール」と言う文字をクリックし、
最新バージョンの確認と旧バージョンの削除を行われてください。
https://java.com/ja/download/faq/remove_olderversions.xml
条項に同意しますのボタンを押して数十秒程度お待ちいただくとJavaが起動します。
Javaが旧バージョンである場合はそのまま最新バージョンのダウンロードページに移動します。
Javaが最新バージョンの場合は旧バージョンの削除画面が出現しますので、指示に従って旧バージョンを削除してください。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Windows 8または8.1の方は以下を参考になされてください。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、GUを起動させ、以下を削除してください。

Advanced SystemCare 5 IObit 2012/04/30 90.3 MB 5.2.0
AVG Security Toolbar AVG Technologies 2014/08/27 18.1.9.799

GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
GUでのアンインストールが完了しましたらGUを終了させてください。
キーボードの左Ctrlと左Altの間にあるスタートボタンを押しながらRボタンを押します。
ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

cleanmgr

入力が完了しましたらエンターキーを押してください。
C:ドライブを選択してOKを押します。
スキャンが開始されますので完了するまでお待ちください。
スキャンが完了すると一覧が表示されますので、すべてにチェックを入れてOKを押してください。
ただし、OKを押すとごみ箱の中身を含めてすべて削除されますので、
ごみ箱の中に必要なファイルが入っている場合はご注意ください。

処置が完了しましたらPCを通常モードで再起動させてください。
HJTのログ、CCのインストール情報ログを再取得し、それらを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/08/29 (Sat) 12:47:24
返信フォームへ 
Re: Reimage Repair
ご回答ありがとうございます。
ログは以下の通りです。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:13:27, on 2015/08/29
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

FIREFOX: 40.0.3 (x86 ja)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
D:\skin\Steam\Steam.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Windows\system32\GWX\GWX.exe
D:\skin\Steam\bin\steamwebhelper.exe
D:\Firefox\firefox.exe
D:\ダウンロード\HijackThis.exe
D:\skin\Steam\bin\steamwebhelper.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TurboV] "c:\program files\asus\turbov\turbov.exe" -b
O4 - HKLM\..\Run: [Launch LCore] c:\program files\logicool gaming software\lcore.exe /minimized
O4 - HKLM\..\Run: [EEventManager] c:\program files\epson software\event manager\eeventmanager.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "D:\skin\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatiigj.exe /ept "epltarget\p0000000000000000" /m "px-045a series"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://magic.holysnow.net
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google アップデート サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: UMVPFSrv - Logicool Co., Ltd. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 7645 bytes


Adobe AIR Adobe Systems Incorporated 2014/11/22 15.0.0.356
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/22 17.3 MB 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 2015/08/22 17.8 MB 18.0.0.232
Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/08/22 203 MB 11.0.12
CCleaner Piriform 2015/08/29 5.09
EPSON PX-045A Series ユーザーズガイド 2014/04/21
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/04/21 1.20.0000
foobar2000 v1.1.5 Peter Pawlowski 2011/03/06 7.66 MB 1.1.5
Google Toolbar for Internet Explorer Google Inc. 2015/08/22 7.5.6710.2136
Google 日本語入力 Google Inc. 2014/09/23 77.4 MB 1.13.1641.0
GUILTY GEAR XX #RELOAD Sammy/Arc System Works Co., Ltd. 2011/05/18 767 MB 01.01.0007
ID Manager 2013/11/17
Jane Style Version 3.72 Jane, Inc. 2012/02/12 3.72
Java 8 Update 60 Oracle Corporation 2015/08/29 20.6 MB 8.0.600.27
KeePass Password Safe 1.26 Dominik Reichl 2013/11/17 3.66 MB 1.26
LimeChat 2 2013/12/01
Magic Duels Stainless Games Ltd. 2015/08/29
Magic Workstation 0.94f Magic Technology 2014/05/03
marvell 91xx driver Marvell 2011/03/01 1.0.0.1034
Marvell Miniport Driver Marvell 2011/03/01 11.10.5.3
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/27 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2015/08/23 1.59 MB 4.0.40804.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2011/11/04 31.3 MB 3.5.92.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2011/09/21 6.03 MB 3.5.50.0
Microsoft Security Essentials Microsoft Corporation 2015/08/23 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/08/23 335 MB 5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/03/12 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/18 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/08/22 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/03/16 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/03/01 596 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/17 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/08/22 15.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/08/22 17.3 MB 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2015/08/22 8.03 MB 4.0.20823.0
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/08/29 84.7 MB 40.0.3
Mozilla Maintenance Service Mozilla 2015/08/29 233 KB 40.0.3
MTG GamePack for Magic Workstation Magic Technology 2014/05/03
NVIDIA 3D Vision コントローラー ドライバー 352.65 NVIDIA Corporation 2015/08/22 352.65
NVIDIA 3D Vision ドライバー 355.60 NVIDIA Corporation 2015/08/22 355.60
NVIDIA GeForce Experience 2.5.13.6 NVIDIA Corporation 2015/08/22 2.5.13.6
NVIDIA HD オーディオ ドライバー 1.3.34.3 NVIDIA Corporation 2015/08/22 1.3.34.3
NVIDIA PhysX システム ソフトウェア 9.15.0428 NVIDIA Corporation 2015/08/22 9.15.0428
NVIDIA グラフィックス ドライバー 355.60 NVIDIA Corporation 2015/08/22 355.60
Opera 12.17 Opera Software ASA 2014/04/24 12.17.1863
PHANTASY STAR ONLINE 2 SEGA 2014/11/02 7.24 MB
PHANTASY STAR ONLINE Blue Burst SEGA 2014/03/30
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2012/11/25 6.0.1.6738
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 2011/03/01 993 KB 2.0.4.0
Skype(TM) 7.8 Skype Technologies S.A. 2015/08/22 71.1 MB 7.8.102
Steam Valve Corporation 2015/08/29 2.10.91.91
Super Street Fighter IV: Arcade Edition CAPCOM U.S.A., INC 2012/01/08 1.0.0000.129
TechPowerUp GPU-Z TechPowerUp 2012/11/25
TurboV 2011/03/01 1.02.02
UOAssist 2011/03/13
Virtual Playtable version 0.8.6 Rune Games 2014/06/14 169 MB 0.8.6
Windows Live Essentials Microsoft Corporation 2011/03/12 15.4.3508.1109
Windows Media エンコーダ 9 シリーズ 2012/11/25
WinFast(R) Display Driver Leadtek Research Inc. 2011/09/25 1.00.000
WinRAR archiver 2011/04/04
Zombie Army Trilogy Rebellion 2015/08/29
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) Microsoft Corporation 2011/03/12 5.57 MB 15.4.5722.2
圧縮解凍ソフト Noah 2011/03/06
  • なす
  • 2015/08/29 (Sat) 14:53:31
返信フォームへ 
スタートアップのログ取得を
ご案内のソフトウェアは正常に処置できた模様です。
Adobe Readerが更新されていませんので、最新版を用意しましょう。

Adobe Acrobat Reader DC
https://get.adobe.com/jp/reader/
オプションのプログラムの部分のチェックは必ず外してからダウンロードしてください。

Adobe Readerの更新が完了しましたら、CCを起動させてください。
起動したら、「ツール」→「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
続いて「InternetExplorer」タブのログ、導入されておられるのであれば「Firefox」タブ、
同じく導入されておられるのであれば「Google Chrome」タブ、そして「スケジュールされたタスク」タブのログを取得してください。
ただし、「コンテキストメニュー」のログは取得していただく必要がございません。
CCの各ログを取得されましたら、CCは終了させて問題ありません。
取得したCCのログを返信欄に貼り付けていただき、ご報告をお願いいたします。
上記ログを確認後、次の作業内容をご案内いたします。
  • IVNO
  • MAIL
  • 2015/08/29 (Sat) 20:16:10
返信フォームへ 
Re: Reimage Repair
Adobe Reader更新しました。
Google Chromeに関してですが、先日Microsoft Security EssentialsがGoogle Chromeから
トロイの木馬を検出したので一昨日あたりにアンインストールした所です。
自分の方ではログが必要かどうか判断しかねるので一応貼っておきます。


「Windows」

無効 EPLTarget
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run EPLTarget\P0000000000000000 c:\windows\system32\spool\drivers\w32x86\3\e_fatiigj.exe /ept "epltarget\p0000000000000000" /m "px-045a series"
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
無効 HKCU:Run Skype Skype Technologies S.A. "c:\program files\skype\phone\skype.exe" /minimized /regrun
有効 HKCU:Run Steam Valve Corporation "D:\skin\Steam\steam.exe" -silent
有効 HKCU:Run swg Google Inc. "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
有効 HKLM:Run EEventManager c:\program files\epson software\event manager\eeventmanager.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run Launch LCore c:\program files\logicool gaming software\lcore.exe /minimized
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run NUSB3MON Renesas Electronics Corporation "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run TurboV ASUSTeK Computer Inc. "c:\program files\asus\turbov\turbov.exe" -b


「InternetExplorer」

有効 Extension Messenger Companion (Ctrl+Shift+C) C:\Program Files\Windows Live\Companion\companioncore.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper Google Toolbar Helper Google Inc. C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
無効 Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
有効 Toolbar Google Toolbar Google Inc. C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll


「Firefox」

有効 Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 40.0.3 C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Google Update 1.3.28.13 Google Inc. default Firefox 40.0.3 C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin NVIDIA 3D Vision 7.17.13.5560 NVIDIA Corporation default Firefox 40.0.3 C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.5560 NVIDIA Corporation default Firefox 40.0.3 C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.3 C:\Users\MIWA\AppData\Roaming\Mozilla\Firefox\Profiles\pk4sm1bu.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 40.0.3 C:\Users\MIWA\AppData\Roaming\Mozilla\Firefox\Profiles\pk4sm1bu.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin Screenshare Plugin 1.1.0.0 ScreenLeap, Inc. default Firefox 40.0.3 C:\Users\MIWA\AppData\Local\Screenleap\npscreenleap1.1.dll
有効 Plugin Shockwave Flash 18.0.0.232 Adobe Systems Incorporated default Firefox 40.0.3 C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
有効 Plugin Silverlight Plug-In 5.1.40728.0 Microsoft Corporation default Firefox 40.0.3 C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
有効 Plugin Windows LiveEPhoto Gallery 15.4.3508.1109 Microsoft Corporation default Firefox 40.0.3 C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll


「Google Chrome」

有効 App Gmail 7 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
有効 App Gmail 7 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
有効 App Gmail 8.1 スイーツ C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 スイーツ C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 6.3 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
有効 App Google ドライブ 6.3 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
有効 App Google 検索 0.0.0.20 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
有効 App Google 検索 0.0.0.20 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
有効 App YouTube 4.2.6 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
有効 App YouTube 4.2.6 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
有効 App YouTube 4.2.7 スイーツ C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
無効 Extension AVG Security Toolbar 18.1.0.443 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.0.443_0
有効 Extension Bible Search 103 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\enlaminhpdcdeemcnfnecpjbafhhajff\103
有効 Extension Bible Search 103 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\enlaminhpdcdeemcnfnecpjbafhhajff\103
有効 Extension Chrome to Mobile 189 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\189
有効 Extension Chrome to Mobile 189 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\189
有効 Extension Chrome to Mobile 189 スイーツ C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\189
有効 Extension Do Not Disturb 145 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilnddakjdkpofoablibghfikpeknhbia\145
有効 Extension Do Not Disturb 145 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ilnddakjdkpofoablibghfikpeknhbia\145
有効 Extension Google ドキュメント 0.5 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
有効 Extension Google ドキュメント 0.7 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
有効 Extension IncognitoFilter 230 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\230
有効 Extension IncognitoFilter 230 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik\230
有効 Extension Location Guard 219 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfohepagpmnodfdmjliccbbigdkfcgia\219
有効 Extension Location Guard 219 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfohepagpmnodfdmjliccbbigdkfcgia\219
有効 Extension Palette for Chrome 165 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod\165
有効 Extension Palette for Chrome 165 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod\165
有効 Extension RamblerMonitor 181 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmakefodefbbcgmockacclbliopakahf\181
有効 Extension RamblerMonitor 181 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmakefodefbbcgmockacclbliopakahf\181
有効 Extension Redirect Path 148 Profile 1 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomidfkchockcldhbkggjokdkkebmdll\148
有効 Extension Redirect Path 148 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aomidfkchockcldhbkggjokdkkebmdll\148
無効 Extension Skype Click to Call 7.3.16540.9015 Profile 2 C:\Users\MIWA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0


「スケジュールされたタスク」

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task AVG-Secure-Search-Update_JUNE2013_TB_rmv D:\Temp\{40511B42-3BE4-404A-A117-FF90BCB49312}.exe --uninstall=1
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task {01747389-AAE9-4B8F-B10C-731550B6A1DE} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\ダウンロード\psobb_client\Setup.exe -d D:\ダウンロード\psobb_client
  • なす
  • 2015/08/29 (Sat) 21:26:35
返信フォームへ 
確かにGoogle Chromeが悲惨です
ログを確認いたしましたが、Google Chromeの感染が確認できていますね。
Google Chromeの拡張機能からほかのブラウザに感染が拡大した事例もありますので、
一度こちらのPC内に残っている拡張機能をすべて削除しましょう。

以下のソフトウェアをご用意ください。

「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンクです。アクセスしてファイルを分かりやすい場所に保存しておいてください。
ソフトウェアを一度起動させることにより自動的にアップデートが始まります。
アップデートが完了しましたら今は何もせずに終了させてください。
本ソフトウェアの削除指示があった際は起動後に「アンインストール」ボタンを押せば自動で削除されます。

準備できたら作業を開始しましょう。

CCを起動させ、ツール→スタートアップの各項目を開き、
該当するものを無効→エントリの削除の順番でクリックしてください。

Firefox
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.3 C:\Users\MIWA\AppData\Roaming\Mozilla\Firefox\Profiles\pk4sm1bu.default\gmp-gmpopenh264\1.4\gmpopenh264.dll

スケジュールされたタスク
有効 Task AVG-Secure-Search-Update_JUNE2013_TB_rmv D:\Temp\{40511B42-3BE4-404A-A117-FF90BCB49312}.exe --uninstall=1
有効 Task {01747389-AAE9-4B8F-B10C-731550B6A1DE} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\ダウンロード\psobb_client\Setup.exe -d D:\ダウンロード\psobb_client

無効にできないもの、既に無効になっているものはそのままエントリの削除を、
エントリが存在しない場合は放置で先に進みましょう。
またGoogle Chrome等で削除ができない場合も放置で先に進みましょう。
CCでの作業が完了しましたら、メモ帳を起動させてください。
以下の3行をコピペして分かりやすい場所に保存してください。

%userprofile%\AppData\Local
%userprofile%\AppData\LocalLow
%userprofile%\AppData\Roaming

準備が完了しましたら、PCをセーフモードで起動してください。

GUを起動させ、以下を削除してください。

Google Toolbar for Internet Explorer Google Inc. 2015/08/22 7.5.6710.2136
Google 日本語入力 Google Inc. 2014/09/23 77.4 MB 1.13.1641.0

GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
GUでのアンインストールが完了しましたらGUを終了させてください。
エクスプローラーを起動させ、上記で保存したメモ帳を開いてください。
エクスプローラーを起動し、アドレスバーに先ほどコピペしてもらったものを1行貼り付けてエンターキーを押します。
移動したフォルダ内にGoogleと言うフォルダがあればそれをShiftを押しながら削除してください。
移動したフォルダ内にGoogleのフォルダがない場合は放置で次に進んでください。
残り2行についても同様に処置を行なってください。

Googleの手動削除が完了しましたら、ACを起動させScanまたはスキャンをクリックします。
スキャンが終了しましたら、Cleaningまたは削除をクリックして掃除を行います。
掃除が完了すると再起動を求められますので、指示に従って通常モードで再起動を行ってください。
これでセーフモードから通常モードに移行します。
再起動前後いずれかにACのログが表示さますので、そちらを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/08/29 (Sat) 22:34:18
返信フォームへ 
Re: Reimage Repair
GUを起動させ、Google 日本語入力 Google Inc.の削除する所でエラーが出てしまいました。
内容をそのまま書きます。

windowsインストーラー

windowsインストーラーサービスにアクセス出来ませんでした。これは、windowsインストーラーが正しくインストールされていない場合に発生する事があります。

強制削除すればよかったのでしょうか?
  • なす
  • 2015/08/30 (Sun) 01:50:24
返信フォームへ 
では通常モードで削除を
Windowsインストーラーサービスはセーフモードでは起動しないですので、
この場合は通常モードで削除することで正常に動作します。
これが表示された場合は通常モードにて削除をお願いいたします。
  • IVNO
  • MAIL
  • 2015/08/30 (Sun) 11:21:02
返信フォームへ 
Re: Reimage Repair
Google 日本語入力の削除できました。
ACのログを貼っておきます。

# AdwCleaner v5.004 - ログファイルの作成日 30/08/2015 作成時間 13:15:14
# 更新日 26/08/2015 作成元 Xplode
# データベース : 2015-08-25.1 [サーバー]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (x86)
# ユーザー名 : MIWA - MIWA-PC
# 実行場所 : D:\ダウンロード\AdwCleaner.exe
# オプション : 削除
# サポート : http://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****

