悪代官の伏魔殿掲示板
ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
ブラウザを開いた時のページがhttp://esurf.biz/?ssid=1453809631&a=1003081&src=sh&uuid=a8c00ca8-01eb-4eea-b518-02d921108203になり、ウェブ閲覧中に度々広告のページに飛ばされてしまいます。
素人知識で何とかしようとしましたが駄目でした。よろしくお願いします。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:19:18, on 2016/01/27
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 38.0.5 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Corel\MLSDK\CorelDesktopAgent.exe
C:\Program Files (x86)\Fujitsu\F-LINK\WSDMAIN.exe
C:\Windows\snuvcdsm.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\kazuto2\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKLM\..\Run: [ControlCenter4] "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKCU\..\Run: [DriveStudio] "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: IntelR CentrinoR Wireless BluetoothR + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CorelDAWatchdog - Unknown owner - C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DataExchangeUtilityService - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FJAgentSVC - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe
O23 - Service: FJStatusPanelSwitchDaemon - FUJITSU LIMITED - C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe
O23 - Service: FUJ02E3Service - FUJITSU LIMITED - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MyCloudコンテンツ管理Utility(管理サービス) (MCCManageSVC) - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: My Cloud メディアサーバー設定Utility (モニタ) (My Cloud Media Server Monitor Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe
O23 - Service: My Cloud メディアサーバー設定Utility (管理サービス) (My Cloud Media Server Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe
O23 - Service: My Cloud Eco DX Service (MyCloudEcoSvc) - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\MCEco\MyCloudEchoSvc.exe
O23 - Service: MyCloudRemoteAccessConnectSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\MCTunnel.exe
O23 - Service: MyCloudRemoteAccessSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PCカルテ スケジュール サービス (SKARUTE) - FUJITSU LIMITED - C:\Program Files\Fujitsu\SKARUTE\fjkartemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SSPF HGW Service (SSPFHGWService) - Unknown owner - C:\Program Files (x86)\Fujitsu\MCEcoUty\MCEcoUty.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: UDSS - Unknown owner - C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12333 bytes


7-Zip 15.14 (x64) Igor Pavlov 2016/01/08 4.72 MB 15.14
Adobe AIR Adobe Systems Incorporated 2015/09/17 18.0.0.144
Battery Utility FUJITSU LIMITED 2014/11/10 4.01.31.014
Brother ドライバー&ソフトウェア DCP-J757N Brother Industries, Ltd. 2015/04/20 1.0.6.0
Campus English Asahipress. Co., ltd. 2014/11/10 1.4.0
CCleaner Piriform 2016/01/27 5.14
Corel Digital Studio for FUJITSU Corel Corporation 2015/03/16 626 MB 1.5.27.39
Corel WinDVD Corel Inc. 2015/03/16 458 MB 10.9.0.170
Cosmochoria Nate Schmold 2015/12/04
DigiBookBrowser Version 1.5.4.106 LECRE Inc. 2014/11/10 8.52 MB 1.5.4.106
DMM ゲームランチャー 2015/05/08
DMMGamesPlugin 2015/05/08
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2014/11/10 34.3 MB 7.6.3.1
Don't Starve Klei Entertainment 2015/06/22
Drive Studio設定Utility FUJITSU LIMITED 2014/11/10 130 MB 1.00.0003
F-Launcher FUJITSU LIMITED 2014/11/10 2.29 MB 2.2.2.0
F-LINK FUJITSU LIMITED 2014/11/10 7.90 MB 3.4.0.0
FJ Camera Sonix 2015/03/16 6.0.1223.1_WHQL
Fresh Paint Microsoft Corporation 2016/01/12 2.0.15133.0
FTL: Faster Than Light Subset Games 2015/12/02
Fujitsu BIOS Driver FUJITSU LIMITED 2014/11/10 1.34 MB 1.1.1.0
Fujitsu MobilityCenter Extension Utility FUJITSU LIMITED 2014/11/10 4.01.00.000
FujitsuShockSensorUtility FUJITSU LIMITED 2015/03/16 1.05 MB V7.01.01.001
Google Chrome Google Inc. 2015/04/09 48.0.2564.82
Hangame 2015/07/25
Intel(R) Management Engine Components Intel Corporation 2014/11/10 10.0.30.1072
Intel(R) Network Connections Drivers Intel 2014/11/10 916 KB 19.5
Intel(R) Processor Graphics Intel Corporation 10.18.10.3977
Intel(R) Rapid Storage Technology Intel Corporation 2014/11/10 13.5.0.1056
Intel(R) Wireless Bluetooth(R) Intel Corporation 2015/03/16 3.60 MB 17.1.1433.02
Lhaplus 2015/08/16
LINE LINE Corporation 2016/01/13 1.0.14.107
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 2016/01/20 15.0.4787.1002
Microsoft OneDrive Microsoft Corporation 2015/12/14 37.6 MB 17.3.6281.1202
Microsoft SQL Server Compact 3.5 SP2 JPN Microsoft Corporation 2014/11/10 4.89 MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 JPN Microsoft Corporation 2014/11/10 7.08 MB 3.5.8080.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2015/04/20 4.28 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/01/14 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/03/16 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/11/10 1.18 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 1.30 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2015/03/16 17.1 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/03/16 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/03/16 10.0.31119
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 2015/12/01 9.45 MB 4.0.30901.0
Mozilla Firefox 38.0.5 (x86 ja) Mozilla 2015/06/12 83.4 MB 38.0.5
Mozilla Maintenance Service Mozilla 2015/05/07 247 KB 37.0.2
MSN スポーツ Microsoft Corporation 2015/07/15 3.0.4.336
MSN トラベル Microsoft Corporation 2015/07/15 3.0.4.336
MSN ニュース Microsoft Corporation 2015/07/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/07/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/15 3.0.4.336
MSN マネー Microsoft Corporation 2015/07/15 3.0.4.336
MSN 天気 Microsoft Corporation 2015/10/23 3.0.4.337
My Cloud エコDX FUJITSU 2015/07/17 2.2.0.2
My Cloud エコDX Utility FUJITSU LIMITED 2014/11/10 153 MB 2.0.1.0
My Cloud エコDX設定Utility FUJITSU LIMITED 2014/11/10 1.54 MB 2.1.0.0
My Cloud スタジオ CYBERLINK.COM CORPORATION. 2015/07/19 1.8.3023.47611
My Cloud プレイ FUJITSU 2016/01/13 6.4.0.4
My Cloud ホーム2.0 FUJITSU 2015/10/02 2.1.4.12
My Cloud リモートアクセス設定Utility FUJITSU LIMITED 2014/11/10 30.7 MB 4.0.0.3
One Way Heroics Smoking WOLF 2015/09/16
OneNote Microsoft Corporation 2015/07/24 16.0.3327.1048
PCカルテ FUJITSU LIMITED 2014/11/10 7.04 MB 2.2.0.1
Peakshift setting FUJITSU LIMITED 2014/11/10 2.01.00.001
PHANTASY STAR ONLINE 2 SEGA 2015/11/01 7.27 MB
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 SEGA 2015/11/01 668 MB
PhotoWizard Microsoft 2015/03/16 334 MB 1.6.0
Plugfree NETWORK 富士通株式会社 2014/11/10 7.1.0.1
Pointing Device Utility FUJITSU LIMITED 2014/11/10 2.29 MB 2.3.0.0
Presto! PageManager 9.02 Newsoft Technology Corporation 2015/04/20 9.02.10
Realtek Card Reader Realtek Semiconductor Corp. 2014/11/10 6.2.9200.21238
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/11/10 6.0.1.7365
RGSS-RTP Standard Enterbrain 2015/04/24 1.03
Rogue Legacy Cellar Door Games 2015/12/01
Roxio Creator LJ Roxio 2015/03/16 121 MB 12.2.78.0
RPGツクール2000 ランタイムパッケージ 2015/04/22
RPGツクールVX Ace RTP Enterbrain 2015/04/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/24 42.1 MB 1.02
RPGツクール2003 ランタイムパッケージ 2015/04/24
Sense YOU Technology 設定 FUJITSU LIMITED 2015/03/16 4.0.1.1
Shock Sensor Driver FUJITSU LIMITED 2015/03/16 201 KB 2.01.01.000
Sid Meier's Civilization IV Firaxis Games 2015/05/19
Skype Skype 2015/06/21 3.1.0.1016
SlimDX Redistributable for .NET 2.0 (September 2011) SlimDX Group 2015/07/20 15.5 MB 2.0.12.43
Steam Valve Corporation 2015/05/19 2.10.91.91
Synaptics Pointing Device Driver Synaptics Incorporated 2014/11/10 46.4 MB 18.1.22.5
System Requirements Lab Detection Husdawg, LLC 2015/06/17 619 KB 6.1.5.0
This War of Mine 11 bit studios 2016/01/12
Unity Web Player Unity Technologies ApS 2015/04/24 12.0 MB 5.0.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/04/14 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/04/14 34.9 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/16 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/02 9.00 KB 16.0.1515.1
Validity WBF Driver Validity Sensors, Inc. 2015/03/16 10.9 MB 4.5.237.0
Windows 8.1 マスター 大学生協版 (f) NareroCorporation 2015/04/09 1.1.0.59
Windows アラーム Microsoft Corporation 2015/04/09 6.3.9654.20335
Windows サウンド レコーダー Microsoft Corporation 2015/04/09 6.3.9600.20280
Windows スキャン Microsoft Corporation 2015/04/10 6.3.9654.17133
Windows ドライバ パッケージ - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0) FUJITSU LIMITED 2015/03/16 07/02/2013 1.30.1.0
Windows ヘルプ+使い方 Microsoft Corporation 2015/04/09 6.3.9654.20559
Windows リーディング リスト Microsoft Corporation 2015/09/16 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2015/04/09 6.3.9600.20278
Wireless Radio Switch Driver FUJITSU LIMITED 2014/11/10 1.34 MB 1.1.0.0
はじめに行う設定 FUJITSU LIMITED 2014/11/10 2.97 MB 1.1.0.0
わかる!英語資格ガイド Asahi Press Co., Ltd 2014/11/10 406 MB 1.4.0
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2015/03/16 276 MB 17.12.0
ウイルスバスター クラウド トレンドマイクロ株式会社 2015/11/18 450 MB 10.0
カメラセンサー機能ON/OFFツール FUJITSU LIMITED 2015/03/16 V1.03
ゲーム Microsoft Corporation 2015/04/09 2.0.139.0
サポートツール 「パソコンの情報」と「トラブル解決ナビの起動」 FUJITSU LIMITED 2014/11/10 3.31 MB 1.2.0.0
ステータスパネルスイッチ FUJITSU LIMITED 2014/11/10 9.79 MB 1.1.4.0
ソフトウェアディスク検索 FUJITSU LIMITED 2014/11/10 1.86 MB 2.1.0.0
ナレロー11 株式会社ナレロー 2014/11/10 566 MB 11.0.0
バックアップナビ FUJITSU LIMITED 2014/11/10 21.7 MB 2.3.2.0
ビデオ Microsoft Corporation 2015/11/06 2.6.446.0
ミュージック Microsoft Corporation 2015/04/10 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2015/07/30 6.4.9926.17994
ワンタッチボタン設定 FUJITSU LIMITED 2014/11/10 4.32 MB 8.5.10.0
健康生活日記 FUJITSU 2015/04/10 2.0.1.4
地図 Microsoft Corporation 2015/04/10 2.1.3230.2048
女子校生放課後性教育~弱みを握って生ハメ性活指導~ 2015/12/11
富士通アドバイザー FUJITSU LIMITED 2014/11/10 32.6 MB 4.4.0.0
富士通パソコン お客様サポート FUJITSU 2015/07/19 1.0.0.2
富士通拡張機能ユーティリティ FUJITSU LIMITED 2014/11/10 3.89 MB 3.6.2.0
情報倫理デジタルビデオ小品集5 2015/03/16
書き込み機能拡張ユーティリティ FUJITSU LIMITED 2014/11/10 2.3.0.0
楽しもう!Office ライフ Microsoft Corporation 2015/03/16 636 KB 1.0.0
翻訳 Microsoft Corporation 2015/12/04 1.14.0.0
遺跡島と7つのまほう UNKNOWN 2015/05/24 2.15
電源オフUSB充電ユーティリティ FUJITSU LIMITED 2014/11/10 203 KB 3.0.0.0
高精細ユーティリティ FUJITSU LIMITED 2014/11/10 1.91 MB 2.0.0.0
@メニュー V7.0
@メニュー FUJITSU LIMITED 2014/11/10 4.45 MB 7.3.0.0

  • Y.K
  • 2016/01/27 (Wed) 21:32:52
返信フォームへ 
まだ主因は見えませんが
おはようございます。
ここの管理人の悪代官です。
説明とログを見せてもらいました。
esurfでのトラブルですか。
確かに問題点は見えますが、主因らしいものはまだ見えません。
慎重に調べてから処置しましょうか。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

少なくとも下記のアプリは旧バージョンです。
Mozilla Firefox 38.0.5 (x86 ja) Mozilla 2015/06/12 83.4 MB 38.0.5

Skype Skype 2015/06/21 3.1.0.1016

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
DMM ゲームランチャー 2015/05/08

DMMGamesPlugin 2015/05/08

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。
  • 悪代官
  • 2016/01/28 (Thu) 07:56:50
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
症状が変わり、ブラウザを開くと一瞬だけesurf.bizに接続されて、すぐに広告に飛ばされるようになりました。


startupです

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run DriveStudio FUJITSU LIMITED "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
無効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run BrHelp Brother Industries, Ltd. C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run PMSpeed9.02.10 NewSoft Technology Corporation C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SNUVCDSM Sonix Technology CO., LTD C:\windows\snuvcdsm.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run WrtMon.exe NewSoft Technology Corporation C:\windows\system32\spool\drivers\x64\3\WrtMon.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe


InternetExplorer

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll


Firefox

無効 Extension Trend Micro BEP Firefox Extension 9.1.0.1035 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1083 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
有効 Plugin Google Update 1.3.29.1 Google Inc. default C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin OpenH264 Video Codec 1.4 default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin Unity Player 5.0.3.35960 Unity Technologies ApS default C:\Users\kazuto2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll


GoogleChrome

有効 App Gmail 8.1 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension dmm_trigger 1.0.0.6 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekecocnhcgghjgbihpbgdimpobbkfpe\1.0.0.6_0
有効 Extension Google オフライン ドキュメント 1.1 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0
有効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0


ここからインストール情報のログです

HJT

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:06:28, on 2016/01/28
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Corel\MLSDK\CorelDesktopAgent.exe
C:\Windows\snuvcdsm.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Fujitsu\F-LINK\WSDMAIN.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Fujitsu\SptNavi\EzSptTask.exe
C:\Users\kazuto2\Desktop\マルウェア対策 悪代官\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKLM\..\Run: [ControlCenter4] "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKCU\..\Run: [DriveStudio] "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: IntelR CentrinoR Wireless BluetoothR + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CorelDAWatchdog - Unknown owner - C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DataExchangeUtilityService - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FJAgentSVC - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe
O23 - Service: FJStatusPanelSwitchDaemon - FUJITSU LIMITED - C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe
O23 - Service: FUJ02E3Service - FUJITSU LIMITED - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MyCloudコンテンツ管理Utility(管理サービス) (MCCManageSVC) - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: My Cloud メディアサーバー設定Utility (モニタ) (My Cloud Media Server Monitor Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe
O23 - Service: My Cloud メディアサーバー設定Utility (管理サービス) (My Cloud Media Server Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe
O23 - Service: My Cloud Eco DX Service (MyCloudEcoSvc) - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\MCEco\MyCloudEchoSvc.exe
O23 - Service: MyCloudRemoteAccessConnectSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\MCTunnel.exe
O23 - Service: MyCloudRemoteAccessSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PCカルテ スケジュール サービス (SKARUTE) - FUJITSU LIMITED - C:\Program Files\Fujitsu\SKARUTE\fjkartemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SSPF HGW Service (SSPFHGWService) - Unknown owner - C:\Program Files (x86)\Fujitsu\MCEcoUty\MCEcoUty.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: UDSS - Unknown owner - C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11986 bytes


