悪代官の伏魔殿掲示板

リダイレクト系です

自分はPCゲームやらMMDなど弄っててファイルをダウンロードする機会が多いのでいつの間にか入り込んでいたのだと思います。
症状は5か月ほど前からでこのパソコンを買ったのが去年の2月なのでその間にかかったか…
よくわからないので、判断お願いします
以下ログです

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:20:57, on 2017/01/07
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 50.1.0 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Users\Username\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Username\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\凛人\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [kxesc] "c:\program files (x86)\kingsoft\kingsoft internet security 2015kxetray.exe" -autorun
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BingSvc] C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11007 bytes

インストール情報です

7-Zip 15.14 (x64) Igor Pavlov 2016/02/21 4.72 MB 15.14
Adobe AIR Adobe Systems Incorporated 2016/12/27 24.0.0.180
Adobe Flash Player 24 NPAPI Adobe Systems Incorporated 2016/12/14 19.4 MB 24.0.0.186
Borderlands: The Pre-Sequel 2K Australia 2017/01/04
Brother ドライバー＆ソフトウェア DCP-J957N Brother Industries, Ltd. 2016/12/27 1.0.6.0
CCleaner Piriform 2017/01/07 5.25
Cheat Engine 6.5.1 Cheat Engine 2016/08/25 36.5 MB
Cry of Fear Team Psykskallar 2016/04/03
Dark Souls: Prepare to Die Edition FromSoftware 2016/08/24
Darksiders II: Deathinitive Edition Gunfire Games 2016/11/29
DarksidersInstaller THQ 2016/05/16 146 MB 1.00.1000
Dead Island Techland 2016/04/02
Dragon's Dogma Online CAPCOM CO., LTD. 2016/08/25 104 MB 2.00.0000
Dual-Core Optimizer AMD 2016/04/02 86.0 KB 1.1.4.0169
Euro Truck Simulator 2 SCS Software 2016/11/24
Fallout 3 - Game of the Year Edition Bethesda Game Studios 2016/04/02
Far Cry® 3 Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai 2016/04/02
GIMP 2.8.16 The GIMP Team 2016/02/24 283 MB 2.8.16
Google Chrome Google Inc. 2016/12/19 55.0.2883.87
Grand Theft Auto V Rockstar Games 2016/07/28 "1.00.0000"
Heroes & Generals Reto-Moto 2016/11/28
How to Survive Eko Software 2016/12/30
ImgBurn LIGHTNING UK! 2016/05/21 2.5.8.0
Java 8 Update 111 (64-bit) Oracle Corporation 2016/11/16 107 MB 8.0.1110.14
Left 4 Dead Valve 2016/04/02
Left 4 Dead 2 Valve 2016/04/02
LINE LINE Corporation 2016/12/22 4.11.2.1298
Logicool ゲームソフトウェア 8.89 Logicool 2016/12/29 251 MB 8.89.68
LogMeIn Hamachi LogMeIn, Inc. 2016/11/21 2.2.0.541
LOOT version 0.10.1 LOOT Team 2016/11/24 97.1 MB 0.10.1
Love at First Sight Creepy Cute 2016/04/02
McAfee WebAdvisor McAfee, Inc. 2016/12/20 4.0.206
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2016/08/23 2.93 MB 4.0.40804.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2016/04/02 31.3 MB 3.5.92.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2016/04/02 6.03 MB 3.5.67.0
Microsoft OneDrive Microsoft Corporation 2016/12/15 88.7 MB 17.3.6720.1207
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2016/12/31 1.92 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2016/03/28 4.84 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/03/28 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2016/02/20 7.59 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/03/31 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2016/03/28 6.22 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2016/03/05 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2016/05/16 9.54 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/03/31 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/02/20 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/02/20 15.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/02/20 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/05/16 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2016/12/29 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2017/01/03 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2016/12/29 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 Microsoft Corporation 2017/01/03 25.4 MB 14.0.24210.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 Microsoft Corporation 2016/11/24 21.4 MB 14.0.24212.0
Middle-earth: Shadow of Mordor Monolith Productions, Inc. 2016/07/26
Mozilla Firefox 50.1.0 (x86 ja) Mozilla 2016/12/16 91.8 MB 50.1.0
Mozilla Maintenance Service Mozilla 2016/12/16 256 KB 50.1.0.6186
MSN スポーツ Microsoft Corporation 2016/04/30 3.0.4.345
MSN トラベル Microsoft Corporation 2016/04/30 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2016/04/30 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2016/04/30 3.0.4.336
MSN マネー Microsoft Corporation 2016/04/30 3.0.4.344
MSN 天気 Microsoft Corporation 2016/04/30 3.0.4.344
NEKOPARA Vol. 0 NEKO WORKs 2016/04/02
NEKOPARA Vol. 1 NEKO WORKs 2016/04/02
NEKOPARA vol.2 NEKO WORKs 2016/03/19
NewSoft CD Labeler NewSoft Technology Corporation 2016/12/27 2.00.00
Nexus Mod Manager Black Tree Gaming 2016/11/24 23.9 MB 0.63.9
NVIDIA 3D Vision コントローラードライバー 369.04 NVIDIA Corporation 2016/11/29 369.04
NVIDIA 3D Vision ドライバー 376.09 NVIDIA Corporation 2016/11/29 376.09
NVIDIA GeForce Experience 3.2.0.96 NVIDIA Corporation 2016/12/15 3.2.0.96
NVIDIA HD オーディオドライバー 1.3.34.17 NVIDIA Corporation 2016/11/29 1.3.34.17
NVIDIA PhysX システムソフトウェア 9.16.0318 NVIDIA Corporation 2016/11/24 9.16.0318
NVIDIA グラフィックスドライバー 376.09 NVIDIA Corporation 2016/11/29 376.09
OneNote Microsoft Corporation 2016/04/30 16.0.3327.1048
OpenIV .black/OpenIV Team 2016/07/27 60.4 MB 2.8.703
Origin Electronic Arts, Inc. 2016/12/21 310 MB 10.3.3.1921
PAYDAY 2 OVERKILL - a Starbreeze Studio. 2016/08/24
PHANTASY STAR ONLINE 2 SEGA 2016/08/29 7.13 MB
Portal Valve 2017/01/02
Portal 2 Valve 2017/01/02
Presto! PageManager 9.02 Newsoft Technology Corporation 2016/12/27 9.02.10
PS4リモートプレイ Sony Interactive Entertainment Inc. 2016/11/02 9.46 MB 1.5.0.08251
Resident Evil 5 / Biohazard 5 Capcom 2017/01/02
Resident Evil 7 / Biohazard 7 Teaser: Beginning Hour CAPCOM Co., Ltd. 2017/01/03
RGSS-RTP Standard Enterbrain 2016/02/29 1.03
Rockstar Games Social Club Rockstar Games 2016/11/02 1.2.0.5
RPGツクールVX Ace RTP Enterbrain 2016/02/21 194 MB 1.00
RPGツクールVX RTP Enterbrain 2016/02/21 42.1 MB 1.02
Sades 7.1CH Gaming Headset SHENZHEN SADES DIGITAL TECHNOLOGY CO.,LTD 2016/08/08 1.00.0010
Saints Row IV Deep Silver Volition 2017/01/04
sakura editor(サクラエディタ) サクラエディタ開発チーム 2016/02/25 5.32 MB
SENRAN KAGURA SHINOVI VERSUS Tamsoft 2016/07/26
Shadowverse Cygames, Inc. 2016/11/11
Sid Meier's Civilization V Firaxis Games 2016/11/26
Skype Skype 2016/04/30 3.1.0.1016
Skype(TM) 7.30 Skype Technologies S.A. 2016/11/28 233 MB 7.30.105
Steam Valve Corporation 2016/02/20 2.10.91.91
TeamViewer 11 TeamViewer 2016/03/11 11.0.56083
The Elder Scrolls V: Skyrim Bethesda Game Studios 2016/11/24
This War of Mine 11 bit studios 2016/12/30
Titanfall™ Electronic Arts 2016/08/21 56.0 GB 1.0.10.1
Unity Web Player Unity Technologies ApS 2016/12/16 12.0 MB 5.3.7f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2016/02/23 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2016/02/23 41.7 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2016/02/23 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2016/02/23 9.00 KB 16.0.1515.1
Uplay Ubisoft 2016/04/16 18.1
Vulkan Run Time Libraries 1.0.26.0 LunarG, Inc. 2016/11/29 1.66 MB 1.0.26.0
Wallpaper Engine Kristjan Skutta 2017/01/05
War Thunder Gaijin Entertainment 2016/04/02
Watch_Dogs Ubisoft 2016/11/30
Windows Live Essentials Microsoft Corporation 2016/12/31 16.4.3528.0331
Windows アラーム Microsoft Corporation 2016/02/20 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2016/02/20 6.3.9600.20280
Windows スキャン Microsoft Corporation 2016/04/30 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2016/02/20 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/04/30 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2016/02/20 6.3.9600.20278
World of Guns: Gun Disassembly Noble Empire Corp. 2016/12/07
XMedia Recode version 3.3.2.8 XMedia Recode 2016/06/22 31.3 MB 3.3.2.8
はがきデザインキット Japan Post Co., Ltd. 2016/12/27 v10.0.2
オトメ＊ドメインぱれっとクオリア 2016/11/02
ゲーム Microsoft Corporation 2016/02/20 2.0.139.0
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2016/09/21 5.01 MB 3.55.7671.0901
ビデオ Microsoft Corporation 2016/04/30 2.6.446.0
ミュージック Microsoft Corporation 2016/04/30 2.6.672.0
メール、カレンダー、People 2016/04/30
リーダー Microsoft Corporation 2016/04/30 6.4.9926.18228
ワガママハイスペックまどそふと 2016/10/31
地図 Microsoft Corporation 2016/02/20 2.1.3230.2048

へび
MAIL
2017/01/07 (Sat) 15:33:48

返信フォームへ

ルーターをお使いならその機種を教えてもらえますか

こんばんは。
ここの管理人の悪代官と言うケチな遊び人です（←それポジション違う

まずは説明とログを見せてもらいました。
まだ主因らしいものは見えませんが怪しいものは少し見えます。
安全優先で慎重に調べていきましょうか。

それと作業にかかる前に以下の確認も次回レスで教えてください。

ルーターをお使いならそのルーターの機種（型番）を。

お使いの場合可能ならそのルーターを外して直接モデムから有線接続して状態確認して、件の異常が同様に出るか出なくなったかも教えてください。
これは環境上できないなら無理にやらなくてもいいのでそのことだけ教えてくれればいいです。
上記はこのあとの作業ができてからその報告時に一緒に教えてくれればいいです。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

少なくとも下記のアプリは旧バージョンです。
>7-Zip 15.14 (x64) Igor Pavlov 2016/02/21 4.72 MB 15.14

>GIMP 2.8.16 The GIMP Team 2016/02/24 283 MB 2.8.16

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

GUを使って下記をアンインストールしてください。
>Java 8 Update 111 (64-bit) Oracle Corporation 2016/11/16 107 MB 8.0.1110.14

pdfアプリが必要なら、下記を入れておくといいでしょう。
http://www.forest.impress.co.jp/library/software/pdfxchedit/

今度はPCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>ImgBurn LIGHTNING UK! 2016/05/21 2.5.8.0

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"

必要な項目にチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

あともうひとつ、下記アプリはご自身で必要として入れたものですか？
>TeamViewer 11 TeamViewer 2016/03/11 11.0.56083

ご自身で入れたならどういう目的で入れたか、支障ない範囲で教えてください。
ですが覚えもないのにいつの間にか入っていたならこれは削除することになりそうです

悪代官
2017/01/07 (Sat) 17:33:39

返信フォームへ

Re: リダイレクト系です

返信ありがとうございます。
Teamviewerはリアルの友人に自分が持っているPCゲーム触らせる程度で使っているものです。
ルーターはbuffaloのWHR-G301Nです。一回ルーターを取り外してやってみましたが、飛ばされる症状はそのままでした。指示されたものをアンストしてみたのですが変わらず…
　以下ログです

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:19:17, on 2017/01/07
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 50.1.0 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe
C:\Users\凛人\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [kxesc] "c:\program files (x86)\kingsoft\kingsoft internet security 2015kxetray.exe" -autorun
O4 - HKLM\..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [BingSvc] C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10527 bytes

インストール情報

Adobe AIR Adobe Systems Incorporated 2016/12/27 24.0.0.180
Adobe Flash Player 24 NPAPI Adobe Systems Incorporated 2016/12/14 19.4 MB 24.0.0.186
Borderlands: The Pre-Sequel 2K Australia 2017/01/04
Brother ドライバー＆ソフトウェア DCP-J957N Brother Industries, Ltd. 2016/12/27 1.0.6.0
CCleaner Piriform 2017/01/07 5.25
Cheat Engine 6.5.1 Cheat Engine 2016/08/25 36.5 MB
Cry of Fear Team Psykskallar 2016/04/03
Dark Souls: Prepare to Die Edition FromSoftware 2016/08/24
Darksiders II: Deathinitive Edition Gunfire Games 2016/11/29
DarksidersInstaller THQ 2016/05/16 146 MB 1.00.1000
Dead Island Techland 2016/04/02
Dragon's Dogma Online CAPCOM CO., LTD. 2016/08/25 104 MB 2.00.0000
Dual-Core Optimizer AMD 2016/04/02 86.0 KB 1.1.4.0169
Euro Truck Simulator 2 SCS Software 2016/11/24
Fallout 3 - Game of the Year Edition Bethesda Game Studios 2016/04/02
Far Cry® 3 Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai 2016/04/02
Google Chrome Google Inc. 2016/12/19 55.0.2883.87
Grand Theft Auto V Rockstar Games 2016/07/28 "1.00.0000"
Heroes & Generals Reto-Moto 2016/11/28
How to Survive Eko Software 2016/12/30
Left 4 Dead Valve 2016/04/02
Left 4 Dead 2 Valve 2016/04/02
LINE LINE Corporation 2016/12/22 4.11.2.1298
Logicool ゲームソフトウェア 8.89 Logicool 2016/12/29 251 MB 8.89.68
LogMeIn Hamachi LogMeIn, Inc. 2016/11/21 2.2.0.541
LOOT version 0.10.1 LOOT Team 2016/11/24 97.1 MB 0.10.1
Love at First Sight Creepy Cute 2016/04/02
McAfee WebAdvisor McAfee, Inc. 2016/12/20 4.0.206
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2016/08/23 2.93 MB 4.0.40804.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2016/04/02 31.3 MB 3.5.92.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2016/04/02 6.03 MB 3.5.67.0
Microsoft OneDrive Microsoft Corporation 2016/12/15 88.7 MB 17.3.6720.1207
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2016/12/31 1.92 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2016/03/28 4.84 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2016/03/28 6.83 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 2016/02/20 7.59 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/03/31 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2016/03/28 6.22 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2016/03/05 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2016/05/16 9.54 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/03/31 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/02/20 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/02/20 15.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/02/20 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/05/16 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2016/12/29 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2016/12/29 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2017/01/03 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 Microsoft Corporation 2017/01/03 25.4 MB 14.0.24210.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 Microsoft Corporation 2016/11/24 21.4 MB 14.0.24212.0
Middle-earth: Shadow of Mordor Monolith Productions, Inc. 2016/07/26
Mozilla Firefox 50.1.0 (x86 ja) Mozilla 2016/12/16 91.8 MB 50.1.0
Mozilla Maintenance Service Mozilla 2016/12/16 256 KB 50.1.0.6186
MSN スポーツ Microsoft Corporation 2016/04/30 3.0.4.345
MSN トラベル Microsoft Corporation 2016/04/30 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2016/04/30 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2016/04/30 3.0.4.336
MSN マネー Microsoft Corporation 2016/04/30 3.0.4.344
MSN 天気 Microsoft Corporation 2016/04/30 3.0.4.344
NEKOPARA Vol. 0 NEKO WORKs 2016/04/02
NEKOPARA Vol. 1 NEKO WORKs 2016/04/02
NEKOPARA vol.2 NEKO WORKs 2016/03/19
NewSoft CD Labeler NewSoft Technology Corporation 2016/12/27 2.00.00
Nexus Mod Manager Black Tree Gaming 2016/11/24 23.9 MB 0.63.9
NVIDIA 3D Vision コントローラードライバー 369.04 NVIDIA Corporation 2016/11/29 369.04
NVIDIA 3D Vision ドライバー 376.09 NVIDIA Corporation 2016/11/29 376.09
NVIDIA GeForce Experience 3.2.0.96 NVIDIA Corporation 2016/12/15 3.2.0.96
NVIDIA HD オーディオドライバー 1.3.34.17 NVIDIA Corporation 2016/11/29 1.3.34.17
NVIDIA PhysX システムソフトウェア 9.16.0318 NVIDIA Corporation 2016/11/24 9.16.0318
NVIDIA グラフィックスドライバー 376.09 NVIDIA Corporation 2016/11/29 376.09
OneNote Microsoft Corporation 2016/04/30 16.0.3327.1048
OpenIV .black/OpenIV Team 2016/07/27 60.4 MB 2.8.703
Origin Electronic Arts, Inc. 2016/12/21 310 MB 10.3.3.1921
PAYDAY 2 OVERKILL - a Starbreeze Studio. 2016/08/24
PHANTASY STAR ONLINE 2 SEGA 2016/08/29 7.13 MB
Portal Valve 2017/01/02
Portal 2 Valve 2017/01/02
Presto! PageManager 9.02 Newsoft Technology Corporation 2016/12/27 9.02.10
PS4リモートプレイ Sony Interactive Entertainment Inc. 2016/11/02 9.46 MB 1.5.0.08251
Resident Evil 5 / Biohazard 5 Capcom 2017/01/02
Resident Evil 7 / Biohazard 7 Teaser: Beginning Hour CAPCOM Co., Ltd. 2017/01/03
RGSS-RTP Standard Enterbrain 2016/02/29 1.03
Rockstar Games Social Club Rockstar Games 2016/11/02 1.2.0.5
RPGツクールVX Ace RTP Enterbrain 2016/02/21 194 MB 1.00
RPGツクールVX RTP Enterbrain 2016/02/21 42.1 MB 1.02
Sades 7.1CH Gaming Headset SHENZHEN SADES DIGITAL TECHNOLOGY CO.,LTD 2016/08/08 1.00.0010
Saints Row IV Deep Silver Volition 2017/01/04
sakura editor(サクラエディタ) サクラエディタ開発チーム 2016/02/25 5.32 MB
SENRAN KAGURA SHINOVI VERSUS Tamsoft 2016/07/26
Shadowverse Cygames, Inc. 2016/11/11
Sid Meier's Civilization V Firaxis Games 2016/11/26
Skype Skype 2016/04/30 3.1.0.1016
Skype(TM) 7.30 Skype Technologies S.A. 2016/11/28 233 MB 7.30.105
Steam Valve Corporation 2016/02/20 2.10.91.91
TeamViewer 11 TeamViewer 2016/03/11 11.0.56083
The Elder Scrolls V: Skyrim Bethesda Game Studios 2016/11/24
This War of Mine 11 bit studios 2016/12/30
Titanfall™ Electronic Arts 2016/08/21 56.0 GB 1.0.10.1
Unity Web Player Unity Technologies ApS 2016/12/16 12.0 MB 5.3.7f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2016/02/23 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2016/02/23 41.7 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2016/02/23 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2016/02/23 9.00 KB 16.0.1515.1
Uplay Ubisoft 2016/04/16 18.1
Vulkan Run Time Libraries 1.0.26.0 LunarG, Inc. 2016/11/29 1.66 MB 1.0.26.0
Wallpaper Engine Kristjan Skutta 2017/01/05
War Thunder Gaijin Entertainment 2016/04/02
Watch_Dogs Ubisoft 2016/11/30
Windows Live Essentials Microsoft Corporation 2016/12/31 16.4.3528.0331
Windows アラーム Microsoft Corporation 2016/02/20 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2016/02/20 6.3.9600.20280
Windows スキャン Microsoft Corporation 2016/04/30 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2016/02/20 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/04/30 6.3.9654.20947
Windows 電卓 Microsoft Corporation 2016/02/20 6.3.9600.20278
World of Guns: Gun Disassembly Noble Empire Corp. 2016/12/07
XMedia Recode version 3.3.2.8 XMedia Recode 2016/06/22 31.3 MB 3.3.2.8
はがきデザインキット Japan Post Co., Ltd. 2016/12/27 v10.0.2
オトメ＊ドメインぱれっとクオリア 2016/11/02
ゲーム Microsoft Corporation 2016/02/20 2.0.139.0
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2016/09/21 5.01 MB 3.55.7671.0901
ビデオ Microsoft Corporation 2016/04/30 2.6.446.0
ミュージック Microsoft Corporation 2016/04/30 2.6.672.0
メール、カレンダー、People 2016/04/30
リーダー Microsoft Corporation 2016/04/30 6.4.9926.18228
ワガママハイスペックまどそふと 2016/10/31
地図 Microsoft Corporation 2016/02/20 2.1.3230.2048

ccログ

有効 HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
無効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run amd_dc_opt AMD C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
有効 HKLM:Run BrHelp Brother Industries, Ltd. C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run Cm6620Sound "C:\Program Files\Sades 7.1CH Gaming Headset\CPL\FaceLift_x64.exe" /h /d
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
有効 HKLM:Run dply_en_015020260
有効 HKLM:Run kxesc "c:\program files (x86)\kingsoft\kingsoft internet security 2015kxetray.exe" -autorun
有効 HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logicool Gaming Software\LCore.exe /minimized
有効 HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
有効 HKLM:Run PMSpeed9.02.10 NewSoft Technology Corporation C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE
有効 HKLM:Run rec_jp_218
有効 HKLM:Run ShadowPlay Microsoft Corporation "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run sun13
有効 HKLM:Run WrtMon.exe NewSoft Technology Corporation C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe
有効 Startup Common コンテンツ管理アシスタント for PlayStation(R).lnk Sony Computer Entertainment Inc. C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-160059852-1343974612-1104660523-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
有効 Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
有効 Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
有効 Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
有効 Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
有効 Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
有効 Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
有効 Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
有効 Task OneDrive Standalone Update Task v2 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task Optimize Start Menu Cache Files-S-1-5-21-160059852-1343974612-1104660523-1001

有効 Directory ###MegaContextMenuExt C:\Users\凛人\AppData\Local\MEGAsync\ShellExtX64.dll
有効 Directory duba_64bit
有効 Drive duba_64bit
有効 File ###MegaContextMenuExt C:\Users\凛人\AppData\Local\MEGAsync\ShellExtX64.dll
有効 File duba_64bit

無効 Helper McAfee WebAdvisor BHO McAfee, Inc. c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
無効 Helper McAfee WebAdvisor BHO McAfee, Inc. c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

有効 Extension Application Update Service Helper 1.0 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
無効 Extension Coolrom Search Engine 1.3 http://coolrom.com/contact.php default Firefox 50.1.0 C:\Users\åäºº\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\extensions\{0fc22c4c-93ed-48ea-ad12-dc8039cf3795}.xpi
無効 Extension Firefox Hotfix 20160826.01 Mozilla default Firefox 50.1.0 C:\Users\åäºº\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\extensions\firefox-hotfix@mozilla.org.xpi
無効 Extension Greasemonkey 3.9 Aaron Boodman; http://youngpup.net/ default Firefox 50.1.0 C:\Users\åäºº\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
有効 Extension McAfee WebAdvisor 5.0.360.0 McAfee Inc. default Firefox 50.1.0 C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
有効 Extension Multi-process staged rollout 1.5 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Web Compat 1.0 default Firefox 50.1.0 C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
無効 Extension YouTube鬯ｯ・ｯ繝ｻ・ｯ郢晢ｽｻ繝ｻ・ｯ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｯ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｯ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｯ鬯ｯ・ｩ陝ｷ・｢繝ｻ・ｽ繝ｻ・｢鬮ｫ・ｴ髮懶ｽ｣繝ｻ・ｽ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｩ鬯ｯ・ｯ繝ｻ・ｯ郢晢ｽｻ繝ｻ・ｯ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｯ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｮ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｦ鬯ｯ・ｩ陝ｷ・｢繝ｻ・ｽ繝ｻ・｢鬮ｫ・ｴ髮懶ｽ｣繝ｻ・ｽ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｪ鬯ｯ・ｯ繝ｻ・ｯ郢晢ｽｻ繝ｻ・ｩ鬮ｯ譎｢・ｽ・ｷ郢晢ｽｻ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｯ・ｮ繝ｻ・ｫ郢晢ｽｻ繝ｻ・ｴ鬯ｮ・ｮ隲幢ｽｶ繝ｻ・ｽ繝ｻ・｣驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｯ・ｯ繝ｻ・ｯ郢晢ｽｻ繝ｻ・ｩ鬮ｯ譎｢・ｽ・ｷ郢晢ｽｻ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｯ・ｮ繝ｻ・ｫ郢晢ｽｻ繝ｻ・ｴ鬯ｮ・ｮ隲幢ｽｶ繝ｻ・ｽ繝ｻ・｣驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｯ・ｯ繝ｻ・ｩ髯晢ｽｷ繝ｻ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・｢鬯ｮ・ｫ繝ｻ・ｴ鬮ｮ諛ｶ・ｽ・｣郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・｢鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｯ・ｩ陝ｷ・｢繝ｻ・ｽ繝ｻ・｢鬮ｫ・ｴ髮懶ｽ｣繝ｻ・ｽ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬯ｯ・ｯ繝ｻ・ｯ郢晢ｽｻ繝ｻ・ｩ鬮ｯ譎｢・ｽ・ｷ郢晢ｽｻ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｯ・ｮ繝ｻ・ｫ郢晢ｽｻ繝ｻ・ｴ鬯ｮ・ｮ隲幢ｽｶ繝ｻ・ｽ繝ｻ・｣驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｯ・ｯ繝ｻ・ｩ髯晢ｽｷ繝ｻ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・｢鬯ｮ・ｫ繝ｻ・ｴ鬮ｮ諛ｶ・ｽ・｣郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・｢鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｯ・ｩ陝ｷ・｢繝ｻ・ｽ繝ｻ・｢鬮ｫ・ｴ髮懶ｽ｣繝ｻ・ｽ繝ｻ・｢驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｽ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・ｻ鬯ｩ蟷｢・ｽ・｢髫ｴ雜｣・ｽ・｢郢晢ｽｻ繝ｻ・ｽ郢晢ｽｻ繝ｻ・ｻ鬩幢ｽ｢隴趣ｽ｢繝ｻ・ｽ繝ｻ・ｻ驛｢譎｢・ｽ・ｻ郢晢ｽｻ繝ｻ・｢ Enhancer Plus 4.1.4 Maxime RF default Firefox 50.1.0 C:\Users\åäºº\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\extensions\firefoxaddon@youtubeenhancer.com.xpi
有効 Plugin 1.4.8.903 Google Inc. default Firefox 50.1.0 C:\Users\凛人\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
有効 Plugin Google Update 1.3.32.7 Google Inc. default Firefox 50.1.0 C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
有効 Plugin NVIDIA 3D Vision 7.17.13.7609 NVIDIA Corporation default Firefox 50.1.0 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.7609 NVIDIA Corporation default Firefox 50.1.0 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.6 Mozilla Corporation default Firefox 50.1.0 C:\Users\凛人\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
有効 Plugin Photo Gallery 16.4.3528.331 Microsoft Corporation default Firefox 50.1.0 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 17 Adobe Systems Inc default Firefox 50.1.0 C:\Users\凛人\AppData\Roaming\Mozilla\Firefox\Profiles\rrq253y5.default\gmp-eme-adobe\17\eme-adobe.dll
有効 Plugin Shockwave Flash 24.0.0.186 Adobe Systems Incorporated default Firefox 50.1.0 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
有効 Plugin Unity Player 5.3.7.18311 default Firefox 50.1.0 C:\Users\蜃帑ｺｺ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

有効 App Gmail 8.1 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1
無効 Extension AdF.ly Skipper ★WORKING★ 1.3.1 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb\1.3.1_0
無効 Extension Coolrom for Chrome 2.0.4 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\poemoclkilikpldgnafciacmpabfepgi\2.0.4_0
有効 Extension Enhancer for YouTube™ 2.0.18 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle\2.0.18_0
有効 Extension Google オフラインドキュメント 1.4 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google ドキュメント 0.9 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1
有効 Extension Helium Backup 1.0.1.5 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl\1.0.1.5_0
有効 Extension McAfee® WebAdvisor 5.0.331.0 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\5.0.331.0_0
無効 Extension Skype 8.5.0.9167 ユーザー 1 C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\8.5.0.9167_0

へび
2017/01/07 (Sat) 18:28:12

返信フォームへ

CCログで少しあぶり出されました

早速の作業と報告、ご苦労様です。

>ルーターはbuffaloのWHR-G301Nです。一回ルーターを取り外してやってみましたが、飛ばされる症状はそのままでした

はい、まだ沈静化はできませんでしたか。
まあこの時点ではよほどのことがない限り劇的な改善はしない段階で、今は原因をか糸口を探る段階です。
ルーターも今回はファームウェア改ざんされてはないみたいですが油断はできません。

でも続きのCCログでいくつかあぶり出されました。
例えばCCのスタートアップの「Windows」タブログで、下記は正規じゃないのは明らかです。
>有効 HKLM:Run dply_en_015020260

>有効 HKLM:Run rec_jp_218

>有効 HKLM:Run sun13

他にもブラウザ内に色々食い込まれてますね。
今度はそれらを慎重に修正していきましょう。

また説明に沿って続きの作業をお願いします。

まず下記ページの説明を読んでから
http://note.chiebukuro.yahoo.co.jp/detail/n367452

その手順に沿って一度ブラウザのChromeとFFを削除したのち、公式サイトから再インストールしてください。
またIEも一度「リセット」です。

ブラウザの作業ができたら今度はCCを起動して「Windows」タブ内の下記を選択して「無効」にしたあと続けて「エントリの削除」してください。無効化できないときはそのまま削除でもいいです。
>有効 HKLM:Run dply_en_015020260

>有効 HKLM:Run rec_jp_218

>有効 HKLM:Run sun13

ここでCCを終了したら次は下記のツールを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除したあと、PCをセーフモードで再起動してしてください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
またセーフモード起動してからMBAM起動してスキャンしてください。
MBAM起動したら「スキャン」タブで「カスタムスキャン」選択後、Cドライブを含む全ドライブを選択してください。
それとルートキットスキャンの項目もチェック入れておいてください。

この形でスキャンすると時間はかかりますができるだけ細かくスキャンするためです。

両ツールのスキャンの順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、画面右下にその結果を知らせるメッセージが出るので、それを押すとその結果が表示されるはずです。
そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

悪代官
2017/01/07 (Sat) 20:46:08

返信フォームへ

Re: リダイレクト系です

スキャンなど書いていただいたことを終わらせ、40分ほどネサフしてみたのですがまだ一度もリダイレクトには会ってません、消えたのかな…？

以下ログです

# AdwCleaner v6.042 - ログファイルの作成日 07/01/2017 作成時間 22:48:58
# Malwarebytesによる 06/01/2017 の更新日
# データベース : 2016-08-24.2 [ローカル]
# オペレーティングシステム : Windows 8.1 (X64)
# ユーザー名 : asuka1123 - TAMURAPC
# 実行場所 : C:\Users\凛人\Downloads\adwcleaner_6.042.exe
# モード：安全
# サポート : https://www.malwarebytes.com/support

***** [ サービス ] *****

***** [ フォルダ ] *****

***** [ ファイル ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ ショートカット ] *****

***** [ スケジュール済みタスク ] *****

***** [ レジストリ ] *****

[-] 削除済みキー：HKU\S-1-5-21-160059852-1343974612-1104660523-1001\Software\csastats
[#] 再起動時に削除されたキー：HKCU\Software\csastats
[#] 再起動時に削除されたキー：[x64] HKCU\Software\csastats

***** [ ブラウザ ] *****

*************************

:: "Tracing" キーを削除しました
:: Winsock設定を削除しました

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8145 バイト] - [25/08/2016 15:03:26]
C:\AdwCleaner\AdwCleaner[C2].txt - [1226 バイト] - [07/01/2017 22:48:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [7924 バイト] - [25/08/2016 15:01:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1882 バイト] - [07/01/2017 22:48:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1457 バイト] ##########

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/7/17
Scan Time: 10:53 PM
Logfile: mbma.txt
Administrator: Yes

-Software Information-
Version: 3.0.0
Components Version: 1.0.0
Update Package Version: 1.0.0
License: Free

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: tamurapc\asuka1123

-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 525065
Time Elapsed: 1 hr, 22 min, 4 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 2
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [12871], [-1],0.0.0
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [12871], [-1],0.0.0

Data Stream: 0
(No malicious items detected)

Folder: 15
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\external, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\_metadata, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi, Quarantined, [14684], [182267],1.0.0

File: 80
PUP.Optional.BrowseFox, C:\Windows\System32\drivers\{2011c5ae-02f2-473c-a080-2bac92b5ade6}Gw64.sys, Quarantined, [2075], [299543],0.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\common.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\lifecycle.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\settings.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\setup.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\chrome\utils.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\abtest.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\conf-sys.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\conf.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\nt_ptr.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\prefs-sys.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\prefs.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\settings-dev.js, Delete-on-Reboot, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\common\udata.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\jquery-2.1.1.min.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\md5.min.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\string.min.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\external\underscore-min.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\AutoSuggest.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\contentscript.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\newtab-base.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-engines.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-form.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\search\search-redirect.js, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\background.html, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\favicon.ico, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\content\newtab.html, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\newtab.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\search.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\search2.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\styles.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\css\white_bg.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\external\normalize.css, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\HelveticaNeue-Thin.otf, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\neue-bold.woff, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\fonts\neue.woff, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\01d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\01n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\02d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\02n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\03d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\03n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\04d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\04n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\09d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\09n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\10d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\10n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\11d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\11n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\13d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\13n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\50d.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\weather\50n.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\128.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\16.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\48.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\icons\close.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bing.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\bluesky-bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\brush.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\clock.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\cloud.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\cupcake-bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\desk-bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\doodle.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\down.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\google.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\mountain-bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\sea-bg.jpg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\yahoo.png, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\skin\images\yahoo.svg, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\_metadata\verified_contents.json, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\Users\youmu_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi\1.0.7.94_0\manifest.json, Quarantined, [14684], [182267],1.0.0
PUP.Optional.SearchManager.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Quarantined, [14684], [-1],0.0.0
PUP.Optional.SearchManager.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Quarantined, [14684], [-1],0.0.0
RiskWare.GameHack.Generic, C:\USERS\\u00e5\u0087\u009b\u00e4\u00ba\u00ba\DOWNLOADS\BIO5 ALTERNATIVE EDITION TRAINER V1.1\BIO5 ALTERNATIVE EDITION TRAINER V1.1\RESIDENT EVIL 5 GOLD EDITION V1.0-UPDATE 1 PLUS 16 TRAINER FIXED.EXE, Quarantined, [2097], [339459],1.0.0
PUP.Optional.SearchProtect.AppFlsh, C:\WINDOWS\SYSTEM32\TASKS\BVXVCXXVAF, Quarantined, [12871], [253622],1.0.0
PUP.Optional.PCSpeedUp, C:\WINDOWS\TEMP\SCS_SETUP_CB_1.0.2.0.EXE, Quarantined, [7862], [77043],1.0.0

Physical Sector: 0
(No malicious items detected)

(end)

へび
2017/01/08 (Sun) 00:35:02

返信フォームへ

今度はOTLでスキャンを

作業と報告、ご苦労様です。

>40分ほどネサフしてみたのですがまだ一度もリダイレクトには会ってません、消えたのかな…？

はい、沈静化したのは何よりですね。気分的にもいくらか楽になりましたか。
ですがいまはまだ「解決」とは思わないように。

両ツールの結果ログも見せてもらいましたが、ルーター以外にもかなり入り込まれてましたね。
それらもツールで処置できたのでいいです。
両ツールは導入時の説明に沿って片付けてください。

では続きの解析しましょう。
今度は別のツールで別の角度からも調べます。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

悪代官
2017/01/08 (Sun) 07:48:10

返信フォームへ

Re: リダイレクト系です

こんな感じです

OTL logfile created on: 2017/01/08 15:44:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\凛人\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18538)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 6.39 Gb Available Physical Memory | 80.31% Memory free
15.95 Gb Paging File | 14.35 Gb Available in Paging File | 89.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.96 Gb Total Space | 33.43 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 2128.59 Gb Free Space | 76.17% Space Free | Partition Type: NTFS

Computer Name: TAMURAPC | User Name: asuka1123 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017/01/08 15:42:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\凛人\Downloads\OTL.exe
PRC - [2016/12/30 23:15:10 | 001,798,664 | ---- | M] () -- C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
PRC - [2016/12/14 13:15:26 | 002,776,528 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2016/12/13 08:36:29 | 000,425,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
PRC - [2016/12/13 08:35:41 | 000,425,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
PRC - [2016/12/13 08:35:17 | 015,532,992 | ---- | M] (Node.js) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
PRC - [2016/12/13 08:33:22 | 001,430,976 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
PRC - [2016/11/11 13:47:34 | 005,565,960 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2016/03/03 03:36:19 | 006,942,480 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2015/11/05 02:46:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2015/09/01 15:43:22 | 000,525,448 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
PRC - [2015/09/01 15:43:18 | 003,784,312 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
PRC - [2014/05/22 13:50:04 | 004,513,792 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2013/05/14 19:39:42 | 000,505,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2013/05/14 19:37:24 | 001,448,960 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2013/02/22 09:59:18 | 000,120,632 | ---- | M] (NewSoft Technology Corporation) -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe
PRC - [2013/01/18 11:01:12 | 002,009,088 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
PRC - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/12/30 23:15:10 | 001,798,664 | ---- | M] () -- C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
MOD - [2016/12/13 08:35:47 | 003,774,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll
MOD - [2016/12/13 08:35:34 | 000,900,032 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
MOD - [2016/12/13 08:35:21 | 000,018,880 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/12/13 08:33:17 | 064,245,184 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
MOD - [2016/12/12 23:36:24 | 002,808,888 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
MOD - [2016/12/12 23:36:24 | 001,003,456 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
MOD - [2016/12/12 23:36:24 | 000,956,472 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
MOD - [2016/12/12 23:36:24 | 000,525,760 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
MOD - [2016/12/12 23:36:24 | 000,512,960 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
MOD - [2016/12/12 23:36:24 | 000,447,424 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
MOD - [2016/12/12 23:36:24 | 000,441,912 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
MOD - [2016/12/12 23:36:24 | 000,384,568 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
MOD - [2016/12/12 23:36:24 | 000,363,064 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
MOD - [2016/12/12 23:36:24 | 000,336,832 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
MOD - [2016/12/12 23:36:24 | 000,254,008 | ---- | M] () -- \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
MOD - [2013/02/22 10:29:16 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMScnSet.dll
MOD - [2013/02/21 17:43:22 | 004,603,904 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMView.dll
MOD - [2013/02/21 15:03:50 | 000,548,864 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMPageVW.dll
MOD - [2013/02/21 15:03:14 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMTree.dll
MOD - [2013/02/21 15:02:58 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMOffice.dll
MOD - [2013/02/21 15:01:50 | 000,643,072 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMDB_N.dll
MOD - [2013/01/25 13:44:06 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMISM.dll
MOD - [2013/01/23 13:36:02 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\ScanModule.dll
MOD - [2013/01/07 10:43:42 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMAnoSet.dll
MOD - [2013/01/07 10:43:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMANO.dll
MOD - [2013/01/07 10:43:26 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\SlideBarDLL.dll
MOD - [2012/12/22 10:55:22 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\NetFun2K.dll
MOD - [2012/12/22 10:54:18 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMStatus.dll
MOD - [2012/12/22 10:43:18 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMIEVW.dll
MOD - [2012/12/22 10:43:12 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMProp.dll
MOD - [2012/12/22 10:42:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMDocVW.dll
MOD - [2012/12/22 10:42:38 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PHooKDlg.dll
MOD - [2012/12/22 10:30:36 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSet.dll
MOD - [2012/12/22 10:29:30 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMPDFView.dll
MOD - [2012/12/22 10:29:18 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSave.dll
MOD - [2012/12/22 10:28:10 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMINSO.dll
MOD - [2012/12/22 10:27:38 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMImgVW.dll
MOD - [2012/12/22 10:27:30 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMImageSplitter.dll
MOD - [2012/12/22 10:26:54 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMApSet.dll
MOD - [2012/12/22 10:26:48 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMAppBar.dll
MOD - [2012/12/22 10:25:56 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PerformOcr.dll
MOD - [2012/12/22 10:25:48 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\OutlookVBA.dll
MOD - [2012/12/22 10:23:08 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMCommon.dll
MOD - [2009/08/06 10:22:18 | 000,421,888 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\FT.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/11/17 14:56:24 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\nsSign.dll
MOD - [2007/08/31 17:51:04 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMVoice.dll
MOD - [2007/03/30 10:24:12 | 000,104,528 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\Qem.dll
MOD - [2007/03/30 10:01:28 | 000,038,992 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\NsOEMKey.dll
MOD - [2007/03/30 09:57:04 | 000,034,896 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\Import.dll
MOD - [2007/03/30 09:49:38 | 000,104,528 | ---- | M] () -- C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\ComClass.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/12/14 13:13:42 | 004,317,648 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2016/12/13 08:35:57 | 000,462,784 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerNetworkService)
SRV:[b]64bit:[/b] - [2016/12/13 08:35:57 | 000,462,784 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -- (NvContainerLocalSystem)
SRV:[b]64bit:[/b] - [2016/12/13 08:35:13 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe -- (NVIDIA Wireless Controller Service)
SRV:[b]64bit:[/b] - [2016/12/09 05:47:38 | 000,193,656 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe -- (LogiRegistryService)
SRV:[b]64bit:[/b] - [2016/11/25 04:39:49 | 000,458,176 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV:[b]64bit:[/b] - [2016/10/09 07:18:39 | 000,840,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/08/22 22:34:40 | 001,628,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/06/08 05:32:07 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/02/09 01:53:04 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/02/04 00:11:56 | 001,673,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/07/17 03:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/07/07 18:39:32 | 000,366,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/07/07 18:39:32 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/05/31 04:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/05/12 22:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/05/08 00:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/11/22 16:06:19 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/11/22 11:18:24 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:36 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:28 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:23 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:22 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:18 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:09 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:07 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:07 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:06 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:04 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/11/22 11:17:03 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:58 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:57 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:57 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:57 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:51 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:39 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:23 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/11/22 11:16:18 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2016/12/21 18:20:04 | 002,180,624 | ---- | M] (Electronic Arts) [Auto | Stopped] -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service)
SRV - [2016/12/21 18:20:03 | 002,119,688 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2016/12/20 11:25:40 | 001,467,168 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2016/12/16 22:10:01 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/12/14 21:12:11 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/12/13 08:36:29 | 000,425,408 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -- (NvTelemetryContainer)
SRV - [2016/12/12 14:47:46 | 000,188,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2016/11/11 13:47:32 | 002,627,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2016/11/11 13:44:02 | 000,419,248 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2016/09/20 12:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/06/08 05:32:07 | 002,988,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/03/03 03:36:19 | 006,942,480 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015/12/17 20:00:00 | 003,849,520 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2015/05/08 00:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/11/22 11:17:52 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/11/22 11:16:24 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/01/08 15:42:40 | 000,091,584 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:[b]64bit:[/b] - [2017/01/08 15:41:31 | 000,102,856 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:[b]64bit:[/b] - [2017/01/08 15:41:29 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:[b]64bit:[/b] - [2017/01/08 15:41:28 | 000,250,816 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2017/01/07 22:45:50 | 000,176,064 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2016/12/13 08:36:34 | 000,046,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2016/12/13 08:33:39 | 000,027,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2016/12/09 05:47:46 | 000,067,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGJoyXlCore.sys -- (LGJoyXlCore)
DRV:[b]64bit:[/b] - [2016/12/09 05:47:46 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:[b]64bit:[/b] - [2016/12/09 05:47:46 | 000,036,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2016/12/09 05:47:46 | 000,026,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2016/11/29 06:27:14 | 000,077,408 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:[b]64bit:[/b] - [2016/11/17 11:04:41 | 000,212,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2016/11/17 06:49:50 | 000,377,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2016/11/11 13:43:14 | 000,045,680 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:[b]64bit:[/b] - [2016/11/06 05:46:06 | 000,422,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/10/13 06:11:01 | 000,922,968 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2016/09/23 09:04:30 | 000,290,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2_UART2.sys -- (iaLPSS2_UART2)
DRV:[b]64bit:[/b] - [2016/09/23 09:04:22 | 000,193,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2_I2C.sys -- (iaLPSS2_I2C)
DRV:[b]64bit:[/b] - [2016/09/23 09:04:16 | 000,092,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2_GPIO2.sys -- (iaLPSS2_GPIO2)
DRV:[b]64bit:[/b] - [2016/09/22 23:40:56 | 000,204,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2016/08/24 20:35:51 | 000,038,432 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Neo_VPN.sys -- (Neo_VPN)
DRV:[b]64bit:[/b] - [2016/08/24 20:35:29 | 000,051,232 | ---- | M] (SoftEther Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SeLow_x64.sys -- (SeLow)
DRV:[b]64bit:[/b] - [2016/06/12 04:52:04 | 000,057,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2016/02/20 18:34:40 | 000,039,168 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScpVBus.sys -- (ScpVBus)
DRV:[b]64bit:[/b] - [2016/01/27 04:15:40 | 000,072,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/11 15:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/09/29 21:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:12 | 000,044,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:05 | 000,270,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/07/07 18:40:05 | 000,114,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/06/22 05:13:48 | 000,014,184 | ---- | M] (Logitech) [Kernel | Auto | Running] -- C:\Program Files\Logicool Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys -- (LGCoreTemp)
DRV:[b]64bit:[/b] - [2015/04/16 15:17:07 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/03/20 10:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/03/13 13:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/03/09 11:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/11/22 11:18:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/11/22 11:18:26 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/11/22 11:18:24 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/11/22 11:17:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/11/22 11:17:18 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/11/22 11:17:17 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/11/22 11:17:02 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:19 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:19 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:18 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:18 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:17 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/11/22 11:16:17 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/11/22 10:52:55 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/11/22 10:52:42 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/11/22 10:52:41 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/11/22 10:52:41 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/11/22 10:24:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/11/11 03:06:59 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/01/08 16:08:34 | 000,572,416 | ---- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CMUAC.SYS -- (CMUAC)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV - [2016/06/06 22:08:46 | 000,046,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?pc=UE09&ocid=UE09DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 23 D8 2C E4 EB 68 D2 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = DB E0 56 85 EB 68 D2 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKCU\..\SearchScopes\{d4fee3d1-1014-4db8-a824-573bf9ab51c7}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.hiddenOneOffs: "Bing ,Yahoo! JAPAN,繝､繝輔が繧ｯ!,螳牙・讀懃ｴ｢,讌ｽ螟ｩ蟶ょｴ,謨吶∴縺ｦ・“oo"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:5.0.360.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\凛人\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2016/12/21 13:53:25 | 000,121,122 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016/12/21 13:53:25 | 000,121,122 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016/08/25 15:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\Extensions
[2016/08/25 15:19:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\Firefox\Profiles\rrq253y5.default\browser-extension-data
[2016/08/25 15:19:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\Firefox\Profiles\rrq253y5.default\browser-extension-data\jid1-3OQ5HY7YsLBV7Q@jetpack
[2016/12/23 20:52:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\Firefox\Profiles\rrq253y5.default\extensions
[2016/09/09 21:10:21 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\firefox\profiles\rrq253y5.default\extensions\firefox-hotfix@mozilla.org.xpi
[2016/12/23 20:52:15 | 000,647,418 | ---- | M] () (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\firefox\profiles\rrq253y5.default\extensions\firefoxaddon@youtubeenhancer.com.xpi
[2016/09/01 17:08:27 | 000,028,857 | ---- | M] () (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\firefox\profiles\rrq253y5.default\extensions\{0fc22c4c-93ed-48ea-ad12-dc8039cf3795}.xpi
[2016/08/31 11:43:41 | 000,328,479 | ---- | M] () (No name found) -- C:\Users\凛人\AppData\Roaming\mozilla\firefox\profiles\rrq253y5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/08/25 15:30:53 | 000,006,103 | ---- | M] () -- C:\Users\凛人\AppData\Roaming\mozilla\firefox\profiles\rrq253y5.default\searchplugins\bing-.xml
[2017/01/07 22:43:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016/12/21 13:53:25 | 000,121,122 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\5.0.331.0_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl\1.0.1.5_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\8.5.0.9167_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb\1.3.1_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\poemoclkilikpldgnafciacmpabfepgi\2.0.4_0\
CHR - Extension: No name found = C:\Users\凛人\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle\2.0.18_0\

O1 HOSTS File: ([2016/03/08 05:11:03 | 000,000,969 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 down.baidu2016.com
O1 - Hosts: 127.0.0.1 123.sogou.com
O1 - Hosts: 127.0.0.1 www.czzsyzgm.com
O1 - Hosts: 127.0.0.1 www.czzsyzxl.com
O2:[b]64bit:[/b] - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Cm6620Sound] C:\Program Files\Sades 7.1CH Gaming Headset\CPL\FaceLift_x64.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logicool Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [kxesc] "c:\program files (x86)\kingsoft\kingsoft internet security 2015kxetray.exe" -autorun File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKCU..\Run: [BingSvc] C:\Users\凛人\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DCC275F-B03A-40C2-857A-1563E35B6122}: DhcpNameServer = 10.211.254.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59C44E5D-2445-4E9E-B05E-7D2E935C2D73}: DhcpNameServer = 192.168.11.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c627ea63-7e19-11e6-82a5-d8cb8ac1beb2}\Shell - "" = AutoRun
O33 - MountPoints2\{c627ea63-7e19-11e6-82a5-d8cb8ac1beb2}\Shell\AutoRun\command - "" = "F:\CMADownloader.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5587EB11-D371-3B22-9D82-95AC66F07FD1} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {732BB66E-D77E-3CB4-84E5-F5A0141EDF9D} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/01/08 00:36:28 | 000,000,000 | ---D | C] -- C:\Users\凛人\Desktop\ログ
[2017/01/07 22:45:50 | 000,176,064 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMChameleon.sys
[2017/01/07 22:45:40 | 000,102,856 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017/01/07 22:45:40 | 000,091,584 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017/01/07 22:45:38 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/01/07 22:45:35 | 000,250,816 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017/01/07 22:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/01/07 22:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/01/07 22:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017/01/07 17:52:49 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\Geek Uninstaller
[2017/01/07 15:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/01/07 15:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017/01/07 03:26:33 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\.mono
[2017/01/05 23:41:00 | 000,000,000 | ---D | C] -- C:\Users\凛人\Desktop\動画
[2017/01/05 23:39:47 | 000,000,000 | ---D | C] -- C:\Users\凛人\Desktop\印刷
[2017/01/02 18:26:33 | 000,000,000 | ---D | C] -- C:\Users\凛人\Documents\FLiNGTrainer
[2017/01/02 15:56:56 | 000,000,000 | ---D | C] -- C:\Users\凛人\Documents\CAPCOM
[2017/01/02 14:44:37 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Local\Ndemic Creations
[2016/12/31 02:38:52 | 000,000,000 | ---D | C] -- C:\Windows\ja
[2016/12/31 02:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2016/12/31 02:38:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2016/12/31 02:38:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2016/12/30 01:20:54 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\11bitstudios
[2016/12/29 19:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2016/12/29 19:52:46 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Local\Logitech
[2016/12/29 19:48:53 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2016/12/29 19:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logicool
[2016/12/29 19:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Logicool Gaming Software
[2016/12/29 19:47:43 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\Logishrd
[2016/12/29 19:47:43 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\Logicool
[2016/12/27 22:55:50 | 000,000,000 | R--D | C] -- C:\Users\凛人\AppData\Roaming\Brother
[2016/12/27 00:42:43 | 000,000,000 | ---D | C] -- C:\Users\凛人\Documents\NewSoft CD Labeler
[2016/12/27 00:32:57 | 000,324,096 | R--- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2016/12/27 00:32:57 | 000,087,040 | R--- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2016/12/27 00:32:57 | 000,065,024 | R--- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2016/12/27 00:32:57 | 000,059,392 | R--- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2016/12/27 00:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewSoft CD Labeler
[2016/12/27 00:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Presto! PageManager 9.02
[2016/12/27 00:28:07 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Local\NewSoft
[2016/12/27 00:28:07 | 000,000,000 | ---D | C] -- C:\Users\凛人\Documents\My PageManager
[2016/12/27 00:28:07 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\.oit
[2016/12/27 00:27:45 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\NewSoft
[2016/12/27 00:27:33 | 000,087,392 | ---- | C] (Twain Working Group) -- C:\Windows\TWAIN.DLL
[2016/12/27 00:27:33 | 000,075,728 | ---- | C] (Twain Working Group) -- C:\Windows\Twunk_32.exe
[2016/12/27 00:27:33 | 000,048,560 | ---- | C] (Twain Working Group) -- C:\Windows\Twunk_16.exe
[2016/12/27 00:27:24 | 000,027,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3DV2.DLL
[2016/12/27 00:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\NewSoft
[2016/12/27 00:26:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewSoft
[2016/12/27 00:26:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\color
[2016/12/27 00:02:59 | 000,000,000 | ---D | C] -- C:\Users\凛人\AppData\Roaming\designKit.702840F10216893FC3494B73

へび
2017/01/08 (Sun) 15:57:50

返信フォームへ

Re: リダイレクト系です

こっちがextrasです

OTL Extras logfile created on: 2017/01/08 15:44:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\凛人\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18538)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.95 Gb Total Physical Memory | 6.39 Gb Available Physical Memory | 80.31% Memory free
15.95 Gb Paging File | 14.35 Gb Available in Paging File | 89.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.96 Gb Total Space | 33.43 Gb Free Space | 14.05% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 2128.59 Gb Free Space | 76.17% Space Free | Partition Type: NTFS

Computer Name: TAMURAPC | User Name: asuka1123 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0348A822-8C0F-49C4-928D-C6C8D734956F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{0DFD51FE-AA19-465E-850D-9C04C5603D73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2615417C-6CB2-4471-B734-E5434A0C92A0}" = lport=137 | protocol=17 | dir=in | app=system |
"{268F3BBF-6DB7-445B-BF73-E51A1427A11B}" = rport=139 | protocol=6 | dir=out | app=system |
"{3174A0A4-9030-427C-B99E-37FEB729D461}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A330565-2CE6-469B-8095-0F3CE104159D}" = rport=138 | protocol=17 | dir=out | app=system |
"{3F18E8B2-1575-4D00-B48D-21D8711F37D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{498058CB-EE4F-4708-B8D2-F561C16AABC4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4A209B28-1DDC-4245-AC49-34DC5EADEC18}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{57989307-6AFE-4963-B704-38D1A71D7C7D}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6A086980-75BF-49F0-8D01-C13E9A1DB6A5}" = lport=54925 | protocol=17 | dir=in | svc=stisvc | name=brothernetwork scanner |
"{81054ADB-DA4C-4F80-A5FF-7E53DCC97361}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B2C94B4-2002-4E0B-9DF9-3ADE6E555265}" = rport=137 | protocol=17 | dir=out | app=system |
"{92752749-D36B-4B87-B3ED-BC63280BCB9D}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{9E4BC403-A507-4532-AF35-20EC350A7F95}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{CBFE4E5F-3B57-437E-9C12-8A28D8E159EB}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{CE16A067-5429-443C-855C-458F31B4144B}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D173A4B4-6194-46E8-A9E1-A3C2F9A8C6B9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D7F38770-2AEC-4E54-ACDB-20D69FAEF927}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1A640E7-D57C-47B8-B371-C037CB636B5A}" = lport=138 | protocol=17 | dir=in | app=system |
"{F0F8B053-E308-4449-9D3A-98FEA34D0643}" = lport=139 | protocol=6 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00143831-44CC-4A83-A10B-C8688F2C62D9}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\this war of mine\this war of mine.exe |
"{01AB116B-9153-4E53-B936-676D73973658}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\skyrim\skyrimlauncher.exe |
"{01F81991-C1F6-4C12-B050-49C8E8195771}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{020752DA-C70A-4FA8-BBE6-3361519C173E}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{031B2DFC-4F35-4836-B40E-D874B3FE2DD7}" = protocol=17 | dir=in | app=d:\origingames\titanfall\titanfall.exe |
"{040B85C9-EAD9-4AF1-907B-039ED4F3F891}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{04B632A1-438E-4215-AD37-C64A715657BC}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\nekopara vol. 0\nekopara_vol0.exe |
"{051FBB25-0580-4EC5-88C9-0EB9E45527C1}" = dir=in | app=c:\program files\softether vpn client\vpncmgr.exe |
"{059F9A42-7D6A-451B-8B56-9A1E8D368646}" = dir=in | name=skype |
"{06DD3749-1B92-4FA8-A592-61F7835E9941}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{06F56028-7C7F-48CB-B116-46BE9E094D95}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{0CD23865-7C16-4281-8B17-38257615C8B4}" = dir=out | name=@{microsoft.bingnews_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{0E1DB3A1-5C6C-4FF3-A226-320CFF5B3C6A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\ps4 remote play\remoteplay.exe |
"{0EE3E685-39B8-41CC-A6CF-70BF4379B5A1}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3.exe |
"{0F9E9BD0-223A-49ED-BB33-6360A3A90ED4}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead\left4dead.exe |
"{10B5426C-788F-4051-B448-078F0CF5C199}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{125795F5-57E4-4250-A8CF-CA7E6BC37D2A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe |
"{13B96323-DA90-4548-9C55-3FF5FC913BC1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{13C4918F-39E2-4E66-B49B-44AE9D48F271}" = dir=out | name=onenote |
"{14C4C3BA-11BF-4927-B4AB-3045804A0670}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{15E7BD1C-9A52-47FD-B4A4-EBBBE59150F8}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1857B6BB-C770-40C6-A241-BDE1747ACBA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{196CE6A4-F27F-45AF-8DDC-2E5F5F9F59A3}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 7 biohazard demo\re7trial.exe |
"{196D7D3E-75B8-4CAD-AEC9-6DFF9B902DE7}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\medal of honor pacific assault\mohpa.exe |
"{1BC1EE3E-7F6B-45A5-8B1A-360FB70E1BCF}" = dir=out | name=onenote |
"{1D11B576-F3DF-467B-9640-17D40BAD31B0}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\cry of fear\coflaunchapp.exe |
"{1D3D02C8-C654-47A5-ACA8-68A86F800835}" = dir=out | name=@{microsoft.zunevideo_2.6.446.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1DEDA4DD-E21E-41A1-BC5A-8C710ACEBE18}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{1FDDFD97-EDB2-4CDC-B570-FD7DC4C2E7BC}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\launcher.exe |
"{22852328-5441-4C65-93F5-755456FF555B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto v\gta5.exe |
"{22961C18-F956-491E-A890-8CB5B3B037BD}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{26547812-90E4-4569-9650-5D0AB43D4500}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2AE04DB4-E790-4B4B-8230-275926A65E57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{2BC91E50-884B-46F6-8847-258D62D3A450}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{30E1373B-20B4-4883-98A8-5466D695070A}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\this war of mine\this war of mine.exe |
"{3250AFEB-ACBF-41C4-8638-1207385E5A94}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\watch_dogs\bin\watch_dogs.exe |
"{33ABD307-53F7-43E6-BAFE-3254C5151B72}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{33B29F8E-3A8C-46ED-A4E4-DB89E1E158E6}" = dir=out | name=windows_ie_ac_001 |
"{3821F98D-5573-46BB-B004-F0BE663B9A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{3B28A081-99B5-4685-AD56-211AE8CAE9B9}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto v\gta5.exe |
"{3B86557D-9C12-4A18-ADD7-139443C94A5A}" = dir=in | app=c:\program files\softether vpn client\vpncmd_x64.exe |
"{3EFB6A1F-3570-4E32-BF28-CE01C639D048}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\cry of fear\coflaunchapp.exe |
"{41D124CB-7C8A-48A9-A26D-95BC07FA42A6}" = dir=in | app=c:\program files\softether vpn client\vpncmgr_x64.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{453F1E3C-6343-4D25-A6D8-B2097D90E248}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{4A9B1B86-BF89-46ED-8BE8-7C0FE2EBA774}" = dir=in | name=onenote |
"{4BAA4576-FBBB-4D52-85B5-31C8B918A191}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\nekopara vol. 1\nekopara_vol1.exe |
"{4C197496-8D44-4504-9FE2-9D59DD054A81}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\portal 2\portal2.exe |
"{4C38965A-0CDF-4003-BA77-6CA76AF9274F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4C6FB392-0E39-4BBA-A02F-2E76F932AF59}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{4DF412D8-AC18-448A-B463-C64B5602E870}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\loveatfirstsight\loveatfirstsight.exe |
"{4E1701FB-FBF5-4A01-95A8-8A794D1682F0}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\portal 2\portal2.exe |
"{4E7F279F-E71B-4B39-9C4F-C9649DB6B61A}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{4EA2C591-C1CD-4625-9D8E-5A5B7CC74E66}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe |
"{4ECB27FF-18D2-44AA-9600-A4620CE4F693}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\sid meier's civilization v\launcher.exe |
"{524D2E0C-1DE4-49CF-86B5-2682C0704E81}" = dir=out | name=@{microsoft.bingfinance_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{550A854F-5FB6-497F-BA0C-76CBFAEEB0D0}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5661CDD8-A233-4BEB-ACAD-0DE687A5D9DB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe |
"{5696C192-9F2C-4A15-964C-8F4FCE7985CD}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 5\launcher.exe |
"{56E54050-95FC-4A84-9AD2-FD5B2BF257D5}" = dir=out | name=@{microsoft.bingweather_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{58FDF778-05AF-46F2-9030-8BB97D463776}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\watch_dogs\bin\watch_dogs.exe |
"{5A519677-6E7D-4D02-B2F6-9EFFD9E86B75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B268342-4579-426F-B6EF-792E4AB53C12}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{5B49D31C-4B35-4097-BEFF-D10D61DE8860}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\senran kagura shinovi versus\skshinoviversus.exe |
"{5BF9C402-3D63-4053-A387-EA8DA28FA32F}" = dir=out | name=@{microsoft.zunevideo_2.6.446.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5C619459-9245-484C-8CFE-73C1CFEC8ED1}" = dir=out | name=skype |
"{5CFEE619-D614-454E-883F-5526BBFD35D1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5D59E890-B5A5-4573-9BE7-E0756F7D208A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60F554B9-CBE6-4253-83B0-2FABFDECEEA2}" = protocol=6 | dir=in | app=d:\origingames\titanfall\titanfall.exe |
"{610277BF-36D9-4762-86F3-6D890234C148}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\portal\hl2.exe |
"{6402934F-48EA-462D-843C-E69DED3CF0AE}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{67478F5A-CCC4-4F15-A049-B17E455E3F08}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\shadowverse\shadowverse.exe |
"{686B67B5-F990-415B-BCC8-020B3146C53D}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\payday 2\payday2_win32_release.exe |
"{6A022062-6E48-4F02-B6C7-52E58ECCA103}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{6BBA2C7B-BEB8-4AC8-AFAD-76EC5D3B238D}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{70B1925E-3CC4-40FE-A4A1-50FD1C00B71A}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\darksiders ii deathinitive edition\darksiders2.exe |
"{723C5A58-9CC7-408B-AE11-F8826843D8DE}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 7 biohazard demo\re7trial.exe |
"{73CE216B-3AF0-4386-96B6-6E2F0D7CE9A7}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe |
"{7653F436-DF88-49AD-BF78-5FD15557946F}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{76DE81F5-88C4-4E6E-9021-6E28775A1C8C}" = dir=in | app=c:\program files\softether vpn client\vpnclient_x64.exe |
"{790E65C0-DECC-4483-B883-B80CEDF72072}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 5\launcher.exe |
"{7A7932BD-DE50-42DD-B76B-0B9665BA1051}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\wog\disasm.exe |
"{7C5E1B9B-1CAE-42EE-867F-A9D2EFF27D4D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{7CAFA997-12F0-4645-8D28-48F9FE619070}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7D7BEF6A-858E-4912-A672-CF5FEBB27AEA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe |
"{7FB02269-0773-460B-BBF6-A94E926DECDE}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{81CCC1F8-EEB9-4848-BEEF-BC53A3C92CB5}" = dir=in | name=skype |
"{828B478A-ED7D-4EA6-8B04-979BEC94AA50}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\this war of mine\storyteller.exe |
"{8403C732-16A1-4A98-AFA5-3FA8CF368C9B}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"{867E259D-9957-4657-88BD-F9C7EF44174A}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\darksiders ii deathinitive edition\darksiders2.exe |
"{873782C8-7C22-4645-97DF-55DBE71850F9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{879832E1-06A2-4F0D-92DA-4045FD8FCD14}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8A330221-1757-4CCD-9AA7-D0EBAC74D046}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{8B86F245-19E0-4585-9B0D-860B529BDDF1}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\wallpaper_engine\launcher.exe |
"{8C7BC228-EE7D-4F7A-AF96-FE8521FB8AF8}" = dir=out | name=@{microsoft.bingsports_3.0.4.345_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{8CA6F217-C046-49E6-A7A1-F2352799ABC8}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\shadowverse\shadowverse.exe |
"{8E4048C7-89AD-4796-A4E2-AF1F9A0F4680}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe |
"{9179E1C8-FF35-4D85-9B45-A3A0AD12821F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{91901A7D-5A36-48A8-9C1D-25AB49D56C67}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{91D1FB55-FE39-46CA-92F1-9B76BF6B5BDD}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\launcher.exe |
"{92EDB9B0-038C-4949-AB8C-9ADF3B0CB706}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{9380F68B-F8C2-49CE-8FA0-30D09E805615}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{940432EC-E5B5-4263-8644-2B3A0F95B8E6}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9721771F-0FBD-4E0B-B38B-6A0EF5AF7116}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\how to survive\detect.exe |
"{979AF52E-1D63-48F2-B653-4A5DBD2B4EB2}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9821EC1B-ACFB-4ECD-BA20-2117156E1F3D}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\saints row iv\saintsrowiv.exe |
"{9BD2A0BC-BCB3-4DE6-841C-04BC6502BA68}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\skyrim\skyrimlauncher.exe |
"{9CF63C7F-5C30-4F71-A8D2-D1C9178DEBF7}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{9D22A14F-01D7-44FA-8C09-EAE2E7ECD073}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F2AF130-350D-4680-9390-BB910794F271}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\dead island\deadislandgame.exe |
"{A0B9E1ED-4E11-4C8E-8ED4-FA6DD3CFE9EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A0E383F2-2088-4C78-960C-385CDA1D7F9B}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 4\bin32\bio4.exe |
"{AADC6370-C891-4BA3-A5E5-13CC9EC12975}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\portal\hl2.exe |
"{ABC866E5-48D5-4D38-802C-B390089A0932}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\wallpaper_engine\launcher.exe |
"{AFC6D525-718D-45EB-AC94-76D5B357599F}" = dir=in | app=c:\program files\softether vpn client\vpncmd.exe |
"{B1DE0699-D2A1-4D13-A30C-A7536CB2D179}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B2418624-5950-4F4D-B4D2-9D4BEEA0D383}" = dir=out | name=@{microsoft.bingweather_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{B264DC5C-DC44-4B2E-97FD-EE373A6A4DBC}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\nekopara vol. 0\nekopara_vol0.exe |
"{B33AE19B-C981-470B-A212-CA59FFAEC833}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\wog\disasm.exe |
"{B5734FF1-410A-4750-B40C-BD5B1DC668AD}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{B612B731-C9A8-481A-B911-90B4346BFF6B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{B6C8275E-341C-431E-A212-8D00BF03F60B}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{B71587C8-3DAC-4B7A-8953-7ABE2369D368}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B9BC803E-299A-43B7-B162-615CD77121D7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\medal of honor pacific assault\mohpa_setup.exe |
"{BBC63BDB-A8F0-41E2-8F95-D753156A92EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{BBE74140-67C3-4883-835A-5ED642996360}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{BC1D1877-B1C4-4CA9-994E-1083D124FAEE}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{C36F77B9-1668-4B3C-BE7E-F130C6B35B05}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C3999620-0911-4562-91FF-EB07BDA09AEC}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{C5DE4AC8-A0D7-4A5B-B6B1-8FD540AB7021}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\sid meier's civilization v\launcher.exe |
"{C7669EAC-16BF-419B-8A5A-AB9D1A2E98A5}" = dir=in | name=onenote |
"{C7BF7E73-029C-4548-8E51-4656BB68A3A6}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\how to survive\howtosurvive.exe |
"{C8DF8899-A767-4B8E-A9D5-E2AFD26BBB20}" = dir=out | name=skype |
"{C944635A-0792-4860-A943-3BE8492FE506}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C964F857-160C-4288-9061-A8FC6C6BEAA3}" = dir=out | name=@{microsoft.bingnews_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{D44799B2-190D-412A-8B2E-3857B16C797C}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\how to survive\howtosurvive.exe |
"{D4C6DC75-BADF-49AE-96A4-35D80F411E0C}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{D57E56B6-A6F3-4D0D-BA15-ED9E344D3341}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 4\bin32\bio4.exe |
"{D599474F-07A3-4001-92C6-D150D62355E3}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC449311-6753-4727-AA1C-23D8C9D46697}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\senran kagura shinovi versus\skshinoviversus.exe |
"{DC56C290-3AF8-41C6-A871-B2F767CC0919}" = dir=in | app=c:\users\凛人\appdata\local\microsoft\skydrive\skydrive.exe |
"{DD51C9FA-D529-4D9A-8E25-D8B1D46D942F}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe |
"{DE2CEEB8-060B-485D-910B-2AD52441BC49}" = dir=in | app=c:\program files\softether vpn client\vpnclient.exe |
"{E0035FD0-8EC0-4781-A108-B573950CB741}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\medal of honor pacific assault\mohpa_setup.exe |
"{E42FEF85-0292-4F24-82EF-699791AAA33D}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{E49460DC-56F2-4E8D-AF97-258F3584B293}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4F0B7AE-03AC-4589-88A3-70A2AE4B6115}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\how to survive\detect.exe |
"{E5EECB75-2DB0-45C8-A5F0-8065F1C752F9}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\saints row iv\saintsrowiv.exe |
"{E6378122-26F7-401D-B370-28D92CC2F533}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\medal of honor pacific assault\mohpa.exe |
"{E87D4054-7A8B-4AAE-969C-A6E9A97379BE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E9528F55-969F-4039-94E2-8FFBF3348F03}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\loveatfirstsight\loveatfirstsight.exe |
"{E963FB62-05B6-46F3-9642-7BB064832B6D}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3.exe |
"{EA765EBA-F231-42F6-9B51-41D0A3397029}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{EB35D3FB-D521-440B-8972-73485DF32B61}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{EB52EECB-8837-4DF5-A4E6-0A3C028BCFA4}" = dir=out | name=@{microsoft.bingfinance_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED809CA2-A04B-42B8-B727-271B0A7C29EC}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{EE292F96-A240-422B-AFA1-1AB2F8C2C813}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\payday 2\payday2_win32_release.exe |
"{EF587078-0A8F-40A2-939B-CC4451B53467}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F48CEEF9-6B33-42E5-B3EB-5CA2AFD3496E}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead\left4dead.exe |
"{F49F7D6B-0866-4ABD-AB5A-A6E822BCC921}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe |
"{F5B37E86-79D6-49FC-B6B5-741D34BF49CE}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6978788-41C8-46B9-98E4-B599ABCD4079}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\nekopara vol. 1\nekopara_vol1.exe |
"{F7714D5D-DFF2-4A26-8834-375B4C6E9F8E}" = dir=out | name=@{microsoft.bingsports_3.0.4.345_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F88EE6D1-5406-4B7A-9FC5-D060D66951D3}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\this war of mine\storyteller.exe |
"{F9176B56-9150-4248-AD15-0D2E26A081CB}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{FA71C413-E6DB-432F-A7B9-901B066AA38A}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe |
"{FDBA5B2A-C0DF-4B82-85B6-93CCB5737D53}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{FF8A9351-60EC-4648-B6E8-3F8923A6ADD3}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\dead island\deadislandgame.exe |
"TCP Query User{16EBAC33-18AE-494C-9488-C0081C7A45D2}C:\users\凛人\desktop\ppsspp_win (1)\ppsspp\ppssppwindows.exe" = protocol=6 | dir=in | app=c:\users\凛人\desktop\ppsspp_win (1)\ppsspp\ppssppwindows.exe |
"TCP Query User{511E4571-2919-4BEE-98ED-1094F649FDA5}C:\program files\rockstar games\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto v\gta5.exe |
"TCP Query User{63B91AF2-0FB0-4D79-83DF-E85B3667BC06}D:\steamlibrary\steamapps\common\cry of fear\cof.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\cry of fear\cof.exe |
"TCP Query User{676E03BD-5CDA-46B9-BDA3-DBA460A0D11D}C:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe" = protocol=6 | dir=in | app=c:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe |
"TCP Query User{7289AF6B-0645-4CE4-983E-3DC56B9BECBD}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"TCP Query User{8295E1AB-F771-4097-8083-08958F2FB217}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{A275DB25-9F39-4F37-BE1F-6567135F222D}D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe |
"TCP Query User{BD470DCF-C158-4BEC-85F3-C8B5BE39D2A7}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe |
"TCP Query User{BDE22F33-9898-4F1F-A50D-89FBE88FC0E0}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{CA457774-F063-4570-BAEE-92AEF3338BE7}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe |
"TCP Query User{CE9F6948-B39A-4C64-93BF-9CA9F73CDB63}C:\program files\java\jre1.8.0_73\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_73\bin\javaw.exe |
"TCP Query User{DA4EAFC5-5D25-436B-9CAD-6F8BD55B699D}C:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe" = protocol=6 | dir=in | app=c:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe |
"TCP Query User{E83B6D07-833B-4F1C-8D3F-CB2AC2F8319F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\win64\aces.exe |
"TCP Query User{F04800B9-B74D-44D1-AAA4-607A32AACCBF}C:\program files\logicool gaming software\lcore.exe" = protocol=6 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |
"UDP Query User{1BED86E6-0907-41E0-BEF8-F96AFD4CD8F9}C:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe" = protocol=17 | dir=in | app=c:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe |
"UDP Query User{2C83C15C-3685-4FB5-BB5F-598E0D0FD81B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{51B1D13E-73D8-4F9F-87A6-165D64F83E40}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe |
"UDP Query User{62E3692F-4E47-438E-BD69-9A40049A17A7}D:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"UDP Query User{669976C1-F1DC-4F2C-B3D1-0567273F4920}C:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe" = protocol=17 | dir=in | app=c:\users\凛人\desktop\spinhomeport 3.5.1\spinhomeport.exe |
"UDP Query User{6EF1987D-B159-4079-B5A6-A94154B7BD45}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{6F587669-888A-4AF0-B934-FCA5C540A6D3}C:\users\凛人\desktop\ppsspp_win (1)\ppsspp\ppssppwindows.exe" = protocol=17 | dir=in | app=c:\users\凛人\desktop\ppsspp_win (1)\ppsspp\ppssppwindows.exe |
"UDP Query User{9664798E-CFCA-4C28-A27C-C5F1E2372AE0}D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe |
"UDP Query User{A7E5D14A-4673-4504-A02E-3D4038768120}C:\program files\java\jre1.8.0_73\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_73\bin\javaw.exe |
"UDP Query User{AD0B4344-6FEC-487A-A00C-ECE76C6EDC9D}C:\program files\rockstar games\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto v\gta5.exe |
"UDP Query User{CA9FF7CE-771C-42A7-9B24-951F5FEB0A21}C:\program files\logicool gaming software\lcore.exe" = protocol=17 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |
"UDP Query User{EA4A7DB7-DCF6-4CD7-9A51-A9B15374CE88}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\win64\aces.exe |
"UDP Query User{FC025539-EF66-46F4-BAD9-2521E8F944C6}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe |
"UDP Query User{FEE6F501-C351-4035-8876-9826591C481C}D:\steamlibrary\steamapps\common\cry of fear\cof.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\cry of fear\cof.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes バージョン 3.0.4.1269
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{43E67915-502D-3B7E-8FCD-ABB40088E45C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95265B86-188E-3F62-9CDB-60FCE59EC721}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24210
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 376.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロールパネル 376.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックスドライバー 376.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.2.0.96
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラードライバー 369.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システムソフトウェア 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 23.1.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオドライバー 1.3.34.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.2.0.96
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.50.2
"{C0B2C673-ECAA-372D-94E5-E89440D087AD}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24210
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logicool ゲームソフトウェア 8.89
"Steam App 206420" = Saints Row IV
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 21690" = Resident Evil 5 / Biohazard 5
"Steam App 218620" = PAYDAY 2
"Steam App 220240" = Far Cry® 3
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 223710" = Cry of Fear
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 227940" = Heroes & Generals
"Steam App 236390" = War Thunder
"Steam App 241930" = Middle-earth: Shadow of Mordor
"Steam App 243470" = Watch_Dogs
"Steam App 250400" = How to Survive
"Steam App 261640" = Borderlands: The Pre-Sequel
"Steam App 262410" = World of Guns: Gun Disassembly
"Steam App 282070" = This War of Mine
"Steam App 333600" = NEKOPARA Vol. 1
"Steam App 353330" = Love at First Sight
"Steam App 385800" = NEKOPARA Vol. 0
"Steam App 388410" = Darksiders II: Deathinitive Edition
"Steam App 400" = Portal
"Steam App 411830" = SENRAN KAGURA SHINOVI VERSUS
"Steam App 431960" = Wallpaper Engine
"Steam App 453480" = Shadowverse
"Steam App 500" = Left 4 Dead
"Steam App 530620" = Resident Evil 7 / Biohazard 7 Teaser: Beginning Hour
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 91310" = Dead Island
"VulkanRT1.0.26.0" = Vulkan Run Time Libraries 1.0.26.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{01E87699-A49D-413A-B75B-7C434FEF979C}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{024D6C9E-4775-421D-B0D0-D4F123687778}" = Windows Live Essentials
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15015752-9990-4516-A2B1-93823281FB8E}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1529D340-B998-42E7-95F5-72B09EFF1BB3}" = オトメ＊ドメイン
"{17b12e02-9e0f-435b-a641-6fa68bb60b6d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{233FFB14-1B67-44C1-A935-E737238FCBF6}" = PS4リモートプレイ
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{347EE0C3-0690-48F6-A231-53853C2A80D6}" = Titanfall™
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{37B55901-995A-3650-80B1-BBFD047E2911}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{462f63a8-6347-4894-a1b3-dbfe3a4c981d}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
"{5E848897-1113-49FE-8FCE-D4BF39EDE254}" = Windows Live UX Platform Language Pack
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63B5DA5A-477B-438D-A6A0-118787A4C71B}" = Adobe AIR
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B53BA8-4BE3-49AF-BC3E-07F392006620}" = Sades 7.1CH Gaming Headset
"{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}" = Brother ドライバー＆ソフトウェア DCP-J957N
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{844ECB74-9B63-3D5C-958C-30BD23F19EE4}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{894194F9-B4B9-4F1C-AFB5-5A5998DAFA3C}" = Presto! PageManager 9.02
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E26381B-7495-D25F-DA15-19F9D776AF5F}" = はがきデザインキット
"{91B5DF26-717A-4A5F-AB10-CD450FAD428C}" = LogMeIn Hamachi
"{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FB24678-AF65-4B2D-B5B0-88BAFDBC68F0}" = Dragon's Dogma Online
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BF634210-A0D4-443F-A657-0DCE38040374}_is1" = LOOT version 0.10.1
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}" = フォトギャラリー
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.3.2.8
"{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}" = Grand Theft Auto V
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5C1C342-5E78-4D91-85BE-40C716B09391}" = コンテンツ管理アシスタント for PlayStation(R)
"{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}" = Update for Japanese Microsoft IME Standard Dictionary
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
"{F3BB7E2D-62E0-4008-8727-588EDC274C25}" = Photo Common
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8418921-5B66-4732-9CA4-B7112CA241F1}" = NewSoft CD Labeler
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype(TM) 7.30
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Cheat Engine 6.5.1_is1" = Cheat Engine 6.5.1
"designKit.702840F10216893FC3494B731E825B33666733D6.1" = はがきデザインキット
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 50.1.0 (x86 ja)" = Mozilla Firefox 50.1.0 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"Rockstar Games Social Club" = Rockstar Games Social Club
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"RPGツクールVX RTP_is1" = RPGツクールVX RTP
"sakura editor_is1" = sakura editor(サクラエディタ)
"Steam" = Steam
"steam app 8930" = Sid Meier's Civilization V
"TeamViewer" = TeamViewer 11
"Uplay" = Uplay
"WinLiveSuite" = Windows Live Essentials

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{614AD9D8-8F8E-4CCD-8BE7-4311BB00850B}" = ワガママハイスペック
"{BBF57D33-E01E-4B3A-BA07-B0864FF8E818}" = NEKOPARA vol.2
"LINE" = LINE
"OneDriveSetup.exe" = Microsoft OneDrive
"OpenIV" = OpenIV
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2017/01/02 5:56:24 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Modmanager.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x583cf05c
障害が発生しているモジュール名:
Modmanager.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x583cf05c 例外コード: 0xc0000417 障害オフセット: 0x000388ec
障害が発生しているプロセス
ID: 0x1260 障害が発生しているアプリケーションの開始時刻: 0x01d264de79428c7e 障害が発生しているアプリケーションパス: C:\Users\凛人\Downloads\新しいフォルダー
(2)\Modmanager.exe 障害が発生しているモジュールパス: C:\Users\凛人\Downloads\新しいフォルダー (2)\Modmanager.exe
レポート
ID: b80bb32d-d0d1-11e6-82e2-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

Error - 2017/01/02 6:38:05 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: re5dx9.exe、バージョン: 1.0.0.129、タイムスタンプ: 0x553067cd
障害が発生しているモジュール名:
re5dx9.exe、バージョン: 1.0.0.129、タイムスタンプ: 0x553067cd 例外コード: 0xc0000005 障害オフセット: 0x003855cf
障害が発生しているプロセス
ID: 0x12e8 障害が発生しているアプリケーションの開始時刻: 0x01d264e44cd9df52 障害が発生しているアプリケーションパス: D:\SteamLibrary\steamapps\common\Resident
Evil 5\re5dx9.exe 障害が発生しているモジュールパス: D:\SteamLibrary\steamapps\common\Resident Evil
5\re5dx9.exe レポート ID: 8a9dc130-d0d7-11e6-82e2-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2017/01/03 8:17:06 | Computer Name = tamurapc | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 2017/01/03 14:38:00 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: portal2.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x5432e000
障害が発生しているモジュール名:
d3d9.dll_unloaded、バージョン: 6.3.9600.17415、タイムスタンプ: 0x545049c1 例外コード: 0xc0000005 障害オフセット:
0x00009e7c 障害が発生しているプロセス ID: 0xbfc 障害が発生しているアプリケーションの開始時刻: 0x01d265eef20b81af 障害が発生しているアプリケーション
パス: D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe 障害が発生しているモジュールパス: d3d9.dll
レポート
ID: c02eed6b-d1e3-11e6-82e4-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

Error - 2017/01/03 15:04:20 | Computer Name = tamurapc | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 2017/01/04 2:09:15 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MsMpEng.exe、バージョン: 4.8.207.0、タイムスタンプ: 0x55933d53
障害が発生しているモジュール名:
mpengine.dll、バージョン: 1.1.13303.0、タイムスタンプ: 0x58242494 例外コード: 0xc0000005 障害オフセット: 0x000000000005e86d
障害が発生しているプロセス
ID: 0x838 障害が発生しているアプリケーションの開始時刻: 0x01d265ec0a23dd43 障害が発生しているアプリケーションパス: C:\Program
Files\Windows Defender\MsMpEng.exe 障害が発生しているモジュールパス: C:\ProgramData\Microsoft\Windows
Defender\Definition Updates\{820FBE3D-DF27-4342-949E-F28BBB0136A1}\mpengine.dll
レポート
ID: 51744ed5-d244-11e6-82e4-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

Error - 2017/01/05 4:02:43 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MsMpEng.exe、バージョン: 4.8.207.0、タイムスタンプ: 0x55933d53
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイムスタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x0000000000000018
障害が発生しているプロセス
ID: 0x894 障害が発生しているアプリケーションの開始時刻: 0x01d26729fd4f1bff 障害が発生しているアプリケーションパス: C:\Program
Files\Windows Defender\MsMpEng.exe 障害が発生しているモジュールパス: unknown レポート ID: 55891533-d31d-11e6-82e6-d8cb8ac1beb2
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2017/01/05 4:02:45 | Computer Name = tamurapc | Source = Perflib | ID = 1008
Description =

Error - 2017/01/05 9:39:39 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ui32.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x58556de6 障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイムスタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x00000000
障害が発生しているプロセス
ID: 0xb4c 障害が発生しているアプリケーションの開始時刻: 0x01d2675927eef444 障害が発生しているアプリケーションパス: D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\ui32.exe
障害が発生しているモジュール
パス: unknown レポート ID: 67187d0f-d34c-11e6-82e6-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

Error - 2017/01/05 11:39:43 | Computer Name = tamurapc | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: MikuMikuDance.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x549168f1
障害が発生しているモジュール名:
MSVCR90.dll、バージョン: 9.0.30729.8387、タイムスタンプ: 0x51ea1bbd 例外コード: 0xc0000005 障害オフセット:
0x000000000001e41c 障害が発生しているプロセス ID: 0x1504 障害が発生しているアプリケーションの開始時刻: 0x01d267699188b630
障害が発生しているアプリケーション
パス: C:\Users\凛人\Desktop\MMD\MikuMikuDance.exe 障害が発生しているモジュールパス: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\MSVCR90.dll
レポート
ID: 2d56e9db-d35d-11e6-82e6-d8cb8ac1beb2 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

[ System Events ]
Error - 2017/01/07 11:22:09 | Computer Name = tamurapc | Source = Service Control Manager | ID = 7000
Description = Origin Web Helper Se

へび
2017/01/08 (Sun) 15:59:18

返信フォームへ

P2Pが入っていた以上一刻の猶予もありません

作業と報告、ご苦労様です。

OTLスキャンログも見せてもらいました。
そのうえで次のレスしますね。

残念ですがへびさんへのサポートはここで終了させていただきます。
当掲示板で「禁止事項」にもあげている問題プログラム使用の痕跡が見つかってます。

>"{5B268342-4579-426F-B6EF-792E4AB53C12}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

P2PのBitCometを使っていたようですね。
P2Pを使うならそれによるいかな被害やトラブルもすべて自己責任、自力解決の義務を負います。
それでもできない人が使えるほど甘いモノでもありません。

安全優先で考えればP2Pで入手したものはすべて即効で破棄したうえでPCのリカバリしないと既に手遅れになっていてもまったく不思議ない状態です。
有償のソフトウェア、動画画像や音楽にゲーム含め、あらゆる形式のファイルにP2Pマルウェアは利用されます。

少し案内すると、先の作業で処置したはずの下記ですが
>O4 - HKCU\..\Run: [Gaijin.Net Agent] "C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"

OTLで見るとしっかり復活しているのが見えてます。
>PRC - [2016/12/30 23:15:10 | 001,798,664 | ---- | M] () -- C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe

>O4 - HKCU..\Run: [Gaijin.Net Agent] C:\Users\凛人\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe ()

先の作業で見落としたのでなければ処置後に復活したということになります。
P2Pを介するマルウェアならこの程度の動作は珍しくもありません。
それほどP2Pはセキュリティソフトも常識も通用しないのです。

せっかくここまで頑張って作業されたのにサポート終了となってしまってすみません。
以後はご自身でPC環境とセキュリティ意識も見直して再被害を防ぐことを心がけてください

悪代官
2017/01/08 (Sun) 16:28:06

返信フォームへ

Re: リダイレクト系です

bitcometですか…確かに入れました、すぐ消しましたがリカバリも必要なんですね…
了解です。
ありがとうございました

へび
2017/01/08 (Sun) 17:19:54

返信フォームへ

返信フォーム

Template by マシマロック

名前件名 URL メールアドレス画像	メッセージプレビュー（投稿前に内容を確認）
	パスワード