[-] フォルダ 削除済み項目 : C:\Program Files\AVG Security Toolbar
[-] フォルダ 削除済み項目 : C:\Program Files\ExstraSavings
[-] フォルダ 削除済み項目 : C:\Program Files\ShopDroP
[-] フォルダ 削除済み項目 : C:\Program Files\SaveLots
[-] フォルダ 削除済み項目 : C:\Program Files\CoupMania
[-] フォルダ 削除済み項目 : C:\Program Files\SMSnetwork for Chrome
[-] フォルダ 削除済み項目 : C:\Program Files\DNS Unlocker
[-] フォルダ 削除済み項目 : C:\Program Files\AlilSaver
[-] フォルダ 削除済み項目 : C:\Program Files\AllCheaapPreicE
[-] フォルダ 削除済み項目 : C:\Program Files\AllCiheapPrice
[-] フォルダ 削除済み項目 : C:\Program Files\AlllCheaPPrice
[-] フォルダ 削除済み項目 : C:\Program Files\ALlSavEr
[-] フォルダ 削除済み項目 : C:\Program Files\AllSavERa
[-] フォルダ 削除済み項目 : C:\Program Files\BitSavear
[-] フォルダ 削除済み項目 : C:\Program Files\BRowSinGCleaarr
[-] フォルダ 削除済み項目 : C:\Program Files\CCheeApMMei
[-] フォルダ 削除済み項目 : C:\Program Files\CheaipMe
[-] フォルダ 削除済み項目 : C:\Program Files\CheapMee
[-] フォルダ 削除済み項目 : C:\Program Files\ChheAeppMe
[-] フォルダ 削除済み項目 : C:\Program Files\CooupExteNNsieone
[-] フォルダ 削除済み項目 : C:\Program Files\CouPExtension
[-] フォルダ 削除済み項目 : C:\Program Files\DealExPResso
[-] フォルダ 削除済み項目 : C:\Program Files\DiealExpRess
[-] フォルダ 削除済み項目 : C:\Program Files\DigiCoouponn
[-] フォルダ 削除済み項目 : C:\Program Files\DoownSaVe
[-] フォルダ 削除済み項目 : C:\Program Files\EenojjoyuCaOupon
[-] フォルダ 削除済み項目 : C:\Program Files\ExstraCoouPon
[-] フォルダ 削除済み項目 : C:\Program Files\ExstRaCoupon
[-] フォルダ 削除済み項目 : C:\Program Files\ExstraCouupoon
[!] フォルダ ノット 削除済み項目 : C:\Program Files\ExstrASavings
[-] フォルダ 削除済み項目 : C:\Program Files\ExstriaoCoupOn
[-] フォルダ 削除済み項目 : C:\Program Files\EXstruaSSaVIngos
[-] フォルダ 削除済み項目 : C:\Program Files\FFunn2Save
[-] フォルダ 削除済み項目 : C:\Program Files\FIndBesatDieal
[-] フォルダ 削除済み項目 : C:\Program Files\FinndBEstDeal
[-] フォルダ 削除済み項目 : C:\Program Files\FiondBeestDeaall
[-] フォルダ 削除済み項目 : C:\Program Files\Fun2Saave
[-] フォルダ 削除済み項目 : C:\Program Files\FUn2Savee
[-] フォルダ 削除済み項目 : C:\Program Files\GrEaTeSave4U
[-] フォルダ 削除済み項目 : C:\Program Files\IIsaveur
[-] フォルダ 削除済み項目 : C:\Program Files\IsAviEr
[-] フォルダ 削除済み項目 : C:\Program Files\IssAuverr
[-] フォルダ 削除済み項目 : C:\Program Files\MiinimumPorice
[-] フォルダ 削除済み項目 : C:\Program Files\NaetooCoupon
[-] フォルダ 削除済み項目 : C:\Program Files\NetoCOupon
[-] フォルダ 削除済み項目 : C:\Program Files\NetOCoupoon
[-] フォルダ 削除済み項目 : C:\Program Files\NeWeSauVEr
[-] フォルダ 削除済み項目 : C:\Program Files\RiaandomPrice
[-] フォルダ 削除済み項目 : C:\Program Files\RoboSiaaveR
[-] フォルダ 削除済み項目 : C:\Program Files\SaaveLots
[-] フォルダ 削除済み項目 : C:\Program Files\SaveaNEWaApupz
[-] フォルダ 削除済み項目 : C:\Program Files\SaveerExtension
[-] フォルダ 削除済み項目 : C:\Program Files\SaveLLotus
[!] フォルダ ノット 削除済み項目 : C:\Program Files\SaVELots
[-] フォルダ 削除済み項目 : C:\Program Files\SaveLotts
[-] フォルダ 削除済み項目 : C:\Program Files\SaveorExtenasiOn
[-] フォルダ 削除済み項目 : C:\Program Files\SAverExitensiion
[-] フォルダ 削除済み項目 : C:\Program Files\SavErEXTenssiONN
[!] フォルダ ノット 削除済み項目 : C:\Program Files\SHoPDrOp
[-] フォルダ 削除済み項目 : C:\ProgramData\8599751672695311333
[-] フォルダ 削除済み項目 : C:\ProgramData\Avg_Update_0814tb
[-] フォルダ 削除済み項目 : C:\ProgramData\{088c510f-adf0-30a0-088c-c510fadf443e}
[-] フォルダ 削除済み項目 : C:\ProgramData\{366b0573-6b29-4da0-366b-b05736b215cd}
[-] フォルダ 削除済み項目 : C:\ProgramData\{3c5c0ae7-fbd4-2f9a-3c5c-c0ae7fbd2b9f}
[-] フォルダ 削除済み項目 : C:\ProgramData\{542b94ab-5021-305b-542b-b94ab50252ad}
[-] フォルダ 削除済み項目 : C:\ProgramData\{d3cc729d-c5d7-04c6-d3cc-c729dc5dca77}
[-] フォルダ 削除済み項目 : C:\Users\MIWA\AppData\Local\Chromium\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] フォルダ 削除済み項目 : C:\Users\MIWA\AppData\LocalLow\AVG Secure Search
[-] フォルダ 削除済み項目 : C:\Users\MIWA\AppData\LocalLow\facemoods.com
[-] フォルダ 削除済み項目 : C:\Windows\system32\config\systemprofile\AppData\Local\AVG Secure Search
[-] フォルダ 削除済み項目 : C:\Windows\system32\config\systemprofile\AppData\Roaming\WeatherTool

***** [ ファイル ] *****

[-] ファイル 削除済み項目 : C:\Users\MIWA\AppData\Roaming\Mozilla\Firefox\Profiles\pk4sm1bu.default\invalidprefs.js
[-] ファイル 削除済み項目 : C:\Users\MIWA\AppData\Roaming\Mozilla\Firefox\Profiles\pk4sm1bu.default\user.js
[-] ファイル 削除済み項目 : C:\Windows\system32\roboot.exe

***** [ ショートカット ] *****


***** [ スケジュールタスク ] *****


***** [ レジストリ ] *****

[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] キー 削除済み項目 : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] 値 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] キー 削除済み項目 : HKU\.DEFAULT\Software\AVG Secure Search
[-] キー 削除済み項目 : HKU\.DEFAULT\Software\Avg Secure Update
[-] キー 削除済み項目 : HKCU\Software\Softonic
[-] キー 削除済み項目 : HKCU\Software\Avg Secure Update
[-] データ 復元済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] キー 削除済み項目 : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
[!] キー ノット 削除済み項目 : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] キー ノット 削除済み項目 : HKU\S-1-5-21-4104506114-555989637-4023910494-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
[!] キー ノット 削除済み項目 : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Webブラウザ ] *****


*************************

:: Winsock設定を初期化しました

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8383 バイト] ##########
  • なす
  • 2015/08/30 (Sun) 13:25:04
返信フォームへ 
ACは削除し作業報告を
ACでは壮絶な量が検出、駆除されています。
ACは不要となりますので、ACを起動させてアンインストールボタンを押して削除なされてください。

さてここで感染原因のご案内です。
今回ここまでPCが感染するに至った原因は、Softonicからソフトウェアをダウンロードしたことが原因です。
ここからソフトウェアをダウンロードすると100%感染します。
Softonic社は感染1件につきいくらと言うお金をマルウェア作者から回収しているのです。

さて以前お願いしていたGoogleフォルダの手動削除の件ですが、
こちらの作業は行なわれたでしょうか。
そちらのご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/08/30 (Sun) 16:04:24
返信フォームへ 
Re: Reimage Repair
ACのアンインストール、Googleフォルダの手動削除行いました。
Softonicに関してはよく覚えていない上に心当たりが多すぎて
いつ何をダウンロードしたかも分からない状態です。
ソフトウェアのダウンロードはもっと慎重にすべきでしたね。
  • なす
  • 2015/08/30 (Sun) 16:25:58
返信フォームへ 
MBAMでスキャンを
ACとGoogleフォルダの削除は完了したのですね。
それでは前回削除いただいたGoogle関連ソフトウェアは戻していただいて結構です。

以下のソフトウェアをご用意ください。

Malwarebytes Anti-Malware(通称:MBAM)
旧バージョンダウンロード↓(ファイル直リンクです。表示して数秒後にダウンロード開始の表示が出ます)
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
Google Chrome以外のブラウザでダウンロードしてください。
最新バージョンには動作しなくなるなどの不具合があるため、ここでは旧バージョンを利用します。
インストールの最後に出てくるMalwarebytes Anti-Malware Pro版の無料試用を開始する。のチェックを外します。
このソフトウェアは日本語対応ではありますが、初回起動時は文字化けしておりますので、以下の手順で日本語化を行ってください。
MBAMを起動させてください。
MBAMを起動時に自動アップデートが始まります。
最新バージョンをダウンロードしたと表示されたら、必ずキャンセルを押してください。
次にウイルス定義ファイルのアップデートが始まりますので、アップデート終了までお待ちください。
ウイルス定義ファイルのバージョンアップが完了すると、再度最新バージョンをダウンロードしたと出ますので、
再びキャンセルを押してアップデートを中止してください。
MBAMが起動したら設定タブを開き、Languageの項目の部分をJapaneseに再度変更することで日本語化が可能です。
この段階ではスキャンは行いませんので、設定が完了したらMBAMを終了させておいてください。
最新バージョンと旧バージョンは操作方法が大幅に異なりますので、
万一バージョン2.0以降を導入されてしまった場合はご連絡ください。
片付け時はセーフモードでGUを利用してアンインストールしてください。

ここで使うのはFree(無償版)です。

準備が完了しましたら作業を開始いたします。
PCをセーフモードで起動してください。
MBAMを起動させます。
フルスキャンを選択し、スキャン開始をクリックします。
スキャン終了まで30分~1時間半程度お待ちください。
スキャンが完了したら、詳細を表示をクリックします。
検出されたものの一覧が出ますので、検出されたものすべてを駆除するため、
検出されたものの左側にあるチェックボックスすべてにチェックを入れます。
すべての箇所にチェックを入れたら選択されたアイテムを隔離ボタンを押します。
処置の設定が完了するとPCの再起動を促されますので、指示に従って通常モードで再起動してください。
再起動前後にログが出ますので、取得されたログを貼り付け、ご報告をお願いいたします。
  • IVNO
  • MAIL
  • 2015/08/30 (Sun) 21:02:26
返信フォームへ 
Re: Reimage Repair
MBAMでのスキャン終わりました。
今回何も検出されなかったので隔離や駆除の作業はしませんでした。

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2015.08.29.05

Windows 7 Service Pack 1 x86 NTFS (セーフモード)
Internet Explorer 11.0.9600.17959
MIWA :: MIWA-PC [管理者]

2015/08/30 21:27:33
mbam-log-2015-08-30 (21-27-33).txt

スキャンタイプ: フルスキャン (C:\|D:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 714439
経過時間: 43 分, 47 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 0
(悪意のあるアイテムは検出されていません。)

(終)
  • なす
  • 2015/08/30 (Sun) 22:26:54
返信フォームへ 
MBAMは削除しOTLでスキャンを
MBAMでは検出なしと言うことですね。
MBAMは不要となりますので、導入時の指示に従って削除なされてください。
さてここからが駆除本番となります。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • MAIL
  • 2015/08/31 (Mon) 04:22:04
返信フォームへ 
Re: Reimage Repair
MBAMの削除行いました。
OTLのログも取れましたので報告します。

OTL.txtから



OTL logfile created on: 2015/08/31 21:58:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\ダウンロード\悪代官
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

2.99 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 66.28% Memory free
5.98 Gb Paging File | 4.95 Gb Available in Paging File | 82.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 39.43 Gb Free Space | 52.98% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 464.75 Gb Free Space | 49.89% Space Free | Partition Type: NTFS

Computer Name: MIWA-PC | User Name: MIWA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/08/31 21:27:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\ダウンロード\悪代官\OTL.exe
PRC - [2015/08/27 09:37:44 | 002,634,872 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/08/27 09:37:41 | 019,958,904 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
PRC - [2015/08/27 09:37:41 | 004,305,016 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
PRC - [2015/08/27 09:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/08/27 09:37:41 | 000,921,208 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
PRC - [2015/08/27 09:37:40 | 005,810,808 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
PRC - [2015/08/07 13:54:43 | 000,974,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2015/08/07 13:45:03 | 000,410,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/07/05 02:47:39 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2015/05/09 12:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2015/04/30 00:18:28 | 000,981,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logicool Co., Ltd.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/05/15 00:36:13 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/27 11:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/11/19 17:54:46 | 005,665,280 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\TurboV\TurboV.exe
PRC - [2009/08/19 20:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/08/27 09:37:44 | 000,011,896 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2009/10/26 14:52:44 | 000,135,680 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TvOcLib.dll
MOD - [2008/12/10 20:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV\pngio.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/08/27 09:37:41 | 004,305,016 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV - [2015/08/27 09:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015/08/27 09:37:41 | 000,921,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV - [2015/08/26 21:46:30 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/23 11:54:43 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/08/22 12:58:15 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/08/07 13:45:03 | 000,410,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015/07/17 04:39:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/05 06:12:14 | 000,837,312 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/07/23 02:12:04 | 005,148,240 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logicool Co., Ltd.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/03/01 13:12:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/08/19 20:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2015/08/31 20:56:12 | 000,039,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{82167D52-DA1A-499F-9CE1-E7F90EA96621}\MpKsl7577d777.sys -- (MpKsl7577d777)
DRV - [2015/08/27 09:37:40 | 000,018,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2015/08/11 13:55:08 | 000,044,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2015/08/07 19:38:11 | 009,326,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2015/08/07 19:38:11 | 000,171,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2015/03/04 19:34:52 | 000,095,408 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014/08/12 20:18:47 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/05/31 01:16:36 | 000,039,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV - [2012/10/24 15:43:34 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/10/24 15:43:34 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/01/18 06:44:52 | 004,332,960 | ---- | M] (Logicool Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2010/11/26 18:02:22 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/20 01:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/06 14:47:08 | 000,648,808 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/04/27 10:28:46 | 000,146,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/04/27 10:27:50 | 000,064,904 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/12/25 16:04:48 | 000,258,088 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mv91xx.sys -- (mv91xx)
DRV - [2009/11/24 10:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/24 10:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/11/17 00:00:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2009/08/04 11:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/16 12:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/14 08:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/05/20 18:10:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://app.nicovideo.jp/watch/ap159
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 08 C8 7D E7 F9 CB 01 [binary data]
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_jaJP421
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\GomPlayer\Real Alternative\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\GomPlayer\Real Alternative\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@screenleap.com/ScreenleapPlugin,version=1.1: C:\Users\MIWA\AppData\Local\Screenleap\npscreenleap1.1.dll (ScreenLeap, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: D:\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: D:\Firefox\plugins

[2011/03/06 19:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MIWA\AppData\Roaming\mozilla\Extensions
[2015/08/30 04:27:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MIWA\AppData\Roaming\mozilla\Firefox\Profiles\pk4sm1bu.default\extensions
[2014/02/19 19:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/29 12:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

O1 HOSTS File: ([2009/06/11 06:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [EEventManager] c:\program files\epson software\event manager\eeventmanager.exe File not found
O4 - HKLM..\Run: [Launch LCore] c:\program files\logicool gaming software\lcore.exe /minimized File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TurboV] c:\program files\asus\turbov\turbov.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatiigj.exe /ept "epltarget\p0000000000000000" /m "px-045a series" File not found
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [Steam] D:\skin\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..Trusted Domains: holysnow.net ([magic] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{808ADE34-4FC0-4719-BF82-0BFBFF26302E}: DhcpNameServer = 192.168.11.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/08/30 21:17:07 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Malwarebytes
[2015/08/30 21:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Geek Uninstaller
[2015/08/29 13:39:29 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/08/29 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015/08/29 13:21:38 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/08/29 13:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/08/29 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015/08/29 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Sun
[2015/08/29 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\.oracle_jre_usage
[2015/08/29 03:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2015/08/29 03:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015/08/25 21:13:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Zombie Army Trilogy
[2015/08/23 11:55:56 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/23 11:55:30 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015/08/23 11:55:19 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015/08/23 11:55:19 | 000,105,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015/08/23 11:54:43 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/08/23 11:54:43 | 000,937,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015/08/23 11:54:43 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/08/23 11:54:43 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015/08/23 11:54:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/08/23 11:54:43 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/08/23 11:54:43 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/08/23 11:54:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/08/23 11:54:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/08/23 11:54:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/08/23 11:54:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015/08/23 11:54:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/08/23 11:54:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/08/23 11:54:42 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/08/23 11:54:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/08/23 11:54:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015/08/23 03:01:19 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015/08/23 01:04:21 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Trine2
[2015/08/22 12:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/08/22 12:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2015/08/22 12:06:28 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2015/08/22 12:06:28 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll
[2015/08/22 12:06:22 | 001,167,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2015/08/22 12:06:22 | 000,015,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2015/08/22 12:06:21 | 000,952,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/08/22 12:06:21 | 000,934,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/08/22 12:06:21 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/08/22 12:06:21 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/08/22 12:06:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/08/22 12:06:21 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/08/22 12:06:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/08/22 12:06:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/08/22 12:06:19 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/08/22 12:06:19 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/08/22 12:06:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/08/22 12:06:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/08/22 12:06:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/08/22 12:06:19 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/08/22 12:06:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/08/22 12:06:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/08/22 12:06:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/08/22 12:05:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2015/08/22 12:05:52 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2015/08/22 12:05:39 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2015/08/22 12:05:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2015/08/22 12:05:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2015/08/22 12:05:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015/08/22 12:05:29 | 000,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2015/08/22 12:05:27 | 002,384,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/08/22 12:05:27 | 001,251,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/08/22 12:05:27 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/08/22 12:05:26 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015/08/22 12:05:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015/08/22 12:05:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/08/22 12:05:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015/08/22 12:05:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015/08/22 12:05:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015/08/22 12:05:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015/08/22 12:05:23 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015/08/22 12:05:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015/08/22 12:05:06 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015/08/22 12:05:06 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2015/08/22 12:05:06 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2015/08/22 12:05:05 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/08/22 12:05:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/08/22 12:05:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/08/22 12:05:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/08/22 12:05:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/08/22 12:05:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/08/22 12:05:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/08/22 12:05:04 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/08/22 12:05:04 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/08/22 12:05:04 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/08/22 12:05:04 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/08/22 12:05:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/08/22 12:05:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/08/22 12:05:03 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/08/22 12:05:03 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/08/22 12:05:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/08/22 12:05:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/08/22 12:05:02 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/08/22 12:05:02 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/08/22 12:05:01 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/08/22 12:05:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/08/22 12:05:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/08/22 12:04:59 | 004,520,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/08/22 12:04:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2015/08/22 12:04:49 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2015/08/22 12:04:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2015/08/22 12:04:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2015/08/22 12:04:45 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015/08/22 12:04:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2015/08/22 12:04:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2015/08/22 12:04:27 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2015/08/22 12:04:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2015/08/22 12:04:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2015/08/22 12:04:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2015/08/22 12:04:26 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2015/08/22 12:04:26 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2015/08/22 12:04:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2015/08/22 12:04:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/22 12:04:25 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2015/08/22 12:04:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2015/08/22 12:04:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2015/08/22 12:04:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2015/08/22 12:04:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/08/22 12:04:18 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2015/08/22 12:04:16 | 000,521,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2015/08/22 12:04:15 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2015/08/22 12:04:15 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2015/08/22 12:04:15 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2015/08/22 12:04:15 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2015/08/22 12:04:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2015/08/22 12:04:14 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2015/08/22 12:04:14 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2015/08/22 12:04:14 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2015/08/22 12:04:14 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2015/08/22 12:04:14 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2015/08/22 12:04:14 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2015/08/22 12:04:14 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2015/08/22 12:04:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2015/08/22 12:04:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2015/08/22 12:04:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2015/08/22 12:04:13 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2015/08/22 12:04:13 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2015/08/22 12:04:13 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2015/08/22 12:04:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2015/08/22 12:04:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2015/08/22 12:04:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2015/08/22 12:04:13 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2015/08/22 12:04:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2015/08/22 12:04:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcawrk.exe
[2015/08/22 12:04:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcalua.exe
[2015/08/22 12:04:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaevts.dll
[2015/08/22 12:04:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2015/08/22 12:01:47 | 000,044,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2015/08/22 11:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2015/08/22 11:36:19 | 001,316,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll
[2015/08/22 11:35:28 | 000,573,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2015/08/22 11:34:02 | 000,069,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2015/08/22 11:34:01 | 018,540,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2015/08/22 11:34:01 | 014,673,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2015/08/22 11:34:01 | 013,656,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2015/08/22 11:34:01 | 012,513,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2015/08/22 11:34:01 | 012,179,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2015/08/22 11:34:01 | 009,326,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2015/08/22 11:34:01 | 003,106,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2015/08/22 11:34:01 | 002,624,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2015/08/22 11:34:01 | 001,049,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3235560.dll
[2015/08/22 11:34:01 | 000,985,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2015/08/22 11:34:01 | 000,942,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2015/08/22 11:34:01 | 000,931,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2015/08/22 11:34:01 | 000,921,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2015/08/22 11:34:01 | 000,912,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3235560.dll
[2015/08/22 11:34:01 | 000,421,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll
[2015/08/22 11:34:01 | 000,364,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll
[2015/08/22 11:34:01 | 000,171,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2015/08/22 11:34:01 | 000,155,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2015/08/22 11:34:01 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2015/08/22 11:34:01 | 000,037,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2015/08/16 11:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/08/11 09:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Chrome to Mobile
[2015/08/08 21:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2015/08/08 21:43:18 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Blizzard Entertainment
[2015/08/08 21:43:12 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Battle.net
[2015/08/08 21:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2015/08/08 21:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2015/08/07 03:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Palette for Chrome
[2015/08/04 01:44:32 | 000,000,000 | ---D | C] -- C:\Users\MIWA\Documents\Duels of the Planeswalkers Dumps
[2015/08/03 19:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Location Guard
[2015/08/02 17:40:42 | 000,000,000 | ---D | C] -- C:\Users\MIWA\Documents\Wizards of the Coast
[2015/08/02 17:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/08/31 21:58:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/31 21:36:30 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/31 21:36:30 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/31 20:56:04 | 000,000,434 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2015/08/31 20:56:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/31 20:55:57 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/30 18:44:04 | 000,001,335 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015/08/29 21:09:47 | 000,001,304 | ---- | M] () -- C:\Users\MIWA\Desktop\CCleaner.exe - ショートカット.lnk
[2015/08/29 13:21:34 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/08/29 13:09:03 | 000,274,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2015/08/29 03:40:13 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/27 09:37:01 | 001,423,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2015/08/27 09:37:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll
[2015/08/27 00:59:20 | 000,007,594 | ---- | M] () -- C:\Users\MIWA\AppData\Local\Resmon.ResmonCfg
[2015/08/23 18:31:48 | 012,701,804 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2015/08/23 18:31:48 | 008,508,562 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/08/23 18:31:48 | 007,857,782 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2015/08/23 18:31:48 | 007,631,026 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/08/23 11:55:56 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/23 11:55:30 | 001,372,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015/08/23 11:55:19 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015/08/23 11:55:19 | 000,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015/08/23 11:54:43 | 003,989,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/08/23 11:54:43 | 003,934,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/08/23 11:54:43 | 000,937,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015/08/23 11:54:43 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/08/23 11:54:43 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015/08/23 11:54:43 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/08/23 11:54:43 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/08/23 11:54:43 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/08/23 11:54:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/08/23 11:54:43 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/08/23 11:54:43 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/08/23 11:54:43 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015/08/23 11:54:43 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/08/23 11:54:43 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/08/23 11:54:42 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/08/23 11:54:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015/08/23 03:28:00 | 000,267,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/08/23 03:09:53 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015/08/22 12:58:15 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/08/22 12:58:15 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/08/11 13:55:08 | 000,044,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2015/08/11 13:52:30 | 000,069,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2015/08/07 19:38:11 | 037,819,184 | ---- | M] () -- C:\Windows\System32\nvcompiler.dll
[2015/08/07 19:38:11 | 018,540,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2015/08/07 19:38:11 | 014,673,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2015/08/07 19:38:11 | 013,656,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2015/08/07 19:38:11 | 012,513,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2015/08/07 19:38:11 | 012,179,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2015/08/07 19:38:11 | 009,326,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2015/08/07 19:38:11 | 003,106,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2015/08/07 19:38:11 | 002,624,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2015/08/07 19:38:11 | 001,049,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3235560.dll
[2015/08/07 19:38:11 | 000,985,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2015/08/07 19:38:11 | 000,942,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2015/08/07 19:38:11 | 000,931,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2015/08/07 19:38:11 | 000,921,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2015/08/07 19:38:11 | 000,912,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3235560.dll
[2015/08/07 19:38:11 | 000,421,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll
[2015/08/07 19:38:11 | 000,364,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll
[2015/08/07 19:38:11 | 000,171,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2015/08/07 19:38:11 | 000,155,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2015/08/07 19:38:11 | 000,128,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2015/08/07 19:38:11 | 000,037,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2015/08/07 19:38:11 | 000,027,937 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2015/08/07 13:54:45 | 002,554,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2015/08/07 13:54:45 | 000,061,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2015/08/07 13:54:44 | 000,375,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2015/08/07 13:54:43 | 003,019,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2015/08/07 13:54:42 | 004,390,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2015/08/07 13:45:06 | 000,573,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2015/08/03 21:55:33 | 005,133,709 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  • なす
  • 2015/08/31 (Mon) 22:12:28
返信フォームへ 
Re: Reimage Repair
[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/08/29 21:09:47 | 000,001,304 | ---- | C] () -- C:\Users\MIWA\Desktop\CCleaner.exe - ショートカット.lnk
[2015/08/29 20:51:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/08/29 03:40:13 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/08/22 12:04:58 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015/08/22 11:39:53 | 000,001,335 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015/08/22 11:34:01 | 037,819,184 | ---- | C] () -- C:\Windows\System32\nvcompiler.dll
[2015/06/28 11:47:48 | 000,000,024 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr25.bin
[2015/06/22 19:10:36 | 000,000,020 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr2.bin
[2015/03/23 00:22:13 | 000,000,020 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr3.bin
[2014/12/23 00:41:42 | 000,000,408 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\CamShapes.ini
[2014/12/23 00:41:20 | 000,000,096 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\version2.xml
[2014/06/01 22:59:27 | 000,000,064 | ---- | C] () -- C:\Users\MIWA\.screenleap
[2014/04/22 01:09:49 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/08/01 17:22:32 | 000,000,000 | ---- | C] () -- C:\Users\MIWA\AppData\Local\{EE2238DD-E029-4629-9BDB-10A02CD36A9E}
[2011/03/12 03:07:40 | 000,007,594 | ---- | C] () -- C:\Users\MIWA\AppData\Local\Resmon.ResmonCfg
[2011/03/06 19:37:09 | 000,000,015 | ---- | C] () -- C:\Users\MIWA\.a-downloader

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/11 02:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 10:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/08/31 21:58:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: INTEL SS DSA2M080G2GC SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: WDC WD10 EALX-009BA0 SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV - [2015/03/04 13:10:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2015/08/23 11:55:19 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 10:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 04:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 04:18:08 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/05 06:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/04/28 04:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 04:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 04:18:32 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 14:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 10:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 04:19:24 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/07/14 10:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 10:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 10:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2014/12/06 12:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 10:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 19:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 14:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 10:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 04:21:02 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 04:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 10:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 10:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 04:21:28 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 04:21:20 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 04:21:06 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 04:21:30 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 10:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2014/12/19 11:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 04:17:52 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 04:21:08 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 04:21:36 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 04:19:42 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 04:21:36 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2015/06/16 06:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 10:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2015/07/21 02:56:49 | 002,061,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 04:18:36 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 10:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 04:21:38 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:233BFF24

< End of report >
  • なす
  • 2015/08/31 (Mon) 22:13:21
返信フォームへ 
Re: Reimage Repair
続けてExtras.txtです、
よろしくお願いします。


OTL Extras logfile created on: 2015/08/31 21:58:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\ダウンロード\悪代官
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

2.99 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 66.28% Memory free
5.98 Gb Paging File | 4.95 Gb Available in Paging File | 82.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 39.43 Gb Free Space | 52.98% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 464.75 Gb Free Space | 49.89% Space Free | Partition Type: NTFS

Computer Name: MIWA-PC | User Name: MIWA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "D:\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3EA7A8-F129-45D1-899A-44516AF40160}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0DD3DCA1-8EAB-4B50-8F61-AAD61F090F3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E5946B9-AB54-4BC1-A6D2-587756D93735}" = lport=138 | protocol=17 | dir=in | app=system |
"{1380B746-1602-4F34-9501-6686EF22BE34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1DB3A4E7-8257-498F-A43D-BBE7883C9E55}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{260F377A-02BB-4E79-9EC2-585C3ECA5488}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{265B6EE6-8F4F-49D2-94E3-19CB08914F3E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3F6DFA46-8AAA-4BED-8F78-C101F05ED19D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FD5FC16-9A63-4249-B39D-3AAE1BA5B127}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45496C5C-FAC5-4BF1-9589-C98CAC06FFA4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{488E4712-05FC-4150-A0DE-BB027887531D}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{493E7B16-ABFD-4493-B531-821F69A72714}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{4A8DDE3F-64A1-46FB-B229-A684190FC2DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5871E26F-4F19-481C-8181-01A8A8B3ADAF}" = lport=30000 | protocol=17 | dir=in | name=udp30000 |
"{594C9847-556D-4AB0-843F-276DAF3A9E91}" = rport=445 | protocol=6 | dir=out | app=system |
"{688019BD-8E46-4580-874F-D60B257539FE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{75CB2FBA-3393-4EAE-9140-8E93058B663A}" = rport=137 | protocol=17 | dir=out | app=system |
"{768E122F-0436-40FF-92D5-E2B7A74A3F16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{79198123-7BCF-4B57-9AD1-D41F6F2E9B0A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B29D7CC-898D-48FC-B375-D1B6C9420DA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E76CDBA-D60B-45D7-90E9-BED18722D219}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CD0EDAB-1B28-431C-96D3-2ECF2FACFBEB}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D4AF7C1-8A16-4843-94C8-5869378DDA15}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{8DD4B92E-FE7B-4BA7-9076-A0D75C436252}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{91648274-9925-4F35-A0DF-842F077C9710}" = lport=53 | protocol=17 | dir=in | name=rtldhcp port |
"{97A6A01B-9740-4EE1-A217-C915CC37DDDB}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A8336B57-1333-43D1-8A06-F15DDD1F61BB}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{AA0351C0-BAAC-417E-B758-FC683423D808}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{B2155AE1-CE7E-4256-9393-44E6A4E5828A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B5A85D71-C722-4EA5-B9BE-D52D31B08934}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BA330D6A-78FA-4F12-80AE-99DD3397E467}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BB47714A-9027-48C3-9C3D-AC8D998334F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{C6EC4F85-F1F3-4379-B95E-C9F0291132B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE9AF98D-C413-4F07-B64A-1ACAB7BE41E2}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D97CE29D-D89D-43A4-96C3-E01E31EA19D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD7BB352-A358-4334-AC76-AAD997020C7A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DDD6C500-2C2F-4BAC-B718-3FC04DE47709}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE0CDC97-D21F-43C8-97EE-81586E7F7DEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E007C209-631D-41A5-97AD-81AC06FB477A}" = lport=137 | protocol=17 | dir=in | app=system |
"{E636D021-53A3-4F1F-96A6-224EDFB91AA0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EC0BF174-8190-4C2F-9E9D-C5BB49088CEC}" = lport=53 | protocol=17 | dir=in | name=rtldhcp port |
"{F9115290-29FC-4F47-885B-7B38CFBCEA66}" = lport=7144 | protocol=6 | dir=in | name=tcp7144 |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C9D80A-6A15-473F-BD27-F81247D4A7B0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{08D6DF75-4260-49BE-8030-5D4311B0DBDC}" = protocol=17 | dir=in | app=c:\users\miwa\appdata\local\temp\icreinstall\musicconvertersetup.exe |
"{0E6D31AB-F5BF-4357-8A83-08158D8F02D5}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\terraria\terraria.exe |
"{12460831-0F07-4083-880F-07D319061FFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12D5A1CA-CD02-4A4B-BAE9-C9A922259E98}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\magic duels\magicduels.exe |
"{14C54AC4-9A99-4596-8EEC-DEE2D4C7EF8C}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{15394E12-52E2-457A-8294-69873C4E2D38}" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"{156CD779-F231-4B48-B386-057970107241}" = protocol=17 | dir=in | app=d:\utorrent.exe |
"{19AF7E72-0F95-4B9C-80A1-D567BDAC04CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\guilty gear xx accent core plus r\ggxxacpr_win.exe |
"{1B88DAC4-3EEA-4C91-B0C2-BF6534B87BBE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1C84C469-7FB7-4A59-A97E-0DBF3BEA314A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1EC089DC-CD72-486B-B8E3-DF13FF22FC6A}" = protocol=6 | dir=in | app=c:\users\miwa\downloads\musicconvertersetup.exe |
"{21F6F3D3-F8C3-4F16-B1F8-8A40B44D5644}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{2258ECAC-127E-42C6-BB23-59CAD773721B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{2534A99F-D9E7-44DD-A2ED-38764B15330B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2F9727F7-4870-4B1C-8D8E-214EA146C16C}" = protocol=6 | dir=in | app=d:\firefox\firefox.exe |
"{308CCB4F-6B51-423B-9B42-542D73846475}" = protocol=17 | dir=in | app=d:\pluginwrapper\opera_plugin_wrapper.exe |
"{3542E8BB-034C-42B7-B82F-1468DD344C48}" = protocol=6 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{391344F2-0AE8-4FB6-A387-ED0A096CF13D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39B6A595-6271-4DF3-A9BF-BEB4CCEB33FC}" = protocol=6 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{3A9D4F5D-D62E-4935-9FD9-C26EE8CDBE33}" = protocol=6 | dir=in | app=d:\opera.exe |
"{3D00F935-8561-42C3-91C7-0F80336EBB8F}" = protocol=6 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"{3D69AC46-E0A8-44F6-86D9-C23E94608214}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxupdater.exe |
"{3EE6A806-A2D5-420F-AE19-B703C2064894}" = protocol=17 | dir=in | app=c:\users\miwa\downloads\musicconvertersetup.exe |
"{429F8054-8C2B-43DB-9FF0-EFF69B0E622D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{448BEB9A-7F78-4376-9636-42CE134E32BC}" = protocol=6 | dir=in | app=c:\program files\peercast\peercast.exe |
"{47ED20AB-E4BA-449E-99D6-4FF5657B22BD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{48C8518B-64DC-429A-A8E0-8CD771D29F90}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxoffline.exe |
"{4B9C2D8A-4087-4DEF-9BD5-C328DD89E845}" = protocol=6 | dir=in | app=c:\program files\peercast\oggcap.exe |
"{4BF61E39-5FE8-4883-A5A2-F91805D02561}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxgame.exe |
"{4CFEF5F7-3729-44AD-986D-30B2C3C68001}" = protocol=17 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"{4FB6EE5C-2AC2-4FC3-A2E8-661FA0C24AE9}" = protocol=6 | dir=in | app=d:\utorrent.exe |
"{4FFA926B-D8E9-4100-A53B-F0C96A2A817F}" = protocol=6 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"{511C7434-5560-428B-9EF9-D12791B6856E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{5777DCBD-0E89-4EB3-A02B-0C568C21DDC6}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxupdater.exe |
"{5D9AD25F-63C8-4272-BE9C-F938789DFDAE}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{5EE032F2-1E44-4DFB-9F54-24526C7A8E37}" = protocol=17 | dir=in | app=c:\program files\peercast\peercast.exe |
"{64932ED0-C50B-4F7A-BB33-10F5E46010C4}" = protocol=17 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\option.exe |
"{6AC2349B-EC72-43CB-BE54-435794BBCE87}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{6F81C42D-03A1-4AE8-BC5A-F8E548099CB7}" = protocol=17 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{71EE1AAC-050F-41E5-AADD-3405B17E47A3}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxgame.exe |
"{740154F7-02FF-4B27-B9A6-759253FE4A67}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxboot.exe |
"{7D198F95-7141-45FF-877D-F8469A674CD1}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxconfig.exe |
"{807AF9AA-8F2E-4C3C-8437-F79B336344B8}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{83EAAC04-7991-4093-9790-5E7CD96E8018}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\terraria\terraria.exe |
"{85ABD9EB-B496-40E7-9EB7-3CACCAD3C082}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{86AA8396-2B49-4F12-9F5C-5374BF6FB62A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{86AF2AE4-FF19-4878-81DE-DCDC1DABBB8B}" = protocol=6 | dir=out | app=system |
"{86EAC6D0-7F6C-4B22-B78C-719B1E61D879}" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"{87663DD1-F3D0-4AE8-8BCC-406A3DEE1A1B}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxboot.exe |
"{8C931C5B-CBC3-4BC4-B372-2490404C50ED}" = protocol=6 | dir=in | app=c:\users\miwa\appdata\local\temp\icreinstall\musicconvertersetup.exe |
"{8D885C48-348D-4643-9A9F-81B9932EC0EA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\guilty gear xx accent core plus r\ggxxacpr_win.exe |
"{8E2B5949-CFED-4BDA-9355-9568FCA3A9A3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{8EE3A3D5-80DB-4AF7-A076-E9E8B83CF580}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8FE6B0E1-C7D4-437B-875C-ABC2BFA372E4}" = protocol=17 | dir=in | app=d:\opera.exe |
"{92BA6EA6-B8A0-4CCD-8649-7AB2268C013F}" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"{94B4861E-0968-430A-9017-E0975DC46B9D}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{95683D41-D48B-4CCD-85DF-766BC975E08D}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxtitle.exe |
"{9923AF14-45E5-4B87-9386-EF7F32000F8B}" = protocol=17 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\online.exe |
"{9A389D95-05ED-4B0F-94E9-40AAA6CDB28B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{9ACA1B9E-8632-45E4-8F86-B1D45ED8C691}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F8D9A72-1BFC-42D1-B925-A54FA9B81248}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxoffline.exe |
"{A437CBFF-67F4-4948-8A95-62EFA4047C44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A52C276F-08A9-4A1B-BD74-517715F105F6}" = protocol=6 | dir=in | app=d:\pluginwrapper\opera_plugin_wrapper.exe |
"{A8FF1504-063B-422E-8137-2D69420F7EFC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFD069BA-063F-409C-B60A-60BA5190821C}" = protocol=17 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"{AFD5073F-B6F4-48A9-AAD1-94F5963E0043}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BBF37F07-635B-40F0-971D-71FE7E383E2B}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{BD46D266-7609-4752-A208-7308952FF413}" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"{BF6661DD-8F30-40E6-91B1-8A9D84A91432}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C857B796-AD1E-481E-980F-008251B165C3}" = protocol=6 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\option.exe |
"{CAB4D0CA-6DC3-4031-9C66-8EDBA4C124AA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB0674BD-B784-48CC-8399-1E46E69839D6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skullgirls\skullgirls.exe |
"{CCC7732D-A837-40E5-9A74-ECB8BCC96719}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CD35B5AE-3632-4C45-8CE7-EA72E623B4DD}" = protocol=17 | dir=in | app=c:\program files\peercast\oggcap.exe |
"{D06ED3F4-DD1E-4ECE-8989-7ABA92C121ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2E6B9E5-8973-456A-B7DA-76973BD77212}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{D48CCBA8-3567-4582-8AFB-EEB0B30B9B95}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{D6801C88-0170-4C47-B721-2788CF6DAF8C}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{DC9044AF-BEE2-4F15-9129-5DD4938EF4BF}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxconfig.exe |
"{DFF23CE4-9F4D-4F84-B344-87969CDA6A6A}" = protocol=17 | dir=in | app=d:\firefox\firefox.exe |
"{E3282B95-7CDB-4014-9DF3-64B252BEBEE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EAAB5BB1-0320-4EE3-A5FA-D7FC6148C585}" = protocol=6 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\online.exe |
"{EAC9295D-0CA7-43E8-A2F4-44103DC9E65B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skullgirls\skullgirls.exe |
"{EB087AC2-CA3A-4D0B-805A-95C29D3C6412}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE541D29-1B4F-4AB1-B70A-FF046A7563F0}" = protocol=17 | dir=in | app=d:\skin\steam\steam.exe |
"{F04778DC-A1BF-4263-8B90-94ED17046C87}" = protocol=6 | dir=in | app=d:\skin\steam\steam.exe |
"{F08BF0CA-7207-4F24-99EA-416C0274DD7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2A4BA25-5605-4D07-AD58-5782EFABCCFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{F8842DAE-163F-4364-903A-D21A21CB2983}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA9A3036-1CB4-4EE4-A515-F294AFEEDFA1}" = protocol=58 | dir=in | app=system |
"{FB289C3C-A18F-4D97-918C-7F2F7BBD0901}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\magic duels\magicduels.exe |
"{FB697240-3892-46F0-A94C-F539B622AD33}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxtitle.exe |
"{FC7DE406-2F8B-4D76-B7D0-9374DE83D4A3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{FDF08E8A-81CE-49A0-A619-3333F82E09FE}" = protocol=17 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"TCP Query User{03A5110B-70B1-4CCF-BF5E-97E4ED69838C}D:\エミュ\ggpo-build-030\ggpo.exe" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"TCP Query User{19D67051-9B17-4732-A9C6-5B8C443182A2}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=6 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"TCP Query User{2A940E5B-949A-4EF9-A19D-A683CF4D7E04}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=6 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"TCP Query User{350CE712-34DF-4E69-9B10-37370706F166}D:\bin\javaw.exe" = protocol=6 | dir=in | app=d:\bin\javaw.exe |
"TCP Query User{76E7FAF1-1E06-4ACA-BF81-B7AB4581C0B9}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{8A8EE3EB-31B7-4032-8513-61E2040DB39A}D:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe" = protocol=6 | dir=in | app=d:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe |
"TCP Query User{96EE183A-B5E9-466E-8E69-50854E0A161D}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{98504AA2-A82E-46BC-9251-EAF59EE67258}D:\steam\steamapps\common\magic duels\magicduels.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magic duels\magicduels.exe |
"TCP Query User{B2CED73C-3F67-42FA-B6A5-CCCAE7EE98B7}D:\magic workstation\mwsplay.exe" = protocol=6 | dir=in | app=d:\magic workstation\mwsplay.exe |
"TCP Query User{B43DFBBE-C49C-4885-BB47-7ADE449B5097}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"TCP Query User{B7F59D84-EA56-4A1B-A073-EFA7534A89CB}D:\magic workstation\mwshost.exe" = protocol=6 | dir=in | app=d:\magic workstation\mwshost.exe |
"TCP Query User{BA592D9F-12E1-4156-BE8F-7BB0D7D78C82}D:\エミュ\ggpo-build-030\ggpofba.exe" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"TCP Query User{CC46858D-C694-4095-9F04-6E4DEA193A62}D:\tool\wme\wmenc.exe" = protocol=6 | dir=in | app=d:\tool\wme\wmenc.exe |
"TCP Query User{D67CC0D2-28F3-4BD4-BD5C-C4C6FD998D86}D:\virtual playtable\playtable.exe" = protocol=6 | dir=in | app=d:\virtual playtable\playtable.exe |
"TCP Query User{E215F001-AA9A-47E0-B603-55AE2F1B955B}D:\program files\capcom\super street fighter iv\ssfiv.exe" = protocol=6 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"TCP Query User{ECA9734E-3B93-4395-8652-0704F78DC47F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F4EFACE0-C9B4-4BEF-91D7-0D9691B34F5F}D:\electronic arts\ultima online 2d\client.exe" = protocol=6 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"TCP Query User{F7869BB6-2C52-4583-AF68-E659AB85BD2A}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{0061D46F-963F-4584-B161-5EFCE536B9AF}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=17 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"UDP Query User{0DB03BCD-E8FD-4DE1-95F2-B2CB718907D8}D:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe" = protocol=17 | dir=in | app=d:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe |
"UDP Query User{17AB4C72-C04F-4A2F-82D8-DAEFEE18A428}D:\virtual playtable\playtable.exe" = protocol=17 | dir=in | app=d:\virtual playtable\playtable.exe |
"UDP Query User{180FCDF5-6DF5-4F69-B09F-50E1487F37AA}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{1BE01C97-34D3-4C5A-984B-F8A2104F20EB}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{22759091-F8B7-428B-A7C6-3E27773E6933}D:\magic workstation\mwshost.exe" = protocol=17 | dir=in | app=d:\magic workstation\mwshost.exe |
"UDP Query User{34A86AF9-855E-4AD0-BF1B-A42B9DAF469C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{623D8F7B-49A6-4101-A38D-9D1A5588D663}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"UDP Query User{7205367C-681B-49F0-B0BF-D6A420D4D86D}D:\tool\wme\wmenc.exe" = protocol=17 | dir=in | app=d:\tool\wme\wmenc.exe |
"UDP Query User{74CBF508-489B-4AB7-B522-669C44A97608}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{82378ED9-1697-4572-AC4A-A09F9E4DD255}D:\bin\javaw.exe" = protocol=17 | dir=in | app=d:\bin\javaw.exe |
"UDP Query User{AD13F36D-D77D-4F6A-913F-155EE90B7F24}D:\program files\capcom\super street fighter iv\ssfiv.exe" = protocol=17 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"UDP Query User{B067515D-CFE9-4A01-B5FB-AE93EA5881B3}D:\steam\steamapps\common\magic duels\magicduels.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magic duels\magicduels.exe |
"UDP Query User{B5B080E3-C0A1-41EA-A735-83E27CCE3EF0}D:\エミュ\ggpo-build-030\ggpofba.exe" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"UDP Query User{BD4253F9-9179-46D3-8ED1-1019BAAE974A}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=17 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"UDP Query User{DD405276-5781-4036-B49B-6A63847F93A3}D:\エミュ\ggpo-build-030\ggpo.exe" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"UDP Query User{ED907AF4-BB89-472A-B8C2-84B6D86D0DAD}D:\magic workstation\mwsplay.exe" = protocol=17 | dir=in | app=d:\magic workstation\mwsplay.exe |
"UDP Query User{F9484868-6138-41B2-855C-B6A42C0D0345}D:\electronic arts\ultima online 2d\client.exe" = protocol=17 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E0CA282-7F32-4B0D-B427-78B9A3CBC42F}" = Messenger Companion
"{0F83CDA4-72BF-4F8A-94F9-BD07EFC2390E}" = Windows Live Family Safety
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3EABDB76-D290-4640-8D38-1077EAD855C2}" = Windows Live Remote Client Resources
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"{43430FA0-4A2E-404A-B715-951000028101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000038101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000048101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000058101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5EF092-01A6-490D-82CC-5D5D8C8EA4A0}" = Windows Live Remote Service Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR コンポーネント
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B92EB0-446C-3778-9E6B-C1BE202FE44F}" = Microsoft .NET Framework 4.5.1 (JPN)
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype(TM) 7.8
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{6E3939AE-9996-4D07-9A30-14C78AE93576}" = Microsoft Security Client
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7134EF35-DA07-41F8-A71F-66709E194BB5}" = Windows Live Mesh
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{88216653-C378-4091-AF17-2A0F5B056A23}_is1" = Virtual Playtable version 0.8.6
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1041-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Japanese
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B05B64BA-D9C8-47B9-A2CB-A1F8E796C843}" = Windows Live Messenger
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.31
"{B957A70B-A599-47F3-00AC-824D4C85FB8F}" = シムシティ4 デラックス
"{BAF0CA91-4642-46C8-9BCD-C93B61508701}" = リモート接続用の Windows Live Mesh ActiveX コントロール (日本語)
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C6866249-495A-4ED7-AD69-99336B5E86E4}" = GUILTY GEAR XX #RELOAD
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media エンコーダ 9 シリーズ
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE408577-9C0E-4E5F-BCB2-DB5B3A220958}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"CCleaner" = CCleaner
"DownsizeAll" = DownsizeAll
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EPSON PX-045A Series Useg" = EPSON PX-045A Series ユーザーズガイド
"FenrirSleipnirV3_is1" = Sleipnir Version 4.3.4
"foobar2000" = foobar2000 v1.1.5
"GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"IDM" = ID Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Jane Style_is1" = Jane Style Version 3.72
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"LimeChat 2" = LimeChat 2
"Magic Workstation_is1" = Magic Workstation 0.94f
"MagniDriver" = marvell 91xx driver
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 40.0.3 (x86 ja)" = Mozilla Firefox 40.0.3 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"Noah" = 圧縮解凍ソフト Noah
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.17.1863" = Opera 12.17
"PHANTASY STAR ONLINE Blue Burst_is1" = PHANTASY STAR ONLINE Blue Burst
"RealAlt_is1" = Real Alternative 2.0.2
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"Steam" = Steam
"Steam App 105600" = Terraria
"Steam App 301640" = Zombie Army Trilogy
"Steam App 316010" = Magic Duels
"Steam App 35720" = Trine 2
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"UOAssist" = UOAssist
"Windows Media Encoder 9" = Windows Media エンコーダ 9 シリーズ
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/08/23 5:31:45 | Computer Name = MIWA-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Performance 拡張カウンター プロバイダーを処理するときに、パフォーマンス レジストリ値のパフォーマンス文字列は壊れています。パフォーマンス
レジストリからの BaseIndex 値は、データ セクションの最初の DWORD で、LastCounter 値は、データ セクションの 2 番目の DWORD
で、LastHelp 値は、データ セクションの 3 番目の DWORD です。

Error - 2015/08/23 5:31:45 | Computer Name = MIWA-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Performance 拡張カウンター プロバイダーを処理するときに、パフォーマンス レジストリ値のパフォーマンス文字列は壊れています。パフォーマンス
レジストリからの BaseIndex 値は、データ セクションの最初の DWORD で、LastCounter 値は、データ セクションの 2 番目の DWORD
で、LastHelp 値は、データ セクションの 3 番目の DWORD です。

Error - 2015/08/23 5:31:45 | Computer Name = MIWA-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = サービス WmiApRpl (WmiApRpl) のパフォーマンス カウンターの文字列をアンロードできませんでした。エラー コードがデータ
セクションの最初の DWORD に含まれています。

Error - 2015/08/24 10:58:41 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: left4dead2.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x545ac24d
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x00000000
障害が発生しているプロセス
ID: 0x2d0 障害が発生しているアプリケーションの開始時刻: 0x01d0de7d4ccc5652 障害が発生しているアプリケーション パス: D:\Steam\steamapps\common\Left
4 Dead 2\left4dead2.exe 障害が発生しているモジュール パス: unknown レポート ID: 9b3b58ed-4a70-11e5-9f6d-bcaec5570411

Error - 2015/08/24 10:58:46 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: left4dead2.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x545ac24d
障害が発生しているモジュール名:
chromehtml.dll、バージョン: 0.0.0.0、タイム スタンプ: 0x545bc1dc 例外コード: 0xc0000005 障害オフセット: 0x00037828
障害が発生しているプロセス
ID: 0x2d0 障害が発生しているアプリケーションの開始時刻: 0x01d0de7d4ccc5652 障害が発生しているアプリケーション パス: D:\Steam\steamapps\common\Left
4 Dead 2\left4dead2.exe 障害が発生しているモジュール パス: d:\steam\steamapps\common\left 4 dead
2\bin\chromehtml.dll レポート ID: 9de01d06-4a70-11e5-9f6d-bcaec5570411

Error - 2015/08/27 14:16:09 | Computer Name = MIWA-PC | Source = SideBySide | ID = 16842785
Description = "d:\Steam\steamapps\common\Trine 2\tools\luac_x64.exe" のアクティブ化コンテキストの生成に失敗しました。
従属アセンブリ
Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/08/28 6:58:13 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Steam.exe、バージョン: 2.92.69.85、タイム スタンプ: 0x55d4caea
障害が発生しているモジュール名:
ntdll.dll、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afd7a8 例外コード: 0xc0000005 障害オフセット: 0x0001fa35
障害が発生しているプロセス
ID: 0x14a0 障害が発生しているアプリケーションの開始時刻: 0x01d0e1806cd405c9 障害が発生しているアプリケーション パス: D:\Steam\Steam.exe
障害が発生しているモジュール
パス: C:\Windows\SYSTEM32\ntdll.dll レポート ID: ad5ece30-4d73-11e5-af15-bcaec5570411

Error - 2015/08/28 14:12:10 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: _is45FD.exe、バージョン: 12.0.0.49974、タイム スタンプ: 0x4474907b
障害が発生しているモジュール名:
_is45FD.exe、バージョン: 12.0.0.49974、タイム スタンプ: 0x4474907b 例外コード: 0xc0000005 障害オフセット: 0x0001e48b
障害が発生しているプロセス
ID: 0x1250 障害が発生しているアプリケーションの開始時刻: 0x01d0e1bd0e35aec7 障害が発生しているアプリケーション パス: D:\Temp\_is45FD.exe
障害が発生しているモジュール
パス: D:\Temp\_is45FD.exe レポート ID: 4ca17d6d-4db0-11e5-af15-bcaec5570411

Error - 2015/08/29 0:55:06 | Computer Name = MIWA-PC | Source = System Restore | ID = 8193
Description =

Error - 2015/08/31 8:29:22 | Computer Name = MIWA-PC | Source = Application Hang | ID = 1002
Description = プログラム Skype.exe バージョン 7.8.0.102 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: d1c 開始時刻: 01d0e3e40390d436 終了時刻: 20 アプリケーション
パス: C:\Program Files\Skype\Phone\Skype.exe レポート ID:

[ System Events ]
Error - 2015/08/31 7:53:17 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/31 7:53:17 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/31 7:53:17 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/31 7:53:17 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/31 7:53:31 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/31 7:55:56 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/08/31 7:55:56 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/08/31 7:55:59 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/08/31 7:58:04 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7038
Description = nvUpdatusService サービスで、現在構成されているパスワードで .\UpdatusUser としてログオンできませんでした。次のエラーが原因です:
%%1330 このサービスが正しく構成されていることを確認するには、Microsoft 管理コンソール (MMC) のサービス スナップインを使用してください。

Error - 2015/08/31 7:58:04 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7000
Description = NVIDIA Update Service Daemon サービスを、次のエラーが原因で開始できませんでした: %%1069


< End of report >
  • なす
  • 2015/08/31 (Mon) 22:21:24
返信フォームへ 
【代打レス】今度はOTLで処置を
なすさん、こんばんは。
ここの管理人の悪代官というぼけなすです。

IVNOさんがご多忙なので、今度は自分がレスしますね。
OTLのログも見せてもらいました。
それでは以下の説明に沿って続きの作業をお願いします。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E 08 C8 7D E7 F9 CB 01 [binary data]
[2015/08/29 13:39:29 | 000,000,000 | ---D | C] -- C:\Windows\pss

:Files
C:\Windows\pss

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2015/08/31 (Mon) 22:39:59
返信フォームへ 
Re: Reimage Repair
悪代官さん、こんばんは。
お世話になっております、ショップに持っていくか
最悪新しいのを買うしかないのかと思っていたので本当に感謝感謝です。


それはさておきOTLのログを貼っておきます。
All processes killed
========== OTL ==========
HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
C:\Windows\pss folder moved successfully.
========== FILES ==========
File\Folder C:\Windows\pss not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: MIWA
->Temp folder emptied: 26108 bytes
->Java cache emptied: 1686594 bytes
->FireFox cache emptied: 428622620 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 98176 bytes

User: Public

User: TEMP
->Temp folder emptied: 0 bytes
->Flash cache emptied: 2879 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4020457 bytes
Session Manager Temp folder emptied: 194470758 bytes
Session Manager Tmp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 600.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 09012015_000508

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




あと現状ですが未だにsteamクライアントを起動していると
広告や詐欺サイト?が表示されてしまいます。
思えばsteamが重いなと感じたので再インストールしたんですが、
それから広告が表示されるようになった気がします。
必要ないかもしれませんが一応ご報告しておきます。
  • なす
  • 2015/09/01 (Tue) 00:34:35
返信フォームへ 
HPでスキャンを
また登場いたしましたIVNOです。
悪代官さんフォローありがとうございます。

OTLでの処置結果は良好です。
OTLは再使用する可能性がありますので、現段階では保管しておいてください。

以下のソフトウェアをご用意ください。

HerdProtect(通称:HP)
http://www.herdprotect.com/downloads.aspx
インストール版でもポータブル版でも構いません。
インストール版の場合、アンインストールの際は、セーフモードでGeekを利用してアンインストールされてください。
また、トレンドマイクロのウイルスバスターとの相性が悪いとの報告も受けております。
相性の問題でスキャンが正常にできないときは、その旨をご報告ください。
さらに、本ソフトウェアにより検出されたものすべてがマルウェアと言うわけではありません。
HPは駆除機能もありますが、まずは駆除は行わず、検出のみに使用いたします。

準備ができましたら、まずゲームのインストーラーなど、極端に重たいファイルがある場合は、
そちらの不要ファイルを事前にPC内から手動削除し、ごみ箱からも消しておいてください。
これらをHPが不審プログラムとして拾うと、1日や2日は平気でスキャンにかかってしまいます。
PCが通常モードで起動していることを確認し、HerdProtectを起動させます。
ソフトウェアの特性として、ファイルのスキャンにインターネット回線を利用します。
インターネット回線がご利用できないセーフモード時では正常に動作しませんので、
セーフモードで起動中の場合は通常モードに切り替えてください。
Scanボタンがありますので、こちらを押してスキャンを行ってください。
スキャンに必要な情報を収集したり、発見された不審なソフトウェアを
各種セキュリティソフトで調査している間は、スキャン作業が停止します。
スキャンが進行しないからと言ってフリーズしたわけではありませんので、
スキャンが完了するまで今しばらくお待ちください。
スキャンが完了しましたらスキャン結果が表示されますので、
画面右上にあるSave resultsという文字をクリックしてログを出力してください。
出力されたログを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/09/01 (Tue) 19:07:23
返信フォームへ 
Re: Reimage Repair
ログ取れました。
あまり時間かからなかったので逆に心配になってしまいました、
ちゃんと出来てますかね?


Saved date: 2015/09/02 22:13:31
Files detected: 19
Files scanned: 5,856
Processes scanned: 66
Modules scanned: 607
ASEPs scanned: 442
Downloads scanned: 0
Deep analysis: 1/0
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files\asus\turbov\pngio.dll
Publisher:
MD5: 5bbc951150e738f108c6d3d325bd4029
SHA-1: 66c50259eca878bdc778908f798e06ce603a0505
Created: 2011/03/01 12:46:58
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\asus\turbov\tvoclib.dll
Publisher:
MD5: b82b0a2525ad0bfbfcb8ab23f286f944
SHA-1: 325b2a68a497d994c91794e40e9ef12d6e662bef
Created: 2011/03/01 12:46:58
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Suspicious.H

---------------------------------------------------------------------------------

File path: c:\windows\system32\drivers\usbcir.sys
Publisher: Microsoft Corporation
MD5: 2352ab5f9f8f097bf9d41d5a4718a041
SHA-1: 4e58c07158e142d801ba8639819380b1d737642f
Created: 2013/10/09 19:48:29
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\msderun.dll
Publisher: Microsoft Corporation
MD5: 3ccf24e43e8e8d802e52e9c9990ae335
SHA-1: 76d63a4f1291673812eca13d6faef0aad180e4d0
Created: 2011/03/06 19:37:06
Detections: 1
Determination: Ignore detections (false positive)
- XVirus List as Win.Detected (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\asio.dll
Publisher:
MD5: b6296a1e765612688e7e9800cebf2ac8
SHA-1: 1ee4854c1f418bff0f78ee97c5b2e3b26443e867
Created: 2011/03/01 12:46:56
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/AutoRun.VB.bae (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\jack32.dll
Publisher: Kim Personal
MD5: 0ce907d0926e747eaab8f853fbf617ce
SHA-1: 0b6114d7001ebde55d26c14e6a3834e3ab29c4f0
Created: 2011/03/06 19:36:08
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Keylogger (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\sfx32gui.dat
Publisher: heropa@dream.com
MD5: fbb68217acf049d29138415badb744a8
SHA-1: 7672651f93feecb30a639acca4f5aa9508134593
Created: 2011/03/06 19:36:07
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Zillya! Antivirus as Trojan.Obfuscated.Win32.69460 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 2015/08/08 21:45:26
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\application data\nvidia\updatus\download\71e59489\drsupdate.r280_11-10530863_runasuser.exe
Publisher:
MD5: bb3683e855c4080ef636dd799b223186
SHA-1: 991eac78bb96b1ff96151060375d265e7b809eb4
Created: 2011/09/25 18:46:53
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0808 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\nvidia\updatus\packages\00000000\drsupdate.r280_11-10530863_runasuser.exe
Publisher:
MD5: 4bef254e1da3105353c349e199cc8efb
SHA-1: 7cf475f1cf664d46d2a00745c67bb1caf794be41
Created: 2012/11/18 23:35:31
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as Trojan.Agent/Gen-FakeDefender (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\blizzard entertainment\battle.net\cache\36\b2\36b27cd911b33c61730a8b82c8b2495fd16e8024fc3b2dde08861c77a852941c.auth
Publisher:
MD5: 140d0aaf310055ebebcdd91d3f0f522e
SHA-1: 8b0b8779b18467e4e180a74971aa469542a18f50
Created: 2015/08/08 21:45:26
Detections: 2
Determination: Ignore detections (false positive)
- Trend Micro House Call as PAK_Generic.001
- Trend Micro as PAK_Generic.001

---------------------------------------------------------------------------------

File path: c:\programdata\nvidia\updatus\download\71e59489\drsupdate.r280_11-10530863_runasuser.exe
Publisher:
MD5: bb3683e855c4080ef636dd799b223186
SHA-1: 991eac78bb96b1ff96151060375d265e7b809eb4
Created: 2011/09/25 18:46:53
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0808 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\nvidia\updatus\packages\00000000\drsupdate.r280_11-10530863_runasuser.exe
Publisher:
MD5: 4bef254e1da3105353c349e199cc8efb
SHA-1: 7cf475f1cf664d46d2a00745c67bb1caf794be41
Created: 2012/11/18 23:35:31
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as Trojan.Agent/Gen-FakeDefender (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\foobar2000\shared.dll
Publisher:
MD5: f199151bcc510edb29e0540a42752302
SHA-1: c2305f1ea2fad724cd65652bc5adc8a3425c0856
Created: 2011/02/28 4:40:14
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\noah\caldix (1).exe
Publisher:
MD5: 0f1a6ea206019a430b7b198f18802b68
SHA-1: c15783684574baf3f0efa8c108ee49c771b6322e
Created: 2008/10/04 1:30:02
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Vba32 AntiVirus as BScope.Malware-Cryptor.Slota (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\noah\caldix.exe
Publisher:
MD5: 1bda943a77edbac92e3f54d2f41e7562
SHA-1: 283b6be610acf226c43f2c9a1be390f662b072a3
Created: 2008/10/04 1:30:02
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as BScope.Malware-Cryptor.Slota (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\noah\noah (1).exe
Publisher: kMonos.NET
MD5: 3ddab0dfbf3fd9354d87c623ee4d8ec9
SHA-1: 8e3d06eecd27e9529f4d3434cd1a771c57c10153
Created: 2008/10/04 1:30:02
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Vba32 AntiVirus as BScope.Malware-Cryptor.Slota (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\noah\noah.exe
Publisher: kMonos.NET
MD5: 893d4952c558fc5f7e005c0edc383d07
SHA-1: 2f4ce4031d5a9425cdc13406daeb9f965373d9c1
Created: 2008/10/04 1:30:02
Detections: 2
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Keylogger (Undefined)
- Vba32 AntiVirus as BScope.Malware-Cryptor.Slota (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\noah\uninst (1).exe
Publisher:
MD5: cafd0c808070c78f151d42f7f595c394
SHA-1: b6511450686b47ed26c0447ffcf3519ddd91f29f
Created: 2008/10/04 1:30:03
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Vba32 AntiVirus as BScope.Malware-Cryptor.Slota (Undefined)

  • なす
  • 2015/09/02 (Wed) 22:19:09
返信フォームへ 
HPは削除し問題の画像の添付を
HPでは検出はなかった模様です。
HPは不要となりますので、導入時の指示に従って削除なされてください。

お手数ですが、どのような状況でどのような広告が出るのか確認させてください。
Altキーを押しながらPrintScreen(PrtScn)を押すと最前面のものだけのスクリーンショットが撮影できます。
該当の広告が出たら撮影し、スタートボタン⇒すべてのプログラム⇒アクセサリ⇒ペイントを起動させます。
Ctrlを押しながらVキーを押して貼り付け、わかりやすい場所に名前をつけて保存してください。
祖損した画像を貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/09/03 (Thu) 10:19:24
返信フォームへ 
Re: Reimage Repair
steamクライアントを起動しストアを開いた状態で暫く放置していると、
画像のような広告ページが開いてしまいます。
今回何度か触っているうちに3種類の広告が出てきました、
Reimage Repair
(通常のストアページに戻そうとすると画像右上のJavaScript Confirmと書かれた怪しげな窓が開きます)

続く
  • なす
  • 2015/09/04 (Fri) 23:35:24
返信フォームへ 
Re: Reimage Repair
二つ目
VIDEO DOWNLOAD CONVERTER
  • なす
  • 2015/09/04 (Fri) 23:37:14
返信フォームへ 
Re: Reimage Repair
3つ目
Login - Error
  • なす
  • 2015/09/04 (Fri) 23:38:14
返信フォームへ 
これは難航しそうです
確かにまだリダイレクトが発生しているようです。
しかし通常のブラウザと異なり、こちらのブラウザはセキュリティソフトや各種駆除ツールの守備範囲外ですので、
セキュリティソフトや各種駆除ツールによる駆除は望めない状況となります。

今度はもっと詳しくOTLで調べてみましょう。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • MAIL
  • 2015/09/05 (Sat) 13:18:35
返信フォームへ 
Re: Reimage Repair
まだまだ時間がかかりそう、という事ですか。
今仕事が忙しくなって中々返信できない日もありますが、
諦めた訳では無いので今後ともよろしくお願いします。


OTL.txt

OTL logfile created on: 2015/09/05 22:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MIWA\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

2.99 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 61.31% Memory free
5.98 Gb Paging File | 4.85 Gb Available in Paging File | 81.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 40.01 Gb Free Space | 53.75% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 449.02 Gb Free Space | 48.20% Space Free | Partition Type: NTFS

Computer Name: MIWA-PC | User Name: MIWA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/09/05 22:46:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MIWA\Downloads\OTL.exe
PRC - [2015/08/27 09:37:44 | 002,634,872 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015/08/27 09:37:41 | 019,958,904 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
PRC - [2015/08/27 09:37:41 | 004,305,016 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
PRC - [2015/08/27 09:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015/08/27 09:37:41 | 000,921,208 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
PRC - [2015/08/27 09:37:40 | 005,810,808 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
PRC - [2015/08/20 08:08:54 | 006,490,904 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/08/20 05:39:00 | 002,899,136 | ---- | M] (Valve Corporation) -- D:\skin\Steam\Steam.exe
PRC - [2015/08/20 05:39:00 | 001,862,848 | ---- | M] (Valve Corporation) -- D:\skin\Steam\bin\steamwebhelper.exe
PRC - [2015/08/07 13:54:43 | 001,818,744 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2015/08/07 13:54:43 | 000,974,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2015/08/07 13:45:03 | 000,410,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/07/05 02:47:39 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2015/05/09 12:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2015/04/30 00:18:28 | 000,981,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/11/23 11:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logicool Co., Ltd.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/05/15 00:36:13 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/27 11:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/11/19 17:54:46 | 005,665,280 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\TurboV\TurboV.exe
PRC - [2009/08/19 20:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/08/27 09:37:44 | 000,011,896 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015/08/25 03:28:32 | 000,030,720 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1041.dll
MOD - [2015/08/20 05:39:14 | 002,413,248 | ---- | M] () -- D:\skin\Steam\video.dll
MOD - [2015/08/20 05:39:00 | 000,704,192 | ---- | M] () -- D:\skin\Steam\bin\chromehtml.dll
MOD - [2015/07/27 10:13:30 | 000,171,008 | ---- | M] () -- D:\skin\Steam\bin\openvr_api.dll
MOD - [2015/07/04 01:12:46 | 004,962,816 | ---- | M] () -- D:\skin\Steam\v8.dll
MOD - [2015/07/04 01:12:28 | 039,553,928 | ---- | M] () -- D:\skin\Steam\bin\libcef.dll
MOD - [2015/07/04 01:12:28 | 001,556,992 | ---- | M] () -- D:\skin\Steam\icui18n.dll
MOD - [2015/07/04 01:12:28 | 001,187,840 | ---- | M] () -- D:\skin\Steam\icuuc.dll
MOD - [2015/07/04 01:12:24 | 000,778,240 | ---- | M] () -- D:\skin\Steam\SDL2.dll
MOD - [2014/12/02 06:31:16 | 002,396,672 | ---- | M] () -- D:\skin\Steam\libavcodec-56.dll
MOD - [2014/12/02 06:31:16 | 000,485,888 | ---- | M] () -- D:\skin\Steam\libswscale-3.dll
MOD - [2014/12/02 06:31:16 | 000,479,744 | ---- | M] () -- D:\skin\Steam\libavformat-56.dll
MOD - [2014/12/02 06:31:16 | 000,442,880 | ---- | M] () -- D:\skin\Steam\libavutil-54.dll
MOD - [2014/12/02 06:31:16 | 000,332,800 | ---- | M] () -- D:\skin\Steam\libavresample-2.dll
MOD - [2009/10/26 14:52:44 | 000,135,680 | ---- | M] () -- C:\Program Files\ASUS\TurboV\TvOcLib.dll
MOD - [2008/12/10 20:27:56 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\TurboV\pngio.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/08/27 09:37:41 | 004,305,016 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV - [2015/08/27 09:37:41 | 001,872,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015/08/27 09:37:41 | 000,921,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV - [2015/08/26 21:46:30 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/23 11:54:43 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/08/22 12:58:15 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/08/07 13:45:03 | 000,410,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015/07/17 04:39:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/05 06:12:14 | 000,837,312 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/07/23 02:12:04 | 005,148,240 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logicool Co., Ltd.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/03/01 13:12:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/08/19 20:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/07/14 10:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2015/09/05 22:40:38 | 000,039,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5F3A399B-27C7-45E1-A5D4-49E21CE927BD}\MpKsl4068fb8f.sys -- (MpKsl4068fb8f)
DRV - [2015/08/27 09:37:40 | 000,018,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2015/08/11 13:55:08 | 000,044,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2015/08/07 19:38:11 | 009,326,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2015/08/07 19:38:11 | 000,171,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2015/03/04 19:34:52 | 000,095,408 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014/08/12 20:18:47 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/05/31 01:16:36 | 000,039,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV - [2012/10/24 15:43:34 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/10/24 15:43:34 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/01/18 06:44:52 | 004,332,960 | ---- | M] (Logicool Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2010/11/26 18:02:22 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/20 01:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/06 14:47:08 | 000,648,808 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/04/27 10:28:46 | 000,146,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/04/27 10:27:50 | 000,064,904 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/12/25 16:04:48 | 000,258,088 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mv91xx.sys -- (mv91xx)
DRV - [2009/11/24 10:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/24 10:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/11/17 00:00:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2009/08/04 11:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/16 12:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/14 08:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/05/20 18:10:00 | 000,314,368 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://app.nicovideo.jp/watch/ap159
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs =
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_jaJP421
IE - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\GomPlayer\Real Alternative\browser\plugins\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\GomPlayer\Real Alternative\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@screenleap.com/ScreenleapPlugin,version=1.1: C:\Users\MIWA\AppData\Local\Screenleap\npscreenleap1.1.dll (ScreenLeap, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: D:\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: D:\Firefox\plugins

[2011/03/06 19:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MIWA\AppData\Roaming\mozilla\Extensions
[2015/09/05 22:45:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MIWA\AppData\Roaming\mozilla\Firefox\Profiles\pk4sm1bu.default\extensions
[2014/02/19 19:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/29 12:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

O1 HOSTS File: ([2015/09/01 00:05:09 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [EEventManager] c:\program files\epson software\event manager\eeventmanager.exe File not found
O4 - HKLM..\Run: [Launch LCore] c:\program files\logicool gaming software\lcore.exe /minimized File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TurboV] c:\program files\asus\turbov\turbov.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatiigj.exe /ept "epltarget\p0000000000000000" /m "px-045a series" File not found
O4 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000..\Run: [Steam] D:\skin\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4104506114-555989637-4023910494-1000\..Trusted Domains: holysnow.net ([magic] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{808ADE34-4FC0-4719-BF82-0BFBFF26302E}: DhcpNameServer = 192.168.11.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 06:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/01 00:07:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/08/30 21:17:07 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Malwarebytes
[2015/08/30 21:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/29 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Geek Uninstaller
[2015/08/29 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015/08/29 13:21:38 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/08/29 13:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/08/29 13:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015/08/29 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Sun
[2015/08/29 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\.oracle_jre_usage
[2015/08/29 03:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2015/08/29 03:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015/08/25 21:13:17 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Zombie Army Trilogy
[2015/08/23 11:55:56 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/23 11:55:30 | 001,372,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015/08/23 11:55:19 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015/08/23 11:55:19 | 000,105,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015/08/23 11:54:43 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/08/23 11:54:43 | 000,937,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015/08/23 11:54:43 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/08/23 11:54:43 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015/08/23 11:54:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/08/23 11:54:43 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/08/23 11:54:43 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/08/23 11:54:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/08/23 11:54:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/08/23 11:54:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/08/23 11:54:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015/08/23 11:54:43 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/08/23 11:54:43 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/08/23 11:54:42 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/08/23 11:54:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/08/23 11:54:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015/08/23 03:01:19 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015/08/23 01:04:21 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Roaming\Trine2
[2015/08/22 12:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/08/22 12:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2015/08/22 12:06:28 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2015/08/22 12:06:28 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll
[2015/08/22 12:06:22 | 001,167,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2015/08/22 12:06:22 | 000,015,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2015/08/22 12:06:21 | 000,952,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/08/22 12:06:21 | 000,934,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/08/22 12:06:21 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/08/22 12:06:21 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/08/22 12:06:21 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/08/22 12:06:21 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/08/22 12:06:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/08/22 12:06:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/08/22 12:06:19 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/08/22 12:06:19 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/08/22 12:06:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/08/22 12:06:19 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/08/22 12:06:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/08/22 12:06:19 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/08/22 12:06:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/08/22 12:06:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/08/22 12:06:18 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/08/22 12:05:52 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2015/08/22 12:05:52 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2015/08/22 12:05:39 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2015/08/22 12:05:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2015/08/22 12:05:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2015/08/22 12:05:29 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015/08/22 12:05:29 | 000,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2015/08/22 12:05:27 | 002,384,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/08/22 12:05:27 | 001,251,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/08/22 12:05:27 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/08/22 12:05:26 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015/08/22 12:05:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015/08/22 12:05:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/08/22 12:05:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015/08/22 12:05:23 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015/08/22 12:05:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015/08/22 12:05:23 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015/08/22 12:05:23 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015/08/22 12:05:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015/08/22 12:05:06 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015/08/22 12:05:06 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2015/08/22 12:05:06 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2015/08/22 12:05:05 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/08/22 12:05:05 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/08/22 12:05:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/08/22 12:05:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/08/22 12:05:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/08/22 12:05:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/08/22 12:05:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/08/22 12:05:04 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/08/22 12:05:04 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/08/22 12:05:04 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/08/22 12:05:04 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/08/22 12:05:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/08/22 12:05:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/08/22 12:05:03 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/08/22 12:05:03 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/08/22 12:05:03 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/08/22 12:05:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/08/22 12:05:02 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/08/22 12:05:02 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/08/22 12:05:01 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/08/22 12:05:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/08/22 12:05:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/08/22 12:04:59 | 004,520,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/08/22 12:04:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2015/08/22 12:04:49 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2015/08/22 12:04:47 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2015/08/22 12:04:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2015/08/22 12:04:45 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015/08/22 12:04:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2015/08/22 12:04:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2015/08/22 12:04:27 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2015/08/22 12:04:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2015/08/22 12:04:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2015/08/22 12:04:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2015/08/22 12:04:26 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2015/08/22 12:04:26 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2015/08/22 12:04:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2015/08/22 12:04:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/22 12:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2015/08/22 12:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/22 12:04:25 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cewmdm.dll
[2015/08/22 12:04:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2015/08/22 12:04:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2015/08/22 12:04:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2015/08/22 12:04:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/08/22 12:04:18 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2015/08/22 12:04:16 | 000,521,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2015/08/22 12:04:15 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2015/08/22 12:04:15 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2015/08/22 12:04:15 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2015/08/22 12:04:15 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2015/08/22 12:04:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2015/08/22 12:04:14 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2015/08/22 12:04:14 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2015/08/22 12:04:14 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2015/08/22 12:04:14 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2015/08/22 12:04:14 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2015/08/22 12:04:14 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2015/08/22 12:04:14 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2015/08/22 12:04:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2015/08/22 12:04:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2015/08/22 12:04:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2015/08/22 12:04:13 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2015/08/22 12:04:13 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2015/08/22 12:04:13 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2015/08/22 12:04:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2015/08/22 12:04:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2015/08/22 12:04:13 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2015/08/22 12:04:13 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2015/08/22 12:04:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2015/08/22 12:04:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcawrk.exe
[2015/08/22 12:04:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcalua.exe
[2015/08/22 12:04:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaevts.dll
[2015/08/22 12:04:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2015/08/22 12:01:47 | 000,044,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2015/08/22 11:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2015/08/22 11:36:19 | 001,316,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll
[2015/08/22 11:35:28 | 000,573,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2015/08/22 11:34:02 | 000,069,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2015/08/22 11:34:01 | 018,540,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2015/08/22 11:34:01 | 014,673,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2015/08/22 11:34:01 | 013,656,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2015/08/22 11:34:01 | 012,513,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2015/08/22 11:34:01 | 012,179,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2015/08/22 11:34:01 | 009,326,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2015/08/22 11:34:01 | 003,106,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2015/08/22 11:34:01 | 002,624,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2015/08/22 11:34:01 | 001,049,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3235560.dll
[2015/08/22 11:34:01 | 000,985,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2015/08/22 11:34:01 | 000,942,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2015/08/22 11:34:01 | 000,931,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2015/08/22 11:34:01 | 000,921,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2015/08/22 11:34:01 | 000,912,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3235560.dll
[2015/08/22 11:34:01 | 000,421,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll
[2015/08/22 11:34:01 | 000,364,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll
[2015/08/22 11:34:01 | 000,171,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2015/08/22 11:34:01 | 000,155,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2015/08/22 11:34:01 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2015/08/22 11:34:01 | 000,037,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2015/08/16 11:50:27 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/08/11 09:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Chrome to Mobile
[2015/08/08 21:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2015/08/08 21:43:18 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Blizzard Entertainment
[2015/08/08 21:43:12 | 000,000,000 | ---D | C] -- C:\Users\MIWA\AppData\Local\Battle.net
[2015/08/08 21:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2015/08/08 21:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2015/08/07 03:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Palette for Chrome
  • なす
  • 2015/09/05 (Sat) 23:18:21
返信フォームへ 
Re: Reimage Repair
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/05 22:48:16 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/05 22:48:16 | 000,015,152 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/05 22:40:29 | 000,000,434 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2015/09/05 22:40:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/05 22:40:24 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/05 21:58:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/01 00:05:09 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2015/09/01 00:03:12 | 000,013,542 | ---- | M] () -- C:\Users\MIWA\Desktop\msconfig.exe - ショートカット.lnk
[2015/08/30 18:44:04 | 000,001,335 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015/08/29 21:09:47 | 000,001,304 | ---- | M] () -- C:\Users\MIWA\Desktop\CCleaner.exe - ショートカット.lnk
[2015/08/29 13:21:34 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/08/29 13:09:03 | 000,274,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2015/08/29 03:40:13 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/27 09:37:01 | 001,423,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2015/08/27 09:37:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll
[2015/08/27 00:59:20 | 000,007,594 | ---- | M] () -- C:\Users\MIWA\AppData\Local\Resmon.ResmonCfg
[2015/08/23 18:31:48 | 012,701,804 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2015/08/23 18:31:48 | 008,508,562 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/08/23 18:31:48 | 007,857,782 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2015/08/23 18:31:48 | 007,631,026 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/08/23 11:55:56 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/23 11:55:30 | 001,372,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015/08/23 11:55:19 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015/08/23 11:55:19 | 000,105,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015/08/23 11:54:43 | 003,989,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/08/23 11:54:43 | 003,934,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/08/23 11:54:43 | 000,937,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015/08/23 11:54:43 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/08/23 11:54:43 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015/08/23 11:54:43 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/08/23 11:54:43 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/08/23 11:54:43 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/08/23 11:54:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/08/23 11:54:43 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/08/23 11:54:43 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/08/23 11:54:43 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015/08/23 11:54:43 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/08/23 11:54:43 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/08/23 11:54:42 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/08/23 11:54:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015/08/23 03:28:00 | 000,267,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/08/23 03:09:53 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015/08/22 12:58:15 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/08/22 12:58:15 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/08/11 13:55:08 | 000,044,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvvad32v.sys
[2015/08/11 13:52:30 | 000,069,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvaudcap32v.dll
[2015/08/07 19:38:11 | 037,819,184 | ---- | M] () -- C:\Windows\System32\nvcompiler.dll
[2015/08/07 19:38:11 | 018,540,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2015/08/07 19:38:11 | 014,673,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2015/08/07 19:38:11 | 013,656,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2015/08/07 19:38:11 | 012,513,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2015/08/07 19:38:11 | 012,179,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2015/08/07 19:38:11 | 009,326,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2015/08/07 19:38:11 | 003,106,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2015/08/07 19:38:11 | 002,624,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2015/08/07 19:38:11 | 001,049,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3235560.dll
[2015/08/07 19:38:11 | 000,985,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2015/08/07 19:38:11 | 000,942,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2015/08/07 19:38:11 | 000,931,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2015/08/07 19:38:11 | 000,921,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2015/08/07 19:38:11 | 000,912,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3235560.dll
[2015/08/07 19:38:11 | 000,421,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll
[2015/08/07 19:38:11 | 000,364,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll
[2015/08/07 19:38:11 | 000,171,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2015/08/07 19:38:11 | 000,155,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2015/08/07 19:38:11 | 000,128,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2015/08/07 19:38:11 | 000,037,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2015/08/07 19:38:11 | 000,027,937 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2015/08/07 13:54:45 | 002,554,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2015/08/07 13:54:45 | 000,061,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2015/08/07 13:54:44 | 000,375,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2015/08/07 13:54:43 | 003,019,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2015/08/07 13:54:42 | 004,390,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2015/08/07 13:45:06 | 000,573,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/01 00:03:12 | 000,013,542 | ---- | C] () -- C:\Users\MIWA\Desktop\msconfig.exe - ショートカット.lnk
[2015/08/29 21:09:47 | 000,001,304 | ---- | C] () -- C:\Users\MIWA\Desktop\CCleaner.exe - ショートカット.lnk
[2015/08/29 20:51:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/08/29 03:40:13 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/29 03:19:14 | 000,000,602 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/08/22 12:04:58 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015/08/22 11:39:53 | 000,001,335 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015/08/22 11:34:01 | 037,819,184 | ---- | C] () -- C:\Windows\System32\nvcompiler.dll
[2015/06/28 11:47:48 | 000,000,024 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr25.bin
[2015/06/22 19:10:36 | 000,000,020 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr2.bin
[2015/03/23 00:22:13 | 000,000,020 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\appdataFr3.bin
[2014/12/23 00:41:42 | 000,000,408 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\CamShapes.ini
[2014/12/23 00:41:20 | 000,000,096 | ---- | C] () -- C:\Users\MIWA\AppData\Roaming\version2.xml
[2014/06/01 22:59:27 | 000,000,064 | ---- | C] () -- C:\Users\MIWA\.screenleap
[2014/04/22 01:09:49 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/08/01 17:22:32 | 000,000,000 | ---- | C] () -- C:\Users\MIWA\AppData\Local\{EE2238DD-E029-4629-9BDB-10A02CD36A9E}
[2011/03/12 03:07:40 | 000,007,594 | ---- | C] () -- C:\Users\MIWA\AppData\Local\Resmon.ResmonCfg
[2011/03/06 19:37:09 | 000,000,015 | ---- | C] () -- C:\Users\MIWA\.a-downloader

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/11 02:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 10:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]
[2015/08/30 21:16:43 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/08/29 04:02:58 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/11/25 19:27:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2012/08/14 19:43:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2015/04/25 23:34:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2014/04/21 22:30:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\EPSON\PRINTER
[2015/08/22 11:12:44 | 000,000,000 | -H-D | M] -- C:\ProgramData\EPSON\EPSON PX-045A Series\Language
[2009/07/14 13:52:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2009/07/15 00:50:31 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 13:52:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2012/01/08 18:58:57 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2012/08/14 19:43:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2015/04/25 23:34:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2014/04/21 22:30:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\EPSON\PRINTER
[2015/08/22 11:12:44 | 000,000,000 | -H-D | M] -- C:\Users\All Users\EPSON\EPSON PX-045A Series\Language
[2009/07/14 13:52:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2009/07/15 00:50:31 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 13:52:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 11:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2011/03/06 12:58:41 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData
[2011/03/06 18:07:47 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2011/03/06 12:58:51 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2014/03/22 07:14:17 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2011/03/06 18:07:08 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2011/05/20 07:25:58 | 000,000,000 | RH-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\Burn\Burn
[2011/04/10 15:20:06 | 000,000,000 | RH-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\Burn\Burn1
[2011/04/10 16:37:43 | 000,000,000 | RH-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\Burn\Burn2
[2012/10/18 00:04:07 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics
[2012/01/08 18:50:31 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{768E2DCF-73B0-420A-AA99-4DB04FBC3637}
[2014/01/04 22:56:12 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{8669ECE8-D1C3-4345-8310-E60F6D44FDAF}
[2015/03/07 19:36:40 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{89FE5CB3-11CB-489C-AC0D-0C0B6707E1F6}
[2014/01/04 22:56:12 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{A8977498-2FDF-42B7-A726-8D3B2A53CD2C}
[2014/01/04 22:56:12 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\Microsoft\Windows\GameExplorer\GameStatistics\{F284254F-0243-46A7-A328-DD99F72267E8}
[2015/06/28 16:22:09 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Local\NVIDIA Corporation\Shield Apps\StreamingAssets
[2015/08/22 11:12:46 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Fenrir Inc\Sleipnir\~temp
[2015/08/22 11:06:13 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/06/30 23:38:57 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Microsoft\Windows\DNTException\Low
[2015/06/30 23:38:57 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2015/06/30 23:38:57 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
[2013/07/02 18:52:27 | 000,000,000 | -H-D | M] -- C:\Users\MIWA\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2015/08/31 20:54:11 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2011/03/06 17:57:50 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/06/12 19:24:52 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData
[2011/09/25 18:36:15 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData
[2011/03/01 13:52:41 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2011/03/01 13:07:20 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2011/03/06 17:58:12 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\アート キャッシュ

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/09/05 21:58:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: INTEL SS DSA2M080G2GC SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: WDC WD10 EALX-009BA0 SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV - [2015/03/04 13:10:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2015/08/23 11:55:19 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 10:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 04:21:00 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 04:18:08 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/05 06:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2015/04/28 04:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 04:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 04:18:32 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 14:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 10:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 04:19:24 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2015/04/30 01:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2015/04/30 01:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/07/14 10:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 10:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 10:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2014/12/06 12:50:19 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 10:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 19:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 14:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 10:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 04:21:02 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 04:21:04 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 10:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2015/08/23 11:54:43 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 10:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 04:21:28 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 04:21:20 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 04:21:06 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 04:21:30 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 10:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2014/12/19 11:43:00 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 04:17:52 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2015/02/03 12:12:12 | 000,475,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 04:21:08 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/27 13:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 04:21:36 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 04:19:42 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 04:21:36 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2015/06/16 06:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 10:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2015/07/21 02:56:49 | 002,061,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 04:18:36 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 10:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 04:21:38 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:233BFF24

< End of report >
  • なす
  • 2015/09/05 (Sat) 23:19:01
返信フォームへ 
Re: Reimage Repair
Extras.txt

OTL Extras logfile created on: 2015/09/05 22:48:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MIWA\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

2.99 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 61.31% Memory free
5.98 Gb Paging File | 4.85 Gb Available in Paging File | 81.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 40.01 Gb Free Space | 53.75% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 449.02 Gb Free Space | 48.20% Space Free | Partition Type: NTFS

Computer Name: MIWA-PC | User Name: MIWA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "D:\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3EA7A8-F129-45D1-899A-44516AF40160}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0DD3DCA1-8EAB-4B50-8F61-AAD61F090F3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E5946B9-AB54-4BC1-A6D2-587756D93735}" = lport=138 | protocol=17 | dir=in | app=system |
"{1380B746-1602-4F34-9501-6686EF22BE34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1DB3A4E7-8257-498F-A43D-BBE7883C9E55}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{260F377A-02BB-4E79-9EC2-585C3ECA5488}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{265B6EE6-8F4F-49D2-94E3-19CB08914F3E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3F6DFA46-8AAA-4BED-8F78-C101F05ED19D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FD5FC16-9A63-4249-B39D-3AAE1BA5B127}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45496C5C-FAC5-4BF1-9589-C98CAC06FFA4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{488E4712-05FC-4150-A0DE-BB027887531D}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{493E7B16-ABFD-4493-B531-821F69A72714}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{4A8DDE3F-64A1-46FB-B229-A684190FC2DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5871E26F-4F19-481C-8181-01A8A8B3ADAF}" = lport=30000 | protocol=17 | dir=in | name=udp30000 |
"{594C9847-556D-4AB0-843F-276DAF3A9E91}" = rport=445 | protocol=6 | dir=out | app=system |
"{688019BD-8E46-4580-874F-D60B257539FE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{75CB2FBA-3393-4EAE-9140-8E93058B663A}" = rport=137 | protocol=17 | dir=out | app=system |
"{768E122F-0436-40FF-92D5-E2B7A74A3F16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{79198123-7BCF-4B57-9AD1-D41F6F2E9B0A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B29D7CC-898D-48FC-B375-D1B6C9420DA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E76CDBA-D60B-45D7-90E9-BED18722D219}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CD0EDAB-1B28-431C-96D3-2ECF2FACFBEB}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D4AF7C1-8A16-4843-94C8-5869378DDA15}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{8DD4B92E-FE7B-4BA7-9076-A0D75C436252}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{91648274-9925-4F35-A0DF-842F077C9710}" = lport=53 | protocol=17 | dir=in | name=rtldhcp port |
"{97A6A01B-9740-4EE1-A217-C915CC37DDDB}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A8336B57-1333-43D1-8A06-F15DDD1F61BB}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{AA0351C0-BAAC-417E-B758-FC683423D808}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{B2155AE1-CE7E-4256-9393-44E6A4E5828A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B5A85D71-C722-4EA5-B9BE-D52D31B08934}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BA330D6A-78FA-4F12-80AE-99DD3397E467}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BB47714A-9027-48C3-9C3D-AC8D998334F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{C6EC4F85-F1F3-4379-B95E-C9F0291132B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE9AF98D-C413-4F07-B64A-1ACAB7BE41E2}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D97CE29D-D89D-43A4-96C3-E01E31EA19D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD7BB352-A358-4334-AC76-AAD997020C7A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DDD6C500-2C2F-4BAC-B718-3FC04DE47709}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE0CDC97-D21F-43C8-97EE-81586E7F7DEA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E007C209-631D-41A5-97AD-81AC06FB477A}" = lport=137 | protocol=17 | dir=in | app=system |
"{E636D021-53A3-4F1F-96A6-224EDFB91AA0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EC0BF174-8190-4C2F-9E9D-C5BB49088CEC}" = lport=53 | protocol=17 | dir=in | name=rtldhcp port |
"{F9115290-29FC-4F47-885B-7B38CFBCEA66}" = lport=7144 | protocol=6 | dir=in | name=tcp7144 |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C9D80A-6A15-473F-BD27-F81247D4A7B0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{08D6DF75-4260-49BE-8030-5D4311B0DBDC}" = protocol=17 | dir=in | app=c:\users\miwa\appdata\local\temp\icreinstall\musicconvertersetup.exe |
"{0E6D31AB-F5BF-4357-8A83-08158D8F02D5}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\terraria\terraria.exe |
"{12460831-0F07-4083-880F-07D319061FFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12D5A1CA-CD02-4A4B-BAE9-C9A922259E98}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\magic duels\magicduels.exe |
"{14C54AC4-9A99-4596-8EEC-DEE2D4C7EF8C}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{15394E12-52E2-457A-8294-69873C4E2D38}" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"{156CD779-F231-4B48-B386-057970107241}" = protocol=17 | dir=in | app=d:\utorrent.exe |
"{19AF7E72-0F95-4B9C-80A1-D567BDAC04CB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\guilty gear xx accent core plus r\ggxxacpr_win.exe |
"{1B88DAC4-3EEA-4C91-B0C2-BF6534B87BBE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1C84C469-7FB7-4A59-A97E-0DBF3BEA314A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1EC089DC-CD72-486B-B8E3-DF13FF22FC6A}" = protocol=6 | dir=in | app=c:\users\miwa\downloads\musicconvertersetup.exe |
"{21F6F3D3-F8C3-4F16-B1F8-8A40B44D5644}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{2258ECAC-127E-42C6-BB23-59CAD773721B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{2534A99F-D9E7-44DD-A2ED-38764B15330B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2F9727F7-4870-4B1C-8D8E-214EA146C16C}" = protocol=6 | dir=in | app=d:\firefox\firefox.exe |
"{308CCB4F-6B51-423B-9B42-542D73846475}" = protocol=17 | dir=in | app=d:\pluginwrapper\opera_plugin_wrapper.exe |
"{3542E8BB-034C-42B7-B82F-1468DD344C48}" = protocol=6 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{391344F2-0AE8-4FB6-A387-ED0A096CF13D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39B6A595-6271-4DF3-A9BF-BEB4CCEB33FC}" = protocol=6 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{3A9D4F5D-D62E-4935-9FD9-C26EE8CDBE33}" = protocol=6 | dir=in | app=d:\opera.exe |
"{3D00F935-8561-42C3-91C7-0F80336EBB8F}" = protocol=6 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"{3D69AC46-E0A8-44F6-86D9-C23E94608214}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxupdater.exe |
"{3EE6A806-A2D5-420F-AE19-B703C2064894}" = protocol=17 | dir=in | app=c:\users\miwa\downloads\musicconvertersetup.exe |
"{429F8054-8C2B-43DB-9FF0-EFF69B0E622D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{448BEB9A-7F78-4376-9636-42CE134E32BC}" = protocol=6 | dir=in | app=c:\program files\peercast\peercast.exe |
"{47ED20AB-E4BA-449E-99D6-4FF5657B22BD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{48C8518B-64DC-429A-A8E0-8CD771D29F90}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxoffline.exe |
"{4B9C2D8A-4087-4DEF-9BD5-C328DD89E845}" = protocol=6 | dir=in | app=c:\program files\peercast\oggcap.exe |
"{4BF61E39-5FE8-4883-A5A2-F91805D02561}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxgame.exe |
"{4CFEF5F7-3729-44AD-986D-30B2C3C68001}" = protocol=17 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"{4FB6EE5C-2AC2-4FC3-A2E8-661FA0C24AE9}" = protocol=6 | dir=in | app=d:\utorrent.exe |
"{4FFA926B-D8E9-4100-A53B-F0C96A2A817F}" = protocol=6 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"{511C7434-5560-428B-9EF9-D12791B6856E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{5777DCBD-0E89-4EB3-A02B-0C568C21DDC6}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxupdater.exe |
"{5D9AD25F-63C8-4272-BE9C-F938789DFDAE}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{5EE032F2-1E44-4DFB-9F54-24526C7A8E37}" = protocol=17 | dir=in | app=c:\program files\peercast\peercast.exe |
"{64932ED0-C50B-4F7A-BB33-10F5E46010C4}" = protocol=17 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\option.exe |
"{6AC2349B-EC72-43CB-BE54-435794BBCE87}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{6F81C42D-03A1-4AE8-BC5A-F8E548099CB7}" = protocol=17 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"{71EE1AAC-050F-41E5-AADD-3405B17E47A3}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxgame.exe |
"{740154F7-02FF-4B27-B9A6-759253FE4A67}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxboot.exe |
"{7D198F95-7141-45FF-877D-F8469A674CD1}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxconfig.exe |
"{807AF9AA-8F2E-4C3C-8437-F79B336344B8}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{83EAAC04-7991-4093-9790-5E7CD96E8018}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\terraria\terraria.exe |
"{85ABD9EB-B496-40E7-9EB7-3CACCAD3C082}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{86AA8396-2B49-4F12-9F5C-5374BF6FB62A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{86AF2AE4-FF19-4878-81DE-DCDC1DABBB8B}" = protocol=6 | dir=out | app=system |
"{86EAC6D0-7F6C-4B22-B78C-719B1E61D879}" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"{87663DD1-F3D0-4AE8-8BCC-406A3DEE1A1B}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxboot.exe |
"{8C931C5B-CBC3-4BC4-B372-2490404C50ED}" = protocol=6 | dir=in | app=c:\users\miwa\appdata\local\temp\icreinstall\musicconvertersetup.exe |
"{8D885C48-348D-4643-9A9F-81B9932EC0EA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\guilty gear xx accent core plus r\ggxxacpr_win.exe |
"{8E2B5949-CFED-4BDA-9355-9568FCA3A9A3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{8EE3A3D5-80DB-4AF7-A076-E9E8B83CF580}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8FE6B0E1-C7D4-437B-875C-ABC2BFA372E4}" = protocol=17 | dir=in | app=d:\opera.exe |
"{92BA6EA6-B8A0-4CCD-8649-7AB2268C013F}" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"{94B4861E-0968-430A-9017-E0975DC46B9D}" = protocol=6 | dir=in | app=d:\skin\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{95683D41-D48B-4CCD-85DF-766BC975E08D}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxtitle.exe |
"{9923AF14-45E5-4B87-9386-EF7F32000F8B}" = protocol=17 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\online.exe |
"{9A389D95-05ED-4B0F-94E9-40AAA6CDB28B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{9ACA1B9E-8632-45E4-8F86-B1D45ED8C691}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F8D9A72-1BFC-42D1-B925-A54FA9B81248}" = protocol=17 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxoffline.exe |
"{A437CBFF-67F4-4948-8A95-62EFA4047C44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A52C276F-08A9-4A1B-BD74-517715F105F6}" = protocol=6 | dir=in | app=d:\pluginwrapper\opera_plugin_wrapper.exe |
"{A8FF1504-063B-422E-8137-2D69420F7EFC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFD069BA-063F-409C-B60A-60BA5190821C}" = protocol=17 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"{AFD5073F-B6F4-48A9-AAD1-94F5963E0043}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BBF37F07-635B-40F0-971D-71FE7E383E2B}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{BD46D266-7609-4752-A208-7308952FF413}" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"{BF6661DD-8F30-40E6-91B1-8A9D84A91432}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C857B796-AD1E-481E-980F-008251B165C3}" = protocol=6 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\option.exe |
"{CAB4D0CA-6DC3-4031-9C66-8EDBA4C124AA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB0674BD-B784-48CC-8399-1E46E69839D6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skullgirls\skullgirls.exe |
"{CCC7732D-A837-40E5-9A74-ECB8BCC96719}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CD35B5AE-3632-4C45-8CE7-EA72E623B4DD}" = protocol=17 | dir=in | app=c:\program files\peercast\oggcap.exe |
"{D06ED3F4-DD1E-4ECE-8989-7ABA92C121ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2E6B9E5-8973-456A-B7DA-76973BD77212}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{D48CCBA8-3567-4582-8AFB-EEB0B30B9B95}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxlauncher.exe |
"{D6801C88-0170-4C47-B721-2788CF6DAF8C}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{DC9044AF-BEE2-4F15-9129-5DD4938EF4BF}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\game\dqxconfig.exe |
"{DFF23CE4-9F4D-4F84-B344-87969CDA6A6A}" = protocol=17 | dir=in | app=d:\firefox\firefox.exe |
"{E3282B95-7CDB-4014-9DF3-64B252BEBEE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EAAB5BB1-0320-4EE3-A5FA-D7FC6148C585}" = protocol=6 | dir=in | app=c:\users\miwa\desktop\sega\phantasy star online blue burst\online.exe |
"{EAC9295D-0CA7-43E8-A2F4-44103DC9E65B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skullgirls\skullgirls.exe |
"{EB087AC2-CA3A-4D0B-805A-95C29D3C6412}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE541D29-1B4F-4AB1-B70A-FF046A7563F0}" = protocol=17 | dir=in | app=d:\skin\steam\steam.exe |
"{F04778DC-A1BF-4263-8B90-94ED17046C87}" = protocol=6 | dir=in | app=d:\skin\steam\steam.exe |
"{F08BF0CA-7207-4F24-99EA-416C0274DD7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2A4BA25-5605-4D07-AD58-5782EFABCCFD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\zombie army trilogy\launcher\zatlauncher.exe |
"{F8842DAE-163F-4364-903A-D21A21CB2983}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA9A3036-1CB4-4EE4-A515-F294AFEEDFA1}" = protocol=58 | dir=in | app=system |
"{FB289C3C-A18F-4D97-918C-7F2F7BBD0901}" = protocol=17 | dir=in | app=d:\skin\steam\steamapps\common\magic duels\magicduels.exe |
"{FB697240-3892-46F0-A94C-F539B622AD33}" = protocol=6 | dir=in | app=d:\dq10\squareenix\dragon quest x\boot\dqxtitle.exe |
"{FC7DE406-2F8B-4D76-B7D0-9374DE83D4A3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{FDF08E8A-81CE-49A0-A619-3333F82E09FE}" = protocol=17 | dir=in | app=c:\program files\planex clientmanager\rtldhcp.exe |
"TCP Query User{03A5110B-70B1-4CCF-BF5E-97E4ED69838C}D:\エミュ\ggpo-build-030\ggpo.exe" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"TCP Query User{19D67051-9B17-4732-A9C6-5B8C443182A2}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=6 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"TCP Query User{2A940E5B-949A-4EF9-A19D-A683CF4D7E04}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=6 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"TCP Query User{350CE712-34DF-4E69-9B10-37370706F166}D:\bin\javaw.exe" = protocol=6 | dir=in | app=d:\bin\javaw.exe |
"TCP Query User{76E7FAF1-1E06-4ACA-BF81-B7AB4581C0B9}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{8A8EE3EB-31B7-4032-8513-61E2040DB39A}D:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe" = protocol=6 | dir=in | app=d:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe |
"TCP Query User{96EE183A-B5E9-466E-8E69-50854E0A161D}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{98504AA2-A82E-46BC-9251-EAF59EE67258}D:\steam\steamapps\common\magic duels\magicduels.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\magic duels\magicduels.exe |
"TCP Query User{B2CED73C-3F67-42FA-B6A5-CCCAE7EE98B7}D:\magic workstation\mwsplay.exe" = protocol=6 | dir=in | app=d:\magic workstation\mwsplay.exe |
"TCP Query User{B43DFBBE-C49C-4885-BB47-7ADE449B5097}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"TCP Query User{B7F59D84-EA56-4A1B-A073-EFA7534A89CB}D:\magic workstation\mwshost.exe" = protocol=6 | dir=in | app=d:\magic workstation\mwshost.exe |
"TCP Query User{BA592D9F-12E1-4156-BE8F-7BB0D7D78C82}D:\エミュ\ggpo-build-030\ggpofba.exe" = protocol=6 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"TCP Query User{CC46858D-C694-4095-9F04-6E4DEA193A62}D:\tool\wme\wmenc.exe" = protocol=6 | dir=in | app=d:\tool\wme\wmenc.exe |
"TCP Query User{D67CC0D2-28F3-4BD4-BD5C-C4C6FD998D86}D:\virtual playtable\playtable.exe" = protocol=6 | dir=in | app=d:\virtual playtable\playtable.exe |
"TCP Query User{E215F001-AA9A-47E0-B603-55AE2F1B955B}D:\program files\capcom\super street fighter iv\ssfiv.exe" = protocol=6 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"TCP Query User{ECA9734E-3B93-4395-8652-0704F78DC47F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F4EFACE0-C9B4-4BEF-91D7-0D9691B34F5F}D:\electronic arts\ultima online 2d\client.exe" = protocol=6 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |
"TCP Query User{F7869BB6-2C52-4583-AF68-E659AB85BD2A}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{0061D46F-963F-4584-B161-5EFCE536B9AF}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=17 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"UDP Query User{0DB03BCD-E8FD-4DE1-95F2-B2CB718907D8}D:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe" = protocol=17 | dir=in | app=d:\ダウンロード\uo\saitama\ださいたま\runuoさいたま_da.exe |
"UDP Query User{17AB4C72-C04F-4A2F-82D8-DAEFEE18A428}D:\virtual playtable\playtable.exe" = protocol=17 | dir=in | app=d:\virtual playtable\playtable.exe |
"UDP Query User{180FCDF5-6DF5-4F69-B09F-50E1487F37AA}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{1BE01C97-34D3-4C5A-984B-F8A2104F20EB}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{22759091-F8B7-428B-A7C6-3E27773E6933}D:\magic workstation\mwshost.exe" = protocol=17 | dir=in | app=d:\magic workstation\mwshost.exe |
"UDP Query User{34A86AF9-855E-4AD0-BF1B-A42B9DAF469C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{623D8F7B-49A6-4101-A38D-9D1A5588D663}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"UDP Query User{7205367C-681B-49F0-B0BF-D6A420D4D86D}D:\tool\wme\wmenc.exe" = protocol=17 | dir=in | app=d:\tool\wme\wmenc.exe |
"UDP Query User{74CBF508-489B-4AB7-B522-669C44A97608}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{82378ED9-1697-4572-AC4A-A09F9E4DD255}D:\bin\javaw.exe" = protocol=17 | dir=in | app=d:\bin\javaw.exe |
"UDP Query User{AD13F36D-D77D-4F6A-913F-155EE90B7F24}D:\program files\capcom\super street fighter iv\ssfiv.exe" = protocol=17 | dir=in | app=d:\program files\capcom\super street fighter iv\ssfiv.exe |
"UDP Query User{B067515D-CFE9-4A01-B5FB-AE93EA5881B3}D:\steam\steamapps\common\magic duels\magicduels.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\magic duels\magicduels.exe |
"UDP Query User{B5B080E3-C0A1-41EA-A735-83E27CCE3EF0}D:\エミュ\ggpo-build-030\ggpofba.exe" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpofba.exe |
"UDP Query User{BD4253F9-9179-46D3-8ED1-1019BAAE974A}C:\users\miwa\appdata\roaming\vseeinstall\vsee.exe" = protocol=17 | dir=in | app=c:\users\miwa\appdata\roaming\vseeinstall\vsee.exe |
"UDP Query User{DD405276-5781-4036-B49B-6A63847F93A3}D:\エミュ\ggpo-build-030\ggpo.exe" = protocol=17 | dir=in | app=d:\エミュ\ggpo-build-030\ggpo.exe |
"UDP Query User{ED907AF4-BB89-472A-B8C2-84B6D86D0DAD}D:\magic workstation\mwsplay.exe" = protocol=17 | dir=in | app=d:\magic workstation\mwsplay.exe |
"UDP Query User{F9484868-6138-41B2-855C-B6A42C0D0345}D:\electronic arts\ultima online 2d\client.exe" = protocol=17 | dir=in | app=d:\electronic arts\ultima online 2d\client.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E0CA282-7F32-4B0D-B427-78B9A3CBC42F}" = Messenger Companion
"{0F83CDA4-72BF-4F8A-94F9-BD07EFC2390E}" = Windows Live Family Safety
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3EABDB76-D290-4640-8D38-1077EAD855C2}" = Windows Live Remote Client Resources
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"{43430FA0-4A2E-404A-B715-951000028101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000038101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000048101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{43430FA0-4A2E-404A-B715-951000058101}" = SUPER STREET FIGHTER IV: ARCADE EDITION
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5EF092-01A6-490D-82CC-5D5D8C8EA4A0}" = Windows Live Remote Service Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR コンポーネント
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63B92EB0-446C-3778-9E6B-C1BE202FE44F}" = Microsoft .NET Framework 4.5.1 (JPN)
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype(TM) 7.8
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{6E3939AE-9996-4D07-9A30-14C78AE93576}" = Microsoft Security Client
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7134EF35-DA07-41F8-A71F-66709E194BB5}" = Windows Live Mesh
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{88216653-C378-4091-AF17-2A0F5B056A23}_is1" = Virtual Playtable version 0.8.6
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1041-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Japanese
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B05B64BA-D9C8-47B9-A2CB-A1F8E796C843}" = Windows Live Messenger
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.14.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.31
"{B957A70B-A599-47F3-00AC-824D4C85FB8F}" = シムシティ4 デラックス
"{BAF0CA91-4642-46C8-9BCD-C93B61508701}" = リモート接続用の Windows Live Mesh ActiveX コントロール (日本語)
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C6866249-495A-4ED7-AD69-99336B5E86E4}" = GUILTY GEAR XX #RELOAD
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media エンコーダ 9 シリーズ
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE408577-9C0E-4E5F-BCB2-DB5B3A220958}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F69FD33C-8815-46BF-9134-A643DE68F3C0}" = WinFast(R) Display Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"CCleaner" = CCleaner
"DownsizeAll" = DownsizeAll
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EPSON PX-045A Series Useg" = EPSON PX-045A Series ユーザーズガイド
"FenrirSleipnirV3_is1" = Sleipnir Version 4.3.4
"foobar2000" = foobar2000 v1.1.5
"GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"IDM" = ID Manager
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Jane Style_is1" = Jane Style Version 3.72
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"LimeChat 2" = LimeChat 2
"Magic Workstation_is1" = Magic Workstation 0.94f
"MagniDriver" = marvell 91xx driver
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 40.0.3 (x86 ja)" = Mozilla Firefox 40.0.3 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"Noah" = 圧縮解凍ソフト Noah
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.17.1863" = Opera 12.17
"RealAlt_is1" = Real Alternative 2.0.2
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"Steam" = Steam
"Steam App 105600" = Terraria
"Steam App 301640" = Zombie Army Trilogy
"Steam App 316010" = Magic Duels
"Steam App 35720" = Trine 2
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"UOAssist" = UOAssist
"Windows Media Encoder 9" = Windows Media エンコーダ 9 シリーズ
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4104506114-555989637-4023910494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/08/23 5:31:45 | Computer Name = MIWA-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = サービス WmiApRpl (WmiApRpl) のパフォーマンス カウンターの文字列をアンロードできませんでした。エラー コードがデータ
セクションの最初の DWORD に含まれています。

Error - 2015/08/24 10:58:41 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: left4dead2.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x545ac24d
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x00000000
障害が発生しているプロセス
ID: 0x2d0 障害が発生しているアプリケーションの開始時刻: 0x01d0de7d4ccc5652 障害が発生しているアプリケーション パス: D:\Steam\steamapps\common\Left
4 Dead 2\left4dead2.exe 障害が発生しているモジュール パス: unknown レポート ID: 9b3b58ed-4a70-11e5-9f6d-bcaec5570411

Error - 2015/08/24 10:58:46 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: left4dead2.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x545ac24d
障害が発生しているモジュール名:
chromehtml.dll、バージョン: 0.0.0.0、タイム スタンプ: 0x545bc1dc 例外コード: 0xc0000005 障害オフセット: 0x00037828
障害が発生しているプロセス
ID: 0x2d0 障害が発生しているアプリケーションの開始時刻: 0x01d0de7d4ccc5652 障害が発生しているアプリケーション パス: D:\Steam\steamapps\common\Left
4 Dead 2\left4dead2.exe 障害が発生しているモジュール パス: d:\steam\steamapps\common\left 4 dead
2\bin\chromehtml.dll レポート ID: 9de01d06-4a70-11e5-9f6d-bcaec5570411

Error - 2015/08/27 14:16:09 | Computer Name = MIWA-PC | Source = SideBySide | ID = 16842785
Description = "d:\Steam\steamapps\common\Trine 2\tools\luac_x64.exe" のアクティブ化コンテキストの生成に失敗しました。
従属アセンブリ
Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/08/28 6:58:13 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Steam.exe、バージョン: 2.92.69.85、タイム スタンプ: 0x55d4caea
障害が発生しているモジュール名:
ntdll.dll、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afd7a8 例外コード: 0xc0000005 障害オフセット: 0x0001fa35
障害が発生しているプロセス
ID: 0x14a0 障害が発生しているアプリケーションの開始時刻: 0x01d0e1806cd405c9 障害が発生しているアプリケーション パス: D:\Steam\Steam.exe
障害が発生しているモジュール
パス: C:\Windows\SYSTEM32\ntdll.dll レポート ID: ad5ece30-4d73-11e5-af15-bcaec5570411

Error - 2015/08/28 14:12:10 | Computer Name = MIWA-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: _is45FD.exe、バージョン: 12.0.0.49974、タイム スタンプ: 0x4474907b
障害が発生しているモジュール名:
_is45FD.exe、バージョン: 12.0.0.49974、タイム スタンプ: 0x4474907b 例外コード: 0xc0000005 障害オフセット: 0x0001e48b
障害が発生しているプロセス
ID: 0x1250 障害が発生しているアプリケーションの開始時刻: 0x01d0e1bd0e35aec7 障害が発生しているアプリケーション パス: D:\Temp\_is45FD.exe
障害が発生しているモジュール
パス: D:\Temp\_is45FD.exe レポート ID: 4ca17d6d-4db0-11e5-af15-bcaec5570411

Error - 2015/08/29 0:55:06 | Computer Name = MIWA-PC | Source = System Restore | ID = 8193
Description =

Error - 2015/08/31 8:29:22 | Computer Name = MIWA-PC | Source = Application Hang | ID = 1002
Description = プログラム Skype.exe バージョン 7.8.0.102 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: d1c 開始時刻: 01d0e3e40390d436 終了時刻: 20 アプリケーション
パス: C:\Program Files\Skype\Phone\Skype.exe レポート ID:

Error - 2015/09/05 8:59:58 | Computer Name = MIWA-PC | Source = Application Hang | ID = 1002
Description = プログラム Skype.exe バージョン 7.8.0.102 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: c90 開始時刻: 01d0e7d0382b079d 終了時刻: 40 アプリケーション
パス: C:\Program Files\Skype\Phone\Skype.exe レポート ID:

Error - 2015/09/05 9:48:00 | Computer Name = MIWA-PC | Source = Application Hang | ID = 1002
Description = プログラム Skype.exe バージョン 7.8.0.102 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: d08 開始時刻: 01d0e7e06e6afcdb 終了時刻: 20 アプリケーション
パス: C:\Program Files\Skype\Phone\Skype.exe レポート ID:

[ System Events ]
Error - 2015/09/05 7:44:19 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 7:44:19 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 7:44:22 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 7:46:27 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7038
Description = nvUpdatusService サービスで、現在構成されているパスワードで .\UpdatusUser としてログオンできませんでした。次のエラーが原因です:
%%1330 このサービスが正しく構成されていることを確認するには、Microsoft 管理コンソール (MMC) のサービス スナップインを使用してください。

Error - 2015/09/05 7:46:27 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7000
Description = NVIDIA Update Service Daemon サービスを、次のエラーが原因で開始できませんでした: %%1069

Error - 2015/09/05 9:40:22 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 9:40:22 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 9:40:25 | Computer Name = MIWA-PC | Source = volmgr | ID = 262190
Description = クラッシュ ダンプを初期化できませんでした。

Error - 2015/09/05 9:42:29 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7038
Description = nvUpdatusService サービスで、現在構成されているパスワードで .\UpdatusUser としてログオンできませんでした。次のエラーが原因です:
%%1330 このサービスが正しく構成されていることを確認するには、Microsoft 管理コンソール (MMC) のサービス スナップインを使用してください。

Error - 2015/09/05 9:42:29 | Computer Name = MIWA-PC | Source = Service Control Manager | ID = 7000
Description = NVIDIA Update Service Daemon サービスを、次のエラーが原因で開始できませんでした: %%1069


< End of report >
  • なす
  • 2015/09/05 (Sat) 23:19:42
返信フォームへ 
リカバリ必須です
ログを確認いたしました。
結論から書けば、全データを破棄して速やかにリカバリを。
私も色々と忙しくしていてログのチェックが厳密でなかったと言うのは反省しなければならない部分です。
なすさんも利用規約を熟読なされておられるはずですから、こちらのログについての言い訳をお受けするつもりはありません。

d:\エミュ
d:\utorrent.exe

このうちエミュそのものは合法ですが、Torrentを持っている時点でROMファイルをゲームソフトから直接吸い出して使っている可能性は皆無でしょう。
そうなるとエミュそのものも違法入手と言うことになりますし、そもそも著作権のあるものを不正入手するのは犯罪です。
よって2週間の猶予をもって悪代官の伏魔殿本館、別館ともに永久追放とさせていただきます。
よろしくお願いいたします。
  • IVNO
  • MAIL
  • 2015/09/06 (Sun) 09:00:20
返信フォームへ 
投稿者による編集キーを除去しました
こんばんは。
管理人の悪代官です。

IVNOさんのご指摘もありましたが、証拠保全の意味で投稿者による編集キーを除去しましたので、以後は投稿者による編集削除はできません。

以上ご報告しておきます
  • 悪代官
  • 2015/09/06 (Sun) 21:28:48
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック