悪代官の伏魔殿掲示板

ウイルスを踏んでしまったようです

初めまして。
1週間ほど前から「no-stop .biz」というリンクをカスペルスキーがブロックし続けている状態になっています。
検索しても結果が出てこないので、別のウイルスがこのページに飛ばそうとしているのでしょうか。
何とか駆除したいのですが、生憎PCの知識があまりないため下手に自力で解決しようとすると状態を悪化させそうなので、
こちらへご相談させていただきました。
なお、PCは個人の趣味用です。普段は写真データ保存用の外付けHDDをつないでいるのですが、
今は念のため外しています。
お忙しい中お手数をおかけいたしますが、ご確認をお願いいたします。

特快速
2016/12/14 (Wed) 22:17:02

返信フォームへ

HJTログです

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:49, on 2016/12/14
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
C:\Program Files (x86)\PHotkey\HCSynApi.exe
C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\IUSB3MON.EXE
C:\Program Files (x86)\DayzWeather for Windows\amewari.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\R\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_23\Modules\ypho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_23\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_23\Modules\YahooToolBar.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Startup: DayzWeather for Windows.lnk = C:\Program Files (x86)\DayzWeather for Windows\amewari.exe
O9 - Extra button: このコンテンツを引用 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer でこのコンテンツに関する記事を書く(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10917 bytes

特快速
2016/12/14 (Wed) 22:19:35

返信フォームへ

CCのログです

Adobe Flash Player 23 NPAPI Adobe Systems Incorporated 2016/11/23 19.2 MB 23.0.0.207
Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/09/23 412 MB 11.0.12
Atheros Bluetooth Suite (64) Atheros 2013/05/13 154 MB 7.4.0.120
CCleaner Piriform 2016/12/14 5.25
Craving Explorer Version 1.7.7 T-Craft 2016/10/31 32.7 MB 1.7.7.0
CyberLink LabelPrint 2.5 CyberLink Corp. 2013/05/13 28.9 MB 2.5.5220
CyberLink Media Suite 8 CyberLink Corp. 2013/05/13 19.5 MB 8.0.2820b
CyberLink Power2Go 7 CyberLink Corp. 2013/05/13 115 MB 7.0.0.2719b
CyberLink PowerBackup 2.5 CyberLink Corp. 2016/09/29 12.0 MB 2.5.9102
CyberLink YouCam 3.1 CyberLink Corp. 2013/05/13 63.5 MB 3.1.5324
DayzWeather for Windows Dayz株式会社 2016/07/14 4.46 MB 2.2.6
Euro Truck Simulator 2 SCS Software 2013/05/19 1.71 GB 1.3.0
Google Chrome Google Inc. 2013/05/13 473 MB 54.0.2840.99
Google Toolbar for Internet Explorer Google Inc. 2016/11/25 15.1 MB 7.5.8231.2252
Groove ミュージック Microsoft Corporation 2016/12/01 10.16102.10341.0
Intel(R) Control Center Intel Corporation 2013/05/13 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2013/05/13 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2013/05/13
Intel(R) Processor Graphics Intel Corporation 2013/05/13 8.15.10.2696
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/05/13 1.0.3.214
Intel® Trusted Connect Service Client Intel Corporation 2013/05/13 15.7 MB 1.23.605.1
Logicool ゲームソフトウェア 8.83 Logicool 2016/09/29 217 MB 8.83.85
Media Go Sony 2016/09/16 269 MB 3.1.343
Media Go Network Downloader Sony 2016/09/16 2.53 MB 1.6.07.0
Media Go Video Playback Engine 2.20.108.05220 Sony 2016/06/02 42.0 MB 2.20.108.05220
Microsoft Silverlight Microsoft Corporation 2016/10/12 143 MB 5.1.50901.0
Microsoft Solitaire Collection Microsoft Studios 2016/12/14 3.12.12120.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2013/05/13 3.44 MB 3.1.0000
Microsoft Sticky Notes Microsoft Corporation 2016/11/29 1.2.14.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/09/17 580 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/05/13 1.53 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/09/17 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/05/13 1.16 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/09/17 737 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2014/07/02 17.8 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2014/07/02 14.7 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2016/09/29 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2016/09/29 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2016/09/29 18.7 MB 14.0.23506.0
Microsoft Wi-Fi Microsoft Corporation 2016/09/29 1.1604.4.0
Mozilla Firefox 49.0.2 (x86 ja) Mozilla 2016/11/15 89.2 MB 49.0.2
Mozilla Maintenance Service Mozilla 2016/11/14 233 KB 49.0.2.6136
MusicBee 2.4 Steven Mayall 2016/09/29 2.4
OneNote Microsoft Corporation 2016/12/03 17.7571.57761.0
People Microsoft Corporation 2016/12/12 10.1.3160.0
PHotkey Pegatron Corporation 2013/05/13 22.4 MB 1.00.0064
Qualcomm Atheros WiFi Driver Installation Qualcomm Atheros 2013/05/13 3.24 MB 3.0
Realtek Ethernet Controller Driver Realtek 2013/05/13 2.50 MB 7.47.714.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/09/30 31.5 MB 6.0.1.6626
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 2013/05/13 10.5 MB 6.1.7600.30127
Recuva Piriform 2016/09/29 9.93 MB 1.52
Skype プレビュー Skype 2016/12/14 11.10.145.0
Store Purchase App Microsoft Corporation 2016/09/29 11608.1000.2431.0
Sway Microsoft Corporation 2016/12/12 17.7668.45141.0
Synaptics Pointing Device Driver Synaptics Incorporated 2016/09/29 46.4 MB 19.0.19.1
Twitter Twitter Inc. 2016/12/12 5.4.1.0
Windows DVD プレイヤー Microsoft Corporation 2016/09/29 3.6.13291.0
Windows Live Sync Microsoft Corporation 2013/05/13 5.53 MB 14.0.8089.726
Windows Live おすすめパック Microsoft Corporation 2016/09/29 12.1 MB 14.0.8089.0726
Windows Live アップロードツール Microsoft Corporation 2013/05/13 448 KB 14.0.8014.1029
Windows Live サインインアシスタント Microsoft Corporation 2013/05/13 2.18 MB 5.000.818.5
Windows Media Player 64-bit Plug-in Fix 2016/09/29
Windows Media Player Plus! 2.8 BM-productions 2015/07/15 2.43 MB 2.8
WMP Tag Plus 2.5 BM-productions 2015/07/15 2.72 MB 2.5
Xbox Microsoft Corporation 2016/12/06 22.24.1006.0
Xbox Identity Provider Microsoft Corporation 2016/09/29 11.19.19003.0
Xiph.Org Open Codecs 0.85.17777 Xiph.Org 2016/09/29 0.85.17777
Yahoo!ツールバー Yahoo! JAPAN. 2016/09/29 2.62 MB 7.3.0.23
その花びらにくちづけを　あなたと恋人つなぎ 2016/09/29
はじめに Microsoft Corporation 2016/12/14 4.2.29.0
アプリインストーラー Microsoft Corporation 2016/09/29 1.0.2181.0
アプリコネクター Microsoft Corporation 2016/09/29 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/12/14 10.1612.3343.0
カスペルスキーインターネットセキュリティ Kaspersky Lab 2016/11/01 81.1 MB 16.0.0.614
カメラ Microsoft Corporation 2016/12/14 2016.1101.20.0
ストア Microsoft Corporation 2016/12/14 11610.1001.23.0
スポーツ Microsoft Corporation 2016/11/22 4.17.74.0
ニュース Microsoft Corporation 2016/11/22 4.17.74.0
パソコン診断ソフト PC-Doctor PC-Doctor, Inc. 2016/09/29 142 MB 6.0.6062.78
フィードバック Hub Microsoft Corporation 2016/11/18 1.1610.3143.0
フォト Microsoft Corporation 2016/11/23 16.1118.10000.0
ボイスレコーダー Microsoft Corporation 2016/12/14 10.1612.3352.0
マップ Microsoft Corporation 2016/12/14 5.1611.3342.0
マネー Microsoft Corporation 2016/11/22 4.17.74.0
メッセージング Microsoft Corporation 2016/09/29 3.19.1001.0
メール/カレンダー Microsoft Corporation 2016/12/12 17.7705.42037.0
モバイルコンパニオン Microsoft Corporation 2016/09/29 10.1609.2561.0
天気 Microsoft Corporation 2016/11/22 4.17.74.0
新しい Office を始めよう Microsoft Corporation 2016/11/16 17.7608.23501.0
映画 & テレビ Microsoft Corporation 2016/12/14 10.16112.10221.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2016/09/29 1.1607.6.0
電卓 Microsoft Corporation 2016/12/14 10.1612.3341.0
電話 Microsoft Corporation 2016/09/29 2.17.27003.0

特快速
2016/12/14 (Wed) 22:33:04

返信フォームへ

Re: ウイルスを踏んでしまったようです

まず一般的な事から案内しますとアプリケーションの整理からですね
全てのブラウザを終了してから以下のものをアンインストールしてください

Craving Explorer Version 1.7.7 T-Craft 2016/10/31 32.7 MB 1.7.7.0
DayzWeather for Windows Dayz株式会社 2016/07/14 4.46 MB 2.2.6
Recuva Piriform 2016/09/29 9.93 MB 1.52
Skype プレビュー Skype 2016/12/14 11.10.145.0
Windows Live Sync Microsoft Corporation 2013/05/13 5.53 MB 14.0.8089.726
Windows Live おすすめパック Microsoft Corporation 2016/09/29 12.1 MB 14.0.8089.0726
Windows Live アップロードツール Microsoft Corporation 2013/05/13 448 KB 14.0.8014.1029
Windows Live サインインアシスタント Microsoft Corporation 2013/05/13 2.18 MB 5.000.818.5
Windows Media Player 64-bit Plug-in Fix 2016/09/29
Windows Media Player Plus! 2.8 BM-productions 2015/07/15 2.43 MB 2.8
WMP Tag Plus 2.5 BM-productions 2015/07/15 2.72 MB 2.5
Xiph.Org Open Codecs 0.85.17777 Xiph.Org 2016/09/29 0.85.17777
Yahoo!ツールバー Yahoo! JAPAN. 2016/09/29 2.62 MB 7.3.0.23

以下のものは必要なら最新版にしてください。
使用しないならアンインストールしてください。

Adobe Flash Player 23 NPAPI Adobe Systems Incorporated 2016/11/23 19.2 MB 23.0.0.207
Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/09/23 412 MB 11.0.12
Mozilla Firefox 49.0.2 (x86 ja) Mozilla 2016/11/15 89.2 MB 49.0.2
カスペルスキーインターネットセキュリティ Kaspersky Lab 2016/11/01 81.1 MB 16.0.0.614
MusicBee 2.4 Steven Mayall 2016/09/29 2.4

終了したら再起動後にログを取得して再度みせてください。

掃除屋
2016/12/14 (Wed) 23:48:38

返信フォームへ

Re: ウイルスを踏んでしまったようです

連絡が遅くないり申し訳ございません。
ご確認いただきありがとうございました。
ログを貼り付けますので、ご確認をお願いします。
「Windows Live おすすめパック」について、一部機能を使用したいため残してあります。

特快速
2016/12/18 (Sun) 20:58:04

返信フォームへ

HJTログです

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:58, on 2016/12/18
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
C:\Program Files (x86)\PHotkey\HCSynApi.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\IUSB3MON.EXE
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\R\Downloads\HijackThis (1).exe

F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: このコンテンツを引用 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer でこのコンテンツに関する記事を書く(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: McAfee Application Installer Cleanup (0234501482062184) (0234501482062184mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\023450~1.EXE (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - McAfee, Inc. - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11320 bytes

特快速
2016/12/18 (Sun) 21:01:21

返信フォームへ

CCログです

Adobe Flash Player 24 PPAPI Adobe Systems Incorporated 2016/12/18 19.6 MB 24.0.0.186
Adobe Reader XI (11.0.18) - Japanese Adobe Systems Incorporated 2016/12/18 413 MB 11.0.18
Atheros Bluetooth Suite (64) Atheros 2013/05/13 154 MB 7.4.0.120
CCleaner Piriform 2016/12/15 19.0 MB 5.25
CyberLink LabelPrint 2.5 CyberLink Corp. 2013/05/13 28.9 MB 2.5.5220
CyberLink Media Suite 8 CyberLink Corp. 2013/05/13 19.5 MB 8.0.2820b
CyberLink Power2Go 7 CyberLink Corp. 2013/05/13 115 MB 7.0.0.2719b
CyberLink PowerBackup 2.5 CyberLink Corp. 2016/09/29 12.0 MB 2.5.9102
CyberLink YouCam 3.1 CyberLink Corp. 2013/05/13 63.5 MB 3.1.5324
Euro Truck Simulator 2 SCS Software 2013/05/19 1.71 GB 1.3.0
Google Chrome Google Inc. 2013/05/13 473 MB 55.0.2883.87
Google Toolbar for Internet Explorer Google Inc. 2016/11/25 15.1 MB 7.5.8231.2252
Groove ミュージック Microsoft Corporation 2016/12/18 10.16112.10211.0
Intel Security True Key Intel Security 2016/12/18 4.11.110.1
Intel(R) Control Center Intel Corporation 2013/05/13 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2013/05/13 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2013/05/13
Intel(R) Processor Graphics Intel Corporation 2013/05/13 8.15.10.2696
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/05/13 1.0.3.214
Intel® Trusted Connect Service Client Intel Corporation 2013/05/13 15.7 MB 1.23.605.1
Logicool ゲームソフトウェア 8.83 Logicool 2016/09/29 217 MB 8.83.85
Media Go Sony 2016/09/16 269 MB 3.1.343
Media Go Network Downloader Sony 2016/09/16 2.53 MB 1.6.07.0
Media Go Video Playback Engine 2.20.108.05220 Sony 2016/06/02 42.0 MB 2.20.108.05220
Microsoft OneDrive Microsoft Corporation 2016/12/15 88.7 MB 17.3.6720.1207
Microsoft Silverlight Microsoft Corporation 2016/10/12 143 MB 5.1.50901.0
Microsoft Solitaire Collection Microsoft Studios 2016/12/14 3.12.12120.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2013/05/13 3.44 MB 3.1.0000
Microsoft Sticky Notes Microsoft Corporation 2016/12/15 1.3.0.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/09/17 580 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/05/13 1.53 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/09/17 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/05/13 1.16 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/09/17 737 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2014/07/02 17.8 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2014/07/02 14.7 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2016/09/29 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2016/09/29 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2016/09/29 18.7 MB 14.0.23506.0
Microsoft Wi-Fi Microsoft Corporation 2016/09/29 1.1604.4.0
Mozilla Firefox 50.1.0 (x86 ja) Mozilla 2016/12/18 91.8 MB 50.1.0
Mozilla Maintenance Service Mozilla 2016/12/18 233 KB 50.1.0.6186
MusicBee 3.0 Steven Mayall 2016/12/15 3.0
OneNote Microsoft Corporation 2016/12/18 17.7668.57601.0
People Microsoft Corporation 2016/12/12 10.1.3160.0
PHotkey Pegatron Corporation 2013/05/13 22.4 MB 1.00.0064
Qualcomm Atheros WiFi Driver Installation Qualcomm Atheros 2013/05/13 3.24 MB 3.0
Realtek Ethernet Controller Driver Realtek 2013/05/13 2.50 MB 7.47.714.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/09/30 31.5 MB 6.0.1.6626
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 2013/05/13 10.5 MB 6.1.7600.30127
Store Purchase App Microsoft Corporation 2016/09/29 11608.1000.2431.0
Sway Microsoft Corporation 2016/12/12 17.7668.45141.0
Synaptics Pointing Device Driver Synaptics Incorporated 2016/09/29 46.4 MB 19.0.19.1
Twitter Twitter Inc. 2016/12/12 5.4.1.0
Windows DVD プレイヤー Microsoft Corporation 2016/09/29 3.6.13291.0
Windows Live おすすめパック Microsoft Corporation 2016/12/15 9.95 MB 14.0.8089.0726
Xbox Microsoft Corporation 2016/12/06 22.24.1006.0
Xbox Identity Provider Microsoft Corporation 2016/09/29 11.19.19003.0
その花びらにくちづけを　あなたと恋人つなぎ 2016/09/29
はじめに Microsoft Corporation 2016/12/14 4.2.29.0
アプリインストーラー Microsoft Corporation 2016/09/29 1.0.2181.0
アプリコネクター Microsoft Corporation 2016/09/29 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/12/14 10.1612.3343.0
カスペルスキーインターネットセキュリティ Kaspersky Lab 2016/11/01 81.1 MB 16.0.0.614
カメラ Microsoft Corporation 2016/12/14 2016.1101.20.0
ストア Microsoft Corporation 2016/12/14 11610.1001.23.0
スポーツ Microsoft Corporation 2016/12/18 4.18.37.0
ニュース Microsoft Corporation 2016/12/18 4.18.37.0
パソコン診断ソフト PC-Doctor PC-Doctor, Inc. 2016/09/29 142 MB 6.0.6062.78
フィードバック Hub Microsoft Corporation 2016/11/18 1.1610.3143.0
フォト Microsoft Corporation 2016/11/23 16.1118.10000.0
ボイスレコーダー Microsoft Corporation 2016/12/14 10.1612.3352.0
マップ Microsoft Corporation 2016/12/14 5.1611.3342.0
マネー Microsoft Corporation 2016/12/18 4.18.37.0
メッセージング Microsoft Corporation 2016/09/29 3.19.1001.0
メール/カレンダー Microsoft Corporation 2016/12/18 17.7714.42037.0
モバイルコンパニオン Microsoft Corporation 2016/09/29 10.1609.2561.0
天気 Microsoft Corporation 2016/12/18 4.18.37.0
新しい Office を始めよう Microsoft Corporation 2016/11/16 17.7608.23501.0
映画 & テレビ Microsoft Corporation 2016/12/14 10.16112.10221.0
有料 Wi-Fi & 携帯ネットワーク Microsoft Corporation 2016/09/29 1.1607.6.0
電卓 Microsoft Corporation 2016/12/14 10.1612.3341.0
電話 Microsoft Corporation 2016/09/29 2.17.27003.0

特快速
2016/12/18 (Sun) 21:04:18

返信フォームへ

処置を開始しましょう

こんばんは、IVNOと申します。
掃除屋さんフォローありがとうございます。
ログを確認したところ、Adobe Readerが最新バージョンではありませんので、
以下で削除のご案内をいたします。
最新バージョンは、Adobe Acrobat Reader DCとなります。
こちらが必要な場合、Adobe Reader XIの削除案内の後にインストールなされてください。

それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もある場合があります、その場合でも一応説明を再度ご確認ください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードし、作業指示のある場合にのみ手順に従ってお使いください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないようになされてください。

GeekUninstaller(以下GU)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
展開が完了した後のzipファイルは不要となりますので、そちらは削除を行ってください。
GU本体の削除を案内された際は、そのままごみ箱に処分してください。

CCleaner(以下CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGUなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読み、こちらが指示した以外の操作はしないようになされてください。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

それでは処置を開始しましょう。

PCをセーフモードで起動してください。
Windows Vistaまたは7の方は以下を参考になされてください。
http://www.pc-master.jp/sousa/s-safemode.html
Windows 8または8.1の方は以下を参考になされてください。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
Windows 10の方は以下を参考になされてください。
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=017878

GUを起動させてください。
以下の項目を探し出し、ダブルクリックで削除を行ってください。

Adobe Reader XI (11.0.18) - Japanese Adobe Systems Incorporated 2016/12/18 413 MB 11.0.18

GU上に表示されているソフトウェアをダブルクリックで削除できます。
削除が完了すると自動的にスキャンが開始されますので、
スキャンが完了しましたらOKを押して削除を完了させてください。
GUでのアンインストールが完了しましたら、GUを終了させてください。
Windowsインストーラーがどうとかの表示が出た場合はPCを通常モードで再起動し、
その状態で改めて該当ソフトウェアのみをアンインストールしてください。
通常モードとセーフモードを使い分けながらご案内しているすべてのソフトウェアの削除が完了するまで続けてください。
PCを通常モードで再起動させてください。
キーボードの左Ctrlと左Altの間にあるスタートボタンを押しながらRボタンを押します。
ファイル名を指定して実行と言うものが起動しますので、そちらに半角英数で以下を入力してください。

cleanmgr

入力が完了しましたらエンターキーを押してください。
C:ドライブを選択してOKを押します。
スキャンが開始されますので完了するまでお待ちください。
スキャンが完了すると一覧が表示されますので、すべてにチェックを入れてOKを押してください。
ただし、OKを押すとごみ箱の中身を含めてすべて削除されますので、
ごみ箱の中に必要なファイルが入っている場合はご注意ください。
CCを起動させてください。
「ツール」→「スタートアップ」→「Windows」のタブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
同じく「スケジュールされたタスク」のタブ、「コンテキストメニュー」のタブもログ保存を行います。
次にブラウザプラグインの項目を開き、「Internet Explorer」、「Firefox」、「Google Chrome」の各タブもログ保存を行います。
タブが存在しないものがある場合、そちらは飛ばしてログ取得を続けてください。
保存したログをすべて貼り付けてご連絡をお願いいたします。

IVNO
MAIL
2016/12/18 (Sun) 21:14:07

返信フォームへ

Re: ウイルスを踏んでしまったようです

>「Windows Live おすすめパック」について、一部機能を使用したいため残してあります。
そうですか、わかりました。ただこの製品はあと３ヶ月でMSのサポート終了の予定です。
メーラー等であればなるべく早く移行したほうがよいでしょう

>カスペルスキーインターネットセキュリティ Kaspersky Lab 2016/11/01 81.1 MB 16.0.0.614
こちらは2017が最新でリリースされています。なんらかの事情で2017にしたくないとしても
より新しいバージョンの2016がリリースされていますのでそちらに更新してください。
サポートに連絡すればリンク等をおしえてもらえるはずです

＞1週間ほど前から「no-stop .biz」というリンクをカスペルスキーがブロックし続けている状態になっています。
＞検索しても結果が出てこないので、別のウイルスがこのページに飛ばそうとしているのでしょうか。
今回はカスペルスキーがアラートをだしているので原因究明をしたい場合はサポートに依頼することになるでしょう。
おそらくログを詳細に出す設定変更をして、再現を待ち再現したらそのログを送って解析してもらうという流れになるかとおもいます。

ただ、アドウエアやカスペルスキーのバグ等であれば、
怪しいアプリケーションの削除とカスペルスキーの更新だけで改善する可能性も高いです。
ですのでまずは、その辺りを案内しました。

IVNOさんが後は引き継ぐということなので、これで私からの案内は終わりにしておきます。

掃除屋
2016/12/18 (Sun) 22:04:13

返信フォームへ

各ログ

ご確認いただきありがとうございます。
各ログを貼り付けますのでご確認お願い致します。

・ウィンドウズ
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Yes HKLM:Run AthBtTray Atheros Commnucations "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
Yes HKLM:Run CLMLServer CyberLink "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logicool Gaming Software\LCore.exe /minimized
Yes HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Yes HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
Yes HKLM:Run YouCam Mirage CyberLink "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
Yes HKLM:Run YouCam Tray CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

・スケジュールされたタスク
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe -check pepperplugin
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task Bluetooth Driver Installer "C:\Users\R.Nakagawa\AppData\Local\Temp\is-C9AG2.tmp\prsetup.exe" "/logon"
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
Yes Task OneDrive Standalone Update Task C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Yes Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task PCDEventLauncherTask PC-Doctor, Inc. "C:\Program Files\PC-Doctor Diagnostics\sessionchecker.exe"
Yes Task {7B29A2C7-6AED-48A4-A3B8-3AA08C25BE1B} C:\Program Files (x86)\ふぐり屋\その花びらにくちづけを　あなたと恋人つなぎ\HANABIRA3.EXE
Yes Task {E0A1BD2C-1066-409B-A546-161E1B717EEF} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\R.Nakagawa\AppData\Local\Temp\Temp1_bt.zip\05 WLAN_BT_COMBO\INSTALLALL.EXE"

・コンテキストメニュー
Yes Directory Kaspersky Anti-Virus 17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll
Yes Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
Yes Drive Kaspersky Anti-Virus 17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll
Yes Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location '%V'
Yes File Kaspersky Anti-Virus 17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll
Yes Folder Kaspersky Anti-Virus 17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll

・IE
Yes Extension Send by Bluetooth to Atheros Commnucations C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
Yes Extension このコンテンツを引用 C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
No Helper CIESpeechBHO Class Atheros Commnucations C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
Yes Helper Google Toolbar Helper C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Yes Helper Google Toolbar Helper C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
Yes Helper Kaspersky Protection C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
Yes Helper Kaspersky Protection C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll
Yes Toolbar Google Toolbar C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Yes Toolbar Google Toolbar C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
Yes Toolbar Kaspersky Protection Toolbar C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
Yes Toolbar Kaspersky Protection Toolbar C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll

・firefox
Yes Extension Application Update Service Helper 1.0 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
No Extension Firefox Hotfix 20160826.01 Mozilla default Firefox 50.1.0 C:\Users\R.Nakagawa\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\extensions\firefox-hotfix@mozilla.org.xpi
Yes Extension Kaspersky Protection 5.0.130-0-20160620125320 default Firefox 50.1.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
Yes Extension Multi-process staged rollout 1.5 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Yes Extension Pocket 1.0.5 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Yes Extension Web Compat 1.0 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Yes Plugin 1.4.8.903 Google Inc. default Firefox 50.1.0 C:\Users\R.Nakagawa\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
Yes Plugin Adobe Acrobat 11.0.18.21 default Firefox 50.1.0 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Yes Plugin Google Update 1.3.32.7 Google Inc. default Firefox 50.1.0 C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Yes Plugin Intel® Identity Protection Technology 2.0.59.0 default Firefox 50.1.0 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Yes Plugin Intel® Identity Protection Technology 2.0.59.0 default Firefox 50.1.0 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Yes Plugin OpenH264 Video Codec 1.6 Mozilla Corporation default Firefox 50.1.0 C:\Users\R.Nakagawa\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
Yes Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 17 Adobe Systems Inc default Firefox 50.1.0 C:\Users\R.Nakagawa\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\gmp-eme-adobe\17\eme-adobe.dll
Yes Plugin Silverlight Plug-In 5.1.50901.0 default Firefox 50.1.0 c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Yes Plugin Windows Live® Photo Gallery 14.0.8081.709 default Firefox 50.1.0 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

・chrome
Yes Extension Stylish 1.5.2 最初のユーザー C:\Users\R.Nakagawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.5.2_0
Yes Extension カスペルスキープラグイン 5.0.141.0 最初のユーザー C:\Users\R.Nakagawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.0_0
Yes Plugin Adobe Acrobat 11.0.0.379 最初のユーザー C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
Yes Plugin Chrome PDF Viewer 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\pdf.dll
Yes Plugin Default Plug-in 1 最初のユーザー default_plugin
Yes Plugin Google Update 1.3.21.145 最初のユーザー C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
Yes Plugin Intel® Identity Protection Technology 2.0.59.0 最初のユーザー C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Yes Plugin Kaspersky Anti-Virus 13.0.1.4190 最初のユーザー C:\Users\R.Nakagawa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll
Yes Plugin Native Client 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll
Yes Plugin Remoting Viewer 最初のユーザー internal-remoting-viewer
Yes Plugin Shockwave Flash 11,1,102,63 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\gcswf32.dll
Yes Plugin Windows Live® Photo Gallery 14.0.8081.0709_ship.wlx.w3m3 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

よろしくお願いします。

特快速
2016/12/19 (Mon) 19:10:47

返信フォームへ

追加でログ取得を

ログを確認いたしました。
ここまでのログを見た結果、PC以外の別の場所が感染している可能性も浮上しています。
一つログ取得を行ってください。

Windows 10とのことですので、スタートボタンを右クリックし、コマンドプロンプト(管理者)を開きます。
コマンドプロンプトが表示されましたら以下の一行をコピーし、エンターを押してください。

ipconfig /all > %UserProfile%\Desktop\IP調査ログ.txt

エンターを押すとデスクトップ上にIP調査ログと書かれたテキストが作成されますので、
そちらのログを貼り付けてご連絡ください。
なお私はこれから仕事の関係で出かけなければなりませんので、
次回の回答は明日以降になる模様です。

IVNO
MAIL
2016/12/19 (Mon) 20:10:59

返信フォームへ

IP調査ログ

IP調査ログです。

Windows IP 構成

ホスト名. . . . . . . . . . . . . . .: RNakagawa-PC
プライマリ DNS サフィックス . . . . .:
ノードタイプ . . . . . . . . . . . .: ハイブリッド
IP ルーティング有効 . . . . . . . . .: いいえ
WINS プロキシ有効 . . . . . . . . . .: いいえ

イーサネットアダプターローカルエリア接続:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Realtek PCIe GBE Family Controller
物理アドレス. . . . . . . . . . . . .: 70-54-D2-DE-CA-45
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい

Wireless LAN adapter ローカルエリア接続* 2:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Microsoft Wi-Fi Direct Virtual Adapter
物理アドレス. . . . . . . . . . . . .: 1E-85-DE-87-DA-17
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい

Wireless LAN adapter ローカルエリア接続* 4:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Microsoft Hosted Network Virtual Adapter
物理アドレス. . . . . . . . . . . . .: 5E-85-DE-87-DA-17
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい

イーサネットアダプターイーサネット:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Kaspersky Security Data Escort Adapter
物理アドレス. . . . . . . . . . . . .: 00-FF-AF-6F-93-74
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい

Wireless LAN adapter ワイヤレスネットワーク接続:

接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Atheros AR1111 WB-EG Wireless Network Adapter
物理アドレス. . . . . . . . . . . . .: DC-85-DE-87-DA-17
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい
リンクローカル IPv6 アドレス. . . . .: fe80::89cd:c41c:d926:e936%17(優先)
IPv4 アドレス . . . . . . . . . . . .: 192.168.43.221(優先)
サブネットマスク . . . . . . . . . .: 255.255.255.0
リース取得. . . . . . . . . . . . . .: 2016年12月19日 18:50:01
リースの有効期限. . . . . . . . . . .: 2016年12月19日 21:15:15
デフォルトゲートウェイ . . . . . . .: 192.168.43.1
DHCP サーバー . . . . . . . . . . . .: 192.168.43.1
DHCPv6 IAID . . . . . . . . . . . . .: 366773726
DHCPv6 クライアント DUID. . . . . . .: 00-01-00-01-19-22-14-7C-70-54-D2-DE-CA-45
DNS サーバー. . . . . . . . . . . . .: 8.8.8.8
NetBIOS over TCP/IP . . . . . . . . .: 有効

イーサネットアダプター Bluetooth ネットワーク接続:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Bluetooth デバイス (パーソナルエリアネットワーク)
物理アドレス. . . . . . . . . . . . .: DC-85-DE-87-C7-5A
DHCP 有効 . . . . . . . . . . . . . .: はい
自動構成有効. . . . . . . . . . . . .: はい

Tunnel adapter isatap.{E1BD296B-89C0-45EF-8A60-E671D9366CC3}:

メディアの状態. . . . . . . . . . . .: メディアは接続されていません
接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Microsoft ISATAP Adapter
物理アドレス. . . . . . . . . . . . .: 00-00-00-00-00-00-00-E0
DHCP 有効 . . . . . . . . . . . . . .: いいえ
自動構成有効. . . . . . . . . . . . .: はい

Tunnel adapter ローカルエリア接続* 13:

接続固有の DNS サフィックス . . . . .:
説明. . . . . . . . . . . . . . . . .: Microsoft Teredo Tunneling Adapter
物理アドレス. . . . . . . . . . . . .: 00-00-00-00-00-00-00-E0
DHCP 有効 . . . . . . . . . . . . . .: いいえ
自動構成有効. . . . . . . . . . . . .: はい
IPv6 アドレス . . . . . . . . . . . .: 2001:0:9d38:6ab8:3c93:44c:4be1:712b(優先)
リンクローカル IPv6 アドレス. . . . .: fe80::3c93:44c:4be1:712b%8(優先)
デフォルトゲートウェイ . . . . . . .: ::
DHCPv6 IAID . . . . . . . . . . . . .: 134217728
DHCPv6 クライアント DUID. . . . . . .: 00-01-00-01-19-22-14-7C-70-54-D2-DE-CA-45
NetBIOS over TCP/IP . . . . . . . . .: 無効

ご確認をお願いします。

特快速
2016/12/19 (Mon) 20:33:07

返信フォームへ

ACとMBAMでスキャンを

遅くなりました。
ログを確認いたしましたが、DNS等には異常はなさそうです。
ではツールを使って調査を行いましょう。

以下のソフトウェアをご用意ください。

AdwCleaner(以下AC)
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
青いボタンのDownliad Nowをクリックしてダウンロードを行ってください。
ダウンロードが完了しましたら、ACを分かりやすい場所に移動させておいてください。

Malwarebytes Anti-Malware(以下MBAM)
https://apps.tourocloudbackup.com/d/?S2HXRYM3VS
最新バージョンのMBAMは不具合が発生しているため、ここでは旧バージョンのMBAMを用います。
ファイルをダウンロードをクリックしてダウンロードを行ってください。
インストールの最後に出てくるMalwarebytes Anti-Malware Pro版の無料試用を開始する。のチェックを外します。
このソフトウェアは日本語対応ではありますが、初回起動時は文字化けしておりますので、以下の手順で日本語化を行ってください。
MBAMを起動させてください。
MBAMを起動時に自動アップデートが始まります。
最新バージョンをダウンロードしたと表示されたら、必ずキャンセルを押してください。
次にウイルス定義ファイルのアップデートが始まりますので、アップデート終了までお待ちください。
ウイルス定義ファイルのバージョンアップが完了すると、再度最新バージョンをダウンロードしたと出ますので、
再びキャンセルを押してアップデートを中止してください。
MBAMが起動したら設定タブを開き、Languageの項目の部分をJapaneseに再度変更することで日本語化が可能です。
この段階ではスキャンは行いませんので、設定が完了したらMBAMを終了させておいてください。
最新バージョンと旧バージョンは操作方法が大幅に異なりますので、
万一バージョン2.0以降を導入されてしまった場合はご連絡ください。
片付け時はセーフモードでGUを利用してアンインストールしてください。

ここで使うのはFree（無償版）です。

準備が完了しましたら作業を開始いたします。

Windowsをセーフモードで起動させてください。
Windowsがセーフモードで起動しましたら、ACを起動させます。
Scanあるいはスキャンをクリックし、スキャンを開始してください。
スキャンが完了しましたら、ログファイルのボタンを押してください。
ログマネージャーと言う画面が表示されますのでスキャンのタブを開き、
先ほどスキャンした最新のログをダブルクリックしてログを表示させてください。
ファイル→名前を付けて保存を行い、わかりやすい場所にログを保存してください。
スキャンで検出されたものはそのまま放置し、ACを終了させてください。

MBAMを起動させます。
フルスキャンを選択し、スキャン開始をクリックします。
スキャン終了まで30分～1時間半程度お待ちください。
スキャンが完了したら、詳細を表示をクリックします。
詳細が表示されましたら、右下にあるログを保存ボタンを押して分かりやすい場所に保存してください。
スキャンで検出されたものはそのまま放置し、MBAMを終了させてください。

PCを通常モードで再起動し、スキャンログを貼り付けてご連絡ください。
誤検出の有無を確認し、追って処置案内をいたします。

IVNO
MAIL
2016/12/20 (Tue) 23:09:20

返信フォームへ

ACログ、MBAMログ

ご確認いただきありがとうございます。
ACログ、MBAMログです。
ご確認をお願いいたします。

・ACログ
# AdwCleaner v6.041 - ログファイルの作成日 21/12/2016 作成時間 21:17:12
# Malwarebytesによる 16/12/2016 の更新日
# データベース : 2016-12-15.1 [ローカル]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : R - R-PC
# 実行場所 : C:\Users\R\Desktop\解析\adwcleaner_6.041.exe
# モード：スキャン
# サポート : https://www.malwarebytes.com/support

***** [ サービス ] *****

悪意あるサービスを検出しませんでした。

***** [ フォルダ ] *****

検出済みフォルダ： C:\ProgramData\Avg_Update_0814tb
検出済みフォルダ： C:\Users\R\AppData\LocalLow\AVG Secure Search
検出済みフォルダ： C:\ProgramData\FFinder LTD
検出済みフォルダ： C:\ProgramData\Application Data\FFinder LTD
検出済みフォルダ： C:\Program Files (x86)\AVG Security Toolbar

***** [ ファイル ] *****

検出済みファイル： C:\WINDOWS\SysNative\roboot64.exe

***** [ DLL ] *****

悪意あるDLLsファイルを検出しませんでした。

***** [ WMI ] *****

悪意あるキーを検出しませんでした。

***** [ ショートカット ] *****

改ざん済みショートカットを検出しませんでした。

***** [ スケジュール済みタスク ] *****

悪意あるタスクを検出しませんでした。

***** [ レジストリ ] *****

検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.Protector
検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.Protector.1
検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
検出済みキー： HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
検出済みキー： [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
検出済みキー： HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
検出済みキー： HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
検出済みキー： HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
検出済みキー： HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
検出済みキー： HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
検出済みキー： HKU\.DEFAULT\Software\AVG Secure Search
検出済みキー： HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\1ClickDownload
検出済みキー： HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\PRODUCTSETUP
検出済みキー： HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\UpdateStar
検出済みキー： HKU\S-1-5-18\Software\AVG Secure Search
検出済みキー： HKCU\Software\1ClickDownload
検出済みキー： HKCU\Software\PRODUCTSETUP
検出済みキー： HKCU\Software\UpdateStar
検出済みキー： HKLM\SOFTWARE\Vittalia
検出済みキー： HKLM\SOFTWARE\FFinder LTD
検出済みキー： [x64] HKCU\Software\1ClickDownload
検出済みキー： [x64] HKCU\Software\PRODUCTSETUP
検出済みキー： [x64] HKCU\Software\UpdateStar
検出済みキー： HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
検出済みキー： HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
検出済みキー： HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
検出済みデータ： HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
検出済みキー： [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
検出済みキー： HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

***** [ Webブラウザ ] *****

検出済みFirefox設定： [C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\prefs.js] - "browser.newtab.url" - "hxxp://www.globasearch.com/?serie=219&b=2&installkey=froNgUwtI8IJA1Qe2aRG&newtab"
検出済みFirefox設定： [C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\4ikovhgq.default\prefs.js] - "browser.startup.homepage" - "hxxp://www.globasearch.com/?serie=219&b=2&installkey=froNgUwtI8IJA1Qe2aRG"
検出済みChromium設定： [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] - isearch.avg.com
検出済みChromium設定： [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] - pika-zip.softonic.jp
検出済みChromium設定： [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] - izito.com
検出済みChromium設定： [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] - bluetooth-driver-installer.softonic.jp

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [5387 バイト] - [21/12/2016 21:17:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5464 バイト] ##########

・MBAMログ
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2016.12.21.05

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.576.14393.0
R :: R-PC [管理者]

2016/12/21 21:19:28
MBAM-log-2016-12-21 (22-10-39).txt

スキャンタイプ：フルスキャン (C:\|)
有効なスキャン領域：メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM）
無効なスキャン領域: ピア・ツー・ピアプログラム（P2P）
スキャンしたアイテム数: 525593
経過時間： 49 分, 47 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 5
HKCR\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} (Adware.1ClickDownload) -> 何の措置も取られませんでした。
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload) -> 何の措置も取られませんでした。
HKCU\SOFTWARE\PRODUCTSETUP (PUP.Optional.ProductSetup) -> 何の措置も取られませんでした。
HKLM\SOFTWARE\Vittalia (PUP.Optional.Vittalia) -> 何の措置も取られませんでした。
HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller) -> 何の措置も取られませんでした。

レジストリ値の検出: 1
HKCU\Software\ProductSetup|tb (PUP.Optional.ProductSetup) -> データ: 0G1O1H -> 何の措置も取られませんでした。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 1
C:\ProgramData\FFinder LTD (PUP.Optional.FileFinder) -> 何の措置も取られませんでした。

ファイルの検出: 5
C:\Users\R\Downloads\_84_11_5_part1_downloader.exe (Adware.FileFinder) -> 何の措置も取られませんでした。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.MYWAY.COM_0.LOCALSTORAGE (PUP.Optional.MindSpark) -> 何の措置も取られませんでした。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.MYWAY.COM_0.LOCALSTORAGE-JOURNAL (PUP.Optional.MindSpark) -> 何の措置も取られませんでした。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.TB.ASK.COM_0.LOCALSTORAGE (PUP.Optional.MindSpark) -> 何の措置も取られませんでした。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.TB.ASK.COM_0.LOCALSTORAGE-JOURNAL (PUP.Optional.MindSpark) -> 何の措置も取られませんでした。

(終)

以上になります。よろしくお願いいたします。

特快速
2016/12/21 (Wed) 22:56:25

返信フォームへ

ACとMBAMで処置を

ログを確認いたしましたが、随分と食い込まれているようですね。
誤検出はありませんので処置することとしましょう。
MBAMはそのままだと設定の問題がありますので、設定を行った上で処置します。

PCをセーフモードで起動させ、ACを起動させてください。
スキャンを行い、検出された項目すべてにチェックを入れて削除を行ってください。
指示に従ってPCを再起動させ、再起動後に表示されたログに名前を付け、わかりやすい場所に保存してください。
再びセーフモードで起動させ、MBAMを開きます。
最新バージョンをダウンロードしたと出ますので、キャンセルを行ってください。
定義ファイルの更新が表示された場合は更新を行ってください。
設定のタブをクリックし、スキャン設定を開きます。
不審なプログラム(PUP)への処置の項目とピア・ツー・ピアプログラム(P2P)への処置の項目を、
詳細リストに表示して「除去」にチェックに変更してください。
設定が完了しましたら再度フルスキャンを行い、駆除を行ってください。
指示に従ってPCを再起動させます。
再起動後に表示されたログと、保存していたACの処置ログを添えてご連絡ください。

IVNO
MAIL
2016/12/21 (Wed) 23:53:51

返信フォームへ

Re: ウイルスを踏んでしまったようです

ご確認いただきありがとうございます。
ACログ、MBAMログです。
MBAMログですが、駆除後の再起動後にログが表示されませんでしたので、駆除終了後再起動前に表示されたログを送付します。
ご確認をお願いいたします。

・ACログ
# AdwCleaner v6.041 - ログファイルの作成日 22/12/2016 作成時間 05:15:04
# Malwarebytesによる 16/12/2016 の更新日
# データベース : 2016-12-15.1 [ローカル]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : R - R-PC
# 実行場所 : C:\Users\R\Desktop\解析\adwcleaner_6.041.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support

***** [ サービス ] *****

***** [ フォルダ ] *****

[-] 削除済みフォルダ：C:\ProgramData\Avg_Update_0814tb
[-] 削除済みフォルダ：C:\Users\R.Nakagawa\AppData\LocalLow\AVG Secure Search
[-] 削除済みフォルダ：C:\ProgramData\FFinder LTD
[#] 再起動時に削除されたフォルダ：：C:\ProgramData\Application Data\FFinder LTD
[-] 削除済みフォルダ：C:\Program Files (x86)\AVG Security Toolbar

***** [ ファイル ] *****

[-] 削除済みファイル：C:\WINDOWS\SysNative\roboot64.exe

***** [ DLL ] *****

***** [ WMI ] *****

***** [ ショートカット ] *****

***** [ スケジュール済みタスク ] *****

***** [ レジストリ ] *****

[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] 削除済みキー：HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] 再起動時に削除されたキー：[x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] 削除済みキー：HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] 削除済みキー：HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] 削除済みキー：HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] 削除済みキー：HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] 削除済みキー：HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] 削除済みキー：HKU\.DEFAULT\Software\AVG Secure Search
[-] 削除済みキー：HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\1ClickDownload
[-] 削除済みキー：HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\PRODUCTSETUP
[-] 削除済みキー：HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\UpdateStar
[#] 再起動時に削除されたキー：HKU\S-1-5-18\Software\AVG Secure Search
[#] 再起動時に削除されたキー：HKCU\Software\1ClickDownload
[#] 再起動時に削除されたキー：HKCU\Software\PRODUCTSETUP
[#] 再起動時に削除されたキー：HKCU\Software\UpdateStar
[-] 削除済みキー：HKLM\SOFTWARE\Vittalia
[-] 削除済みキー：HKLM\SOFTWARE\FFinder LTD
[#] 再起動時に削除されたキー：[x64] HKCU\Software\1ClickDownload
[#] 再起動時に削除されたキー：[x64] HKCU\Software\PRODUCTSETUP
[#] 再起動時に削除されたキー：[x64] HKCU\Software\UpdateStar
[-] 削除済みキー：HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[#] 再起動時に削除されたキー：HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] 削除済みキー：HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] 復元済みデータ：HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] 再起動時に削除されたキー：[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] 削除済みキー：HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

***** [ ブラウザ ] *****

[-] 修正済みChrome設定："browser.newtab.url" - "hxxp://www.globasearch.com/?serie=219&b=2&installkey=froNgUwtI8IJA1Qe2aRG&newtab"
[-] 修正済みChrome設定："browser.startup.homepage" - "hxxp://www.globasearch.com/?serie=219&b=2&installkey=froNgUwtI8IJA1Qe2aRG"
[-] [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：isearch.avg.com
[-] [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：pika-zip.softonic.jp
[-] [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：izito.com
[-] [C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] 削除済み：bluetooth-driver-installer.softonic.jp

*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5485 バイト] - [22/12/2016 05:15:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [5587 バイト] - [21/12/2016 21:17:12]
C:\AdwCleaner\AdwCleaner[S1].txt - [5664 バイト] - [22/12/2016 05:14:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5716 バイト] ##########

・MBAMログ
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2016.12.21.05

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.576.14393.0
R :: R-PC [管理者]

2016/12/22 6:55:13
mbam-log-2016-12-22 (06-55-13).txt

スキャンタイプ：フルスキャン (C:\|)
有効なスキャン領域：メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM） | ピア・ツー・ピアプログラム（P2P）
無効なスキャン領域:
スキャンしたアイテム数: 525025
経過時間： 41 分, 2 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 5
C:\Users\R\Downloads\_84_11_5_part1_downloader.exe (Adware.FileFinder) -> 正常に隔離され削除されました。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.MYWAY.COM_0.LOCALSTORAGE (PUP.Optional.MindSpark) -> 正常に隔離され削除されました。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.MYWAY.COM_0.LOCALSTORAGE-JOURNAL (PUP.Optional.MindSpark) -> 正常に隔離され削除されました。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.TB.ASK.COM_0.LOCALSTORAGE (PUP.Optional.MindSpark) -> 正常に隔離され削除されました。
C:\Users\R\AppData\Local\Google\Chrome\USER DATA\Default\LOCAL STORAGE\HTTP_FREERADIOCAST.DL.TB.ASK.COM_0.LOCALSTORAGE-JOURNAL (PUP.Optional.MindSpark) -> 正常に隔離され削除されました。

(終)

以上になります。

特快速
2016/12/22 (Thu) 07:54:13

返信フォームへ

OTLでスキャンを

ログを確認いたしました。
問題なく処置されておりますので、続けてログ取得から行いましょう。

以下のソフトウェアをご用意ください。

OTL(OldTimer's List-It)
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
緑のDownloadボタンを押してダウンロードを行ってください。
ダウンロードが完了しましたら、わかりやすい場所に移動させておいてください。
なおOTLはHJT等と同じく通常起動時の異常個所を調査するために使いますので、
セーフモードでのスキャンは行わないようになされてください。
削除の際はOTLを起動させ、CleanUpボタンを押すことで削除が可能です。

準備ができましたら作業を開始しましょう。

OTLを起動させてください。
OTLが表示されましたら、上部中央にある「Scan All Users」にチェックを入れます。
「Costom Scans/Fixes」の項目に以下をコピペします。

------コピペここから------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペここまで------

コピペが完了しましたら、OTLを除き、ブラウザを含めて可能な限りすべてのソフトウェアを終了させてください。
ソフトウェアを終了させたら、青い文字の「Run Scan」ボタンをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtの2つのログが出力されますので、そちらをそれぞれ貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
文字数カウンター等のサイトを活用して文字数の合計が3万文字程度になるように調整し、
ログを分割されて貼り付けを行うようになされてください。

IVNO
MAIL
2016/12/22 (Thu) 14:31:14

返信フォームへ

OTL 1

ご確認いただきありがとうございます。
出力結果を貼り付けます。
ご確認をお願いいたします。

以下出力結果

OTL logfile created on: 2016/12/22 20:24:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\R.Nakagawa\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.93 Gb Available Physical Memory | 75.26% Memory free
15.89 Gb Paging File | 13.96 Gb Available in Paging File | 87.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.03 Gb Total Space | 550.86 Gb Free Space | 59.81% Space Free | Partition Type: NTFS

Computer Name: RNAKAGAWA-PC | User Name: R.Nakagawa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/12/15 21:29:35 | 001,517,280 | ---- | M] (Microsoft Corporation) -- C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/09/16 03:27:12 | 000,480,216 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
PRC - [2016/09/16 03:27:12 | 000,223,704 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
PRC - [2016/06/28 01:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
PRC - [2016/06/28 01:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
PRC - [2012/06/14 22:22:34 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/04/18 18:16:20 | 000,830,976 | ---- | M] () -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2012/04/09 11:18:08 | 007,536,128 | ---- | M] () -- C:\Program Files (x86)\PHotkey\GPMTray.exe
PRC - [2012/03/27 20:48:36 | 003,471,872 | ---- | M] () -- C:\Program Files (x86)\PHotkey\POsd.exe
PRC - [2012/02/07 19:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
PRC - [2012/02/07 19:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
PRC - [2012/02/07 19:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/27 18:40:44 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\IUSB3MON.EXE
PRC - [2011/03/09 14:21:54 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/01/12 17:36:00 | 000,117,256 | ---- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2009/12/18 15:40:48 | 000,104,968 | ---- | M] () -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
PRC - [2009/12/18 15:38:18 | 000,345,608 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\PHotkey\HCSynApi.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/15 21:29:35 | 001,244,376 | ---- | M] () -- C:\Users\R.Nakagawa\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
MOD - [2011/03/09 14:21:56 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2011/03/09 14:21:48 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/12/09 19:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2016/12/09 18:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:22:23 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/11/11 18:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:20:10 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:16:35 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2016/11/11 18:14:35 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/11/11 18:06:19 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2016/11/11 18:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2016/11/11 18:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2016/11/11 18:04:03 | 001,232,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/11/02 19:30:35 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2016/11/02 19:19:44 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2016/11/02 19:16:47 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/11/02 19:16:27 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/10/15 12:42:44 | 000,539,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2016/10/15 12:37:03 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/10/05 18:18:56 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:46 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:38 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:38 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:35 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:27 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/09/29 03:54:57 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:[b]64bit:[/b] - [2016/09/29 03:54:52 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:[b]64bit:[/b] - [2016/09/16 01:40:41 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2016/09/16 01:38:15 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/09/16 01:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2016/09/16 01:38:00 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:45 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:06 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:03 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/09/16 01:23:51 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/08/06 12:34:01 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:06 | 000,347,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_1fbf3a)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:19 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2016/05/03 23:30:46 | 000,337,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2016/04/29 07:55:46 | 000,193,656 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe -- (LogiRegistryService)
SRV:[b]64bit:[/b] - [2016/01/07 23:15:28 | 000,246,448 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV:[b]64bit:[/b] - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2016/12/18 20:54:19 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/12/18 20:43:05 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/12/09 17:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/11/11 16:19:35 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/11/11 16:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2016/09/29 03:55:00 | 000,507,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2016/09/29 03:55:00 | 000,507,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2016/09/29 03:54:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2016/09/29 03:54:54 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2016/08/06 12:33:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/07/16 20:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/07/16 20:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/06/28 01:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe -- (KSDE1.0.0)
SRV - [2016/06/28 01:54:28 | 000,241,544 | ---- | M] (AO Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe -- (AVP17.0.0)
SRV - [2016/06/28 01:53:14 | 000,077,328 | ---- | M] (AO Kaspersky Lab) [On_Demand | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe -- (klvssbrigde64)
SRV - [2016/05/03 23:30:46 | 000,299,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/07 19:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE -- (UNS)
SRV - [2012/02/07 19:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE -- (LMS)
SRV - [2012/02/07 19:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/10/13 14:38:46 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2009/12/18 15:40:48 | 000,104,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe -- (ASLDRService)

特快速
2016/12/23 (Fri) 00:34:23

返信フォームへ

OTL 2

OTLその2

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/12/19 19:09:51 | 000,245,512 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klupd_klif_klark.sys -- (klupd_klif_klark)
DRV:[b]64bit:[/b] - [2016/12/19 19:08:14 | 000,104,720 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klupd_klif_klbg.sys -- (klupd_klif_klbg)
DRV:[b]64bit:[/b] - [2016/12/19 19:08:13 | 000,218,920 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klupd_klif_arkmon.sys -- (klupd_klif_arkmon)
DRV:[b]64bit:[/b] - [2016/12/19 19:08:13 | 000,164,888 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klupd_klif_mark.sys -- (klupd_klif_mark)
DRV:[b]64bit:[/b] - [2016/12/19 19:08:13 | 000,085,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klupd_klif_kimul.sys -- (klupd_klif_kimul)
DRV:[b]64bit:[/b] - [2016/12/19 19:07:32 | 001,019,616 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2016/12/19 19:07:32 | 000,134,880 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2016/12/19 19:07:31 | 000,057,424 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2016/12/09 19:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2016/11/11 19:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2016/11/11 18:26:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/11/02 19:55:52 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2016/10/15 13:37:01 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2016/10/15 13:30:16 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/10/15 12:31:37 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2016/10/05 19:35:31 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/10/05 19:09:07 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2016/09/29 04:02:46 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2016/09/29 04:02:27 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2016/09/29 04:02:27 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2016/09/29 04:02:27 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/09/29 03:55:00 | 000,175,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:[b]64bit:[/b] - [2016/09/29 03:53:36 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2016/09/16 03:27:10 | 000,435,032 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2016/09/16 02:29:54 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2016/09/16 02:29:03 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/09/16 02:15:56 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2016/09/16 02:14:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2016/09/16 01:40:36 | 000,249,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2016/09/16 01:36:57 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2016/09/10 22:21:43 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/07/17 07:20:29 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2016/07/17 07:20:23 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2016/07/16 20:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2016/07/16 20:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2016/07/16 20:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2016/07/13 17:47:38 | 000,610,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2016/06/26 15:14:40 | 000,191,312 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2016/06/18 01:36:24 | 000,085,320 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwfp.sys -- (klwfp)
DRV:[b]64bit:[/b] - [2016/06/15 00:23:44 | 000,086,352 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klbackupflt.sys -- (klbackupflt)
DRV:[b]64bit:[/b] - [2016/06/14 17:47:52 | 000,194,480 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2016/06/10 06:41:26 | 000,238,936 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km.sys -- (cm_km)
DRV:[b]64bit:[/b] - [2016/06/07 23:33:14 | 000,063,920 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbackupdisk.sys -- (klbackupdisk)
DRV:[b]64bit:[/b] - [2016/06/07 01:31:06 | 000,052,152 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kltap.sys -- (kltap)
DRV:[b]64bit:[/b] - [2016/06/02 03:43:38 | 000,554,416 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2016/05/31 23:31:20 | 000,045,488 | ---- | M] (AO Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2016/05/31 23:24:06 | 000,078,216 | ---- | M] (AO Kaspersky Lab) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2016/05/19 00:57:36 | 000,052,136 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2016/05/03 23:30:46 | 003,811,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2016/04/19 10:09:16 | 000,085,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGJoyXlCore.sys -- (LGJoyXlCore)
DRV:[b]64bit:[/b] - [2016/04/19 10:09:16 | 000,053,928 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2016/04/19 10:09:16 | 000,043,432 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2016/03/31 00:09:04 | 000,028,792 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\klelam.sys -- (klelam)
DRV:[b]64bit:[/b] - [2016/01/07 23:15:28 | 000,629,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2016/01/07 23:15:28 | 000,042,664 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2015/12/02 04:46:03 | 000,050,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2015/12/02 04:46:03 | 000,038,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2015/06/22 05:13:48 | 000,014,184 | ---- | M] (Logitech) [Kernel | Auto | Running] -- C:\Program Files\Logicool Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys -- (LGCoreTemp)
DRV:[b]64bit:[/b] - [2015/06/07 01:52:56 | 000,041,656 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2013/05/31 01:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:[b]64bit:[/b] - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/14 22:23:14 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:[b]64bit:[/b] - [2012/01/27 18:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/01/19 13:32:02 | 000,036,128 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\leath_hid.sys -- (lehidmini)
DRV:[b]64bit:[/b] - [2012/01/19 13:29:32 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011/12/06 05:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/12/01 17:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2016/12/19 18:31:52 | 000,182,360 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys -- (klids)
DRV - [2016/07/16 20:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV - [2009/09/11 14:11:46 | 000,014,344 | ---- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)

特快速
2016/12/23 (Fri) 00:38:03

返信フォームへ

OTL3

OTLその3

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.dospara.co.jp/5top/ [binary data]
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 57 80 DB 0F 7B CE 01 [binary data]
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 63 8D 71 D6 C2 0B D2 01 [binary data]
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
IE - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 17.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2016/12/19 18:27:41 | 000,104,713 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016/12/19 18:27:41 | 000,104,713 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/09/12 20:22:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R\AppData\Roaming\mozilla\Extensions
[2016/08/31 22:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R\AppData\Roaming\mozilla\Firefox\Profiles\4ikovhgq.default\extensions
[2016/08/31 22:21:27 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\R\AppData\Roaming\mozilla\firefox\profiles\4ikovhgq.default\extensions\firefox-hotfix@mozilla.org.xpi
[2016/11/29 23:34:11 | 000,005,389 | ---- | M] () (No name found) -- C:\Users\R\AppData\Roaming\mozilla\firefox\profiles\4ikovhgq.default\features\{dc7d6226-6663-4529-b69f-1938fda69cf5}\asyncrendering@mozilla.org.xpi
[2016/12/18 20:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib\5.0.141.0_0\
CHR - Extension: No name found = C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.5.2_0\
CHR - Extension: No name found = C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Kaspersky Protection) - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Kaspersky Protection) - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Kaspersky Protection Toolbar) - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll (AO Kaspersky Lab)
O3:[b]64bit:[/b] - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logicool Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000..\Run: [OneDrive] C:\Users\R\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O7 - HKU\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44f77618-bc3a-4465-a8d7-31a17eadff63}: DhcpNameServer = 10.129.184.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e1bd296b-89c0-45ef-8a60-e671d9366cc3}: DhcpNameServer = 8.8.8.8
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {31699572-6286-3C1C-A03C-511D59181038} - .NET Framework
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {71A5A636-652F-3BE0-BC14-02545E9F5EC7} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

特快速
2016/12/23 (Fri) 00:44:36

返信フォームへ

OTL4

OTLその4

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/12/21 21:08:01 | 000,000,000 | ---D | C] -- C:\Users\R.Nakagawa\AppData\Roaming\Malwarebytes
[2016/12/21 21:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2016/12/21 21:07:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2016/12/21 21:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2016/12/21 21:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/12/21 21:04:38 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/12/19 19:09:51 | 000,245,512 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2016/12/19 19:08:14 | 000,104,720 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2016/12/19 19:08:13 | 000,218,920 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2016/12/19 19:08:13 | 000,164,888 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2016/12/19 19:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2016/12/19 19:04:13 | 000,000,000 | ---D | C] -- C:\Users\R.Nakagawa\Desktop\解析
[2016/12/19 18:43:37 | 003,951,128 | ---- | C] (Geek Unіnstaller) -- C:\Users\R.Nakagawa\Desktop\geek64.exe
[2016/12/19 18:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\カスペルスキーセキュアコネクション
[2016/12/19 18:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\カスペルスキーインターネットセキュリティ
[2016/12/18 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\R.Nakagawa\AppData\Roaming\Geek Uninstaller
[2016/12/18 20:58:21 | 000,000,000 | ---D | C] -- C:\Users\R.Nakagawa\AppData\Local\CEF
[2016/12/18 20:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2016/12/18 20:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2016/12/18 20:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/12/14 22:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016/12/14 22:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/12/14 22:01:08 | 008,168,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/12/14 22:01:07 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/12/14 22:01:07 | 005,722,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016/12/14 22:01:07 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/12/14 22:01:06 | 004,612,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/12/14 22:01:06 | 003,306,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/12/14 22:01:05 | 004,136,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2016/12/14 22:01:05 | 002,362,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2016/12/14 22:01:05 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016/12/14 22:01:04 | 003,370,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2016/12/14 22:01:04 | 003,059,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016/12/14 22:01:04 | 001,852,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/12/14 22:01:03 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2016/12/14 22:01:02 | 002,277,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016/12/14 22:01:02 | 001,992,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016/12/14 22:01:02 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2016/12/14 22:01:02 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016/12/14 22:01:01 | 003,892,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016/12/14 22:01:01 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/12/14 22:01:01 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016/12/14 22:01:01 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2016/12/14 22:01:00 | 001,274,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016/12/14 22:01:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016/12/14 22:01:00 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016/12/14 22:01:00 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016/12/14 22:00:59 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/12/14 22:00:59 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2016/12/14 22:00:59 | 000,989,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2016/12/14 22:00:59 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/12/14 22:00:59 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016/12/14 22:00:58 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2016/12/14 22:00:58 | 001,477,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2016/12/14 22:00:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2016/12/14 22:00:57 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2016/12/14 22:00:57 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfaudiocnv.dll
[2016/12/14 22:00:56 | 000,947,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2016/12/14 22:00:55 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2016/12/14 22:00:55 | 000,811,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2016/12/14 22:00:55 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/12/14 22:00:54 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2016/12/14 22:00:54 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016/12/14 22:00:53 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/12/14 22:00:53 | 000,454,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016/12/14 22:00:53 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/12/14 22:00:53 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2016/12/14 22:00:53 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2016/12/14 22:00:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/12/14 22:00:53 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/12/14 22:00:52 | 000,746,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2016/12/14 22:00:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2016/12/14 22:00:51 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2016/12/14 22:00:51 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2016/12/14 22:00:51 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016/12/14 22:00:51 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/12/14 22:00:51 | 000,157,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2016/12/14 22:00:51 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2016/12/14 22:00:50 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016/12/14 22:00:46 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/12/14 22:00:45 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2016/12/14 22:00:45 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2016/12/14 22:00:45 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016/12/14 22:00:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016/12/14 22:00:44 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016/12/14 22:00:44 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2016/12/14 22:00:44 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2016/12/14 22:00:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2016/12/14 22:00:44 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2016/12/14 22:00:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CbtBackgroundManagerPolicy.dll
[2016/12/14 22:00:43 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/12/14 22:00:43 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/12/14 22:00:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2016/12/14 22:00:42 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2016/12/14 22:00:42 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2016/12/14 22:00:41 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/12/14 22:00:40 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/12/14 22:00:39 | 006,285,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/12/14 22:00:39 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2016/12/14 22:00:38 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/12/14 22:00:38 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2016/12/14 22:00:37 | 007,816,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/12/14 22:00:37 | 001,988,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/12/14 22:00:37 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016/12/14 22:00:36 | 002,275,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/12/14 22:00:35 | 004,130,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016/12/14 22:00:35 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016/12/14 22:00:35 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2016/12/14 22:00:34 | 004,311,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2016/12/14 22:00:34 | 002,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016/12/14 22:00:34 | 001,692,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2016/12/14 22:00:34 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2016/12/14 22:00:33 | 002,820,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/12/14 22:00:33 | 001,859,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016/12/14 22:00:33 | 000,882,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll
[2016/12/14 22:00:33 | 000,743,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2016/12/14 22:00:33 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016/12/14 22:00:33 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/12/14 22:00:33 | 000,126,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfaudiocnv.dll
[2016/12/14 22:00:32 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2016/12/14 22:00:32 | 000,219,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2016/12/14 22:00:31 | 003,542,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016/12/14 22:00:31 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016/12/14 22:00:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2016/12/14 22:00:31 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2016/12/14 22:00:30 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016/12/14 22:00:30 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016/12/14 22:00:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016/12/14 22:00:29 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2016/12/14 22:00:28 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2016/12/14 22:00:28 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/12/14 22:00:28 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/12/14 22:00:28 | 000,187,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2016/12/14 22:00:28 | 000,167,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2016/12/14 22:00:28 | 000,122,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2016/12/14 22:00:28 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceReactivation.dll
[2016/12/14 22:00:27 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2016/12/14 22:00:27 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2016/12/14 22:00:27 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/12/14 22:00:27 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/12/14 22:00:27 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/12/14 22:00:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016/12/14 22:00:27 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll
[2016/12/14 22:00:26 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2016/12/14 22:00:26 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2016/12/14 22:00:26 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/12/14 22:00:26 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016/12/14 22:00:26 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016/12/14 22:00:25 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2016/12/14 22:00:25 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2016/12/14 22:00:25 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/12/14 22:00:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll
[2016/12/14 22:00:24 | 001,196,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2016/12/14 22:00:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll
[2016/12/14 22:00:24 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll
[2016/12/14 22:00:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016/12/14 22:00:24 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2016/12/14 22:00:24 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2016/12/14 22:00:23 | 001,461,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016/12/14 22:00:23 | 001,418,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016/12/14 22:00:20 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/12/14 22:00:20 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll
[2016/12/14 22:00:20 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/12/14 22:00:19 | 009,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/12/14 22:00:19 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2016/12/14 22:00:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2016/12/14 22:00:18 | 003,616,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/12/14 22:00:18 | 002,998,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2016/12/14 22:00:17 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/12/14 22:00:17 | 007,654,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/12/14 22:00:16 | 005,114,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/12/14 22:00:16 | 003,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2016/12/14 22:00:15 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2016/12/14 22:00:14 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2016/12/14 22:00:13 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2016/12/14 22:00:13 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016/12/14 22:00:13 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/12/14 22:00:13 | 000,241,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2016/12/14 22:00:12 | 004,673,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016/12/14 22:00:12 | 001,886,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016/12/14 22:00:12 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2016/12/14 22:00:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2016/12/14 22:00:11 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2016/12/14 22:00:11 | 001,572,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2016/12/14 22:00:11 | 001,415,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2016/12/14 22:00:11 | 000,869,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2016/12/14 22:00:10 | 001,069,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2016/12/14 22:00:10 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/12/14 22:00:10 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016/12/14 22:00:10 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/12/14 22:00:10 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2016/12/14 22:00:10 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/12/14 22:00:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016/12/14 22:00:09 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2016/12/14 22:00:09 | 001,336,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2016/12/14 22:00:09 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016/12/14 22:00:09 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/12/14 22:00:08 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016/12/14 22:00:07 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2016/12/14 22:00:07 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/12/14 22:00:07 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/12/14 22:00:06 | 003,400,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2016/12/14 22:00:06 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2016/12/14 22:00:06 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/12/14 22:00:05 | 001,354,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/12/14 22:00:05 | 001,051,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016/12/14 22:00:05 | 000,894,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016/12/14 22:00:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016/12/14 22:00:04 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2016/12/14 22:00:04 | 001,173,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/12/14 22:00:03 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2016/12/14 22:00:03 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2016/12/14 22:00:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sendmail.dll
[2016/12/14 22:00:02 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2016/12/14 22:00:02 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2016/12/14 22:00:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BcastDVRHelper.dll
[2016/12/14 22:00:02 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2016/12/14 22:00:01 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/12/14 22:00:01 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/12/14 22:00:01 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/12/14 22:00:00 | 006,668,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/12/14 21:59:59 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/12/14 21:59:59 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016/12/14 21:59:59 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2016/12/14 21:59:58 | 001,637,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/12/14 21:59:58 | 000,137,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/12/14 21:59:57 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/12/14 21:59:57 | 002,913,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016/12/14 21:59:57 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2016/12/14 21:59:57 | 002,166,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016/12/14 21:59:56 | 002,287,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016/12/14 21:59:56 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/12/14 21:59:55 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2016/12/14 21:59:55 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2016/12/14 21:59:54 | 001,430,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016/12/14 21:59:54 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2016/12/14 21:59:54 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2016/12/14 21:59:54 | 000,382,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016/12/14 21:59:53 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/12/14 21:59:53 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2016/12/14 21:59:53 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016/12/14 21:59:52 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016/12/14 21:59:52 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016/12/14 21:59:52 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2016/12/14 21:59:52 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2016/12/14 21:59:52 | 000,377,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2016/12/14 21:59:52 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016/12/14 21:59:51 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016/12/14 21:59:51 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/12/14 21:59:51 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2016/12/14 21:59:51 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2016/12/14 21:59:51 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016/12/14 21:59:51 | 000,168,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2016/12/14 21:59:50 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2016/12/14 21:59:50 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2016/12/14 21:59:50 | 000,152,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTWorkQ.dll
[2016/12/14 21:59:50 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2016/12/14 21:59:49 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2016/12/14 21:59:49 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2016/12/14 21:59:49 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2016/12/14 21:59:49 | 000,248,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016/12/14 21:59:48 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2016/12/14 21:59:48 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016/12/14 21:59:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2016/12/14 21:59:48 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/12/14 21:59:47 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/12/14 21:59:47 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2016/12/14 21:59:46 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2016/12/14 21:59:46 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2016/12/14 21:59:46 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016/12/14 21:59:46 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016/12/14 21:59:46 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2016/12/14 21:59:46 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2016/12/14 21:59:44 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/12/14 21:59:44 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2016/12/14 21:59:43 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2016/12/14 21:59:43 | 001,691,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016/12/14 21:59:43 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2016/12/14 21:59:43 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016/12/14 21:59:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EAMProgressHandler.dll
[2016/12/14 21:59:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2016/12/14 21:59:42 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/12/14 21:59:42 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2016/12/14 21:59:42 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2016/12/14 21:59:42 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/12/14 21:59:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2016/12/14 21:59:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/12/14 21:59:41 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/12/14 21:59:41 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EDPCleanup.exe
[2016/12/14 21:59:40 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcuiu.dll
[2016/12/14 21:59:40 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReportingCSP.dll
[2016/12/14 21:59:35 | 019,413,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/12/14 21:59:34 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2016/12/14 21:59:33 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016/12/14 21:59:32 | 008,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/12/14 21:59:32 | 001,512,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/12/14 21:59:32 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016/12/14 21:59:31 | 013,868,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016/12/14 21:59:31 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016/12/14 21:59:31 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2016/12/14 21:59:29 | 017,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016/12/14 21:59:29 | 000,658,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/12/14 21:59:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016/12/14 21:59:28 | 022,563,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/12/14 21:59:25 | 007,219,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016/12/14 21:59:25 | 006,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/12/14 21:59:24 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/12/14 21:59:24 | 002,677,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2016/12/14 21:59:22 | 002,828,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016/12/14 21:59:22 | 001,738,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2016/12/14 21:59:22 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016/12/14 21:59:21 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/12/14 21:59:21 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2016/12/14 21:59:21 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2016/12/14 21:59:20 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2016/12/14 21:59:20 | 000,637,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2016/12/14 21:59:20 | 000,418,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016/12/14 21:59:19 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/12/14 21:59:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016/12/14 21:59:19 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016/12/14 21:59:19 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016/12/14 21:59:19 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016/12/14 21:59:19 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2016/12/14 21:59:17 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2016/12/14 21:59:16 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2016/12/14 21:59:16 | 000,172,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2016/12/14 21:59:16 | 000,163,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTWorkQ.dll
[2016/12/14 21:59:16 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupugc.exe
[2016/12/14 21:59:15 | 000,590,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016/12/14 21:59:15 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016/12/14 21:59:15 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016/12/14 21:59:15 | 000,198,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016/12/14 21:59:14 | 000,534,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016/12/14 21:59:14 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2016/12/14 21:59:14 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016/12/14 21:59:13 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2016/12/14 21:59:13 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2016/12/14 21:59:13 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2016/12/14 21:59:13 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2016/12/14 21:59:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2016/12/14 21:59:13 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpoext.dll
[2016/12/14 21:59:13 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016/12/14 21:59:12 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2016/12/14 21:59:12 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2016/12/14 21:59:12 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016/12/14 21:59:12 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2016/12/14 21:59:12 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2016/12/14 21:59:12 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016/12/14 21:59:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetCfgNotifyObjectHost.exe
[2016/12/14 21:59:11 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2016/11/23 09:26:21 | 020,174,528 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

特快速
2016/12/23 (Fri) 00:47:12

返信フォームへ

OTL5

OTLその5

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/12/22 20:19:57 | 2055,679,999 | -HS- | M] () -- C:\hiberfil.sys
[2016/12/22 20:19:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/12/22 07:38:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/12/22 06:54:02 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/12/22 06:53:02 | 002,011,326 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/12/22 06:53:02 | 000,959,068 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/12/22 06:53:02 | 000,514,992 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2016/12/22 06:53:02 | 000,297,730 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2016/12/22 06:53:02 | 000,216,866 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2016/12/19 19:09:51 | 000,245,512 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2016/12/19 19:09:10 | 000,001,438 | ---- | M] () -- C:\Users\Public\Desktop\カスペルスキーセキュアコネクション.lnk
[2016/12/19 19:08:14 | 000,104,720 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2016/12/19 19:08:13 | 000,218,920 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2016/12/19 19:08:13 | 000,164,888 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2016/12/19 19:08:13 | 000,085,984 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2016/12/19 19:07:32 | 001,019,616 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klif.sys
[2016/12/19 19:07:32 | 000,134,880 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klwtp.sys
[2016/12/19 19:07:31 | 000,057,424 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klim6.sys
[2016/12/19 18:43:37 | 003,951,128 | ---- | M] (Geek Unіnstaller) -- C:\Users\R.Nakagawa\Desktop\geek64.exe
[2016/12/19 18:21:02 | 000,002,204 | ---- | M] () -- C:\Users\Public\Desktop\カスペルスキーインターネットセキュリティ.lnk
[2016/12/19 18:21:01 | 000,002,208 | ---- | M] () -- C:\Users\Public\Desktop\ネット決済保護.lnk
[2016/12/18 21:27:19 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/12/18 20:46:57 | 000,000,688 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/12/18 20:46:57 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/12/16 05:38:44 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/12/15 03:06:58 | 000,220,016 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/12/15 00:01:17 | 000,001,105 | ---- | M] () -- C:\Users\R\Desktop\MusicBee.lnk
[2016/12/14 22:45:23 | 000,047,266 | ---- | M] () -- C:\Users\R\Desktop\マルウェア処置中にネット接続できなくなった場合の対処法 - Yahoo!知恵袋.html
[2016/12/12 19:08:04 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/12/12 08:56:25 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016/12/12 08:56:25 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016/12/09 19:42:15 | 001,637,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/12/09 19:42:14 | 000,137,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/12/09 19:34:34 | 001,051,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016/12/09 19:34:34 | 000,894,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016/12/09 19:33:26 | 001,354,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016/12/09 19:33:26 | 001,173,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016/12/09 19:32:11 | 007,816,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/12/09 19:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2016/12/09 19:29:23 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/12/09 19:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2016/12/09 19:27:38 | 000,172,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2016/12/09 19:20:21 | 002,677,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2016/12/09 19:20:16 | 000,658,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/12/09 19:20:13 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016/12/09 19:20:12 | 001,738,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2016/12/09 19:19:35 | 001,293,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016/12/09 19:19:21 | 000,168,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2016/12/09 19:18:21 | 002,913,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016/12/09 19:18:16 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2016/12/09 19:18:15 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016/12/09 19:18:14 | 000,811,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2016/12/09 19:18:12 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2016/12/09 19:18:09 | 000,989,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2016/12/09 19:15:26 | 008,168,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016/12/09 19:15:18 | 001,988,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016/12/09 19:14:50 | 001,274,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016/12/09 19:14:33 | 000,241,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2016/12/09 19:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/09 19:10:58 | 001,461,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016/12/09 19:10:40 | 001,572,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2016/12/09 19:09:27 | 000,455,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2016/12/09 19:01:08 | 000,861,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016/12/09 18:59:25 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016/12/09 18:59:24 | 002,166,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016/12/09 18:57:01 | 001,852,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016/12/09 18:57:00 | 006,668,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016/12/09 18:52:21 | 001,415,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2016/12/09 18:47:29 | 022,563,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/12/09 18:45:47 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016/12/09 18:42:29 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016/12/09 18:41:22 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2016/12/09 18:41:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016/12/09 18:40:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2016/12/09 18:38:39 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2016/12/09 18:37:29 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2016/12/09 18:37:10 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016/12/09 18:37:01 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/12/09 18:36:56 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2016/12/09 18:36:32 | 000,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016/12/09 18:36:09 | 003,059,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016/12/09 18:36:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2016/12/09 18:36:02 | 006,285,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016/12/09 18:34:52 | 000,822,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2016/12/09 18:34:31 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016/12/09 18:33:42 | 003,777,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/12/09 18:33:37 | 001,589,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2016/12/09 18:32:18 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2016/12/09 18:31:20 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2016/12/09 18:31:11 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016/12/09 18:30:32 | 019,413,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/12/09 18:30:31 | 004,612,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016/12/09 18:29:51 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/12/09 18:28:55 | 001,004,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/12/09 18:28:12 | 003,306,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/12/09 18:27:55 | 005,114,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016/12/09 18:27:36 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2016/12/09 18:26:32 | 008,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/12/09 18:26:01 | 001,692,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2016/12/09 18:25:28 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2016/12/09 18:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/12/09 18:22:27 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016/12/09 18:22:06 | 002,820,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016/12/09 18:21:48 | 004,746,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/12/09 18:21:42 | 003,616,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/12/09 18:21:31 | 001,512,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/12/09 18:21:04 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2016/12/09 18:20:36 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016/12/09 18:20:35 | 003,198,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016/12/09 18:20:33 | 006,044,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/12/09 18:20:32 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016/12/09 18:20:05 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/12/09 18:19:46 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016/12/09 18:19:45 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2016/12/09 18:19:43 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016/12/09 18:19:32 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016/12/09 18:19:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016/12/09 18:18:36 | 002,138,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016/12/09 18:18:23 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/12/09 18:17:55 | 000,886,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2016/12/09 18:17:08 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2016/12/09 18:16:56 | 002,998,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2016/12/09 18:16:03 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016/12/09 18:15:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016/12/09 18:15:51 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016/12/09 18:15:49 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016/12/09 17:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2016/12/08 00:37:24 | 000,000,017 | ---- | M] () -- C:\Users\R\AppData\Local\resmon.resmoncfg
[2016/11/23 09:26:21 | 020,174,528 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/12/19 19:08:13 | 000,085,984 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2016/12/19 18:47:00 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/12/19 18:21:58 | 000,001,438 | ---- | C] () -- C:\Users\Public\Desktop\カスペルスキーセキュアコネクション.lnk
[2016/12/19 18:21:47 | 000,002,208 | ---- | C] () -- C:\Users\Public\Desktop\ネット決済保護.lnk
[2016/12/19 18:21:47 | 000,002,204 | ---- | C] () -- C:\Users\Public\Desktop\カスペルスキーインターネットセキュリティ.lnk
[2016/12/18 20:43:06 | 000,000,688 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/12/14 22:45:23 | 000,047,266 | ---- | C] () -- C:\Users\R\Desktop\マルウェア処置中にネット接続できなくなった場合の対処法 - Yahoo!知恵袋.html
[2016/12/14 22:28:38 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/12/14 22:00:36 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016/12/14 21:59:21 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/12/08 00:37:24 | 000,000,017 | ---- | C] () -- C:\Users\R.Nakagawa\AppData\Local\resmon.resmoncfg
[2016/10/03 01:28:15 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016/09/29 04:17:19 | 001,267,904 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016/09/29 04:10:48 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/07/16 20:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 20:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 20:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 20:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016/07/16 20:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 20:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 20:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 20:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 20:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 20:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/05/03 23:30:46 | 000,200,200 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2016/05/03 23:30:44 | 000,161,288 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/05/17 20:42:57 | 000,001,193 | ---- | C] () -- C:\Users\R.Nakagawa\KASPERSKY.lnk

[color=#E56717]========== ZeroAccess Check ==========[/color]

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/11/11 19:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/11/11 16:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 20:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 20:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 20:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2016/12/22 05:14:59 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/05/13 11:02:48 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/05/13 10:51:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2016/12/22 20:24:30 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2016/12/15 03:04:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\RetailDemo
[2016/09/29 04:45:49 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2016/06/02 19:02:17 | 000,000,000 | -H-D | M] -- C:\ProgramData\Sony Corporation\Media Go Video Playback Engine\2-2.20.108.05220
[2016/06/02 19:02:17 | 000,000,000 | -H-D | M] -- C:\ProgramData\Sony Corporation\Media Go Video Playback Engine\3-2.20.108.05220
[2016/09/29 04:43:25 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2016/12/15 03:04:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\RetailDemo
[2016/09/29 04:45:49 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2016/07/16 20:47:48 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2016/06/02 19:02:17 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Sony Corporation\Media Go Video Playback Engine\2-2.20.108.05220
[2016/06/02 19:02:17 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Sony Corporation\Media Go Video Playback Engine\3-2.20.108.05220
[2016/09/29 04:25:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2016/12/15 07:01:38 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2016/12/21 21:10:11 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2016/09/29 04:32:51 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2016/09/29 04:19:35 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData
[2016/06/06 01:26:42 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2013/05/26 17:01:29 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2016/12/15 21:01:40 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Media Player\アートキャッシュ
[2016/09/29 06:48:00 | 000,000,000 | RH-D | M] -- C:\Users\R\AppData\Local\Microsoft\Windows\Burn\Burn
[2016/10/13 00:02:50 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2016/05/22 19:13:57 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2016/05/22 19:13:57 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2013/05/13 12:05:10 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Roaming\CyberLink\MediaCache
[2016/09/29 04:31:37 | 000,000,000 | -H-D | M] -- C:\Users\R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/11/21 11:51:29 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2010/11/21 11:51:29 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2013/05/13 12:05:10 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Roaming\CyberLink\MediaCache
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP.R-PC\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2010/11/21 11:51:29 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2010/11/21 11:51:29 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2013/05/13 12:05:10 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Roaming\CyberLink\MediaCache
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2010/11/21 11:51:00 | 000,000,000 | -H-D | M] -- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2016/12/19 18:20:10 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2016/09/29 04:21:20 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2016/09/29 04:21:21 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2016/12/18 20:46:57 | 000,000,688 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/12/18 20:46:57 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/12/22 06:54:02 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

特快速
2016/12/23 (Fri) 00:55:01

返信フォームへ

OTL6

OTLその6

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MQ01ABD100
Partitions: 4
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 490.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 10.00GB
Starting Offset: 514850816
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 921.00GB
Starting Offset: 11252269056
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2016/09/16 01:38:02 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2016/10/15 12:48:52 | 001,054,208 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:09 | 000,795,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2016/07/16 20:42:55 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:17 | 000,453,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2016/07/16 20:42:46 | 000,347,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:10 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,888,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,360,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2016/07/16 20:42:55 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,264,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:18 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2016/07/16 20:42:46 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2016/11/02 19:25:18 | 000,541,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:11 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2016/07/16 20:42:16 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2016/10/05 18:29:19 | 000,368,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2016/10/15 12:36:20 | 000,792,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2016/07/16 20:42:04 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2016/11/11 18:20:29 | 000,657,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,888,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:46 | 000,057,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2016/11/11 18:16:14 | 000,184,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:27 | 000,305,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:40 | 000,617,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2016/07/16 20:43:04 | 000,566,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2016/07/16 20:42:36 | 000,948,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:39 | 000,309,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2016/07/16 20:43:02 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:42 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2016/09/16 01:35:48 | 000,358,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:15 | 001,443,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/11/11 18:11:23 | 000,942,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2016/11/11 18:11:57 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:47 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:04 | 000,103,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/09/16 01:22:47 | 001,709,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:06 | 000,893,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:43:50 | 000,646,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2016/07/16 20:42:45 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:31 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2016/11/11 18:04:24 | 002,317,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2016/07/16 20:42:13 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2016/09/29 04:02:46 | 002,370,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2016/11/11 18:03:50 | 000,283,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

特快速
2016/12/23 (Fri) 00:56:28

返信フォームへ

Extra

Extraです

OTL Extras logfile created on: 2016/12/22 20:24:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\R\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.93 Gb Available Physical Memory | 75.26% Memory free
15.89 Gb Paging File | 13.96 Gb Available in Paging File | 87.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.03 Gb Total Space | 550.86 Gb Free Space | 59.81% Space Free | Partition Type: NTFS

Computer Name: R-PC | User Name: R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = BaiduSparkHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = BaiduSparkHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = D1 1E 4E 8A C0 19 D2 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{99EF6398-F98E-47F4-AAC8-32A1A64885DF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A92E1D-A763-42E2-A65B-D3B45434A631}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{0667578F-23FA-453D-8C72-CA49F8416782}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{089E508C-2F6F-4BC1-8350-C73B3742C8BF}" = dir=in | name=microsoft sticky notes |
"{0A9672E9-1345-40CC-B72B-CD9808D3F441}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{0B80F765-2889-4654-A793-DCBA543A3335}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{10B5E4A6-6296-43B4-A0FA-26AE82D6A1D6}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{11DFB42C-E76C-4A0E-8B19-B73B5D2BCEBB}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1377C328-9B5B-457A-96DF-B7E3CFF964FE}" = dir=out | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{14163B9D-DE06-4FFC-8757-34D71A6C251A}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{1535FE79-59B2-48D2-AD76-DCCBBB7CBE63}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{183FF316-49F0-43B5-B68D-F8AC399BBA8C}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{1984A695-773D-4787-A0DC-9A9D285D0CAA}" = dir=in | name=sway |
"{19EA69AB-DD50-4F56-A12C-FB8C1519ECF5}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1A14577D-0A12-42EC-979D-BD16661F46E0}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1ADACBC2-1810-4B82-84B3-A50EB2710F3B}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{25B0F812-4F5A-4CB1-AC50-0CC1CD210A97}" = dir=out | name=windows_ie_ac_001 |
"{2B1FACBC-F137-4AF9-843B-B833E846753D}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{2B2F3D57-565E-42F4-BA5B-1B22C8A5A14D}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2C093E9E-AC6A-40C1-8CC2-48E7DB960064}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{2E6160E5-32E9-4532-8814-3A80E01E6C54}" = dir=out | name=windowsdvdplayer |
"{2F4546D6-98D0-4903-9291-443A5428BD1F}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2F9D6058-06B2-4E55-B8C3-2E5298C7EF68}" = dir=out | name=onenote |
"{3325BCFA-003E-438D-A3EE-C34D010A626D}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{33472719-56A9-41D6-9E1E-A50B530A5E68}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{3374FC3A-958F-44DA-B850-E237D06EF7E0}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{36DD864D-CF75-4831-9050-45CBEDB2B7C8}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{397B5E1A-BE77-4231-A9F4-334363BEFDAD}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{3B187A41-A963-495F-B950-DCD2DE92B4AC}" = dir=in | name=onenote |
"{3B1998E7-B2FC-4404-874C-F4071EAF85EA}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{3FC81BC8-2D23-4125-B880-62ED9E447D1A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{443C57F8-0ECC-4CEB-89D9-C66866478FD7}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{499081A4-10B0-41DF-9501-D4C6B0C705F1}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{4C4766A7-7278-4780-B38F-20AF14F20A7A}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{4F866919-4AF3-4E82-B34E-6BCFE86F203D}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{53AFB984-5A47-4061-B971-590D271F5255}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{5E3B0B89-3884-41C4-B5F1-07B0847E3FAD}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{632C59EC-BF05-4377-870B-ACC7BC4BB2C1}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{63715535-C417-4D2C-ABE8-C21E3215253C}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{642798C7-E385-4C19-9B90-5F7EDED871BF}" = dir=out | name=store purchase app |
"{64E50F9D-8E98-4F29-84AC-D218F9A1D22F}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{660F96F1-693B-4D91-8E87-872C8B204F52}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{67A552FF-83B5-48E6-AB5F-6499BAD8E7F7}" = dir=out | name=@{microsoft.bingnews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{69EADE12-827E-47E3-A0BC-BA735942D474}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{6AD098CA-8D36-49F8-A2B7-EAE4F6DFB599}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{6D75BF34-49CA-4C14-A7CD-5BB84FDDA0AC}" = dir=out | name=windows_ie_ac_001 |
"{715A6CB6-E1A3-44F7-ACAB-3FE063E1782E}" = dir=in | name=microsoft solitaire collection |
"{72363258-0618-4DDF-BA2D-10DA01D01C5C}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{7F351BE6-B5F0-4CB8-9509-76AC256E5E46}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{8B3E7F4E-0B80-4581-AAC3-14356ED6FB11}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{8C8E4866-E5E2-4D4A-91CB-3B8D9CA8861E}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{92323541-87CE-41A0-A6A6-ED8094ADA9B2}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{961D88E6-AACF-4B4A-AB63-792190DC5011}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{9AD0FDA0-3826-4901-8AE3-B8AE80DC6BFE}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{9C558582-193C-46FE-BA4F-7C8C48BC8A6F}" = dir=in | name=@{microsoft.bingnews_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{9E8D7CC5-2F3C-4C42-A4EB-1B14E8C39CCD}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A003ACD8-A3C8-4C0F-9733-AFD4B984E4FF}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{A0EAE9C9-532B-4E59-922A-75EA5B2486F8}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{A248440F-E100-4B9E-95BB-548769C28588}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A55F5A88-AFE8-49CB-8E66-0DAD3CEE0C48}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{A7D35F24-2C5A-4A0D-98CC-E8D87728543D}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{A99A69E2-8587-4527-8FCE-813455075525}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{AC9F7953-72D5-4132-A8F9-A97A7C4ECA72}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{B3DBE29C-A178-4CA4-95E6-71D42C9C0B84}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{B4E24DA2-5035-449D-8FB2-9763DE6AB253}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{B517E4FF-48E1-4896-8BFE-C1A240A75149}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{B574DFF0-81BF-48DA-A41E-5A73F33A4613}" = dir=in | name=xbox |
"{B96FA236-4E27-433D-891D-A185E941BEDD}" = dir=out | name=xbox |
"{BC3203A6-624B-40E6-A061-1BC7F39C81B4}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{BCE85BB7-572D-4198-9970-DC5FE343861C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{BD45038C-A1A8-40A4-9521-C51EEC4EC94C}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{BD4C52CE-EE9E-4F24-BB5A-B829AD0EA52E}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C165D7EC-B413-44D5-8245-B772B7621759}" = dir=out | name=microsoft solitaire collection |
"{C172CCF0-CEA2-4846-A784-3E2B17874E74}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{C572F8FE-8207-4E92-9600-E07569D6136F}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{C611F1AE-F50F-416D-BFD9-5D0F40F16FDF}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{C9F7EB5F-0BA6-464D-8693-830AA2FD4F99}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{CBAB2634-A2D6-4CC9-910E-C905F35FC67A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{CFECDAA4-DA9A-4588-9208-C4BF899AE70B}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{CFF387C5-F271-469A-871E-449D0288B567}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{D197CBF8-FDD3-4D08-A615-7D6324A8F1D5}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{D3C4B939-33F4-4122-AC69-E67CC3BD1368}" = dir=out | name=microsoft sticky notes |
"{D664ABBE-EC93-413D-ABB6-F29F56C08C5A}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{D80EFB25-714D-455F-9857-0775C4113161}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{DE4F91C6-9A7C-4B9D-9FA7-6495B45FD898}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{DE6B08AA-0B35-4410-986E-1C15D8044460}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{DF3E5FAF-FBBD-45FB-864D-223DB5C6110E}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{E025C92E-A974-42E7-B1A0-4B5FC10554C8}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{E5FA0BA2-F6E0-4343-B33D-28606DF06D55}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{ECDCBEED-C191-4230-9A71-516DDD20D7BE}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{ED4FCA00-805F-4EC6-8329-D9C0003A6BFD}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{EDBB6E11-8392-4639-A9A6-995DE00DC188}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EE99F12E-3EE4-4315-A10E-130DAE779E9D}" = dir=in | name=@{microsoft.windows.featureondemand.insiderhub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.featureondemand.insiderhub/resources/appstorename} |
"{F2FF49F8-5794-4A11-9011-FA80AAAA1B85}" = dir=out | name=sway |
"{F676AF8E-6AF8-4567-B74B-C3A18C0CE76B}" = dir=out | name=twitter |
"{FE3F62E1-0C46-4E42-965A-724B7CFB8CB3}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"TCP Query User{37215995-3085-4E66-A697-0A0F0C625412}C:\program files\logicool gaming software\lcore.exe" = protocol=6 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |
"UDP Query User{3BF68128-A1C8-4649-95CD-27E40A09E158}C:\program files\logicool gaming software\lcore.exe" = protocol=17 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{25E80DAA-FD87-DCE5-202C-CC02F6673002}" = Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37D41A97-6B02-4C30-8753-85107BE1D674}" = Intel® RealSense™ SDK 2014 Runtime (x64): Core
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63B4D665-34F5-333A-BE00-6DDE0CBD4A6C}" = Microsoft .NET Framework 4.5.2 (JPN)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logicool ゲームソフトウェア 8.83
"PC-Doctor for Windows" = パソコン診断ソフト PC-Doctor
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 3.1
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1CF84962-50F8-48CA-9082-B70F3A02C686}" = カスペルスキーセキュアコネクション
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 8
"{212BFBE7-25E0-46A7-8445-375A371DCE45}" = Media Go
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23daf363-3020-4059-b3ae-dc4ad39fed19}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"{4C3386F4-BBAC-4AEE-85F7-970F71E2DF45}" = Media Go Network Downloader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90FD3224-976C-42AE-AFD1-69F91D4915DF}" = Windows Live ムービーメーカー
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup 2.5
"{B8ED7934-A409-485D-8A9B-B6E13FD70649}" = Windows Live おすすめパック
"{B9CF1C2E-6B3C-409C-A12B-836DAFC18059}" = Windows Live フォトギャラリー
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{DAC36CE7-CE81-7A03-896B-525EF40AE953}" = Media Go Video Playback Engine 2.20.108.05220
"{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}" = カスペルスキーインターネットセキュリティ
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC05D86B-2D16-477D-A3D2-7D12970583D0}" = Windows Live Writer
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Flash Player PPAPI" = Adobe Flash Player 24 PPAPI
"Google Chrome" = Google Chrome
"HANABIRA3" = その花びらにくちづけを　あなたと恋人つなぎ
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 3.1
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}" = カスペルスキーセキュアコネクション
"InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}" = カスペルスキーインターネットセキュリティ
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 1.75.0.1300
"Mozilla Firefox 50.1.0 (x86 ja)" = Mozilla Firefox 50.1.0 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicBee" = MusicBee 3.0
"WinLiveSuite_Wave3" = Windows Live おすすめパック

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3645369606-3223903301-2699934797-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2016/12/21 8:09:56 | Computer Name = R-PC | Source = SideBySide | ID = 16842787
Description = "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "C:\Program Files (x86)\Windows Live\Photo
Gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2016/12/21 8:10:09 | Computer Name = R-PC | Source = SideBySide | ID = 16842787
Description = "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシーファイル "C:\Program Files (x86)\Windows Live\Photo
Gallery\WLMFDS.DLL" 行 8 のエラーです。マニフェスト内のコンポーネント ID が要求されたコンポーネントの ID と一致しません。参照は
WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1" です。定義は WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"
です。詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2016/12/21 8:15:01 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/21 15:39:16 | Computer Name = R-PC | Source = ESENT | ID = 490
Description = taskhostw (5964) WebCacheLocal: 読み取りまたは書き込みのためにファイル "C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\V01.log"
を開こうとしましたが、システムエラー 32 (0x00000020): "プロセスはファイルにアクセスできません。別のプロセスが使用中です。 " が発生したため開けませんでした。ファイルを開く処理は、エラー
-1032 (0xfffffbf8) のため失敗します。

Error - 2016/12/21 15:39:16 | Computer Name = R-PC | Source = ESENT | ID = 454
Description = taskhostw (5964) WebCacheLocal: 予期しないエラー -1032 が発生したため、データベースの回復または復元に失敗しました。

Error - 2016/12/21 16:12:22 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/21 16:19:55 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App のライセンス認証がエラーで失敗しました:
-2144927141。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/21 16:19:55 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App のライセンス認証がエラーで失敗しました:
-2144927141。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/21 16:25:15 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/21 17:54:20 | Computer Name = R-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2016/12/22 7:27:25 | Computer Name = R-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システムライターオブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。。

Error - 2016/12/22 7:28:21 | Computer Name = R-PC | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 2016/12/21 18:38:08 | Computer Name = R-PC | Source = DCOM | ID = 10005
Description =

Error - 2016/12/21 18:38:08 | Computer Name = R-PC | Source = DCOM | ID = 10005
Description =

Error - 2016/12/21 18:38:08 | Computer Name = R-PC | Source = DCOM | ID = 10005
Description =

Error - 2016/12/21 18:38:47 | Computer Name = R-PC | Source = Service Control Manager | ID = 7001
Description = NetTcpActivator サービスは、次のエラーが原因で開始できなかった NetTcpPortSharing サービスに依存しています:
%%1058

Error - 2016/12/21 18:45:09 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

Error - 2016/12/21 18:45:09 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

Error - 2016/12/21 18:45:09 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

Error - 2016/12/22 7:20:14 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

Error - 2016/12/22 7:20:15 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

Error - 2016/12/22 7:20:15 | Computer Name = R-PC | Source = DCOM | ID = 10016
Description =

< End of report >

以上、よろしくお願いいたします。

特快速
2016/12/23 (Fri) 01:03:02

返信フォームへ

OTLの結果は置いて、別のツールでも調べますか

こんばんは。
「このサイトで最弱の小物」「伏魔殿の面汚し」の悪代官です。

IVNOさんがご多忙でレスに来れないみたいなので、貧乏な自分が代わりにレスします（←貧乏神は帰れ

OTLログを見せてもらいました。
少しゴミが見つかってるようですね。
でも明らかに怪しいものは見えないみたいです。

見つかったゴミを掃除するのは今は置いといて、別のツールでも少し調べてみますか。

今度は以下のアプリを用意してください。
「HerdProtect」（通称：HP）
説明サイト様↓
http://www.gigafree.net/security/antivirus/herdProtect.html
ダウンロード↓
http://www.herdprotect.com/installers/herdProtectScan_Setup.exe
ファイル直リンです。保存しておいてください。

準備できたら説明ページの手順に沿ってHPを起動してください。

起動したら「scan」で開始です。

しばらく待ってスキャン終了したら、「Save result」を押してそのログを表示させてから、それをデスクトップに保存してください。

保存したらHPは終了してください。
ここではなにか検出されてもそれらは一切いじらないように。

このあとHPのログを返信で見せてください。
それを見て、また不審なものがないか解析してみましょう

悪代官
2016/12/24 (Sat) 20:20:21

返信フォームへ

Re: ウイルスを踏んでしまったようです

ご確認いただきありがとうございます。
返信が遅くなり申し訳ありません。
HPログです。ご確認をお願いいたします。

以下ログ

Saved date: 2016/12/26 0:51:01
Files detected: 43
Files scanned: 10,487
Processes scanned: 77
Modules scanned: 868
ASEPs scanned: 506
Downloads scanned: 19
Deep analysis: 15/0
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files (x86)\photkey\msgtranagt.exe
Publisher:
Signer: PEGATRON CORPORATION
MD5: feea84f8621dfcc013edbb7d9e517f64
SHA-1: 39fd2558e9636f05081f404c09a719ddaaf2566a
Created: 2013/05/13 10:57:44
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Strictor.19089 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\ccsetup525.exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 0bbf9bb937c34b05655a6d30e52a516e
SHA-1: f9d434eec90359c58a2f49ac5e924b9c80fe9630
Created: 2016/12/14 22:20:08
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\rcsetup152.exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 93b05307afa14e1231be0d0535497a2a
SHA-1: 3a850827fb087fb18c4e794850baae943d7a2b7b
Created: 2015/12/24 20:55:31
Detections: 2
Determination: Inconclusive
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)
- Reason Heuristics as PUP.Bundle.Toolbar (M) (Adware)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\opencodecs_0.85.17777.exe
Publisher: Xiph.Org
Signer: Cristian Adam - Open Source Developer
MD5: 603bde5c260582c7e9ddd832d54fce9a
SHA-1: 386cf7cd29ffcbf8705eff8c8233de448ecf33ab
Created: 2015/07/15 1:05:43
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as RemoteAdmin/Win32.RMS.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\tidegichk_f103.exe
Publisher:
MD5: bf3502b9fea6c2fefa33eea266a95055
SHA-1: 9639b66b5de7f48db62a2c335f1441ce88bb5a68
Created: 2015/05/10 12:01:58
Detections: 1
Determination: Inconclusive
- Zillya! Antivirus as Trojan.Qhost.Win32.15544 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\winzip165multi-language.exe
Publisher: WinZip Computing
Signer: WinZip Computing
MD5: f8a57058ac8b25c4c4c39bbe48d95a8b
SHA-1: 5374903bacd794dd216877d1f9e91fde26df965a
Created: 2013/08/10 23:18:24
Detections: 4
Determination: Adware
- ESET NOD32 as Win32/OpenInstall (variant) (Undefined)
- Trend Micro House Call as TROJ_GEN.FCBCBKM (Undefined)
- Trend Micro as TROJ_GEN.FCBCBKM (Undefined)
- Reason Heuristics as PUP.Bundler (M) (Adware)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\ccsetup525 (1).exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 0bbf9bb937c34b05655a6d30e52a516e
SHA-1: f9d434eec90359c58a2f49ac5e924b9c80fe9630
Created: 2016/12/14 22:20:19
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\ccsetup525 (2).exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 0bbf9bb937c34b05655a6d30e52a516e
SHA-1: f9d434eec90359c58a2f49ac5e924b9c80fe9630
Created: 2016/12/14 22:25:53
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\ccsetup525 (3).exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 0bbf9bb937c34b05655a6d30e52a516e
SHA-1: f9d434eec90359c58a2f49ac5e924b9c80fe9630
Created: 2016/12/14 22:26:25
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\ccsetup525 (4).exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 0bbf9bb937c34b05655a6d30e52a516e
SHA-1: f9d434eec90359c58a2f49ac5e924b9c80fe9630
Created: 2016/12/18 21:26:12
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\file
Publisher: Nullsoft, Inc.
Signer: Nullsoft Inc.
MD5: 110cd80079e9572aef511b0491e63b8c
SHA-1: f702c19824ccf5471caeaee6fccc4e27558ae934
Created: 2015/07/21 22:00:43
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Graftor.66610 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\rcsetup152 (1).exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 93b05307afa14e1231be0d0535497a2a
SHA-1: 3a850827fb087fb18c4e794850baae943d7a2b7b
Created: 2015/12/24 20:55:32
Detections: 2
Determination: Inconclusive
- ESET NOD32 as Win32/Bundled.Toolbar.Google.D potentially unsafe application (Undefined)
- Reason Heuristics as PUP.Bundle.Toolbar (M) (Adware)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\05_wlan\05 wlan_bt_combo\wlan_bt_combo\azure_aw-nb100\wlan\ndis6xwin7\athr.sys
Publisher: Atheros Communications, Inc.
MD5: 8309bf4d39daa99e5035b58c7b1533d9
SHA-1: 255045dc0b71138922a3ec64b9b12ec3271a9590
Created: 2012/01/18 15:42:02
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\downloads\05_wlan\05 wlan_bt_combo\wlan_bt_combo\liteon_wcbn608ah-p4\wlan\win7_32_64\ndis6_win7\x86\athr.sys
Publisher: Atheros Communications, Inc.
MD5: 8309bf4d39daa99e5035b58c7b1533d9
SHA-1: 255045dc0b71138922a3ec64b9b12ec3271a9590
Created: 2012/03/01 10:20:06
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\r\desktop\解析\otl.exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2016/12/22 20:23:22
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\maxxaudioaposhell64.dll
Publisher: Waves Audio Ltd.
Signer: US Waves inc
MD5: a543f21f7ad2c1105f8e36872f934b56
SHA-1: f3a734b363772023fa2da28f4ca151eb6cbbe5e9
Created: 2013/05/13 10:51:16
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Win32.Packer.PrivateExeProte-7

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\klavasyswatch.dll
Publisher: AO Kaspersky Lab
MD5: 1dd4b527d974276c7bf97f6095aa62c2
SHA-1: ef224c2ed0777ac22cae122ce8e5a80577d43bdc
Created: 2016/12/19 18:20:14
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\rollback.dll
Publisher: AO Kaspersky Lab
MD5: 885db1b3588426eaac2c4d82c33de49e
SHA-1: 4d09ca2f665d11c5e18e2a1e604ff1a9df422a03
Created: 2016/12/19 18:20:22
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\swmon_drv.kdl
Publisher: AO Kaspersky Lab
MD5: 24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1: 5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created: 2016/12/19 18:20:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\arkmon.kdl.cc061dea4fa2d9e9b6548b9d297018b5
Publisher: AO Kaspersky Lab
MD5: cc061dea4fa2d9e9b6548b9d297018b5
SHA-1: 33ed9d117fb1c0e936b4ea90b0283b9690d6a365
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\kavsys.kdl.8efabcdbb24ef1c8678ea3759df6b2a3
Publisher: AO Kaspersky Lab
MD5: 8efabcdbb24ef1c8678ea3759df6b2a3
SHA-1: fab3d0e42bf59178da2d9687f27519f5fbed3801
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\kjim.kdl.282ea0f380ca1b59ed05edc1464c0932
Publisher: AO Kaspersky Lab
MD5: 282ea0f380ca1b59ed05edc1464c0932
SHA-1: 3b168f52be93f4367ed7d3c6dd1ac4079285c18b
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Inconclusive
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\klavasyswatch.dll.000000000013165e-01d259d91b368246-01d259da426899dd
Publisher: AO Kaspersky Lab
MD5: 1dd4b527d974276c7bf97f6095aa62c2
SHA-1: ef224c2ed0777ac22cae122ce8e5a80577d43bdc
Created: 2016/12/19 19:08:51
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\klavemu.kdl.758ffdcdbdce1598ec69e4c77975d27e
Publisher: AO Kaspersky Lab
MD5: 758ffdcdbdce1598ec69e4c77975d27e
SHA-1: d6c52f7cf106993b94dc60bc780f597825df26df
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\mark.kdl.1d2042963b2fb42332a5cf3b50514d6c
Publisher: AO Kaspersky Lab
MD5: 1d2042963b2fb42332a5cf3b50514d6c
SHA-1: ad43b582f4f94f8f78895d819108b294b5f2abab
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\qscan.kdl.c828ad6a88aace51685b930a98f4f3d9
Publisher: AO Kaspersky Lab
MD5: c828ad6a88aace51685b930a98f4f3d9
SHA-1: c84b67c1e0571c73b18790b25513fcebd631355d
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\kaspersky lab\avp17.0.0\bases\cache\swmon_drv.kdl.0000000000027a5e-01d259d920f685c8-01d259dfbcda999a
Publisher: AO Kaspersky Lab
MD5: 24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1: 5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created: 2016/12/19 19:08:51
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\temp\{01fb4998-33c4-4431-85ed-079e3eefe75d}\postbuild.exe
Publisher:
MD5: 11b0c4f03d271213ff01fe2a81bc7c6a
SHA-1: 03dd1973f24b6085a24487291876297ccd3e24d9
Created: 2013/05/13 11:01:11
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\klavasyswatch.dll
Publisher: AO Kaspersky Lab
MD5: 1dd4b527d974276c7bf97f6095aa62c2
SHA-1: ef224c2ed0777ac22cae122ce8e5a80577d43bdc
Created: 2016/12/19 18:20:14
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\rollback.dll
Publisher: AO Kaspersky Lab
MD5: 885db1b3588426eaac2c4d82c33de49e
SHA-1: 4d09ca2f665d11c5e18e2a1e604ff1a9df422a03
Created: 2016/12/19 18:20:22
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\swmon_drv.kdl
Publisher: AO Kaspersky Lab
MD5: 24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1: 5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created: 2016/12/19 18:20:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\arkmon.kdl.cc061dea4fa2d9e9b6548b9d297018b5
Publisher: AO Kaspersky Lab
MD5: cc061dea4fa2d9e9b6548b9d297018b5
SHA-1: 33ed9d117fb1c0e936b4ea90b0283b9690d6a365
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\kavsys.kdl.8efabcdbb24ef1c8678ea3759df6b2a3
Publisher: AO Kaspersky Lab
MD5: 8efabcdbb24ef1c8678ea3759df6b2a3
SHA-1: fab3d0e42bf59178da2d9687f27519f5fbed3801
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\kjim.kdl.282ea0f380ca1b59ed05edc1464c0932
Publisher: AO Kaspersky Lab
MD5: 282ea0f380ca1b59ed05edc1464c0932
SHA-1: 3b168f52be93f4367ed7d3c6dd1ac4079285c18b
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Inconclusive
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\klavasyswatch.dll.000000000013165e-01d259d91b368246-01d259da426899dd
Publisher: AO Kaspersky Lab
MD5: 1dd4b527d974276c7bf97f6095aa62c2
SHA-1: ef224c2ed0777ac22cae122ce8e5a80577d43bdc
Created: 2016/12/19 19:08:51
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\klavemu.kdl.758ffdcdbdce1598ec69e4c77975d27e
Publisher: AO Kaspersky Lab
MD5: 758ffdcdbdce1598ec69e4c77975d27e
SHA-1: d6c52f7cf106993b94dc60bc780f597825df26df
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\mark.kdl.1d2042963b2fb42332a5cf3b50514d6c
Publisher: AO Kaspersky Lab
MD5: 1d2042963b2fb42332a5cf3b50514d6c
SHA-1: ad43b582f4f94f8f78895d819108b294b5f2abab
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\qscan.kdl.c828ad6a88aace51685b930a98f4f3d9
Publisher: AO Kaspersky Lab
MD5: c828ad6a88aace51685b930a98f4f3d9
SHA-1: c84b67c1e0571c73b18790b25513fcebd631355d
Created: 2016/12/19 19:08:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\kaspersky lab\avp17.0.0\bases\cache\swmon_drv.kdl.0000000000027a5e-01d259d920f685c8-01d259dfbcda999a
Publisher: AO Kaspersky Lab
MD5: 24ec9da8c676aa6893d7a70dc0b3b81a
SHA-1: 5102cbdbcd50ca7d8284e3b1cf34b9785df96c7b
Created: 2016/12/19 19:08:51
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsReno (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\temp\{01fb4998-33c4-4431-85ed-079e3eefe75d}\postbuild.exe
Publisher:
MD5: 11b0c4f03d271213ff01fe2a81bc7c6a
SHA-1: 03dd1973f24b6085a24487291876297ccd3e24d9
Created: 2013/05/13 11:01:11
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\ccleaner\lang\lang-1025.dll
Publisher:
MD5: 4f39f1882751f18e9f71ad7c69bd7dca
SHA-1: c4109e88398356f7d4ed3f6f9cb07c004ea89381
Created: 2016/12/06 23:09:28
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Injector.vhp (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\ccleaner\lang\lang-1049.dll
Publisher:
MD5: 56796fb0d1108bb9dd5cf306ac519e3b
SHA-1: 4573803b33eac694b4c6d6b330a5d4b9f5f6772f
Created: 2016/12/06 23:09:36
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/PSW.Kates.bw (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\installshield installation information\{5db1df0c-aabc-4362-8a6d-cefdfb036e41}\setup.exe
Publisher: CyberLink Corp.
MD5: de0c395b7db33dbe98ef1dae6e204675
SHA-1: 2c27c06475a26a46da516a6f336e150bfdbe320c
Created: 2013/05/13 11:02:48
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as Trojan.Genome (Undefined)

特快速
2016/12/26 (Mon) 00:55:56

返信フォームへ

今度はHP上からひとつゴミ掃除を

レスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて倒すのが悪代官の策略です（←いったい何と戦ってるんだ

HPのスキャンログを見せてもらいました。
怪しいものはほとんどなさそうですが、ひとつだけゴミみたいなものが見つかってるのでこれを掃除しますか。
HPを使ってゴミを処置します。

再度HPを起動して、先の手順でスキャンしてください。

スキャン後に、検出された中の下記を選択して「actions」から「remove」してください。

c:\programdata\application data\temp\{01fb4998-33c4-4431-85ed-079e3eefe75d}

これで対象が処置されます。
ですがもしHP上で上記が見つからないときは、目視でマイコンピューターのCドライブを開いて、手動で上記のフォルダを探して削除してみてください。

このあと一度PC再起動後、またしばらく様子見後に状態報告をレスください。
といっても、上記の処置後に目に見えて異常が出るとも思えませんが、一度処置した悪玉がしばらく期間を置いてから復活する事例も珍しくないので、表面上の沈静化だけに油断しないことも大事です

悪代官
2016/12/26 (Mon) 19:46:52

返信フォームへ

Re: ウイルスを踏んでしまったようです

ご確認いただきありがとうございます。
様子見について、承知しました。
年明けごろに経過報告いたします。

特快速
2016/12/27 (Tue) 19:09:38

返信フォームへ

Re: ウイルスを踏んでしまったようです

お久しぶりです。
最後にご確認いただいてから2か月程度経ちますが、
特に動作の異常やセキュリティソフトの警告等は発生していません。

特快速
2017/02/16 (Thu) 23:15:06

返信フォームへ

時間が空いたのでもう一度各ログを見てみましょう

こんばんは。

>最後にご確認いただいてから2か月程度経ちますが、
>特に動作の異常やセキュリティソフトの警告等は発生していません

はい、異常が沈静化したならそこはいいですが、ちょっと時間が空いてるのは心配ですね。
また復活か、別口の感染でも受けていないかを含めて全体を調べましょう。

またHJTログと、CCでインストール情報ログと各タブのログを取り直して、それらをレスで見せてください

悪代官
2017/02/17 (Fri) 20:37:54

返信フォームへ

返信フォーム

Template by マシマロック