CC

7-Zip 15.14 (x64) Igor Pavlov 2016/01/08 4.72 MB 15.14
Adobe AIR Adobe Systems Incorporated 2015/09/17 18.0.0.144
Battery Utility FUJITSU LIMITED 2014/11/10 4.01.31.014
Brother ドライバー&ソフトウェア DCP-J757N Brother Industries, Ltd. 2015/04/20 1.0.6.0
Campus English Asahipress. Co., ltd. 2014/11/10 1.4.0
CCleaner Piriform 2016/01/27 5.14
Corel Digital Studio for FUJITSU Corel Corporation 2015/03/16 626 MB 1.5.27.39
Corel WinDVD Corel Inc. 2015/03/16 458 MB 10.9.0.170
Cosmochoria Nate Schmold 2015/12/04
DigiBookBrowser Version 1.5.4.106 LECRE Inc. 2014/11/10 8.52 MB 1.5.4.106
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2014/11/10 34.3 MB 7.6.3.1
Don't Starve Klei Entertainment 2015/06/22
Drive Studio設定Utility FUJITSU LIMITED 2014/11/10 130 MB 1.00.0003
F-Launcher FUJITSU LIMITED 2014/11/10 2.29 MB 2.2.2.0
F-LINK FUJITSU LIMITED 2014/11/10 7.90 MB 3.4.0.0
FJ Camera Sonix 2015/03/16 6.0.1223.1_WHQL
Fresh Paint Microsoft Corporation 2016/01/12 2.0.15133.0
FTL: Faster Than Light Subset Games 2015/12/02
Fujitsu BIOS Driver FUJITSU LIMITED 2014/11/10 1.34 MB 1.1.1.0
Fujitsu MobilityCenter Extension Utility FUJITSU LIMITED 2014/11/10 4.01.00.000
FujitsuShockSensorUtility FUJITSU LIMITED 2015/03/16 1.05 MB V7.01.01.001
Google Chrome Google Inc. 2015/04/09 48.0.2564.82
Hangame 2015/07/25
Intel(R) Management Engine Components Intel Corporation 2014/11/10 10.0.30.1072
Intel(R) Network Connections Drivers Intel 2014/11/10 916 KB 19.5
Intel(R) Processor Graphics Intel Corporation 10.18.10.3977
Intel(R) Rapid Storage Technology Intel Corporation 2014/11/10 13.5.0.1056
Intel(R) Wireless Bluetooth(R) Intel Corporation 2015/03/16 3.60 MB 17.1.1433.02
Lhaplus 2015/08/16
LINE LINE Corporation 2016/01/13 1.0.14.107
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 2016/01/20 15.0.4787.1002
Microsoft OneDrive Microsoft Corporation 2015/12/14 37.6 MB 17.3.6281.1202
Microsoft SQL Server Compact 3.5 SP2 JPN Microsoft Corporation 2014/11/10 4.89 MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 JPN Microsoft Corporation 2014/11/10 7.08 MB 3.5.8080.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2015/03/16 4.84 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/01/14 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/03/16 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/11/10 1.18 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 1.30 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2015/03/16 17.1 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/03/16 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/03/16 10.0.31119
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 2015/12/01 9.45 MB 4.0.30901.0
MSN スポーツ Microsoft Corporation 2015/07/15 3.0.4.336
MSN トラベル Microsoft Corporation 2015/07/15 3.0.4.336
MSN ニュース Microsoft Corporation 2015/07/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/07/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/15 3.0.4.336
MSN マネー Microsoft Corporation 2015/07/15 3.0.4.336
MSN 天気 Microsoft Corporation 2015/10/23 3.0.4.337
My Cloud エコDX FUJITSU 2015/07/17 2.2.0.2
My Cloud エコDX Utility FUJITSU LIMITED 2014/11/10 153 MB 2.0.1.0
My Cloud エコDX設定Utility FUJITSU LIMITED 2014/11/10 1.54 MB 2.1.0.0
My Cloud スタジオ CYBERLINK.COM CORPORATION. 2015/07/19 1.8.3023.47611
My Cloud プレイ FUJITSU 2016/01/13 6.4.0.4
My Cloud ホーム2.0 FUJITSU 2015/10/02 2.1.4.12
My Cloud リモートアクセス設定Utility FUJITSU LIMITED 2014/11/10 30.7 MB 4.0.0.3
One Way Heroics Smoking WOLF 2015/09/16
OneNote Microsoft Corporation 2015/07/24 16.0.3327.1048
PCカルテ FUJITSU LIMITED 2014/11/10 7.04 MB 2.2.0.1
Peakshift setting FUJITSU LIMITED 2014/11/10 2.01.00.001
PHANTASY STAR ONLINE 2 SEGA 2015/11/01 7.27 MB
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 SEGA 2015/11/01 668 MB
PhotoWizard Microsoft 2015/03/16 334 MB 1.6.0
Plugfree NETWORK 富士通株式会社 2014/11/10 7.1.0.1
Pointing Device Utility FUJITSU LIMITED 2014/11/10 2.29 MB 2.3.0.0
Presto! PageManager 9.02 Newsoft Technology Corporation 2015/04/20 9.02.10
Realtek Card Reader Realtek Semiconductor Corp. 2014/11/10 6.2.9200.21238
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/11/10 6.0.1.7365
RGSS-RTP Standard Enterbrain 2015/04/24 1.03
Rogue Legacy Cellar Door Games 2015/12/01
Roxio Creator LJ Roxio 2015/03/16 121 MB 12.2.78.0
RPGツクール2000 ランタイムパッケージ 2015/04/22
RPGツクールVX Ace RTP Enterbrain 2015/04/24 194 MB 1.00
RPGツクールVX RTP Enterbrain 2015/04/24 42.1 MB 1.02
RPGツクール2003 ランタイムパッケージ 2015/04/24
Sense YOU Technology 設定 FUJITSU LIMITED 2015/03/16 4.0.1.1
Shock Sensor Driver FUJITSU LIMITED 2015/03/16 201 KB 2.01.01.000
Sid Meier's Civilization IV Firaxis Games 2015/05/19
SlimDX Redistributable for .NET 2.0 (September 2011) SlimDX Group 2015/07/20 15.5 MB 2.0.12.43
Steam Valve Corporation 2015/05/19 2.10.91.91
Synaptics Pointing Device Driver Synaptics Incorporated 2014/11/10 46.4 MB 18.1.22.5
System Requirements Lab Detection Husdawg, LLC 2015/06/17 619 KB 6.1.5.0
This War of Mine 11 bit studios 2016/01/12
Unity Web Player Unity Technologies ApS 2015/04/24 12.0 MB 5.0.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/04/14 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/04/14 34.9 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/16 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/02 9.00 KB 16.0.1515.1
Validity WBF Driver Validity Sensors, Inc. 2015/03/16 10.9 MB 4.5.237.0
Windows 8.1 マスター 大学生協版 (f) NareroCorporation 2015/04/09 1.1.0.59
Windows アラーム Microsoft Corporation 2015/04/09 6.3.9654.20335
Windows サウンド レコーダー Microsoft Corporation 2015/04/09 6.3.9600.20280
Windows スキャン Microsoft Corporation 2015/04/10 6.3.9654.17133
Windows ドライバ パッケージ - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0) FUJITSU LIMITED 2015/03/16 07/02/2013 1.30.1.0
Windows ヘルプ+使い方 Microsoft Corporation 2015/04/09 6.3.9654.20559
Windows リーディング リスト Microsoft Corporation 2015/09/16 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2015/04/09 6.3.9600.20278
Wireless Radio Switch Driver FUJITSU LIMITED 2014/11/10 1.34 MB 1.1.0.0
はじめに行う設定 FUJITSU LIMITED 2014/11/10 2.97 MB 1.1.0.0
わかる!英語資格ガイド Asahi Press Co., Ltd 2014/11/10 406 MB 1.4.0
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2015/03/16 276 MB 17.12.0
ウイルスバスター クラウド トレンドマイクロ株式会社 2015/11/18 450 MB 10.0
カメラセンサー機能ON/OFFツール FUJITSU LIMITED 2015/03/16 V1.03
ゲーム Microsoft Corporation 2015/04/09 2.0.139.0
サポートツール 「パソコンの情報」と「トラブル解決ナビの起動」 FUJITSU LIMITED 2014/11/10 3.31 MB 1.2.0.0
ステータスパネルスイッチ FUJITSU LIMITED 2014/11/10 9.79 MB 1.1.4.0
ソフトウェアディスク検索 FUJITSU LIMITED 2014/11/10 1.86 MB 2.1.0.0
ナレロー11 株式会社ナレロー 2014/11/10 566 MB 11.0.0
バックアップナビ FUJITSU LIMITED 2014/11/10 21.7 MB 2.3.2.0
ビデオ Microsoft Corporation 2015/11/06 2.6.446.0
ミュージック Microsoft Corporation 2015/04/10 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2015/07/30 6.4.9926.17994
ワンタッチボタン設定 FUJITSU LIMITED 2014/11/10 4.32 MB 8.5.10.0
健康生活日記 FUJITSU 2015/04/10 2.0.1.4
地図 Microsoft Corporation 2015/04/10 2.1.3230.2048
女子校生放課後性教育~弱みを握って生ハメ性活指導~ 2015/12/11
富士通アドバイザー FUJITSU LIMITED 2014/11/10 32.6 MB 4.4.0.0
富士通パソコン お客様サポート FUJITSU 2015/07/19 1.0.0.2
富士通拡張機能ユーティリティ FUJITSU LIMITED 2014/11/10 3.89 MB 3.6.2.0
情報倫理デジタルビデオ小品集5 2015/03/16
書き込み機能拡張ユーティリティ FUJITSU LIMITED 2014/11/10 2.3.0.0
楽しもう!Office ライフ Microsoft Corporation 2015/03/16 636 KB 1.0.0
翻訳 Microsoft Corporation 2015/12/04 1.14.0.0
遺跡島と7つのまほう UNKNOWN 2015/05/24 2.15
電源オフUSB充電ユーティリティ FUJITSU LIMITED 2014/11/10 203 KB 3.0.0.0
高精細ユーティリティ FUJITSU LIMITED 2014/11/10 1.91 MB 2.0.0.0
@メニュー V7.0
@メニュー FUJITSU LIMITED 2014/11/10 4.45 MB 7.3.0.0



  • Y.K
  • 2016/01/28 (Thu) 18:22:56
返信フォームへ 
CCのログが2つ抜けてますね
作業と報告、ご苦労様です。

>症状が変わり、ブラウザを開くと一瞬だけesurf.bizに接続されて、すぐに広告に飛ばされるようになりました。

はい、また症状が変わりましたか。

各ログを見せてもらいましたが、少し不足しているログがあるので、追加で見せてもらえますか。

お手数ですがCCの各タブのログのうち、「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログだけ抜けているので、この2つのログを追加で見せてください。
追加のログも見せてもらったら次の対処を案内します
  • 悪代官
  • 2016/01/28 (Thu) 19:08:02
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
すいません、お願いします。

スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask Dolby Laboratories Inc. %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-1420252537-1876140248-3897809511-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDrive.exe
無効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-500
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

コンテキストメニュー

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll



  • Y.K
  • 2016/01/28 (Thu) 19:35:29
返信フォームへ 
確認を兼ねて作業です
追加のログも見せていただきました。

ただ、やはりまだ主因は見えませんね。

では確認を兼ねて次の作業をお願いします。

まず、現在異常が出ているブラウザはIEだけか、Chromeか、それとも両ブラウザ共通ですか?
これを次回レスで教えてください。

それと以下の作業もしてください。

まずインターネットオプションの「詳細設定」タブを開いて、そこで「リセット」を実行です。
これを実行するとUEの拡張等の設定が初期化されます。

インオプを閉じたら次に下記ページの説明を全部読んでから、
http://note.chiebukuro.yahoo.co.jp/detail/n367452

その手順に沿って一度Chromeを削除のあと、Google公式サイトから入れなおしてください。
ですが今後はChromeは非使用で行くなら入れなおしは不要です。

このあと両ブラウザでしばらく状態を様子見後、その結果報告をレスください
  • 悪代官
  • 2016/01/28 (Thu) 20:21:42
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
IEとChromeの両方に同じ異常が出ていました。
作業を行ったところ、IEは異常が出たままでしたが、Chromeの方は異常が出なくなりました。
  • Y.K
  • 2016/01/28 (Thu) 21:41:46
返信フォームへ 
Chromeでは沈静化しましたか
早速の作業と報告、ご苦労様です。

>IEとChromeの両方に同じ異常が出ていました。
>作業を行ったところ、IEは異常が出たままでしたが、Chromeの方は異常が出なくなりました。

了解しました。
Chromeでは沈静化しましたか。

では次の作業をお願いします。

下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2016/01/28 (Thu) 22:10:05
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
IEの方でも異常が発生しなくなりました。

AC

# AdwCleaner v5.031 - ログファイルの作成日 28/01/2016 作成時間 22:42:03
# 更新日 25/01/2016 作成元 Xplode
# データベース : 2016-01-25.3 [ローカル]
# オペレーティングシステム : Windows 8.1 (x64)
# ユーザー名 : kazuto2 - KAZUTO
# 実行場所 : C:\Users\kazuto2\Desktop\マルウェア対策 悪代官\AdwCleaner.exe
# オプション : 削除
# サポート : http://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****


***** [ ファイル ] *****


***** [ DLLs ] *****


***** [ ショートカット ] *****

[-] ショートカット 駆除済み項目 : C:\Users\kazuto2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] ショートカット 駆除済み項目 : C:\Users\kazuto2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] ショートカット 駆除済み項目 : C:\Users\kazuto2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ スケジュールタスク ] *****


***** [ レジストリ ] *****

[-] キー 削除済み項目 : HKLM\SOFTWARE\SimpleFiles

***** [ Webブラウザ ] *****


*************************

:: "Tracing"キーは削除します
:: Winsock設定を初期化しました

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1371 バイト] ##########


MBAM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2016.01.28.03

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.0.9600.18161
kazuto2 :: KAZUTO [管理者]

2016/01/28 22:50:11
mbam-log-2016-01-28 (22-50-11).txt

スキャンタイプ: フルスキャン (C:\|D:\|E:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 623038
経過時間: 1 時間, 21 分, 59 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 0
(悪意のあるアイテムは検出されていません。)

(終)

  • Y.K
  • 2016/01/29 (Fri) 00:33:39
返信フォームへ 
マルウェア駆除は表面上だけでは消えません
作業と報告、ご苦労様です。

>IEの方でも異常が発生しなくなりました。

はい、ACが効いたようですか。
これで少し検出ありましたが、やはりIEに食い込んでたようです。

検出されたものはみなAC上から処置していればいいです。

IEでも沈静化したところで、また次の解析作業にかかりましょう。
現時点で沈静化したところでまだ「解決」にはなりません。

マルウェア駆除と言うのはある意味毒草や毒虫の駆除にも近いものがあります。
表面上見えている成虫や毒花を始末したところで、巣の中や地中に残った卵や根や種を見落とすとそれがまた動き出して被害も繰り返します。
まだ隠れているものをお天道様のもとに引きずり出して裁きにかけましょう(←それ悪代官側のセリフじゃないから

今度は以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2016/01/29 (Fri) 20:24:43
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
OTL

OTL logfile created on: 2016/01/29 22:32:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kazuto2\Desktop\マルウェア対策 悪代官
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18161)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.89 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 60.09% Memory free
6.14 Gb Paging File | 3.85 Gb Available in Paging File | 62.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.69 Gb Total Space | 48.21 Gb Free Space | 21.75% Space Free | Partition Type: NTFS
Drive D: | 221.69 Gb Total Space | 221.56 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KAZUTO | User Name: kazuto2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/01/29 22:28:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kazuto2\Desktop\マルウェア対策 悪代官\OTL.exe
PRC - [2015/12/08 20:40:16 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
PRC - [2014/10/29 11:05:57 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2014/10/10 09:37:16 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014/10/10 09:37:14 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014/10/07 15:41:46 | 000,143,112 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe
PRC - [2014/10/07 15:41:39 | 000,409,864 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe
PRC - [2014/09/26 14:43:42 | 000,150,280 | ---- | M] () -- C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe
PRC - [2014/09/24 10:55:20 | 000,199,776 | ---- | M] (富士通株式会社) -- C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe
PRC - [2014/08/13 15:52:20 | 000,121,288 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
PRC - [2014/07/28 18:59:14 | 000,030,520 | ---- | M] () -- C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
PRC - [2014/07/14 11:32:54 | 001,125,104 | ---- | M] (Fujitsu) -- C:\Program Files (x86)\Fujitsu\F-LINK\WSDMAIN.exe
PRC - [2014/07/14 11:32:08 | 000,270,576 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe
PRC - [2014/06/20 18:18:00 | 000,037,688 | ---- | M] (COREL TW CORP.) -- C:\Program Files (x86)\Corel\MLSDK\CorelDesktopAgent.exe
PRC - [2014/06/20 18:17:58 | 000,021,304 | ---- | M] () -- C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe
PRC - [2014/05/22 13:50:04 | 004,513,792 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2014/05/16 14:14:38 | 000,123,160 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe
PRC - [2014/05/16 14:13:20 | 000,032,024 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudioService.exe
PRC - [2013/12/24 10:31:02 | 001,707,800 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2013/07/19 10:59:00 | 000,237,976 | ---- | M] (富士通株式会社) -- C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe
PRC - [2013/05/14 19:39:42 | 000,505,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2013/05/14 19:37:24 | 001,448,960 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2013/02/22 09:59:18 | 000,120,632 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
PRC - [2013/01/18 11:01:12 | 002,009,088 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
PRC - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/25 09:56:38 | 012,897,280 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1eb13505d316bf1aad4d80a57ef6dbe4\System.Windows.Forms.ni.dll
MOD - [2015/11/25 09:56:07 | 000,797,184 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\00695d082f9b9b56731f76fadda0e6d0\System.Runtime.Remoting.ni.dll
MOD - [2015/11/25 09:56:02 | 018,753,024 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d0d1dba2e2632fe4013b2684acb52866\PresentationFramework.ni.dll
MOD - [2015/11/25 09:55:33 | 011,014,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d974429a462e7415c75fc70245350645\PresentationCore.ni.dll
MOD - [2015/11/02 19:52:03 | 007,787,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e7dd54337058ee9fc1918ad615cdb185\System.Xml.ni.dll
MOD - [2015/11/02 19:51:58 | 001,873,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9d7192b328a08155b6cbb2f3ec728407\System.Xaml.ni.dll
MOD - [2015/11/02 19:51:40 | 000,218,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\64f0fb1bc93f92e4e894919558460962\System.ServiceProcess.ni.dll
MOD - [2015/11/02 19:50:53 | 001,639,936 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9ac0512021b52818e2bf3f975c06b243\System.Drawing.ni.dll
MOD - [2015/11/02 19:50:38 | 000,967,680 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bd583bdbb9ef33ee379f1ab9907eda7c\System.Configuration.ni.dll
MOD - [2015/11/02 19:50:36 | 000,463,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\28b11cad8855404dab40ab22e154c76d\PresentationFramework.Aero2.ni.dll
MOD - [2015/11/02 19:49:52 | 003,904,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b18c22eb10f119686040ab1354ff27fa\WindowsBase.ni.dll
MOD - [2015/11/02 19:47:06 | 000,196,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\4ff61e4e952c7cc42d481f316be31b86\CustomMarshalers.ni.dll
MOD - [2015/10/17 20:26:42 | 006,982,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\ccb5b082512497c88f8e84017a66a2d5\System.Core.ni.dll
MOD - [2015/10/17 20:26:33 | 010,069,504 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\487c38839683ae7c3d773386adc02b18\System.ni.dll
MOD - [2015/10/17 20:26:27 | 017,207,296 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2015/04/09 23:06:01 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2013/12/24 10:31:02 | 001,707,800 | ---- | M] () -- C:\Windows\snuvcdsm.exe
MOD - [2013/02/22 10:29:16 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMScnSet.dll
MOD - [2013/02/21 17:43:22 | 004,603,904 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMView.dll
MOD - [2013/02/21 15:03:50 | 000,548,864 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMPageVW.dll
MOD - [2013/02/21 15:03:14 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMTree.dll
MOD - [2013/02/21 15:02:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMOffice.dll
MOD - [2013/02/21 15:01:50 | 000,643,072 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMDB_N.dll
MOD - [2013/01/25 13:44:06 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMISM.dll
MOD - [2013/01/23 13:36:02 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\ScanModule.dll
MOD - [2013/01/07 10:43:42 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMAnoSet.dll
MOD - [2013/01/07 10:43:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMANO.dll
MOD - [2013/01/07 10:43:26 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\SlideBarDLL.dll
MOD - [2012/12/22 10:55:22 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\NetFun2K.dll
MOD - [2012/12/22 10:54:18 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMStatus.dll
MOD - [2012/12/22 10:43:18 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMIEVW.dll
MOD - [2012/12/22 10:43:12 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMProp.dll
MOD - [2012/12/22 10:42:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMDocVW.dll
MOD - [2012/12/22 10:42:38 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PHooKDlg.dll
MOD - [2012/12/22 10:30:36 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSet.dll
MOD - [2012/12/22 10:29:30 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMPDFView.dll
MOD - [2012/12/22 10:29:18 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSave.dll
MOD - [2012/12/22 10:28:10 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMINSO.dll
MOD - [2012/12/22 10:27:38 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMImgVW.dll
MOD - [2012/12/22 10:27:30 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMImageSplitter.dll
MOD - [2012/12/22 10:26:54 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMApSet.dll
MOD - [2012/12/22 10:26:48 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMAppBar.dll
MOD - [2012/12/22 10:25:56 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PerformOcr.dll
MOD - [2012/12/22 10:25:48 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\OutlookVBA.dll
MOD - [2012/12/22 10:23:08 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMCommon.dll
MOD - [2009/08/06 10:22:18 | 000,421,888 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\FT.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/11/17 14:56:24 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\nsSign.dll
MOD - [2007/08/31 17:51:04 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMVoice.dll
MOD - [2007/03/30 10:24:12 | 000,104,528 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\Qem.dll
MOD - [2007/03/30 10:01:28 | 000,038,992 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\NsOEMKey.dll
MOD - [2007/03/30 09:57:04 | 000,034,896 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\Import.dll
MOD - [2007/03/30 09:49:38 | 000,104,528 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\ComClass.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2015/12/22 23:53:50 | 002,787,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2015/07/22 22:52:08 | 001,633,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/07/17 03:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/07/17 03:31:17 | 001,137,664 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2015/07/07 18:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/07/07 18:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/05/31 04:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/05/12 22:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/05/08 00:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/24 11:01:22 | 000,328,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2014/10/06 11:47:14 | 000,406,176 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe -- (FJStatusPanelSwitchDaemon)
SRV:[b]64bit:[/b] - [2014/08/18 15:13:34 | 003,817,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2014/08/18 15:13:18 | 000,265,936 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2014/08/18 15:13:06 | 000,632,528 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2014/08/18 15:12:42 | 000,154,832 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2014/07/04 11:50:02 | 000,063,648 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe -- (FUJ02E3Service)
SRV:[b]64bit:[/b] - [2014/05/13 14:31:14 | 000,887,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2014/04/17 09:26:26 | 000,045,936 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\SKARUTE\fjkartemon.exe -- (SKARUTE)
SRV:[b]64bit:[/b] - [2014/02/05 11:37:56 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:[b]64bit:[/b] - [2013/09/23 05:46:54 | 000,035,328 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:[b]64bit:[/b] - [2013/08/21 13:52:26 | 002,219,520 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:[b]64bit:[/b] - [2012/09/12 18:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2015/12/15 05:01:12 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/07/09 15:34:00 | 003,533,520 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2015/05/08 00:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/29 12:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/24 11:01:24 | 000,279,144 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/10/10 09:37:16 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014/10/10 09:37:14 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014/10/07 15:41:46 | 000,143,112 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe -- (My Cloud Media Server Monitor Service)
SRV - [2014/10/07 15:41:39 | 000,409,864 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe -- (My Cloud Media Server Service)
SRV - [2014/09/26 14:43:42 | 000,150,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe -- (MyCloudRemoteAccessSvc)
SRV - [2014/09/24 10:55:20 | 000,199,776 | ---- | M] (富士通株式会社) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe -- (MCCManageSVC)
SRV - [2014/09/03 15:53:52 | 000,027,400 | ---- | M] (FUJITSU LIMITED) [On_Demand | Stopped] -- C:\Program Files (x86)\Fujitsu\MCEco\MyCloudEchoSvc.exe -- (MyCloudEcoSvc)
SRV - [2014/08/13 15:52:20 | 000,121,288 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe -- (ibtsiva.exe)
SRV - [2014/07/28 18:59:14 | 000,030,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe -- (UDSS)
SRV - [2014/07/14 11:32:08 | 000,270,576 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe -- (DataExchangeUtilityService)
SRV - [2014/06/23 14:33:48 | 000,084,272 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Fujitsu\MCRemoteAccess\MCTunnel.exe -- (MyCloudRemoteAccessConnectSvc)
SRV - [2014/06/20 18:17:58 | 000,021,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe -- (CorelDAWatchdog)
SRV - [2013/07/19 10:59:00 | 000,237,976 | ---- | M] (富士通株式会社) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe -- (FJAgentSVC)
SRV - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/01/27 00:55:33 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2015/10/11 15:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/09/29 21:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/07/22 10:32:52 | 000,100,320 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2015/07/22 10:28:16 | 000,326,896 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2015/07/22 10:28:16 | 000,134,280 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/06/29 11:38:56 | 000,091,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TMUMH.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2015/06/26 19:20:04 | 000,116,528 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2015/06/23 11:49:48 | 000,039,056 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2015/06/08 14:54:40 | 000,116,576 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2015/04/16 15:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/03/20 10:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/03/16 16:36:14 | 000,018,256 | ---- | M] (FUJITSU LIMITED) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FJGSDis2.sys -- (FJGSDis2)
DRV:[b]64bit:[/b] - [2015/03/13 13:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/03/09 11:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2014/11/11 03:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/11/04 16:52:08 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/11/04 16:38:50 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/24 11:01:16 | 004,850,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/10/24 11:01:08 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/10 09:37:14 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2014/10/09 14:54:44 | 001,398,936 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/07 08:41:02 | 000,042,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/10/07 08:41:02 | 000,030,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/10/01 15:24:54 | 000,566,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2014/10/01 15:24:52 | 000,031,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2014/09/29 10:03:46 | 000,394,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d64x64.sys -- (e1dexpress)
DRV:[b]64bit:[/b] - [2014/08/21 09:31:46 | 003,479,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwbw02.sys -- (NETwNb64)
DRV:[b]64bit:[/b] - [2014/08/13 15:53:08 | 000,219,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2014/07/08 14:03:54 | 000,020,176 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:[b]64bit:[/b] - [2014/07/08 13:23:02 | 000,021,200 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:[b]64bit:[/b] - [2014/03/18 19:01:03 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/03/18 19:00:50 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/03/18 19:00:49 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2014/03/18 19:00:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/03/18 19:00:49 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/03/18 19:00:49 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/03/18 18:33:08 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013/12/24 10:30:56 | 001,849,880 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/09 17:01:06 | 000,427,736 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/29 03:01:36 | 000,165,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:[b]64bit:[/b] - [2013/07/29 03:01:36 | 000,165,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/07/19 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2013/06/18 23:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2012/07/31 20:56:58 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:[b]64bit:[/b] - [2012/06/22 10:59:36 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV - [2014/10/07 13:02:39 | 000,077,000 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\ntk_FujitsuMCP_64.sys -- (ntk_FujitsuMCP)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0D7B40D0-1C07-440B-9503-6E0E3EB0D605}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=FSJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0D7B40D0-1C07-440B-9503-6E0E3EB0D605}
IE - HKLM\..\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=FSJB


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\kazuto2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\9.1.1035\9.1.1035\FIREFOXEXTENSION [2016/01/27 20:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff@trendmicro.com: C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2016/01/27 20:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2016/01/27 20:55:51 | 000,000,000 | ---D | M]

[2015/05/07 22:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kazuto2\AppData\Roaming\mozilla\Extensions
[2015/05/07 22:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kazuto2\AppData\Roaming\mozilla\Firefox\Profiles\a5v9pjna.default\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_1\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロネットワークフィルタプラグイン) - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロIEプロテクション) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (トレンドマイクロネットワークフィルタプラグイン) - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (トレンドマイクロIEプロテクション) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Platinum] C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001..\Run: [DriveStudio] C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe (FUJITSU LIMITED)
O4 - HKU\S-1-5-21-1420252537-1876140248-3897809511-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\kazuto2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EB26347-AC72-4B29-ADCD-F33732BEDC7E}: DhcpNameServer = 192.168.43.1
O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmop {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmop {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/01/27 00:59:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  • Y.K
  • 2016/01/29 (Fri) 23:06:11
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/01/28 22:36:58 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/01/28 22:18:40 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\Malwarebytes
[2016/01/28 22:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2016/01/28 22:18:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2016/01/28 22:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2016/01/28 21:13:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2016/01/28 21:13:00 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\Google
[2016/01/28 14:59:26 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\Geek Uninstaller
[2016/01/27 21:37:01 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\Desktop\マルウェア対策 悪代官
[2016/01/27 21:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016/01/27 21:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/01/27 19:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/01/27 19:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/01/27 19:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/01/27 17:59:34 | 000,000,000 | ---D | C] -- C:\KVRT_Data
[2016/01/27 16:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2016/01/27 01:50:29 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\AVG
[2016/01/27 01:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2016/01/27 01:47:41 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\TuneUp Software
[2016/01/27 01:46:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2016/01/27 01:44:10 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\MFAData
[2016/01/27 01:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2016/01/27 01:42:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2016/01/27 01:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2016/01/27 01:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2016/01/27 01:41:07 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\AvgSetupLog
[2016/01/27 01:41:07 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\Avg
[2016/01/27 00:56:39 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\Start Menu
[2016/01/20 20:06:17 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\Desktop\160110-G103973-ver2.04-
[2016/01/14 19:30:34 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\11bitstudios
[2016/01/13 18:09:54 | 006,051,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2016/01/13 18:09:03 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2016/01/13 18:09:02 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2016/01/13 18:08:35 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2016/01/13 18:08:34 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2016/01/13 18:08:34 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2016/01/13 18:08:33 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2016/01/13 18:08:33 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2016/01/13 18:07:19 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2016/01/13 18:07:18 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2016/01/13 18:07:13 | 001,877,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2adec.dll
[2016/01/13 18:07:13 | 001,484,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2adec.dll
[2016/01/13 18:07:12 | 002,745,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2016/01/13 18:07:11 | 002,528,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2016/01/13 18:07:11 | 002,334,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll
[2016/01/13 18:07:11 | 001,115,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetsrc.dll
[2016/01/13 18:07:10 | 002,324,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll
[2016/01/13 18:07:10 | 001,288,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetsrc.dll
[2016/01/13 18:07:09 | 001,210,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOD.DLL
[2016/01/13 18:07:09 | 000,850,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetcore.dll
[2016/01/13 18:07:09 | 000,700,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetcore.dll
[2016/01/13 18:07:08 | 001,037,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOD.DLL
[2016/01/13 18:07:08 | 000,735,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2016/01/13 18:07:07 | 002,450,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVENCOD.DLL
[2016/01/13 18:07:06 | 001,697,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2016/01/13 18:07:05 | 001,010,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOD.DLL
[2016/01/13 18:07:04 | 002,447,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVENCOD.DLL
[2016/01/13 18:07:04 | 000,498,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfsvr.dll
[2016/01/13 18:07:03 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOD.DLL
[2016/01/13 18:07:03 | 000,584,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2016/01/13 18:07:02 | 000,492,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSDECD.DLL
[2016/01/13 18:07:01 | 000,557,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSDECD.DLL
[2016/01/13 18:07:00 | 001,798,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMALFXGFXDSP.dll
[2016/01/13 18:06:58 | 001,501,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2016/01/13 18:06:58 | 000,399,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfsvr.dll
[2016/01/13 18:06:57 | 001,664,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMSPDMOE.DLL
[2016/01/13 18:06:57 | 000,629,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP4SDECD.DLL
[2016/01/13 18:06:56 | 000,299,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VIDRESZR.DLL
[2016/01/13 18:06:56 | 000,203,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\COLORCNV.DLL
[2016/01/13 18:06:55 | 000,250,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MPG4DECD.DLL
[2016/01/13 18:06:55 | 000,246,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RESAMPLEDMO.DLL
[2016/01/13 18:06:54 | 000,463,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP4SDECD.DLL
[2016/01/13 18:06:54 | 000,248,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP43DECD.DLL
[2016/01/13 18:06:54 | 000,099,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP3DMOD.DLL
[2016/01/13 18:06:53 | 000,184,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\COLORCNV.DLL
[2016/01/13 18:06:53 | 000,090,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfvdsp.dll
[2016/01/13 18:06:52 | 000,229,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RESAMPLEDMO.DLL
[2016/01/13 18:06:52 | 000,183,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VIDRESZR.DLL
[2016/01/13 18:06:52 | 000,116,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP3DMOD.DLL
[2016/01/13 18:06:51 | 000,090,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devenum.dll
[2016/01/13 18:06:51 | 000,081,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devenum.dll
[2016/01/13 18:06:50 | 000,244,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2016/01/13 18:06:50 | 000,110,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2016/01/13 18:06:49 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MPG4DECD.DLL
[2016/01/13 18:06:49 | 000,076,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfvdsp.dll
[2016/01/13 18:06:48 | 000,914,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMADMOE.DLL
[2016/01/13 18:06:48 | 000,274,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP43DECD.DLL
[2016/01/13 18:06:47 | 001,150,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMADMOE.DLL
[2016/01/13 18:06:46 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVXENCD.DLL
[2016/01/13 18:06:46 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVSENCD.DLL
[2016/01/13 18:06:45 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFWMAAEC.DLL
[2016/01/13 18:06:45 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2016/01/13 18:06:44 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SysFxUI.dll
[2016/01/13 18:06:43 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2016/01/13 18:06:43 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ksproxy.ax
[2016/01/13 18:06:42 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVXENCD.DLL
[2016/01/13 18:06:41 | 000,743,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFWMAAEC.DLL
[2016/01/13 18:06:41 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVSENCD.DLL
[2016/01/13 18:06:40 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMSPDMOE.DLL
[2016/01/13 18:06:39 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ksproxy.ax
[2016/01/13 18:06:31 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2016/01/13 18:06:31 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2016/01/13 18:06:30 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2016/01/13 18:06:27 | 001,380,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2016/01/13 18:06:21 | 007,453,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2016/01/13 18:06:19 | 001,735,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2016/01/13 18:05:53 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2016/01/13 18:05:52 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2016/01/13 18:05:51 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2016/01/13 18:05:51 | 000,137,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2016/01/13 18:05:51 | 000,091,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll
[2016/01/13 18:05:50 | 000,340,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bcryptprimitives.dll
[2016/01/13 18:05:50 | 000,106,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll
[2016/01/13 18:05:49 | 000,397,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2016/01/13 18:05:06 | 001,380,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2016/01/13 18:05:05 | 000,792,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2016/01/13 18:04:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2016/01/13 18:04:55 | 000,033,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2016/01/13 18:04:25 | 000,685,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2016/01/08 19:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2016/01/08 19:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/01/29 22:21:45 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016/01/29 16:18:01 | 000,000,706 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/01/29 14:49:19 | 000,000,702 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/01/29 00:30:14 | 000,001,545 | ---- | M] () -- C:\Users\kazuto2\Desktop\iexplore.exe.lnk
[2016/01/29 00:21:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/01/29 00:21:54 | 3345,240,064 | -HS- | M] () -- C:\hiberfil.sys
[2016/01/28 22:42:03 | 000,000,943 | ---- | M] () -- C:\Users\kazuto2\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/01/28 21:32:52 | 000,002,289 | ---- | M] () -- C:\Users\kazuto2\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/01/28 21:13:26 | 000,002,265 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/01/28 20:37:04 | 001,465,499 | ---- | M] () -- C:\Users\kazuto2\Documents\bookmarks_2016_01_28.html
[2016/01/28 14:49:12 | 006,340,384 | ---- | M] (Geek Uninstaller) -- C:\Users\kazuto2\Desktop\geek.exe
[2016/01/28 14:41:39 | 001,496,524 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2016/01/28 14:41:39 | 000,722,476 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2016/01/28 14:41:39 | 000,500,892 | ---- | M] () -- C:\windows\SysNative\perfh011.dat
[2016/01/28 14:41:39 | 000,135,664 | ---- | M] () -- C:\windows\SysNative\perfc011.dat
[2016/01/28 14:41:39 | 000,135,592 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2016/01/27 00:59:05 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2016/01/27 00:55:33 | 000,022,704 | ---- | M] () -- C:\windows\SysNative\drivers\EsgScanner.sys
[2016/01/25 21:43:14 | 000,007,889 | ---- | M] () -- C:\windows\BRRBCOM.INI
[2016/01/25 21:07:05 | 000,000,010 | ---- | M] () -- C:\Users\kazuto2\AppData\Local\sponge.last.runtime.cache
[2016/01/20 20:45:05 | 000,007,597 | ---- | M] () -- C:\Users\kazuto2\AppData\Local\Resmon.ResmonCfg
[2016/01/08 16:41:28 | 185,297,493 | ---- | M] () -- C:\Users\kazuto2\151129-G870129-.part3.rar
[2016/01/06 05:04:40 | 000,826,872 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2016/01/06 05:04:40 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/12/31 04:32:35 | 007,453,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015/12/31 04:32:15 | 001,735,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
  • Y.K
  • 2016/01/29 (Fri) 23:12:41
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
ここにあった

[color=#E56717]========== Files Created - No Company Name ==========[/color]

が禁止ワードが含まれているので投稿できませんでした
  • Y.K
  • 2016/01/29 (Fri) 23:14:36
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
続き


[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/06/22 22:32:24 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/27 11:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/27 11:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2015/05/06 16:59:51 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2016/01/27 20:39:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk
[2014/11/10 13:55:23 | 000,000,000 | -H-D | M] -- C:\My Cloud Public\Thumbnail
[2015/08/08 05:55:08 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/11/10 13:35:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2016/01/28 14:46:18 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2015/03/16 16:34:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel\WiFi\bin\WLANProfiles
[2016/01/27 01:42:09 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2016/01/27 20:51:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\Settings
[2015/03/16 16:34:29 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2013/08/22 23:47:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2014/03/18 18:33:20 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2015/03/16 16:34:15 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming\Intel\Wireless\Settings
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\2015-11-18-14-53-52
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR\2015-11-18-14-53-52
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44
[2015/11/18 23:53:52 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\4f494d44\2015-11-18-14-53-52
[2015/04/09 09:49:09 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2016/01/27 01:42:09 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2016/01/27 20:51:27 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\Settings
[2015/03/16 16:34:29 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2013/08/22 23:47:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2014/03/18 18:33:20 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2015/03/16 16:34:15 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Roaming\Intel\Wireless\Settings
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2015/03/16 16:34:15 | 000,000,000 | -H-D | M] -- C:\Users\Default\Roaming\Intel\Wireless\Settings
[2015/04/09 10:00:27 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData
[2015/04/19 17:02:05 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2015/04/19 17:02:05 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2015/08/06 21:24:12 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2015/04/09 10:00:46 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\PrivacIE
[2016/01/23 09:31:45 | 000,000,000 | RH-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\Burn\Burn
[2015/10/08 19:50:54 | 000,000,000 | RH-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\Burn\Burn1
[2016/01/17 18:40:44 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\INetCache\Content.MSO
[2016/01/27 23:03:04 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\INetCache\Content.Word
[2015/04/09 16:49:04 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/04/09 10:00:46 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Microsoft\Windows\PrivacIE\Low
[2016/01/29 22:55:26 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Local\Temp\DownloaderEngine
[2015/07/25 23:13:20 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Roaming\Hangame
[2015/07/25 23:13:16 | 000,565,248 | -H-- | M] (NHN Japan Corp.) -- C:\Users\kazuto2\AppData\Roaming\Hangame\hgstarterjp.exe
[2015/07/26 15:46:37 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Roaming\Hangame\HUL
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Roaming\Intel\Wireless\Settings
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Roaming\Intel\Wireless\WLANProfiles
[2015/11/18 23:50:51 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\Music\My Cloud DB
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\Pictures\My Cloud DB
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\Pictures\My Cloud Play Album
[2015/03/16 16:34:15 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\Roaming\Intel\Wireless\Settings
[2015/04/09 10:00:29 | 000,000,000 | -H-D | M] -- C:\Users\kazuto2\Videos\My Cloud DB
[2015/04/09 09:55:24 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2016/01/28 22:21:18 | 000,000,000 | -H-D | M] -- C:\Users\Public\Desktop
[2013/08/23 00:36:32 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/11/10 13:54:54 | 000,000,000 | -H-D | M] -- C:\Users\Public\Documents\CyberLink\DigitalHome\My Cloud Media Server Service\1392455381\vthumb
[2015/03/16 16:34:15 | 000,000,000 | -H-D | M] -- C:\Users\Public\Roaming\Intel\Wireless\Settings
[2015/11/18 23:49:20 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2015/04/09 16:48:56 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2015/11/11 23:36:48 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2016/01/27 20:51:30 | 000,000,000 | -H-D | M] -- C:\windows\SysNative\WLANProfiles

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2016/01/29 14:49:19 | 000,000,702 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/01/29 16:18:01 | 000,000,706 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000LPVX-16V0TT3
Partitions: 6
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,024.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,024.00MB
Starting Offset: 1074790400
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 2148532224
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 222.00GB
Starting Offset: 2555379712
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 222.00GB
Starting Offset: 240592617472
Hidden sectors: 0


DeviceID: Disk #0, Partition #5
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 20.00GB
Starting Offset: 478629855232
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2015/08/11 03:15:56 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2015/08/01 12:38:35 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2015/07/10 01:14:45 | 000,228,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/05/31 04:35:47 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2015/05/31 04:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/07/07 18:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/03/06 11:47:37 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/06/16 07:41:04 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/06/16 06:16:41 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/11/21 01:58:52 | 003,706,880 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • Y.K
  • 2016/01/29 (Fri) 23:15:14
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
Extras

OTL Extras logfile created on: 2016/01/29 22:32:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kazuto2\Desktop\マルウェア対策 悪代官
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18161)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.89 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 60.09% Memory free
6.14 Gb Paging File | 3.85 Gb Available in Paging File | 62.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.69 Gb Total Space | 48.21 Gb Free Space | 21.75% Space Free | Partition Type: NTFS
Drive D: | 221.69 Gb Total Space | 221.56 Gb Free Space | 99.94% Space Free | Partition Type: NTFS

Computer Name: KAZUTO | User Name: kazuto2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064838DE-3ED2-4CB1-9430-764212892F91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{11401819-9A6B-4089-B043-5A192A3AEFDA}" = rport=139 | protocol=6 | dir=out | app=system |
"{26361DC9-3031-49CC-A8FA-A61B14B9ED91}" = lport=138 | protocol=17 | dir=in | app=system |
"{30A6A032-995E-40ED-8A59-C14DAD5E950A}" = rport=137 | protocol=17 | dir=out | app=system |
"{3AAE85D4-6C5C-4FE7-83D5-9DA080F4DE89}" = rport=138 | protocol=17 | dir=out | app=system |
"{5DBDFAE5-E5AC-4F69-911F-FA463DCF541F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{76C6EDB2-ED8A-427E-B0BA-5472CE907341}" = lport=137 | protocol=17 | dir=in | app=system |
"{7C3F0504-73DE-4737-9BCF-6B5227628F5C}" = rport=445 | protocol=6 | dir=out | app=system |
"{80F3771E-3934-4BCA-B59F-E94BDA9BAEC1}" = lport=445 | protocol=6 | dir=in | app=system |
"{A22929A3-FFFA-478B-B909-C6C005A40F5E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3BAA03A-8252-4434-9CB4-4CEB9228F711}" = lport=139 | protocol=6 | dir=in | app=system |
"{D98751ED-17FE-4C0C-8C28-DEE8037189D3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EFDC00DF-4187-4D98-8E8C-B27AAA411581}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{FB207BB0-CD8B-4CBB-96B0-73FF845A7B34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013ABDFF-7049-436E-AB15-62DB52092067}" = protocol=6 | dir=in | app=c:\program files (x86)\fujitsu\drivestudio\drivestudioservice.exe |
"{01942E21-4A90-42E7-82B0-D75D8D36457F}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{088FF985-490B-4762-9D8D-DA17ACB82773}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{09D0D7B3-DC01-4347-B3FC-D25F7936D3E2}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{0E301952-92B1-45F4-AB97-7E86E597F926}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{0ED312F8-D414-41F1-989B-C712723B59DC}" = dir=in | app=c:\program files (x86)\fujitsu\mcecouty\jre\bin\java.exe |
"{10D9D6F0-FBBF-4F25-9913-B0B37357C98C}" = dir=out | name=onenote |
"{181743C3-5178-4983-BEF4-BA259F9AEF96}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1A0903B5-CC06-4E68-8960-B1BD58261B34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{1DD547FA-27A2-481C-A2F9-63D6CACCE9B1}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{217179D9-9091-401E-B6BB-B861037E0977}" = dir=in | name=富士通アドバイザー |
"{23297209-0241-47E5-9040-8805E3ED4EF9}" = dir=in | app=c:\program files (x86)\cyberlink\fujitsumcp media server\fujitsumcpmsserver.exe |
"{282C5D88-B2E9-4E03-87CF-07C81B92026E}" = dir=out | name=@{microsoft.bingweather_3.0.4.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{36D4E1AC-4AE0-4177-AE53-57100339A91B}" = dir=out | name=my cloud エコdx |
"{40EF6861-D882-40F0-9845-B1292071BBA7}" = dir=out | name=富士通パソコン お客様サポート |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{49C9F244-6FD7-4AD6-AD77-71C74B5217D4}" = dir=out | name=富士通アドバイザー |
"{4E9A73E9-8BEE-4CD1-8515-7099C0BD44F5}" = protocol=17 | dir=in | app=c:\program files (x86)\fujitsu\drivestudio\drivestudioservice.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{558D33CA-028E-4C81-A464-55C3D5EEC29A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{578F59F4-333D-470B-9D00-582B64209EF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\this war of mine.exe |
"{59A7FB97-5EBF-4B22-984F-CE58AABADED9}" = dir=in | name=健康生活日記 |
"{5B9DE4EA-3DF3-47A4-8E0B-E3A71AD19C28}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F4AEC17-D1D2-4A22-A089-2717A7D7F674}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\one way heroics\game.exe |
"{673B1880-D126-434B-AF96-00A2C37AB6B6}" = dir=out | name=my cloud スタジオ |
"{73823962-759A-4EDB-8018-B05E59256A9F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{743DA1D4-A57C-4611-95A5-E6756F44E3F0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\one way heroics\game.exe |
"{7501B850-6D7D-4D39-AD00-D7D8286A2225}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{760D3E44-CC9C-4BBA-B03E-0F55B1917EFA}" = dir=out | name=健康生活日記 |
"{763228C2-7F2A-4CB6-A4A2-1F384C726536}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{7B46E5B0-C53F-4516-A66F-0166083FCA68}" = dir=in | app=c:\users\kazuto2\appdata\local\microsoft\skydrive\skydrive.exe |
"{7EB28491-F13E-4F9F-9E1C-9031BFEFED38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{7F6054C0-054C-4D9B-A445-781F0356F4F7}" = protocol=6 | dir=in | app=c:\program files (x86)\fujitsu\drivestudio\drivestudioservice.exe |
"{824C10C4-1212-4503-B27B-4591445F7C27}" = dir=out | name=line |
"{85F759C8-8199-4735-8634-13109BA65294}" = dir=out | name=my cloud プレイ |
"{9035D69D-CACC-4720-A6D8-D91B5961B4A7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{92E9C92E-2850-43B6-8086-A55466285606}" = dir=out | name=windows_ie_ac_001 |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9EB0A1B5-476F-48E8-9F53-F134D72C9C49}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9EE32170-3765-4F8A-BAFC-D4893045E9D3}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A0B75707-C935-46CE-8B2B-D37FD7B01922}" = dir=in | app=c:\program files (x86)\fujitsu\f-link\deuservice.exe |
"{A12BBCBB-9EE6-48FC-863D-EA564524DF9B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A6543154-71F2-4D91-A074-4B63B86AC556}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cosmochoria\nw.exe |
"{AA5D6C3F-29C1-4363-8136-29EBF82B2BEE}" = dir=in | name=onenote |
"{AAD9DF27-E15A-4ECE-8BE7-087EDF0B2B7B}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{AF38C3B1-A8F7-4289-9553-727A80D11564}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\storyteller.exe |
"{B226EF89-F45D-41BC-90D4-CF153F69B0EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cosmochoria\nw.exe |
"{B498D06D-3621-40D3-A10D-83F60C58E620}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A63668-16FA-456D-B6AA-A92A00E16AD3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B7BF3266-6DDF-4856-B085-98E8228E2E72}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C31C95A1-AFBB-4EA5-A744-F5D695E1E4A2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C482A081-2D9A-4C10-B819-E4788C4CFC04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{C9422E5D-7DAD-403D-A116-DD443526751D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CFB0F0B6-C600-49DB-BA67-14B91314E0F4}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{D0094427-4FF5-4F76-B9C6-F1D1A0BEA033}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D77E9828-14B5-41F8-809B-A696072E70FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\this war of mine.exe |
"{D7AB8080-EDAB-48AF-B264-F3CCA4045837}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{DA32A35C-A3D9-4F68-B931-E9181F9CFDCE}" = dir=out | name=my cloud ホーム2.0 |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E781356F-63F9-476E-A634-0072B30B2A2D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E7AB276E-4AF9-43E7-9187-1BEF8BFD1490}" = dir=in | app=c:\program files (x86)\fujitsu\f-link\f-link.exe |
"{E9EABF1F-C1A0-43A5-9A4B-4A2B889CD64B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{EA5F51F0-0554-4B30-AD3D-E5474612E36F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE1D6E6D-1F95-4C67-BF3E-0DD46F76FA32}" = dir=out | name=@{microsoft.zunevideo_2.6.446.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F07B3CF8-E537-4200-9FEA-E5B19DB2B1AE}" = dir=in | name=my cloud プレイ |
"{F1976B94-7848-4EC7-8A74-4A4943904B68}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F21F35F6-8E83-4240-A391-32E7CD19463F}" = dir=out | name=windows 8.1 マスター 大学生協版 (f) |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FAA11D9F-C679-4486-A8BA-F62C5D994F83}" = dir=in | app=c:\program files (x86)\fujitsu\mccmutility\mccmanagesvc.exe |
"{FAECCAEB-A401-4B2F-A2CA-9FC057D4663E}" = dir=out | name=fresh paint |
"{FB97096B-8BA1-4530-BA77-C56716E3A641}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\this war of mine\storyteller.exe |
"{FE1DEE8E-7AD0-4311-88F6-6D5FBBFCA638}" = dir=out | name=@{microsoft.bingtranslator_1.14.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{FE9777A7-4379-4361-8C1A-763359D2BC7A}" = protocol=17 | dir=in | app=c:\program files (x86)\fujitsu\drivestudio\drivestudioservice.exe |
"TCP Query User{CA334D68-0DF4-4554-BB8C-CF0BA2B59021}C:\users\kazuto2\downloads\100orangetrial\100orangetrial\100orangetrial.exe" = protocol=6 | dir=in | app=c:\users\kazuto2\downloads\100orangetrial\100orangetrial\100orangetrial.exe |
"TCP Query User{DD771DC9-7636-4D4F-9174-192EAE02CEBB}C:\cmo\ct64.exe" = protocol=6 | dir=in | app=c:\cmo\ct64.exe |
"UDP Query User{3F7715ED-8AB9-4BB5-AC02-4D5AB4D414EA}C:\cmo\ct64.exe" = protocol=17 | dir=in | app=c:\cmo\ct64.exe |
"UDP Query User{55C191B7-692C-4FBC-9F88-220E3A28FF11}C:\users\kazuto2\downloads\100orangetrial\100orangetrial\100orangetrial.exe" = protocol=17 | dir=in | app=c:\users\kazuto2\downloads\100orangetrial\100orangetrial\100orangetrial.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BFBBA5-F5D4-48A2-86AD-F8A3DF0D4FE6}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{02D59CF0-9A4C-470C-B9EC-0F0DCE8FA93E}" = Validity WBF Driver
"{085F8D6D-D06F-443B-A872-5B88C6391203}" = Intel(R) Management Engine Components
"{10AAED5B-1575-3EA3-97D0-C5E514DE777C}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{13031CDF-00D2-4FCE-AB13-8430D8733574}" = Wireless Radio Switch Driver
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}" = Intel® Trusted Connect Service Client
"{1C725459-5053-42A5-B22A-F3E91484DF65}" = @メニュー
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2CC64CFB-0B4F-45D1-94CB-3F68DC4A60AE}" = Intel(R) Rapid Storage Technology
"{3256AFF4-BF40-41A9-AE43-FF3F4A9A3E94}" = Plugfree NETWORK
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{4FFF5818-2CAA-4CF2-93BE-5F3D428E969C}" = F-Launcher
"{5DA6F56A-5E2D-4FB4-88CB-E9EE2B790A14}" = Microsoft SQL Server Compact 3.5 SP2 x64 JPN
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LIFEBOOK Application Panel
"{7292FFCF-FA9A-4585-AB80-A71961F931AF}" = Fujitsu BIOS Driver
"{7ABCD56B-9C61-40FA-AB93-A8C3E2812074}" = Shock Sensor Driver
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}" = Dolby Digital Plus Home Theater
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{A159E2A6-F1BC-4A1A-9601-E34251ACA9A5}" = PCカルテ
"{A794229E-401E-44D4-A8B5-B21E975676DE}" = 電源オフUSB充電ユーティリティ
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = ウイルスバスター クラウド
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B9AFC667-CF48-4BF3-B137-B20C475B64AB}" = 高精細ユーティリティ
"{BCC8CBC4-0F36-4F2A-B9C6-717FDF266C90}" = Battery Utility
"{BD667C75-0EDD-4073-A406-A6DD9C3016EB}" = Intel(R) Chipset Device Software
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{CF6398CB-0B6D-461D-861E-1A3ACD591950}" = Peakshift setting
"{d3f2f385-12f2-479c-92e2-e6f6b5e95b76}" = Intel(R) PRO/Wireless Driver
"{D5EA481B-D855-4A0E-9E9A-21AB4F5A3C49}" = Intel(R) Management Engine Components
"{D6C8B829-18A3-4E80-8B4B-1CFA9588A2E2}" = Intel(R) ME UninstallLegacy
"{DDC49774-40B9-47AE-9C63-5569C08C4082}" = Pointing Device Utility
"{E2C24FE1-C6BB-4A4B-8B7F-BF2521DEB91E}" = Share64
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EAD3A239-5029-4067-9071-47763DC249DD}" = FujitsuShockSensorUtility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{F7519C01-56A8-4844-A8CE-397065097F1E}" = Intel® PROSet/Wireless WiFi Software
"{FFAA234C-E621-4787-A02D-5CD0852000D4}" = Function Manager
"39B67640DB636F6D78D660BE574C0C5DC39D08CF" = Windows ドライバ パッケージ - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0)
"7-Zip" = 7-Zip 15.14 (x64)
"CCleaner" = CCleaner
"HomeBusinessPipcRetail - ja-jp" = Microsoft Office Home and Business Premium - ja-jp
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{E185BD5C-0E10-479F-AF44-63D3A068446A}" = Corel Digital Studio for FUJITSU
"{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}" = RPGツクール2003 ランタイムパッケージ
"{01E87699-A49D-413A-B75B-7C434FEF979C}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{0533122A-C991-F3DE-DD64-16420E890A71}" = Campus English
"{08536638-EE85-4CB0-AE56-B2104D5353BA}" = Intel(R) Wireless Bluetooth(R)
"{09957B7D-FA6F-41C9-9F32-2410F7375362}" = はじめに行う設定
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15015752-9990-4516-A2B1-93823281FB8E}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1E0EE5F4-C6C4-491C-B5C1-EB8FB3872621}" = FaceEngine
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21357E10-BDCB-4CDD-B2A3-905DD7ED653D}_is1" = DigiBookBrowser Version 1.5.4.106
"{2C12184B-F547-455E-8B36-D81ED4E17C46}" = Roxio Creator LJ
"{2E624343-1501-411B-8590-F10364BF7DDD}" = System Requirements Lab Detection
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}" = PhotoWizard
"{49830DFB-7C40-4AFD-A703-8599D856B65D}" = ソフトウェアディスク検索
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5BFBBA91-5E2F-4C3A-9B16-82DCF91FFE31}" = My Cloud エコDX Utility
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5CE03DAA-0C56-479C-AEB1-61BE74DCEE37}" = MLE2
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{619133A5-48DE-4A54-AE4E-9CD480E4D2D7}" = 楽しもう!Office ライフ
"{624FDAA9-ACB0-4BCC-B1D3-CBA885863726}" = Bestshot
"{70140D68-13DF-427D-8FD8-F8C8EEF8A641}" = バックアップナビ
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator LJ
"{76374952-2112-48C3-9CAD-886BC36831D4}" = F-LINK
"{7991b5ae-96d7-4df2-97fb-a605b7cb638b}" = インテル® PROSet/Wireless ソフトウェア
"{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}" = Brother ドライバー&ソフトウェア DCP-J757N
"{7C056FA6-E362-467B-8160-062E9474FEE5}" = SlimDX Redistributable for .NET 2.0 (September 2011)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8659F4F9-C85F-48E8-A21E-D2C6756D14B5}" = CyberLink DTCP+ Server
"{894194F9-B4B9-4F1C-AFB5-5A5998DAFA3C}" = Presto! PageManager 9.02
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator LJ
"{89E9AB79-7914-4B67-8D4E-A8B1E39C3D89}" = Microsoft SQL Server Compact 3.5 SP2 JPN
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0411-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91034DE0-EB65-4559-A4A6-8D02B82DE59D}" = ナレロー11
"{954A3498-E64B-4515-B888-B337B1F2E912}" = わかる!英語資格ガイド
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{ABA1AD05-E9B8-4BC8-AA41-AAA5032DF110}" = MLSDK
"{AC5A1211-7E03-992A-1224-683A7F0EC5DD}" = 遺跡島と7つのまほう
"{C19F91D1-36F8-4FB0-84D2-764C0E707881}" = Drive Studio設定Utility
"{C5DEA189-ADE3-477C-85AC-9A3F1637394A}" = 書き込み機能拡張ユーティリティ
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DA8B87CD-2520-40CF-BADB-966AB8BCAF74}" = 情報倫理デジタルビデオ小品集5
"{E1754ED2-CD39-4F5F-AC98-0271EAE1C116}" = Setup
"{E185BD5C-0E10-479F-AF44-63D3A068446A}" = ICA
"{E24A5C1E-8647-43FD-838B-DF7149D492E4}" = DeviceIO
"{E2C2F547-4C5B-45F9-8445-C59E223CCB08}" = ContentHD
"{E3C1C994-CA69-4B3C-A290-C311617DE271}" = Contents
"{E544790D-30AD-450F-97B0-E26071962915}" = My Cloud エコDX設定Utility
"{E5636C06-A318-4CF3-803B-5BD9F5C10822}" = PureHD
"{E5D50A9A-B973-46DE-89E4-8BDDD8A9F988}" = Share
"{E6ABA0E9-65E7-4366-9770-514ED4341611}" = VIO
"{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}" = Update for Japanese Microsoft IME Standard Dictionary
"{E7EFA8C8-4CDE-4466-8E0E-01C04589ED90}" = ISCOM
"{E91C1011-2083-4DD6-858D-11753DCDFF2D}" = Corel Direct DiscRecorder
"{EA6625D5-E563-4FE3-8D98-B3F5B64CBC67}" = IPM_OEM
"{EDD9E0C4-B402-40DF-B33D-405CA1E23BA6}" = DFPro
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37A2CB1-90B7-4AF9-BFFE-9B6DB8431E07}" = 富士通アドバイザー
"{f5d71765-7cd1-4e68-998f-5b379e725da3}" = インテル® チップセット デバイス ソフトウェア
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FF82C3B2-D3AB-4C82-B2FF-0ACBC53247EA}" = My Cloud リモートアクセス設定Utility
"Adobe AIR" = Adobe AIR
"CamSensorAppsCtrl" = カメラセンサー機能ON/OFFツール
"com.asahipress.CampusEnglish" = Campus English
"FaceSave" = Sense YOU Technology 設定
"Google Chrome" = Google Chrome
"http://pso2.jp/appid/charactercreator_ver2_is1" = PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"ij7air" = 遺跡島と7つのまほう
"InstallShield_{09957B7D-FA6F-41C9-9F32-2410F7375362}" = はじめに行う設定
"InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}" = Wireless Radio Switch Driver
"InstallShield_{1C725459-5053-42A5-B22A-F3E91484DF65}" = @メニュー
"InstallShield_{49830DFB-7C40-4AFD-A703-8599D856B65D}" = ソフトウェアディスク検索
"InstallShield_{4FFF5818-2CAA-4CF2-93BE-5F3D428E969C}" = F-Launcher
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = ワンタッチボタン設定
"InstallShield_{70140D68-13DF-427D-8FD8-F8C8EEF8A641}" = バックアップナビ
"InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}" = Fujitsu BIOS Driver
"InstallShield_{76374952-2112-48C3-9CAD-886BC36831D4}" = F-LINK
"InstallShield_{7ABCD56B-9C61-40FA-AB93-A8C3E2812074}" = Shock Sensor Driver
"InstallShield_{88E68070-10DE-479B-89D0-0E654F8763A0}" = サポートツール 「パソコンの情報」と「トラブル解決ナビの起動」
"InstallShield_{A794229E-401E-44D4-A8B5-B21E975676DE}" = 電源オフUSB充電ユーティリティ
"InstallShield_{B9AFC667-CF48-4BF3-B137-B20C475B64AB}" = 高精細ユーティリティ
"InstallShield_{BCC8CBC4-0F36-4F2A-B9C6-717FDF266C90}" = Battery Utility
"InstallShield_{CF6398CB-0B6D-461D-861E-1A3ACD591950}" = Peakshift setting
"InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}" = Pointing Device Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = 富士通拡張機能ユーティリティ
"InstallShield_{E91C1011-2083-4DD6-858D-11753DCDFF2D}" = Corel Direct DiscRecorder 3.7
"InstallShield_{EAD3A239-5029-4067-9071-47763DC249DD}" = FujitsuShockSensorUtility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"InstallShield_{F37A2CB1-90B7-4AF9-BFFE-9B6DB8431E07}" = 富士通アドバイザー
"InstallShield_{FF82C3B2-D3AB-4C82-B2FF-0ACBC53247EA}" = My Cloud リモートアクセス設定Utility
"InstallShield_{FFAA234C-E621-4787-A02D-5CD0852000D4}" = ステータスパネルスイッチ
"IPJHIOHBINFKJALGJFPKIJNLIMODJAKLILLDIIOHIBGAIOODICNNICPAIIKMICMBICMEJALGIDGOIDIBJAKLIKIIIOHHJDLBIBGA" = 女子校生放課後性教育~弱みを握って生ハメ性活指導~
"Lhaplus" = Lhaplus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 1.75.0.1300
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"RPGツクールVX RTP_is1" = RPGツクールVX RTP
"Steam" = Steam
"Steam App 212680" = FTL: Faster Than Light
"Steam App 219740" = Don't Starve
"Steam App 241600" = Rogue Legacy
"Steam App 266210" = One Way Heroics
"Steam App 282070" = This War of Mine
"Steam App 293240" = Cosmochoria
"Steam App 3900" = Sid Meier's Civilization IV

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1420252537-1876140248-3897809511-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Hangame.com" = Hangame
"OneDriveSetup.exe" = Microsoft OneDrive
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/11/10 3:57:57 | Computer Name = kazuto | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2015/11/10 3:57:57 | Computer Name = kazuto | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ winstore_cw5n1h2txyewy!Windows.Store のライセンス認証がエラーで失敗しました: -2144927142。詳しくは、Microsoft-Windows-TWinUI/Operational
ログをご覧ください。

Error - 2015/11/10 23:27:15 | Computer Name = kazuto | Source = Desktop Window Manager | ID = 9020
Description = デスクトップ ウィンドウ マネージャーで致命的なエラー(0x8898008d) が発生しました

Error - 2015/11/11 11:28:45 | Computer Name = kazuto | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 2015/11/12 1:40:05 | Computer Name = kazuto | Source = Desktop Window Manager | ID = 9020
Description = デスクトップ ウィンドウ マネージャーで致命的なエラー(0x8898008d) が発生しました

Error - 2015/11/13 3:04:09 | Computer Name = kazuto | Source = .NET Runtime | ID = 1026
Description =

Error - 2015/11/13 3:04:12 | Computer Name = kazuto | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MCCManageSVC.exe、バージョン: 1.0.0.27、タイム スタンプ: 0x54200003
障害が発生しているモジュール名:
MSVCR120.dll、バージョン: 12.0.21005.1、タイム スタンプ: 0x524f7ce6 例外コード: 0xc0000005 障害オフセット:
0x0000f20c 障害が発生しているプロセス ID: 0x860 障害が発生しているアプリケーションの開始時刻: 0x01d11ddf8c12b3ef 障害が発生しているアプリケーション
パス: C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe 障害が発生しているモジュール パス:
C:\windows\SYSTEM32\MSVCR120.dll レポート ID: bd830526-89d4-11e5-8292-605718decbc7 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/11/13 5:21:47 | Computer Name = kazuto | Source = .NET Runtime | ID = 1026
Description =

Error - 2015/11/13 5:21:50 | Computer Name = kazuto | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MCCManageSVC.exe、バージョン: 1.0.0.27、タイム スタンプ: 0x54200003
障害が発生しているモジュール名:
MSVCR120.dll、バージョン: 12.0.21005.1、タイム スタンプ: 0x524f7ce6 例外コード: 0xc0000005 障害オフセット:
0x0000f20c 障害が発生しているプロセス ID: 0x1b70 障害が発生しているアプリケーションの開始時刻: 0x01d11de1a9c3abfe 障害が発生しているアプリケーション
パス: C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe 障害が発生しているモジュール パス:
C:\windows\SYSTEM32\MSVCR120.dll レポート ID: f81d4797-89e7-11e5-8292-605718decbc7 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/11/14 2:44:35 | Computer Name = kazuto | Source = Desktop Window Manager | ID = 9020
Description = デスクトップ ウィンドウ マネージャーで致命的なエラー(0x8898008d) が発生しました

Error - 2015/11/15 21:01:12 | Computer Name = kazuto | Source = .NET Runtime | ID = 1026
Description =

Error - 2015/11/15 21:01:23 | Computer Name = kazuto | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MCCManageSVC.exe、バージョン: 1.0.0.27、タイム スタンプ: 0x54200003
障害が発生しているモジュール名:
ntdll.dll、バージョン: 6.3.9600.18007、タイム スタンプ: 0x55c4bc8e 例外コード: 0xc0000005 障害オフセット: 0x0001df63
障害が発生しているプロセス
ID: 0x91c 障害が発生しているアプリケーションの開始時刻: 0x01d11f5ec8832dcc 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe 障害が発生しているモジュール パス: C:\windows\SYSTEM32\ntdll.dll
レポート
ID: 8d74449e-8bfd-11e5-8294-605718decbc7 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

[ System Events ]
Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =

Error - 2016/01/28 11:20:35 | Computer Name = kazuto | Source = DCOM | ID = 10005
Description =


< End of report >
  • Y.K
  • 2016/01/29 (Fri) 23:16:05
返信フォームへ 
目安箱を使いましょう
作業と報告、ご苦労様です。
OTLスキャンログを見せていただきましたが、何かfc2の禁止ワード制限にひっかかったようですね。
ログを全部見ないと見落としの恐れがあるので、ちょと別の手で確認しましょう。

下記のメールフォームにアクセスしてください。
「悪代官の目安箱」
http://form1.fc2.com/form/?id=828024

そのフォームにメールアドレスとともに、以下の確認のお返事を教えてください。
1月27日に、AVG関連のアプリをインストールしましたか?
見せてもらったOTLスキャンログにその痕跡が見えてます。
もしアンチウイルスのAVGを使いたいなら、現在入っているウイルスバスターはアンインストール必須になります。

ご自身でまったく入れた覚えもないか、または入れたのに気づいてその後AVGを削除したかどうかを含めて説明をお願いします。

それを聞いたうえで次の対応を案内します
  • 悪代官
  • 2016/01/30 (Sat) 20:35:54
返信フォームへ 
ログの内容もわかりました
こんばんは。
目安箱からのメールを読ませていただきました。

>AVGはこの症状が出たときに自分で何とかしようとしていた時に使ったもので、これから使うつもりはありません。

はい、ではバスターは残したままAVGのほうを掃除しましょう。

先に掲示板から送信できなかったログはやはりfc2の仕様によるものでした。
ではログの内容も見えたので、次の処置を案内しましょう。

それでは今度は見つかったものをOTL上から掃除にかかります。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0D7B40D0-1C07-440B-9503-6E0E3EB0D605}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=FSJB
IE - HKLM\..\SearchScopes,DefaultScope = {0D7B40D0-1C07-440B-9503-6E0E3EB0D605}
IE - HKLM\..\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=FSJB
[2016/01/27 16:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2016/01/27 01:50:29 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Roaming\AVG
[2016/01/27 01:46:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2016/01/27 01:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2016/01/27 01:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg
[2016/01/27 01:41:07 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\AvgSetupLog
[2016/01/27 01:41:07 | 000,000,000 | ---D | C] -- C:\Users\kazuto2\AppData\Local\Avg

:Files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
C:\Users\kazuto2\AppData\Roaming\AVG
C:\$AVG
C:\Program Files (x86)\AVG
C:\ProgramData\Avg
C:\Users\kazuto2\AppData\Local\AvgSetupLog
C:\Users\kazuto2\AppData\Local\Avg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2016/01/30 (Sat) 22:33:40
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
IE,Chrome共に異常ありません。

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7B40D0-1C07-440B-9503-6E0E3EB0D605}\ not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG folder moved successfully.
C:\Users\kazuto2\AppData\Roaming\AVG\AV\cfgall folder moved successfully.
C:\Users\kazuto2\AppData\Roaming\AVG\AV folder moved successfully.
C:\Users\kazuto2\AppData\Roaming\AVG folder moved successfully.
C:\$AVG\$VAULT folder moved successfully.
C:\$AVG\$CHJW folder moved successfully.
C:\$AVG folder moved successfully.
C:\Program Files (x86)\AVG\UiDll\2171 folder moved successfully.
C:\Program Files (x86)\AVG\UiDll folder moved successfully.
C:\Program Files (x86)\AVG\Setup folder moved successfully.
C:\Program Files (x86)\AVG\Framework\Common folder moved successfully.
C:\Program Files (x86)\AVG\Framework\1 folder moved successfully.
C:\Program Files (x86)\AVG\Framework folder moved successfully.
C:\Program Files (x86)\AVG\Av\Tuneup folder moved successfully.
C:\Program Files (x86)\AVG\Av\sounds folder moved successfully.
C:\Program Files (x86)\AVG\Av\Notification folder moved successfully.
C:\Program Files (x86)\AVG\Av\myapps folder moved successfully.
C:\Program Files (x86)\AVG\Av\html\reportcard folder moved successfully.
C:\Program Files (x86)\AVG\Av\html folder moved successfully.
C:\Program Files (x86)\AVG\Av\Drivers folder moved successfully.
C:\Program Files (x86)\AVG\Av\Content folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\trial folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\sales folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\paid.notice folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\paid folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\linkscanner folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\free.notrial folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners\free folder moved successfully.
C:\Program Files (x86)\AVG\Av\banners folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\techbuddy\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\techbuddy folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\tablet-ps\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\tablet-ps folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\tablet\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\tablet folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\pct.ok\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\pct.ok folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\pct.an\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\pct.an folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\multiscreen-tr\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\multiscreen-tr folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\multiscreen-pd\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\multiscreen-pd folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\mobile-ps\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\mobile-ps folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\mobile\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\mobile folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\livekive\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\livekive folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\firewallicon\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\firewallicon folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\familysafety\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\familysafety folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\driverupdate\component folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs\driverupdate folder moved successfully.
C:\Program Files (x86)\AVG\Av\awacs folder moved successfully.
C:\Program Files (x86)\AVG\Av\3rd_party\licenses folder moved successfully.
C:\Program Files (x86)\AVG\Av\3rd_party folder moved successfully.
C:\Program Files (x86)\AVG\Av folder moved successfully.
C:\Program Files (x86)\AVG folder moved successfully.
C:\ProgramData\Avg\Setup\fmw folder moved successfully.
C:\ProgramData\Avg\Setup\av folder moved successfully.
C:\ProgramData\Avg\Setup folder moved successfully.
C:\ProgramData\Avg\log\fmw1 folder moved successfully.
C:\ProgramData\Avg\log\AV16 folder moved successfully.
C:\ProgramData\Avg\log folder moved successfully.
C:\ProgramData\Avg\AV\SetupBackup folder moved successfully.
C:\ProgramData\Avg\AV\lsdb\prev folder moved successfully.
C:\ProgramData\Avg\AV\lsdb folder moved successfully.
C:\ProgramData\Avg\AV\IDS\quarantine folder moved successfully.
C:\ProgramData\Avg\AV\IDS\profile folder moved successfully.
C:\ProgramData\Avg\AV\IDS\outbox folder moved successfully.
C:\ProgramData\Avg\AV\IDS\malwareprofile folder moved successfully.
C:\ProgramData\Avg\AV\IDS\config folder moved successfully.
C:\ProgramData\Avg\AV\IDS folder moved successfully.
C:\ProgramData\Avg\AV\DB folder moved successfully.
C:\ProgramData\Avg\AV\Chjw\72b667acb6677011 folder moved successfully.
C:\ProgramData\Avg\AV\Chjw\64ec6920ec68edac folder moved successfully.
C:\ProgramData\Avg\AV\Chjw\61a66221a660f4d folder moved successfully.
C:\ProgramData\Avg\AV\Chjw\4e6c645b6c643fb7 folder moved successfully.
C:\ProgramData\Avg\AV\Chjw folder moved successfully.
C:\ProgramData\Avg\AV\Cfg folder moved successfully.
C:\ProgramData\Avg\AV\avi folder moved successfully.
C:\ProgramData\Avg\AV\Antispam folder moved successfully.
C:\ProgramData\Avg\AV\admincli folder moved successfully.
C:\ProgramData\Avg\AV folder moved successfully.
C:\ProgramData\Avg folder moved successfully.
C:\Users\kazuto2\AppData\Local\AvgSetupLog folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\log\setup1 folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\log\fmw1\Dictionaries folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\log\fmw1 folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\log\av16 folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\log folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\update\prepare folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\update\download folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\update\backup folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\update folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\temp folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16\fet folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg\av16 folder moved successfully.
C:\Users\kazuto2\AppData\Local\Avg folder moved successfully.
========== FILES ==========
File\Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG not found.
File\Folder C:\Users\kazuto2\AppData\Roaming\AVG not found.
File\Folder C:\$AVG not found.
File\Folder C:\Program Files (x86)\AVG not found.
File\Folder C:\ProgramData\Avg not found.
File\Folder C:\Users\kazuto2\AppData\Local\AvgSetupLog not found.
File\Folder C:\Users\kazuto2\AppData\Local\Avg not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: kazuto2
->Temp folder emptied: 64144749 bytes
->Temporary Internet Files folder emptied: 49707595 bytes
->Google Chrome cache emptied: 367057483 bytes
->Flash cache emptied: 313904 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 211447435 bytes
RecycleBin emptied: 569659878 bytes

Total Files Cleaned = 1,204.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 01302016_230142

Files\Folders moved on Reboot...
C:\Users\kazuto2\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • Y.K
  • 2016/01/30 (Sat) 23:36:58
返信フォームへ 
ここで全体を洗い直します
おはようございます。

>IE,Chrome共に異常ありません。

はい、異常も治まっているなら何よりですね。
ログも見せていただきましたが、対象エントリはおおむね掃除できているようです。
ではOTLは準備時の説明に沿って片付けていいです。

ここで全体の状態をログから再確認します。
またCCで各タブとインストール情報ログ、それにHJTログも取り直して、それらをレスで見せてください。

何か見落としがないかを含めて全体を洗い直しします
  • 悪代官
  • 2016/01/31 (Sun) 07:06:18
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
CC install

7-Zip 15.14 (x64) Igor Pavlov 15.14
Adobe AIR Adobe Systems Incorporated 2015/09/17 18.0.0.144
Battery Utility FUJITSU LIMITED 2014/11/10 4.01.31.014
Brother ドライバー&ソフトウェア DCP-J757N Brother Industries, Ltd. 2015/04/20 1.0.6.0
Campus English Asahipress. Co., ltd. 2014/11/10 1.4.0
CCleaner Piriform 5.14
Corel Digital Studio for FUJITSU Corel Corporation 1.5.27.39
Corel WinDVD Corel Inc. 2015/03/16 458 MB 10.9.0.170
Cosmochoria Nate Schmold
DigiBookBrowser Version 1.5.4.106 LECRE Inc. 2014/11/10 1.5.4.106
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2014/11/10 34.3 MB 7.6.3.1
Don't Starve Klei Entertainment
Drive Studio設定Utility FUJITSU LIMITED 2014/11/10 130 MB 1.00.0003
F-Launcher FUJITSU LIMITED 2014/11/10 2.2.2.0
F-LINK FUJITSU LIMITED 2014/11/10 3.4.0.0
FJ Camera Sonix 2015/03/16 6.0.1223.1_WHQL
Fresh Paint Microsoft Corporation 2016/01/12 2.0.15133.0
FTL: Faster Than Light Subset Games
Fujitsu BIOS Driver FUJITSU LIMITED 2014/11/10 1.1.1.0
Fujitsu MobilityCenter Extension Utility FUJITSU LIMITED 2014/11/10 4.01.00.000
FujitsuShockSensorUtility FUJITSU LIMITED 2015/03/16 V7.01.01.001
Google Chrome Google Inc. 2016/01/28 48.0.2564.97
Hangame
Intel(R) Management Engine Components Intel Corporation 2014/11/10 10.0.30.1072
Intel(R) Network Connections Drivers Intel 19.5
Intel(R) Processor Graphics Intel Corporation 10.18.10.3977
Intel(R) Rapid Storage Technology Intel Corporation 2014/11/10 13.5.0.1056
Intel(R) Wireless Bluetooth(R) Intel Corporation 2015/03/16 3.60 MB 17.1.1433.02
Lhaplus
LINE LINE Corporation 2016/01/13 1.0.14.107
Malwarebytes Anti-Malware バージョン 1.75.0.1300 Malwarebytes Corporation 2016/01/28 1.75.0.1300
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 15.0.4787.1002
Microsoft OneDrive Microsoft Corporation 17.3.6281.1202
Microsoft SQL Server Compact 3.5 SP2 JPN Microsoft Corporation 2014/11/10 4.89 MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 JPN Microsoft Corporation 2014/11/10 7.08 MB 3.5.8080.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2015/04/20 4.28 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/01/14 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/03/16 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/11/10 1.18 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 1.30 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/03/16 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 10.0.31119
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 2015/12/01 9.45 MB 4.0.30901.0
MSN スポーツ Microsoft Corporation 2015/07/15 3.0.4.336
MSN トラベル Microsoft Corporation 2015/07/15 3.0.4.336
MSN ニュース Microsoft Corporation 2015/07/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/07/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/15 3.0.4.336
MSN マネー Microsoft Corporation 2015/07/15 3.0.4.336
MSN 天気 Microsoft Corporation 2015/10/23 3.0.4.337
My Cloud エコDX FUJITSU 2015/07/17 2.2.0.2
My Cloud エコDX Utility FUJITSU LIMITED 2014/11/10 153 MB 2.0.1.0
My Cloud エコDX設定Utility FUJITSU LIMITED 2014/11/10 1.54 MB 2.1.0.0
My Cloud スタジオ CYBERLINK.COM CORPORATION. 2015/07/19 1.8.3023.47611
My Cloud プレイ FUJITSU 2016/01/13 6.4.0.4
My Cloud ホーム2.0 FUJITSU 2015/10/02 2.1.4.12
My Cloud リモートアクセス設定Utility FUJITSU LIMITED 2014/11/10 4.0.0.3
One Way Heroics Smoking WOLF
OneNote Microsoft Corporation 2015/07/24 16.0.3327.1048
PCカルテ FUJITSU LIMITED 2014/11/10 7.04 MB 2.2.0.1
Peakshift setting FUJITSU LIMITED 2014/11/10 2.01.00.001
PHANTASY STAR ONLINE 2 SEGA 2015/11/01
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 SEGA 2015/11/01
PhotoWizard Microsoft 2015/03/16 334 MB 1.6.0
Plugfree NETWORK 富士通株式会社 2014/11/10 7.1.0.1
Pointing Device Utility FUJITSU LIMITED 2014/11/10 2.3.0.0
Presto! PageManager 9.02 Newsoft Technology Corporation 2015/04/20 9.02.10
Realtek Card Reader Realtek Semiconductor Corp. 2014/11/10 6.2.9200.21238
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/11/10 6.0.1.7365
RGSS-RTP Standard Enterbrain 2015/04/24 1.03
Rogue Legacy Cellar Door Games
Roxio Creator LJ Roxio 2014/11/10 12.2.78.0
RPGツクール2000 ランタイムパッケージ
RPGツクールVX Ace RTP Enterbrain 2015/04/24 1.00
RPGツクールVX RTP Enterbrain 2015/04/24 1.02
RPGツクール2003 ランタイムパッケージ
Sense YOU Technology 設定 FUJITSU LIMITED 2015/03/16 4.0.1.1
Shock Sensor Driver FUJITSU LIMITED 2015/03/16 2.01.01.000
Sid Meier's Civilization IV Firaxis Games
SlimDX Redistributable for .NET 2.0 (September 2011) SlimDX Group 2015/07/20 15.5 MB 2.0.12.43
Steam Valve Corporation 2.10.91.91
Synaptics Pointing Device Driver Synaptics Incorporated 18.1.22.5
System Requirements Lab Detection Husdawg, LLC 2015/06/17 619 KB 6.1.5.0
This War of Mine 11 bit studios
Unity Web Player Unity Technologies ApS 5.0.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/04/14 4.54 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/04/14 34.9 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/16 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/02 9.00 KB 16.0.1515.1
Validity WBF Driver Validity Sensors, Inc. 2015/03/16 10.9 MB 4.5.237.0
Windows 8.1 マスター 大学生協版 (f) NareroCorporation 2015/04/09 1.1.0.59
Windows アラーム Microsoft Corporation 2015/04/09 6.3.9654.20335
Windows サウンド レコーダー Microsoft Corporation 2015/04/09 6.3.9600.20280
Windows スキャン Microsoft Corporation 2015/04/10 6.3.9654.17133
Windows ドライバ パッケージ - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0) FUJITSU LIMITED 07/02/2013 1.30.1.0
Windows ヘルプ+使い方 Microsoft Corporation 2015/04/09 6.3.9654.20559
Windows リーディング リスト Microsoft Corporation 2015/09/16 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2015/04/09 6.3.9600.20278
Wireless Radio Switch Driver FUJITSU LIMITED 2014/11/10 1.1.0.0
はじめに行う設定 FUJITSU LIMITED 2014/11/10 1.1.0.0
わかる!英語資格ガイド Asahi Press Co., Ltd 2014/11/10 406 MB 1.4.0
インテル® PROSet/Wireless ソフトウェア Intel Corporation 17.12.0
ウイルスバスター クラウド トレンドマイクロ株式会社 2015/11/18 10.0
カメラセンサー機能ON/OFFツール FUJITSU LIMITED 2015/03/16 V1.03
ゲーム Microsoft Corporation 2015/04/09 2.0.139.0
サポートツール 「パソコンの情報」と「トラブル解決ナビの起動」 FUJITSU LIMITED 2014/11/10 1.2.0.0
ステータスパネルスイッチ FUJITSU LIMITED 2014/11/10 1.1.4.0
ソフトウェアディスク検索 FUJITSU LIMITED 2014/11/10 2.1.0.0
ナレロー11 株式会社ナレロー 2014/11/10 566 MB 11.0.0
バックアップナビ FUJITSU LIMITED 2014/11/10 2.3.2.0
ビデオ Microsoft Corporation 2015/11/06 2.6.446.0
ミュージック Microsoft Corporation 2015/04/10 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2015/07/30 6.4.9926.17994
ワンタッチボタン設定 FUJITSU LIMITED 2014/11/10 8.5.10.0
健康生活日記 FUJITSU 2015/04/10 2.0.1.4
地図 Microsoft Corporation 2015/04/10 2.1.3230.2048
女子校生放課後性教育~弱みを握って生ハメ性活指導~
富士通アドバイザー FUJITSU LIMITED 2014/11/10 4.4.0.0
富士通パソコン お客様サポート FUJITSU 2015/07/19 1.0.0.2
富士通拡張機能ユーティリティ FUJITSU LIMITED 2014/11/10 3.6.2.0
情報倫理デジタルビデオ小品集5
書き込み機能拡張ユーティリティ FUJITSU LIMITED 2014/11/10 2.3.0.0
楽しもう!Office ライフ Microsoft Corporation 2015/03/16 636 KB 1.0.0
翻訳 Microsoft Corporation 2015/12/04 1.14.0.0
遺跡島と7つのまほう UNKNOWN 2015/05/24 2.15
電源オフUSB充電ユーティリティ FUJITSU LIMITED 2014/11/10 3.0.0.0
高精細ユーティリティ FUJITSU LIMITED 2014/11/10 2.0.0.0
@メニュー V7.0
@メニュー FUJITSU LIMITED 2014/11/10 7.3.0.0

startup

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run DriveStudio FUJITSU LIMITED "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
無効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run BrHelp Brother Industries, Ltd. C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run PMSpeed9.02.10 NewSoft Technology Corporation C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SNUVCDSM Sonix Technology CO., LTD C:\windows\snuvcdsm.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run WrtMon.exe NewSoft Technology Corporation C:\windows\system32\spool\drivers\x64\3\WrtMon.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe

スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask Dolby Laboratories Inc. %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-1420252537-1876140248-3897809511-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDrive.exe
無効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-500
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

コンテキストメニュー

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll

IE

無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
無効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
無効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll

Firefox

無効 Extension Trend Micro BEP Firefox Extension 9.1.0.1035 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1083 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
有効 Plugin Google Update 1.3.29.1 default C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin OpenH264 Video Codec 1.4 default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin Unity Player 5.0.3.35960 Unity Technologies ApS default C:\Users\kazuto2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

Chrome

有効 App Gmail 8.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_1
有効 Extension Google スプレッドシート 1.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0

HJT

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:23:11, on 2016/01/31
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Corel\MLSDK\CorelDesktopAgent.exe
C:\Windows\snuvcdsm.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Fujitsu\F-LINK\WSDMAIN.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\kazuto2\Desktop\マルウェア対策 悪代官\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKLM\..\Run: [ControlCenter4] "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKCU\..\Run: [DriveStudio] "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: IntelR CentrinoR Wireless BluetoothR + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CorelDAWatchdog - Unknown owner - C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DataExchangeUtilityService - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FJAgentSVC - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe
O23 - Service: FJStatusPanelSwitchDaemon - FUJITSU LIMITED - C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe
O23 - Service: FUJ02E3Service - FUJITSU LIMITED - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MyCloudコンテンツ管理Utility(管理サービス) (MCCManageSVC) - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: My Cloud メディアサーバー設定Utility (モニタ) (My Cloud Media Server Monitor Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe
O23 - Service: My Cloud メディアサーバー設定Utility (管理サービス) (My Cloud Media Server Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe
O23 - Service: My Cloud Eco DX Service (MyCloudEcoSvc) - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\MCEco\MyCloudEchoSvc.exe
O23 - Service: MyCloudRemoteAccessConnectSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\MCTunnel.exe
O23 - Service: MyCloudRemoteAccessSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PCカルテ スケジュール サービス (SKARUTE) - FUJITSU LIMITED - C:\Program Files\Fujitsu\SKARUTE\fjkartemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SSPF HGW Service (SSPFHGWService) - Unknown owner - C:\Program Files (x86)\Fujitsu\MCEcoUty\MCEcoUty.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: UDSS - Unknown owner - C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13583 bytes


  • Y.K
  • 2016/01/31 (Sun) 11:01:53
返信フォームへ 
洗い直しに来ました
作業と報告、ご苦労様です。
状態の洗い直しに来た「あらいぐま悪代官」です(←森に帰れ

現在のログを見せていただきました。
今のところは怪しい痕跡は見えませんね。

ではここからはしばらく様子見に入りましょう。
普通にPCを使いながら1週間様子見してから、そこでまた今回と同じCCとHJTの各ログを取り直して、それらを様子見中の状態報告とともにレスください。

この時点でのログと状態がどうなっているかがおそらく最後のヤマになりそうです
  • あらいぐま悪代官
  • 2016/01/31 (Sun) 20:42:10
返信フォームへ 
Re: ホームページが変わり、ウェブ閲覧中に広告のページに飛ばされます
お久しぶりです。
一週間様子見してみましたが、異常は再発しませんでした。

CC インストール情報

7-Zip 15.14 (x64) Igor Pavlov 15.14
Adobe AIR Adobe Systems Incorporated 2015/09/17 18.0.0.144
Battery Utility FUJITSU LIMITED 2014/11/10 4.01.31.014
Brother ドライバー&ソフトウェア DCP-J757N Brother Industries, Ltd. 2015/04/20 1.0.6.0
Campus English Asahipress. Co., ltd. 2014/11/10 1.4.0
CCleaner Piriform 5.14
Corel Digital Studio for FUJITSU Corel Corporation 1.5.27.39
Corel WinDVD Corel Inc. 2015/03/16 458 MB 10.9.0.170
Cosmochoria Nate Schmold
DigiBookBrowser Version 1.5.4.106 LECRE Inc. 2014/11/10 1.5.4.106
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2014/11/10 34.3 MB 7.6.3.1
Don't Starve Klei Entertainment
Drive Studio設定Utility FUJITSU LIMITED 2014/11/10 130 MB 1.00.0003
F-Launcher FUJITSU LIMITED 2014/11/10 2.2.2.0
F-LINK FUJITSU LIMITED 2014/11/10 3.4.0.0
FJ Camera Sonix 2015/03/16 6.0.1223.1_WHQL
Fresh Paint Microsoft Corporation 2016/01/12 2.0.15133.0
FTL: Faster Than Light Subset Games
Fujitsu BIOS Driver FUJITSU LIMITED 2014/11/10 1.1.1.0
Fujitsu MobilityCenter Extension Utility FUJITSU LIMITED 2014/11/10 4.01.00.000
FujitsuShockSensorUtility FUJITSU LIMITED 2015/03/16 V7.01.01.001
Google Chrome Google Inc. 2016/01/28 48.0.2564.103
Hangame
Intel(R) Management Engine Components Intel Corporation 2014/11/10 10.0.30.1072
Intel(R) Network Connections Drivers Intel 19.5
Intel(R) Processor Graphics Intel Corporation 10.18.10.3977
Intel(R) Rapid Storage Technology Intel Corporation 2014/11/10 13.5.0.1056
Intel(R) Wireless Bluetooth(R) Intel Corporation 2015/03/16 3.60 MB 17.1.1433.02
Lhaplus
LINE LINE Corporation 2016/01/13 1.0.14.107
Malwarebytes Anti-Malware バージョン 1.75.0.1300 Malwarebytes Corporation 2016/01/28 1.75.0.1300
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 15.0.4787.1002
Microsoft OneDrive Microsoft Corporation 17.3.6281.1202
Microsoft SQL Server Compact 3.5 SP2 JPN Microsoft Corporation 2014/11/10 4.89 MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 JPN Microsoft Corporation 2014/11/10 7.08 MB 3.5.8080.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2015/04/20 4.28 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/01/14 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/03/16 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/11/10 1.18 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/01/14 1.30 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/03/16 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 10.0.31119
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 2015/12/01 9.45 MB 4.0.30901.0
MSN スポーツ Microsoft Corporation 2015/07/15 3.0.4.336
MSN トラベル Microsoft Corporation 2015/07/15 3.0.4.336
MSN ニュース Microsoft Corporation 2015/07/15 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/07/15 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/15 3.0.4.336
MSN マネー Microsoft Corporation 2015/07/15 3.0.4.336
MSN 天気 Microsoft Corporation 2015/10/23 3.0.4.337
My Cloud エコDX FUJITSU 2015/07/17 2.2.0.2
My Cloud エコDX Utility FUJITSU LIMITED 2014/11/10 153 MB 2.0.1.0
My Cloud エコDX設定Utility FUJITSU LIMITED 2014/11/10 1.54 MB 2.1.0.0
My Cloud スタジオ CYBERLINK.COM CORPORATION. 2015/07/19 1.8.3023.47611
My Cloud プレイ FUJITSU 2016/01/13 6.4.0.4
My Cloud ホーム2.0 FUJITSU 2015/10/02 2.1.4.12
My Cloud リモートアクセス設定Utility FUJITSU LIMITED 2014/11/10 4.0.0.3
One Way Heroics Smoking WOLF
OneNote Microsoft Corporation 2015/07/24 16.0.3327.1048
PCカルテ FUJITSU LIMITED 2014/11/10 7.04 MB 2.2.0.1
Peakshift setting FUJITSU LIMITED 2014/11/10 2.01.00.001
PHANTASY STAR ONLINE 2 SEGA 2015/11/01
PHANTASY STAR ONLINE 2 キャラクタークリエイト体験版 ver. 2.0 SEGA 2015/11/01
PhotoWizard Microsoft 2015/03/16 334 MB 1.6.0
Plugfree NETWORK 富士通株式会社 2014/11/10 7.1.0.1
Pointing Device Utility FUJITSU LIMITED 2014/11/10 2.3.0.0
Presto! PageManager 9.02 Newsoft Technology Corporation 2015/04/20 9.02.10
Realtek Card Reader Realtek Semiconductor Corp. 2014/11/10 6.2.9200.21238
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/11/10 6.0.1.7365
RGSS-RTP Standard Enterbrain 2015/04/24 1.03
Rogue Legacy Cellar Door Games
Roxio Creator LJ Roxio 2014/11/10 12.2.78.0
RPGツクール2000 ランタイムパッケージ
RPGツクールVX Ace RTP Enterbrain 2015/04/24 1.00
RPGツクールVX RTP Enterbrain 2015/04/24 1.02
RPGツクール2003 ランタイムパッケージ
Sense YOU Technology 設定 FUJITSU LIMITED 2015/03/16 4.0.1.1
Shock Sensor Driver FUJITSU LIMITED 2015/03/16 2.01.01.000
Sid Meier's Civilization IV Firaxis Games
SlimDX Redistributable for .NET 2.0 (September 2011) SlimDX Group 2015/07/20 15.5 MB 2.0.12.43
Steam Valve Corporation 2.10.91.91
Synaptics Pointing Device Driver Synaptics Incorporated 18.1.22.5
System Requirements Lab Detection Husdawg, LLC 2015/06/17 619 KB 6.1.5.0
Terraria Re-Logic
This War of Mine 11 bit studios
Unity Web Player Unity Technologies ApS 5.0.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/04/14 4.54 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/04/14 34.9 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/16 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/02 9.00 KB 16.0.1515.1
Validity WBF Driver Validity Sensors, Inc. 2015/03/16 10.9 MB 4.5.237.0
Windows 8.1 マスター 大学生協版 (f) NareroCorporation 2015/04/09 1.1.0.59
Windows アラーム Microsoft Corporation 2015/04/09 6.3.9654.20335
Windows サウンド レコーダー Microsoft Corporation 2015/04/09 6.3.9600.20280
Windows スキャン Microsoft Corporation 2015/04/10 6.3.9654.17133
Windows ドライバ パッケージ - FUJITSU LIMITED (FUJ02E3) System (07/02/2013 1.30.1.0) FUJITSU LIMITED 07/02/2013 1.30.1.0
Windows ヘルプ+使い方 Microsoft Corporation 2015/04/09 6.3.9654.20559
Windows リーディング リスト Microsoft Corporation 2015/09/16 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2015/04/09 6.3.9600.20278
Wireless Radio Switch Driver FUJITSU LIMITED 2014/11/10 1.1.0.0
はじめに行う設定 FUJITSU LIMITED 2014/11/10 1.1.0.0
わかる!英語資格ガイド Asahi Press Co., Ltd 2014/11/10 406 MB 1.4.0
インテル® PROSet/Wireless ソフトウェア Intel Corporation 17.12.0
ウイルスバスター クラウド トレンドマイクロ株式会社 2015/11/18 10.0
カメラセンサー機能ON/OFFツール FUJITSU LIMITED 2015/03/16 V1.03
ゲーム Microsoft Corporation 2015/04/09 2.0.139.0
サポートツール 「パソコンの情報」と「トラブル解決ナビの起動」 FUJITSU LIMITED 2014/11/10 1.2.0.0
ステータスパネルスイッチ FUJITSU LIMITED 2014/11/10 1.1.4.0
ソフトウェアディスク検索 FUJITSU LIMITED 2014/11/10 2.1.0.0
ナレロー11 株式会社ナレロー 2014/11/10 566 MB 11.0.0
バックアップナビ FUJITSU LIMITED 2014/11/10 2.3.2.0
ビデオ Microsoft Corporation 2015/11/06 2.6.446.0
ミュージック Microsoft Corporation 2015/04/10 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2015/07/30 6.4.9926.17994
ワンタッチボタン設定 FUJITSU LIMITED 2014/11/10 8.5.10.0
健康生活日記 FUJITSU 2015/04/10 2.0.1.4
地図 Microsoft Corporation 2015/04/10 2.1.3230.2048
女子校生放課後性教育~弱みを握って生ハメ性活指導~
富士通アドバイザー FUJITSU LIMITED 2014/11/10 4.4.0.0
富士通パソコン お客様サポート FUJITSU 2015/07/19 1.0.0.2
富士通拡張機能ユーティリティ FUJITSU LIMITED 2014/11/10 3.6.2.0
情報倫理デジタルビデオ小品集5
書き込み機能拡張ユーティリティ FUJITSU LIMITED 2014/11/10 2.3.0.0
楽しもう!Office ライフ Microsoft Corporation 2015/03/16 636 KB 1.0.0
翻訳 Microsoft Corporation 2015/12/04 1.14.0.0
遺跡島と7つのまほう UNKNOWN 2015/05/24 2.15
電源オフUSB充電ユーティリティ FUJITSU LIMITED 2014/11/10 3.0.0.0
高精細ユーティリティ FUJITSU LIMITED 2014/11/10 2.0.0.0
@メニュー V7.0
@メニュー FUJITSU LIMITED 2014/11/10 7.3.0.0

スタートアップ

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run DriveStudio FUJITSU LIMITED "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
無効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run BrHelp Brother Industries, Ltd. C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run PMSpeed9.02.10 NewSoft Technology Corporation C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SNUVCDSM Sonix Technology CO., LTD C:\windows\snuvcdsm.exe
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run WrtMon.exe NewSoft Technology Corporation C:\windows\system32\spool\drivers\x64\3\WrtMon.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe

スケジュールされたタスク

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DolbySelectorTask Dolby Laboratories Inc. %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-1420252537-1876140248-3897809511-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDrive.exe
有効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-1420252537-1876140248-3897809511-500
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

コンテキストメニュー

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll

InternetExplorer

無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
無効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
無効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
無効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
無効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll

FireFox

無効 Extension Trend Micro BEP Firefox Extension 9.1.0.1035 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1083 Trend Micro default C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
有効 Plugin Google Update 1.3.29.1 default C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 4.0.56.0 Intel Corporation default C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin OpenH264 Video Codec 1.4 default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default C:\Users\kazuto2\AppData\Roaming\Mozilla\Firefox\Profiles\a5v9pjna.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin Unity Player 5.0.3.35960 Unity Technologies ApS default C:\Users\kazuto2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

Chrome

有効 App Gmail 8.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_1
有効 Extension Google スプレッドシート 1.1 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 ユーザー 1 C:\Users\kazuto2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0


HJT

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:35:35, on 2016/02/07
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Windows\snuvcdsm.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Fujitsu\F-LINK\WSDMAIN.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\kazuto2\Desktop\マルウェア対策 悪代官\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKLM\..\Run: [ControlCenter4] "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKCU\..\Run: [DriveStudio] "C:\Program Files (x86)\Fujitsu\DriveStudio\DriveStudio.exe" silent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: IntelR CentrinoR Wireless BluetoothR + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CorelDAWatchdog - Unknown owner - C:\Program Files (x86)\Corel\MLSDK\CorelAgentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DataExchangeUtilityService - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\F-LINK\DEUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FJAgentSVC - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\FJAgent\Core\bin\FJAgentSVC.exe
O23 - Service: FJStatusPanelSwitchDaemon - FUJITSU LIMITED - C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe
O23 - Service: FUJ02E3Service - FUJITSU LIMITED - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (ibtsiva.exe) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MyCloudコンテンツ管理Utility(管理サービス) (MCCManageSVC) - 富士通株式会社 - C:\Program Files (x86)\Fujitsu\MCCMUtility\MCCManageSVC.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: My Cloud メディアサーバー設定Utility (モニタ) (My Cloud Media Server Monitor Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSMonitorService.exe
O23 - Service: My Cloud メディアサーバー設定Utility (管理サービス) (My Cloud Media Server Service) - CyberLink - C:\Program Files (x86)\CyberLink\FujitsuMCP Media Server\FujitsuMCPMSServer.exe
O23 - Service: My Cloud Eco DX Service (MyCloudEcoSvc) - FUJITSU LIMITED - C:\Program Files (x86)\Fujitsu\MCEco\MyCloudEchoSvc.exe
O23 - Service: MyCloudRemoteAccessConnectSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\MCTunnel.exe
O23 - Service: MyCloudRemoteAccessSvc - Unknown owner - C:\Program Files (x86)\Fujitsu\MCRemoteAccess\svcMPPFclient.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PCカルテ スケジュール サービス (SKARUTE) - FUJITSU LIMITED - C:\Program Files\Fujitsu\SKARUTE\fjkartemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SSPF HGW Service (SSPFHGWService) - Unknown owner - C:\Program Files (x86)\Fujitsu\MCEcoUty\MCEcoUty.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: UDSS - Unknown owner - C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11881 bytes
  • Y.K
  • 2016/02/07 (Sun) 20:45:18
返信フォームへ 
異常は消えても以後の自衛はこれからです
こんばんは。
様子見後の報告ですね。

>一週間様子見してみましたが、異常は再発しませんでした。

状態は良好みたいで何よりです。
各ログも見せてもらいました。

その中で下記についてですが、
>Microsoft SQL Server Compact 3.5 SP2 JPN Microsoft Corporation 2014/11/10 4.89 MB 3.5.8080.0
>Microsoft SQL Server Compact 3.5 SP2 x64 JPN Microsoft Corporation 2014/11/10 7.08 MB 3.5.8080.0

以下のページで掃除屋さんの説明をお読みください。
http://respondent.bbs.fc2.com/?act=reply&tid=6990765

その上で、該当アプリが特に必要でなければ削除をお勧めします。
どうしても必要なら自己責任で判断と使用を検討ください。

他は怪しいものも見えませんので、異常なければ本題の処置は終了でいいでしょう。
ですが以後の再被害を防ぐための自衛はここからが始まりです。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

今回のスレの中で、特に覚えておいてほしいのが下記です。

>マルウェア駆除と言うのはある意味毒草や毒虫の駆除にも近いものがあります。
>表面上見えている成虫や毒花を始末したところで、巣の中や地中に残った卵や根や種を見落とすとそれがまた動き出して被害も繰り返します。

多くのユーザーさんは感染後に各社のセキュリティソフトでスキャンと、それで検出されたものを自動処置した時点で異常が沈静化したらそこで「解決」と思い込むのがほとんどです。
ですがセキュリティソフトでの自動処置で片付くものはよほどの小物か、PC内のデータを盗み取る『本物の』危険マルウェアくらいで、それ以外の性質を持つ迷惑プログラムは自動処置が通用しないことをしっかりと認識しましょう。
これには様々な事情が複雑に絡む要因があり、大手ベンダー製のセキュリティソフトでも簡単には検出駆除対象にできないと思ってください。

PCを使う上でセキュリティソフトは不可欠ですが、セキュリティソフト任せでセキュリティは成り立ちません。

他のスレも参考に見ながら、少しずつでもいいのでPC環境とセキュリティ意識を高めていってください。

慣れない作業を長期間頑張ってくれてお疲れ様でした。
以後は安全で快適なPCライフを
  • 悪代官
  • 2016/02/08 (Mon) 18:04:26
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック