悪代官の伏魔殿掲示板

少し前からPCの画面を見られてるような感じがしてウイルスチェックと何度かリカバリしてみたんですが、
まだ見られてる気がしているので、相談します。
ルーターがウイルス感染、書き換えられたりできるんでしょうか？

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:41:29, on 2017/11/04
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\nomaku\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Sound Blaster Z-Series Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
O4 - HKCU\..\RunOnce: [CTAutoUpdate] "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /RunFromInstaller
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-173564043-4270010925-3132834754-1002\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe" (User 'nomaku')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{a7e0ff84-5244-4184-982c-71c5062eb833}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oem1.inf,%Creative.CTHdaSvcDesc%;Sound Blaster Audio Service (CtHdaSvc) - Creative Technology Ltd - C:\WINDOWS\sysWow64\CtHdaSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 6796 bytes


7-Zip 17.00 beta (x64) Igor Pavlov 2017/10/19 4.80 MB 17.00 beta
A3Launcher version 0.1.5.8 Maca134 2017/08/26 49.8 MB 0.1.5.8
Aim Hero ProGames Studio 2017/10/19 138 MB
AMD Software Advanced Micro Devices, Inc. 2017/10/19 26.3 MB 9.0.000.8
Arma 3 Bohemia Interactive 2017/10/19
Avidemux 2.6 - 64 bits 2017/10/19 2.6.21.170501
Avidemux 2.7 - 64 bits 2017/10/19 2.7.0.170814
AviSynth+ 0.1 (r1576) The Public 2017/08/20 40.8 MB 2.6.0.5
Battle.net Blizzard Entertainment 2017/10/25
Beat Hazard Cold Beam Games 2017/10/19 235 MB
Bluesky Frame Rate Converter Version 2.8.1 Bluesky 2017/08/21 2.09 MB
CCleaner Piriform 2017/11/04 5.36
Counter-Strike: Global Offensive Valve 2017/10/19 14.8 GB
Destiny 2 Blizzard Entertainment 2017/10/25
Dolby Digital Liveパック Creative Technology Limited 2017/10/19 6.84 MB 3.03
DTS Connect Pack Creative Technology Limited 2017/10/19 6.84 MB 1.00
Fallout Interplay Inc. 2017/10/19 708 MB
GIMP 2.8.22 The GIMP Team 2017/08/19 288 MB 2.8.22
Google Chrome Google Inc. 2017/10/27 62.0.3202.75
Guns of Icarus Online Muse Games 2017/10/28
Haali Media Splitter 2017/10/19
Left 4 Dead 2 Valve 2017/10/28
Microsoft OneDrive Microsoft Corporation 2017/10/19 102 MB 17.3.6917.0607
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2017/10/21 4.99 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2017/08/22 1.62 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2017/09/04 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2017/08/22 1.32 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2017/09/04 708 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 14.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/10/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/10/19 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/10/19 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 Microsoft Corporation 2017/10/19 20.5 MB 12.0.40649.5
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2017/10/19 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2017/10/19 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2017/10/19 19.5 MB 14.0.24215.1
MPC-HC 1.7.13 (64-bit) MPC-HC Team 2017/08/21 47.0 MB 1.7.13
NVIDIA PhysX NVIDIA Corporation 2017/09/19 95.1 MB 9.12.1031
Origin Electronic Arts, Inc. 2017/10/21 329 MB 10.5.4.63358
PLAYERUNKNOWN'S BATTLEGROUNDS Bluehole, Inc. 2017/10/19 7.05 GB
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) 2017/10/19 6.89 GB
PluralMediaPlayer ZeroMethod 2017/08/18 3.02 MB 4.5.5
Process Lasso Bitsum 2017/10/19 29.5 MB 9.0.0.402
Python Launcher Python Software Foundation 2017/08/05 1.10 MB 3.6.6032.0
Recuva Piriform 2017/10/19 10.4 MB 1.53
Sound Blaster Z-Series Creative Technology Limited 2017/10/19 155 MB 1.01.10
Sound Blaster Z-Series Extras Creative Technology Limited 2017/10/19 1.0
Steam Valve Corporation 2017/10/21 2.10.91.91
VLC media player VideoLAN 2017/10/19 123 MB 2.2.6
Vulkan Run Time Libraries 1.0.39.1 LunarG, Inc. 2017/10/19 1.66 MB 1.0.39.1
Vulkan Run Time Libraries 1.0.54.0 LunarG, Inc. 2017/10/19 1.66 MB 1.0.54.0
Warframe Digital Extremes 2017/10/25

CCのログが完全ではないようです。
再取得をお願いします

＞まだ見られてる気がしているので、相談します。
何をもってそう思うのか、具体的な事例をあげていただければ
誰かが相談にのれるかもしれません。

＞ルーターがウイルス感染、書き換えられたりできるんでしょうか？
ルーターの型番やファームウエアのバージョンを提示していただければ
アドバイスできることがあるかもしれません。

7-Zip 17.00 beta (x64) Igor Pavlov 2017/10/19 4.80 MB 17.00 beta
A3Launcher version 0.1.5.8 Maca134 2017/08/26 49.8 MB 0.1.5.8
Aim Hero ProGames Studio 2017/10/19 138 MB
AMD Software Advanced Micro Devices, Inc. 2017/10/19 26.3 MB 9.0.000.8
Arma 3 Bohemia Interactive 2017/10/19
Avidemux 2.6 - 64 bits 2017/10/19 2.6.21.170501
Avidemux 2.7 - 64 bits 2017/10/19 2.7.0.170814
AviSynth+ 0.1 (r1576) The Public 2017/08/20 40.8 MB 2.6.0.5
Battle.net Blizzard Entertainment 2017/10/25
Beat Hazard Cold Beam Games 2017/10/19 235 MB
Bluesky Frame Rate Converter Version 2.8.1 Bluesky 2017/08/21 2.09 MB
Candy Crush Soda Saga king.com 2017/10/20 1.100.600.0
CCleaner Piriform 2017/11/04 5.36
ComicsPlusPlus Comics++ 2017/10/24 1.4.1.0
Counter-Strike: Global Offensive Valve 2017/10/19 14.8 GB
Destiny 2 Blizzard Entertainment 2017/10/25
Discord Discord Inc. 2017/07/31 50.8 MB 0.0.298
Dolby Digital Liveパック Creative Technology Limited 2017/10/19 6.84 MB 3.03
DTS Connect Pack Creative Technology Limited 2017/10/19 6.84 MB 1.00
Fallout Interplay Inc. 2017/10/19 708 MB
GIMP 2.8.22 The GIMP Team 2017/08/19 288 MB 2.8.22
Google Chrome Google Inc. 2017/10/27 62.0.3202.75
Groove ミュージック Microsoft Corporation 2017/10/19 10.17083.18321.0
Guns of Icarus Online Muse Games 2017/10/28
Haali Media Splitter 2017/10/19
HEVC Video Extension Microsoft Corporation 2017/10/19 1.0.2512.0
Instagram Instagram 2017/09/20 10.1096.22724.0
Left 4 Dead 2 Valve 2017/10/28
Microsoft OneDrive Microsoft Corporation 2017/11/01 100 MB 17.3.7074.1023
Microsoft Solitaire Collection Microsoft Studios 2017/10/31 3.18.10182.0
Microsoft Sticky Notes Microsoft Corporation 2017/10/19 1.8.2.0
Microsoft Store Microsoft Corporation 2017/10/27 11709.1001.27.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2017/10/21 4.99 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2017/08/22 1.62 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2017/09/04 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2017/08/22 1.32 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2017/09/04 708 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 14.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/10/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/10/19 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/10/19 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 Microsoft Corporation 2017/10/19 20.5 MB 12.0.40649.5
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2017/10/19 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2017/10/19 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2017/10/19 19.5 MB 14.0.24215.1
Mixed Reality Viewer Microsoft Corporation 2017/09/28 2.1709.8012.0
MPC-HC 1.7.13 (64-bit) MPC-HC Team 2017/08/21 47.0 MB 1.7.13
NVIDIA PhysX NVIDIA Corporation 2017/09/19 95.1 MB 9.12.1031
OneNote Microsoft Corporation 2017/10/31 17.8625.21151.0
Origin Electronic Arts, Inc. 2017/10/21 329 MB 10.5.4.63358
People Microsoft Corporation 2017/10/31 10.2.2791.0
PLAYERUNKNOWN'S BATTLEGROUNDS Bluehole, Inc. 2017/10/19 7.05 GB
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) 2017/10/19 6.89 GB
PluralMediaPlayer ZeroMethod 2017/08/18 3.02 MB 4.5.5
Print 3D Microsoft Corporation 2017/10/19 1.0.2572.0
Process Lasso Bitsum 2017/10/19 29.5 MB 9.0.0.402
Python 3.6.2 (64-bit) Python Software Foundation 2017/10/19 91.0 MB 3.6.2150.0
Python Launcher Python Software Foundation 2017/08/05 1.10 MB 3.6.6032.0
Recuva Piriform 2017/10/19 10.4 MB 1.53
Sound Blaster Z-Series Creative Technology Limited 2017/10/19 155 MB 1.01.10
Sound Blaster Z-Series Extras Creative Technology Limited 2017/10/19 1.0
Spotify Spotify AB 2017/11/02 1.0.66.478.g1296534d
Steam Valve Corporation 2017/10/21 2.10.91.91
VLC media player VideoLAN 2017/10/19 123 MB 2.2.6
Vulkan Run Time Libraries 1.0.39.1 LunarG, Inc. 2017/10/19 1.66 MB 1.0.39.1
Vulkan Run Time Libraries 1.0.54.0 LunarG, Inc. 2017/10/19 1.66 MB 1.0.54.0
Wallet Microsoft Corporation 2017/07/26 1.0.16328.0
Warframe Digital Extremes 2017/10/25
Xbox Microsoft Corporation 2017/11/03 33.34.30002.0
Xbox Game bar Microsoft Corporation 2017/10/28 1.22.25001.0
Xbox Game Speech Window Microsoft Corporation 2017/10/19 1.17.29001.0
Xbox Identity Provider Microsoft Corporation 2017/10/19 12.30.5001.0
Xbox Live Microsoft Corporation 2017/10/31 1.10.3002.0
アプリ インストーラー Microsoft Corporation 2017/10/19 1.0.12161.0
アラーム & クロック Microsoft Corporation 2017/10/20 10.1710.2841.0
カメラ Microsoft Corporation 2017/10/28 2017.921.10.0
ストア エクスペリエンス ホスト Microsoft Corporation 2017/10/25 11709.1710.17001.0
ヒント Microsoft Corporation 2017/10/27 6.5.2851.0
フィードバック Hub Microsoft Corporation 2017/10/19 1.1708.2831.0
フォト Microsoft Corporation 2017/10/05 2017.39081.15820.0
ヘルプの表示 Microsoft Corporation 2017/10/19 10.1706.1981.0
ペイント 3D Microsoft Corporation 2017/10/27 3.1710.18037.0
ボイス レコーダー Microsoft Corporation 2017/10/25 10.1710.2861.0
マップ Microsoft Corporation 2017/10/19 5.1708.2764.0
メッセージング Microsoft Corporation 2017/10/19 3.32.15001.0
メール/カレンダー Microsoft Corporation 2017/11/02 17.8700.40485.0
天気 Microsoft Corporation 2017/10/19 4.21.2492.0
映画 & テレビ Microsoft Corporation 2017/10/19 10.17092.13511.0
電卓 Microsoft Corporation 2017/10/25 10.1710.2791.0


ルーター: PR-500MI
ファームウエアのバージョン: 04.01.0003

具体的なことを考えるとただ被害妄想が強いだけなのかもしれませんが、
ゲーム内チャットで昔に自分の使ってた名前を見かけたり、新しく作ったメルアドに近い名前の人がいたりします。
そういう事が気になりだしたのが、半年前くらいに設定してないのにPC内の音が対戦相手に聞こえてたり
こっちの検索履歴をみてるような発言を同じ時間で投稿されてました。
自分なりに対策でリカバリして、メルアドを新しくしてとやったのですが
改善されてるのか自分じゃ分からず不安でここに相談しました。

こんばんは。
ここの管理人の悪代官です。
家老ではなく悪代官です。その証拠に過労です（謎

掃除屋さん、フォローありがとうございます。

dainoteさん、説明とログを見せてもらいました。
ルーターのファームウェアは今のところ最新みたいですね。

異常を感じてリカバリされたそうで、その直後に各種プログラムも最新まで更新していればよほど手順を間違えない限り再感染もなさそうですが、2つのログを見ただけで完全に被害なしと断言もできませんから、まずは慎重に調べましょうか。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

まず下記アプリですが、
>7-Zip 17.00 beta (x64) Igor Pavlov 2017/10/19 4.80 MB 17.00 beta

ベータ版をお使いですね。
普通は最新の通常版を使うのが安全ですが、なにか理由があってベータ版をお使いならそれによる不具合等のトラブルも完全に自己責任になるので、安定使用を望むなら通常版に入れ替えをお勧めします。

次にHJTでの下記エントリですが
>O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART

ここはご自身でスタートアップに設定した箇所ですか？
このお返事を次回レス時に教えてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

ここでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとCCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

CCの各ログで何が見つかるかどうかが最初の鍵になるかもしれません

ルーターに関しては最新のファームウエアのようです。
可能性はありますが、既知の脆弱性はないとする他ないでしょう

相談内容については、
特定のゲーム中の話となると、申し訳ありませんがちょっとわかりません。

>O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART
>>ここはご自身でスタートアップに設定した箇所ですか？
>>このお返事を次回レス時に教えてください。
IEは使ってないので設定した覚えはないですが、どうゆう設定なのかもわかりません。

startup_windows
有効 HKCU:Run AMDDVR Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Spotify Web Helper Spotify Ltd C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
有効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
有効 HKLM:Run Sound Blaster Z-Series Control Panel Creative Technology Ltd "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
無効 HKLM:Run UpdReg Creative Technology Ltd. C:\WINDOWS\UpdReg.EXE

startup_スケジュールされたタスク
有効 Task AMD ThankingURL Advanced Micro Devices, Inc. "C:\Program Files\AMD\CIM\Bin64\Setup.exe" -LAUNCHTHQURL
有効 Task OneDrive Standalone Update Task-S-1-5-21-173564043-4270010925-3132834754-1002 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task Process Lasso Core Engine Only Bitsum LLC "C:\Program Files\Process Lasso\processgovernor.exe"
有効 Task Process Lasso Management Console (GUI) Bitsum LLC "C:\Program Files\Process Lasso\processlasso.exe"
有効 Task StartCN Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay

startup_コンテキストメニュー
有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory RecuvaShellExt Piriform Ltd C:\Program Files\Recuva\RecuvaShell64.dll
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder RecuvaShellExt Piriform Ltd C:\Program Files\Recuva\RecuvaShell64.dll

browserPlugins_InternetExplorer
空白

browserPlugins_GoogleChrome
有効 App Gmail 8.1 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.4 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1
有効 Extension スプレッドシート 1.2 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0
有効 Extension スライド 0.10 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0
有効 Extension ドキュメント 0.10 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0

以上です。

作業と報告、ご苦労様です。

スタートアップはご自身で設定してはいないようですね。
ではそこは知らぬ間にいじられた可能性があるので修正しますか。

IEタブは空白だったようなのでそこはいいです。

では続きの作業しましょう。
また説明に沿って作業をお願いします。

まず、先の要領でCCを起動して、「スケジュールされたタスク」タブ内で有効になっているエントリを全部無効にしてください。
ここは直接危険ではないですが、悪意のプログラムに悪用されることが多いので、必要かつ信頼できるエントリ以外は無効化しておいたほうが安全です。

今度はPCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

その状態でまたHJTを起動してスキャン後、表示された中の下記をfixしてください。
>O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART

fixしたらHJTのエントリ画面が初期化されるはずなので、そこでHJTも終了です。

ここでPCを通常モードで再起動したら以下のアプリを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。
作業終了後はPCをセーフモード状態で、GUを使ってアンインストールすればいいですが、うまくできないときはセーフモード状態でスタートメニューのMBAM項目で「アンインストール」選択しても削除可能です。

注）インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。
アップデートできたらスキャンはせず、ここでMABMは終了してください。

両ツールのアップデートまでできたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。
ただしここでは普通のセーフモードではなく、「セーフモードとネットワーク」を選んで起動してください。

クリーンアップが済んだらセーフモードのまま、ACを起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

続いて再度セーフモードにして、今度はMBAMでスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」してください。
対象ドライブはCを含めて全ドライブを選択してください。

スキャン対象は全ドライブを選択（チェック）してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとMBAMとACのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

>以下のURLからMBAMの旧バージョンをダウンロードしてください。
>http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download

このサイトにアクセスできません
download.oldapps.com からの応答時間が長すぎます。
とでてダウンロードできません。

>このサイトにアクセスできません
>download.oldapps.com からの応答時間が長すぎます。
>とでてダウンロードできません。

はい、どうも旧バージョンのDLページが変更されたようですね。
では下記サイトから旧バージョンをDLしてみてください。
http://filehippo.com/jp/download_malwarebytes_anti_malware/14815/

「無料版をダウンロードする」で保存できます

>その状態でまたHJTを起動してスキャン後、表示された中の下記をfixしてください。
>O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\internet explorer\iexplore.exe -restart /WERRESTART
この箇所がなくなってたのと、スケジュールされたタスクの無効ができなくて
CCを管理者として実行したんですが、項目が変わってたのでそのまま進めました。

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 07 19:51:45 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-07-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2017.11.07.08

Windows 8 x64 NTFS (セーフモード/ネットワーク)
Internet Explorer 11.15.16299.0
nomaku :: DESKTOP-1TRT9CD [標準ユーザー]

2017/11/08 4:55:03
mbam-log-2017-11-08 (04-55-03).txt

スキャンタイプ： フルスキャン (C:\|D:\|E:\|)
有効なスキャン領域： メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM）
無効なスキャン領域: ピア・ツー・ピアプログラム（P2P）
スキャンしたアイテム数: 366419
経過時間： 17 分, 36 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 0
(悪意のあるアイテムは検出されていません。)

(終)


以上です。

作業と報告、ご苦労様です。

HJTで処置できなかったところはスルーしていいです。

旧バージョンMBAMも今度はDLできて作業もできましたね。
両ツールの結果ログを見たところ、今回は両ツールとも検出なしです。
多くの場合ではゴミ程度含めていくつかは検出されますが、今回はそれもなかったようですね。
珍しい例ですがきれいな状態ならそれに越したこともないでしょう。

では両ツールは準備時の説明に沿って片付けていいです。

それでは今度は別角度から解析します。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

OTL.txtです

OTL Extras logfile created on: 2017/11/09 0:31:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nomaku\Documents\Windward
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.27 Gb Available Physical Memory | 79.00% Memory free
11.69 Gb Paging File | 8.32 Gb Available in Paging File | 71.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118.28 Gb Total Space | 30.47 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 389.33 Gb Free Space | 13.93% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-1TRT9CD | User Name: maku | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = FC E4 5F 13 9B 48 D3 01 [binary data] -- (Microsoft Corporation)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

続き1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A8A3AF-8E83-49DF-BF45-C8DAABB11A4B}" = dir=out | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{13CF93DC-B0D7-4E06-8436-643000CD37D7}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{186710B1-E68C-47A6-9A55-AA6FBD814972}" = dir=out | name=xbox game bar |
"{27D138CD-B62C-446A-BCCB-175A65EEABF2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{30721B9B-3EC9-4011-9454-333FF6AC0E05}" = dir=out | name=@{microsoft.windowsstore_11709.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{3197C9BC-BE45-48DC-9FF6-C4B81F125901}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{327B96C4-929F-4677-8171-6F60B7137AAF}" = dir=out | name=candy crush soda saga |
"{3F95B145-DB3B-44F8-B1D1-A9C82D2C0C3A}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{4117B256-95C8-452A-BBC0-C39C3C2DB5B3}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4BD6CD83-9DBF-4487-9C25-170366E5D332}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{598D7A51-D961-4A56-A188-52C393C34748}" = dir=in | name=@{microsoft.windowsstore_11709.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{662BC894-EA5D-42DD-9161-6CAA3AB0094C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{7FF25A1E-E31D-45EA-934C-61EBAB4758CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82DA7A18-DD1D-44D0-B546-BA40625A2488}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{8374BC8F-0261-49D8-BA71-C5F3ACAAEF7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{86F91AF4-4DB0-4F8F-8F4B-DF835D674CC4}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{87B6BF89-DBE6-43E6-A55F-CC5F5C1295B6}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{8A818839-0322-483C-A8A2-A43412EE1B68}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{8D8E212C-EA4B-4D1F-B361-34D4C537C287}" = dir=in | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{A31019F7-BFDB-4946-B417-F41E7C2E15AB}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{B1CE516F-9BFE-4B88-9555-1B324BA2AA19}" = dir=out | name=@{microsoft.xboxidentityprovider_12.30.5001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{E8407BD6-ED2A-44C1-962E-7972119FADEA}" = dir=out | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{F5ED5591-9B92-425B-9B53-92DA745C5EE1}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{FB54D7A5-453F-4A88-8C37-C3A4E92AC512}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FF35E89B-F47E-4496-B433-EB212E8D8E58}" = dir=in | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"TCP Query User{1A2D59E4-B662-4CFE-AF1C-7DF143982825}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{205A903B-0DBB-47BF-B768-D295B7E8EE7E}D:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{21A02F03-C9A5-4107-82E9-DA915B5526F2}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{8477B686-12BB-41B9-81FB-8BD9EF41DBAD}C:\program files (x86)\destiny 2\destiny2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\destiny 2\destiny2.exe |
"TCP Query User{FF0A65C8-989A-4DC4-8050-C303927A0E9F}C:\users\nomaku\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\nomaku\appdata\roaming\spotify\spotify.exe |
"UDP Query User{298C563E-49BD-480B-AEE5-D8FAE14D85EB}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{73FEF5E7-AF5A-4DB8-A2D8-8143B3C80833}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{872633B6-77E1-42F3-A548-0CDD7B376A7B}D:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{A1572370-8DBB-49E7-B85F-D783596321E3}C:\program files (x86)\destiny 2\destiny2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\destiny 2\destiny2.exe |
"UDP Query User{DC8C39C0-7175-4006-9526-A2E10C2E2B20}C:\users\nomaku\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\nomaku\appdata\roaming\spotify\spotify.exe |

続き2

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FD9A26-3F61-9236-B360-BE5D043D82C0}" = Catalyst Control Center Next Localization SV
"{05D4190F-AA2A-5F75-CA83-FB79A3D0E0F6}" = Catalyst Control Center Next Localization PL
"{07BFBD5C-2F63-6828-1B61-B41A44113F3B}" = Catalyst Control Center Next Localization KO
"{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}" = Catalyst Control Center Next Localization DA
"{1CBA90B5-58AB-4A4D-8153-CE3AC2FD129D}" = AMD Settings - Branding
"{1D2E9660-8DD7-4830-AFA6-5EC160F37A4E}" = Python 3.6.2 Standard Library (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1DBACFDB-5E43-7882-36BD-53526D34BD22}" = Catalyst Control Center Next Localization HU
"{20C1086D-C843-36B1-B678-990089D1BD44}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649
"{20D46801-147B-30AD-7C5A-AC4560A79096}" = Catalyst Control Center Next Localization FI
"{2243926A-A9DD-9BB9-D0F3-06BF54AD1A59}" = Catalyst Control Center Next Localization TR
"{22C39711-2747-D264-319A-1550BEEAAEC6}" = Catalyst Control Center Next Localization FR
"{24DF617A-CD23-6E6A-126B-23630D2781CE}" = Catalyst Control Center Next Localization TH
"{27B26342-82FB-4CA4-9ADB-D09982631CB0}" = Python 3.6.2 Tcl/Tk Support (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.7.13 (64-bit)
"{2BD06003-784D-E5EB-852A-5A9E29081745}" = Catalyst Control Center Next Localization CHS
"{2CD36374-01C0-6BE3-6509-0177CDC60E5D}" = Catalyst Control Center Next Localization IT
"{36EDC500-E4C0-371C-9865-08450415C1E9}" = Catalyst Control Center Next Localization CS
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B822DD8-8C6A-6713-B079-284FF4F788C1}" = Catalyst Control Center Next Localization TH
"{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}" = Catalyst Control Center Next Localization NL
"{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}" = Catalyst Control Center Next Localization DA
"{4D1D5407-9B69-6422-629C-8518A26004A4}" = Catalyst Control Center Next Localization RU
"{4FF902DF-D960-4A78-9C04-9D8E1CC33149}" = Python 3.6.2 pip Bootstrap (64-bit)
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{52537FC0-E537-0E05-8E0D-713BCEDAE1F5}" = Catalyst Control Center Next Localization EL
"{5DC1016C-54DB-0376-71B6-7816B83C0725}" = Catalyst Control Center Next Localization RU
"{5FA11FD4-3AFA-9551-D391-4B8B23C5634C}" = Catalyst Control Center Next Localization CS
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62098A5F-E03B-31A3-5F9C-51A7F7D25744}" = Catalyst Control Center Next Localization CS
"{637CB856-0CC5-33BC-4B98-ACEB04F211FD}" = AMD Settings
"{6455576D-5438-E277-14D5-87725DA11D5E}" = Catalyst Control Center Next Localization FR
"{64D4CCC3-63DF-252D-D29D-03491670225D}" = Catalyst Control Center Next Localization TH
"{66733022-FD2E-CAFF-A824-2E45092C7B41}" = Catalyst Control Center Next Localization JA
"{66B06F29-EE4F-9130-D96A-754826093FEA}" = Catalyst Control Center Next Localization DE
"{6FA4CC1A-91A6-D392-2678-A1063E0C5601}" = Catalyst Control Center Next Localization KO
"{7314174C-890C-436C-BD2D-61F284755FD0}" = AMD Settings - Branding
"{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}" = Catalyst Control Center Next Localization KO
"{7CBAC0AF-F8EF-D98A-EA09-3511720D371B}" = AMD Software
"{7EC331E8-5683-4B2B-A22B-5925DBE5E06E}" = Python 3.6.2 Development Libraries (64-bit)
"{821D0A0E-F246-BE40-0D68-93883C14C410}" = Catalyst Control Center Next Localization EL
"{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}" = Catalyst Control Center Next Localization TR
"{8827327A-BC3A-4458-256C-86A8B1722EF3}" = Catalyst Control Center Next Localization FI
"{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}" = Catalyst Control Center Next Localization ES
"{8AB9DCFD-D693-B9F7-3003-C25E4CB4AB75}" = AMD Problem Report Wizard
"{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}" = Catalyst Control Center Next Localization TR
"{8ED900DC-8094-97CE-1C94-C91709BB5CBC}" = AMD DVR64
"{907B8BA6-C91D-4A8E-8237-828BFAB77C63}" = Python 3.6.2 Utility Scripts (64-bit)
"{90A9D089-DB6E-48DC-9EEC-7F2229B2DFF0}" = Python 3.6.2 Executables (64-bit)
"{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}" = Catalyst Control Center Next Localization ES
"{978543A0-731D-4BEF-9CB6-9835B1DFFB33}" = Python 3.6.2 Documentation (64-bit)
"{9D792D74-E3FD-EB78-A6D9-A716A7A7980D}" = Catalyst Control Center Next Localization SV
"{9EE8E58D-3021-40C5-8FBB-BF3A91A0B44D}" = Python 3.6.2 Test Suite (64-bit)
"{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}" = Catalyst Control Center Next Localization BR
"{A22C371B-420B-26DE-41BA-7A1906A57AFC}" = Catalyst Control Center Next Localization NO
"{A48E2AB0-0866-7783-9657-E1709EB18D02}" = Catalyst Control Center Next Localization FI
"{A8379BAB-59A9-C0A3-8BCC-4852EA403692}" = Catalyst Control Center Next Localization SV
"{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}" = Catalyst Control Center Next Localization IT
"{A936E8D5-F94C-EDAE-6687-04A1250ECFCA}" = Catalyst Control Center Next Localization CHT
"{A96702F7-EFC8-3EED-BE46-22C809D4EBE5}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{ABB19BB4-838D-3082-BDA4-87C6604181A2}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B26D75B8-FAB7-6F8B-767F-BAF975383D91}" = Catalyst Control Center Next Localization CHT
"{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}" = Catalyst Control Center Next Localization CHT
"{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}" = Catalyst Control Center Next Localization IT
"{CC5893EA-7622-3049-8F4A-47B2A649BC41}" = Catalyst Control Center Next Localization BR
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D3C6245B-1B5B-EC6F-ECE2-6FE167B44CEB}" = Catalyst Control Center Next Localization HU
"{D6F47BB4-700A-F612-0671-5F69EA311BB7}" = Catalyst Control Center Next Localization RU
"{D74218A3-C503-57EF-AC9F-2220082E7ADE}" = Catalyst Control Center Next Localization DE
"{DA0326BB-657D-AAFC-752C-363E8FA33755}" = Catalyst Control Center Next Localization HU
"{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}" = Catalyst Control Center Next Localization EL
"{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}" = Catalyst Control Center Next Localization NO
"{DB8D816F-6213-ABDA-2542-A624993AAF2B}" = Catalyst Control Center Next Localization DA
"{DBBB1BBC-A398-4262-9C25-D7A6E9B06841}" = Python 3.6.2 Core Interpreter (64-bit)
"{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}" = Catalyst Control Center Next Localization NO
"{E392A425-53A7-DF90-96A0-E287A75DD3B2}" = Catalyst Control Center Next Localization PL
"{E3B46AAA-3FD6-42F4-5428-03D96F9C6E3B}" = Catalyst Control Center Next Localization ES
"{E42911E5-48F8-8557-ED20-D72AD1907D25}" = Catalyst Control Center Next Localization CHS
"{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}" = Catalyst Control Center Next Localization NL
"{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}" = Catalyst Control Center Next Localization FR
"{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}" = Catalyst Control Center Next Localization BR
"{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}" = Catalyst Control Center Next Localization CHS
"{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}" = Catalyst Control Center Next Localization JA
"{ED75A775-03A7-F214-868D-497748707968}" = Catalyst Control Center Next Localization JA
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{FA88BA7D-7540-CBFF-52C0-265E9442F5CD}" = Catalyst Control Center Next Localization NL
"{FF42C9F0-B1FE-1CF8-6836-4FAD6461ED41}" = Catalyst Control Center Next Localization DE
"{FFBFBD1F-B160-A119-7C43-8584FA2E5665}" = Catalyst Control Center Next Localization PL
"7-Zip" = 7-Zip 16.04 (x64)
"AMD Catalyst Install Manager" = AMD Software
"Bluesky Frame Rate Converter_is1" = Bluesky Frame Rate Converter Version 2.8.1
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.22
"Recuva" = Recuva
"Steam App 107410" = Arma 3
"Steam App 209080" = Guns of Icarus Online
"Steam App 230410" = Warframe
"Steam App 38400" = Fallout
"Steam App 49600" = Beat Hazard
"Steam App 518030" = Aim Hero
"Steam App 550" = Left 4 Dead 2
"Steam App 578080" = PLAYERUNKNOWN'S BATTLEGROUNDS
"Steam App 622590" = PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server)
"Steam App 730" = Counter-Strike: Global Offensive
"VulkanRT1.0.39.1" = Vulkan Run Time Libraries 1.0.39.1
"VulkanRT1.0.54.0" = Vulkan Run Time Libraries 1.0.54.0
"VulkanRT1.0.54.0-2" = Vulkan Run Time Libraries 1.0.54.0
"VulkanRT1.0.54.0-3" = Vulkan Run Time Libraries 1.0.54.0

続き3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1" = A3Launcher version 0.1.5.8
"{2636F1E4-2BC5-4B19-BFFD-A08F72598309}" = Python Launcher
"{2F6E7185-2BA2-4C56-8211-18DC9EFA9518}" = PluralMediaPlayer
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{5944EADE-74F8-0E8A-3899-CF9039036C2E}" = AMD Settings
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}" = Sound Blaster Z-Series Extras
"{a89d6e05-f7b5-490f-bb9e-ceca0dc8a2eb}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
"{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1" = AviSynth+ 0.1 (r1576)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{DAB64FB1-0BBB-486E-9C57-A3E34F463AEB}" = Sound Blaster Z-Series
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Avidemux 2.6 - 64 bits (64-bit)" = Avidemux 2.6 - 64 bits
"Avidemux 2.7 - 64 bits (64-bit)" = Avidemux 2.7 - 64 bits
"Battle.net" = Battle.net
"Destiny 2" = Destiny 2
"Dolby Digital Live Pack" = Dolby Digital Liveパック
"DTS Connect Pack" = DTS Connect Pack
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Origin" = Origin
"ProcessLasso" = Process Lasso
"Steam" = Steam
"VLC media player" = VLC media player

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{f71cfe9a-4a67-48a6-844b-571a76b33d33}" = Python 3.6.2 (64-bit)
"Discord" = Discord
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2017/11/03 6:45:37 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/04 0:48:49 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0 例外コード: 0xc0000005 障害オフセット: 0x000000000032a191
障害が発生しているプロセス
ID: 0x894 障害が発生しているアプリケーションの開始時刻: 0x01d3550b1f42aebd 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: e20020aa-81db-42c9-bb33-dc068114d146 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/04 12:42:13 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/04 12:42:13 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/06 2:38:09 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0 例外コード: 0xc0000005 障害オフセット: 0x000000000031ad53
障害が発生しているプロセス
ID: 0x1cb4 障害が発生しているアプリケーションの開始時刻: 0x01d356ba93a46857 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: 9c188b17-bcbb-4141-849e-7947561607a9 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/06 5:11:41 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/06 5:11:41 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/07 11:28:05 | Computer Name = DESKTOP-1TRT9CD | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2017/11/07 14:09:19 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60642.0.0.0、タイム スタンプ: 0x59fbbbc6
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60642.0.0.0、タイム スタンプ: 0x59fbbbc6 例外コード: 0xc0000005 障害オフセット: 0x000000000031ad13
障害が発生しているプロセス
ID: 0x1d7c 障害が発生しているアプリケーションの開始時刻: 0x01d357d707652d59 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: e7a32ecb-df87-4acb-b136-f4461b70a8e4 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/07 15:26:04 | Computer Name = DESKTOP-1TRT9CD | Source = Application Hang | ID = 1002
Description = プログラム mbam.exe バージョン 1.75.0.1 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、セキュリティとメンテナンス
コントロール パネルで、問題の履歴を参照してください。 プロセス ID: 1c04 開始時刻: 01d357fe239489cd 終了時刻: 6 アプリケーション パス:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe レポート ID: 911c37f1-f082-4e73-9f91-87501eb11d09

障害が発生しているパッケージのフル
ネーム: ? 障害が発生しているパッケージに関連するアプリケーション ID: ?

[ System Events ]
Error - 2017/11/07 16:23:15 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:15 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:34 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:38 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:38 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:25:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =

Error - 2017/11/07 16:25:24 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =

Error - 2017/11/08 5:31:45 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =


< End of report >

Extras.Txtです。

OTL Extras logfile created on: 2017/11/09 0:31:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nomaku\Documents\Windward
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.27 Gb Available Physical Memory | 79.00% Memory free
11.69 Gb Paging File | 8.32 Gb Available in Paging File | 71.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118.28 Gb Total Space | 30.47 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 389.33 Gb Free Space | 13.93% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-1TRT9CD | User Name: maku | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = FC E4 5F 13 9B 48 D3 01 [binary data] -- (Microsoft Corporation)

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

Extras.Txt 続き1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A8A3AF-8E83-49DF-BF45-C8DAABB11A4B}" = dir=out | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{13CF93DC-B0D7-4E06-8436-643000CD37D7}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{186710B1-E68C-47A6-9A55-AA6FBD814972}" = dir=out | name=xbox game bar |
"{27D138CD-B62C-446A-BCCB-175A65EEABF2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{30721B9B-3EC9-4011-9454-333FF6AC0E05}" = dir=out | name=@{microsoft.windowsstore_11709.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{3197C9BC-BE45-48DC-9FF6-C4B81F125901}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{327B96C4-929F-4677-8171-6F60B7137AAF}" = dir=out | name=candy crush soda saga |
"{3F95B145-DB3B-44F8-B1D1-A9C82D2C0C3A}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{4117B256-95C8-452A-BBC0-C39C3C2DB5B3}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4BD6CD83-9DBF-4487-9C25-170366E5D332}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{598D7A51-D961-4A56-A188-52C393C34748}" = dir=in | name=@{microsoft.windowsstore_11709.1001.27.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{662BC894-EA5D-42DD-9161-6CAA3AB0094C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{7FF25A1E-E31D-45EA-934C-61EBAB4758CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82DA7A18-DD1D-44D0-B546-BA40625A2488}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{8374BC8F-0261-49D8-BA71-C5F3ACAAEF7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{86F91AF4-4DB0-4F8F-8F4B-DF835D674CC4}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{87B6BF89-DBE6-43E6-A55F-CC5F5C1295B6}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{8A818839-0322-483C-A8A2-A43412EE1B68}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8700.40485.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{8D8E212C-EA4B-4D1F-B361-34D4C537C287}" = dir=in | name=@{microsoft.windows.cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{A31019F7-BFDB-4946-B417-F41E7C2E15AB}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\gunsoficarusonline.exe |
"{B1CE516F-9BFE-4B88-9555-1B324BA2AA19}" = dir=out | name=@{microsoft.xboxidentityprovider_12.30.5001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{E8407BD6-ED2A-44C1-962E-7972119FADEA}" = dir=out | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{F5ED5591-9B92-425B-9B53-92DA745C5EE1}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\guns of icarus online\workshop\workshop.exe |
"{FB54D7A5-453F-4A88-8C37-C3A4E92AC512}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FF35E89B-F47E-4496-B433-EB212E8D8E58}" = dir=in | name=@{microsoft.microsoftedge_41.16299.15.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"TCP Query User{1A2D59E4-B662-4CFE-AF1C-7DF143982825}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{205A903B-0DBB-47BF-B768-D295B7E8EE7E}D:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{21A02F03-C9A5-4107-82E9-DA915B5526F2}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{8477B686-12BB-41B9-81FB-8BD9EF41DBAD}C:\program files (x86)\destiny 2\destiny2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\destiny 2\destiny2.exe |
"TCP Query User{FF0A65C8-989A-4DC4-8050-C303927A0E9F}C:\users\nomaku\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\nomaku\appdata\roaming\spotify\spotify.exe |
"UDP Query User{298C563E-49BD-480B-AEE5-D8FAE14D85EB}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{73FEF5E7-AF5A-4DB8-A2D8-8143B3C80833}D:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{872633B6-77E1-42F3-A548-0CDD7B376A7B}D:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{A1572370-8DBB-49E7-B85F-D783596321E3}C:\program files (x86)\destiny 2\destiny2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\destiny 2\destiny2.exe |
"UDP Query User{DC8C39C0-7175-4006-9526-A2E10C2E2B20}C:\users\nomaku\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\nomaku\appdata\roaming\spotify\spotify.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

Extras.Txt 続き2

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FD9A26-3F61-9236-B360-BE5D043D82C0}" = Catalyst Control Center Next Localization SV
"{05D4190F-AA2A-5F75-CA83-FB79A3D0E0F6}" = Catalyst Control Center Next Localization PL
"{07BFBD5C-2F63-6828-1B61-B41A44113F3B}" = Catalyst Control Center Next Localization KO
"{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}" = Catalyst Control Center Next Localization DA
"{1CBA90B5-58AB-4A4D-8153-CE3AC2FD129D}" = AMD Settings - Branding
"{1D2E9660-8DD7-4830-AFA6-5EC160F37A4E}" = Python 3.6.2 Standard Library (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1DBACFDB-5E43-7882-36BD-53526D34BD22}" = Catalyst Control Center Next Localization HU
"{20C1086D-C843-36B1-B678-990089D1BD44}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649
"{20D46801-147B-30AD-7C5A-AC4560A79096}" = Catalyst Control Center Next Localization FI
"{2243926A-A9DD-9BB9-D0F3-06BF54AD1A59}" = Catalyst Control Center Next Localization TR
"{22C39711-2747-D264-319A-1550BEEAAEC6}" = Catalyst Control Center Next Localization FR
"{24DF617A-CD23-6E6A-126B-23630D2781CE}" = Catalyst Control Center Next Localization TH
"{27B26342-82FB-4CA4-9ADB-D09982631CB0}" = Python 3.6.2 Tcl/Tk Support (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.7.13 (64-bit)
"{2BD06003-784D-E5EB-852A-5A9E29081745}" = Catalyst Control Center Next Localization CHS
"{2CD36374-01C0-6BE3-6509-0177CDC60E5D}" = Catalyst Control Center Next Localization IT
"{36EDC500-E4C0-371C-9865-08450415C1E9}" = Catalyst Control Center Next Localization CS
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B822DD8-8C6A-6713-B079-284FF4F788C1}" = Catalyst Control Center Next Localization TH
"{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}" = Catalyst Control Center Next Localization NL
"{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}" = Catalyst Control Center Next Localization DA
"{4D1D5407-9B69-6422-629C-8518A26004A4}" = Catalyst Control Center Next Localization RU
"{4FF902DF-D960-4A78-9C04-9D8E1CC33149}" = Python 3.6.2 pip Bootstrap (64-bit)
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{52537FC0-E537-0E05-8E0D-713BCEDAE1F5}" = Catalyst Control Center Next Localization EL
"{5DC1016C-54DB-0376-71B6-7816B83C0725}" = Catalyst Control Center Next Localization RU
"{5FA11FD4-3AFA-9551-D391-4B8B23C5634C}" = Catalyst Control Center Next Localization CS
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62098A5F-E03B-31A3-5F9C-51A7F7D25744}" = Catalyst Control Center Next Localization CS
"{637CB856-0CC5-33BC-4B98-ACEB04F211FD}" = AMD Settings
"{6455576D-5438-E277-14D5-87725DA11D5E}" = Catalyst Control Center Next Localization FR
"{64D4CCC3-63DF-252D-D29D-03491670225D}" = Catalyst Control Center Next Localization TH
"{66733022-FD2E-CAFF-A824-2E45092C7B41}" = Catalyst Control Center Next Localization JA
"{66B06F29-EE4F-9130-D96A-754826093FEA}" = Catalyst Control Center Next Localization DE
"{6FA4CC1A-91A6-D392-2678-A1063E0C5601}" = Catalyst Control Center Next Localization KO
"{7314174C-890C-436C-BD2D-61F284755FD0}" = AMD Settings - Branding
"{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}" = Catalyst Control Center Next Localization KO
"{7CBAC0AF-F8EF-D98A-EA09-3511720D371B}" = AMD Software
"{7EC331E8-5683-4B2B-A22B-5925DBE5E06E}" = Python 3.6.2 Development Libraries (64-bit)
"{821D0A0E-F246-BE40-0D68-93883C14C410}" = Catalyst Control Center Next Localization EL
"{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}" = Catalyst Control Center Next Localization TR
"{8827327A-BC3A-4458-256C-86A8B1722EF3}" = Catalyst Control Center Next Localization FI
"{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}" = Catalyst Control Center Next Localization ES
"{8AB9DCFD-D693-B9F7-3003-C25E4CB4AB75}" = AMD Problem Report Wizard
"{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}" = Catalyst Control Center Next Localization TR
"{8ED900DC-8094-97CE-1C94-C91709BB5CBC}" = AMD DVR64
"{907B8BA6-C91D-4A8E-8237-828BFAB77C63}" = Python 3.6.2 Utility Scripts (64-bit)
"{90A9D089-DB6E-48DC-9EEC-7F2229B2DFF0}" = Python 3.6.2 Executables (64-bit)
"{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}" = Catalyst Control Center Next Localization ES
"{978543A0-731D-4BEF-9CB6-9835B1DFFB33}" = Python 3.6.2 Documentation (64-bit)
"{9D792D74-E3FD-EB78-A6D9-A716A7A7980D}" = Catalyst Control Center Next Localization SV
"{9EE8E58D-3021-40C5-8FBB-BF3A91A0B44D}" = Python 3.6.2 Test Suite (64-bit)
"{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}" = Catalyst Control Center Next Localization BR
"{A22C371B-420B-26DE-41BA-7A1906A57AFC}" = Catalyst Control Center Next Localization NO
"{A48E2AB0-0866-7783-9657-E1709EB18D02}" = Catalyst Control Center Next Localization FI
"{A8379BAB-59A9-C0A3-8BCC-4852EA403692}" = Catalyst Control Center Next Localization SV
"{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}" = Catalyst Control Center Next Localization IT
"{A936E8D5-F94C-EDAE-6687-04A1250ECFCA}" = Catalyst Control Center Next Localization CHT
"{A96702F7-EFC8-3EED-BE46-22C809D4EBE5}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{ABB19BB4-838D-3082-BDA4-87C6604181A2}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{B26D75B8-FAB7-6F8B-767F-BAF975383D91}" = Catalyst Control Center Next Localization CHT
"{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}" = Catalyst Control Center Next Localization CHT
"{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}" = Catalyst Control Center Next Localization IT
"{CC5893EA-7622-3049-8F4A-47B2A649BC41}" = Catalyst Control Center Next Localization BR
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D3C6245B-1B5B-EC6F-ECE2-6FE167B44CEB}" = Catalyst Control Center Next Localization HU
"{D6F47BB4-700A-F612-0671-5F69EA311BB7}" = Catalyst Control Center Next Localization RU
"{D74218A3-C503-57EF-AC9F-2220082E7ADE}" = Catalyst Control Center Next Localization DE
"{DA0326BB-657D-AAFC-752C-363E8FA33755}" = Catalyst Control Center Next Localization HU
"{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}" = Catalyst Control Center Next Localization EL
"{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}" = Catalyst Control Center Next Localization NO
"{DB8D816F-6213-ABDA-2542-A624993AAF2B}" = Catalyst Control Center Next Localization DA
"{DBBB1BBC-A398-4262-9C25-D7A6E9B06841}" = Python 3.6.2 Core Interpreter (64-bit)
"{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}" = Catalyst Control Center Next Localization NO
"{E392A425-53A7-DF90-96A0-E287A75DD3B2}" = Catalyst Control Center Next Localization PL
"{E3B46AAA-3FD6-42F4-5428-03D96F9C6E3B}" = Catalyst Control Center Next Localization ES
"{E42911E5-48F8-8557-ED20-D72AD1907D25}" = Catalyst Control Center Next Localization CHS
"{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}" = Catalyst Control Center Next Localization NL
"{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}" = Catalyst Control Center Next Localization FR
"{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}" = Catalyst Control Center Next Localization BR
"{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}" = Catalyst Control Center Next Localization CHS
"{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}" = Catalyst Control Center Next Localization JA
"{ED75A775-03A7-F214-868D-497748707968}" = Catalyst Control Center Next Localization JA
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{FA88BA7D-7540-CBFF-52C0-265E9442F5CD}" = Catalyst Control Center Next Localization NL
"{FF42C9F0-B1FE-1CF8-6836-4FAD6461ED41}" = Catalyst Control Center Next Localization DE
"{FFBFBD1F-B160-A119-7C43-8584FA2E5665}" = Catalyst Control Center Next Localization PL
"7-Zip" = 7-Zip 16.04 (x64)
"AMD Catalyst Install Manager" = AMD Software
"Bluesky Frame Rate Converter_is1" = Bluesky Frame Rate Converter Version 2.8.1
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.22
"Recuva" = Recuva
"Steam App 107410" = Arma 3
"Steam App 209080" = Guns of Icarus Online
"Steam App 230410" = Warframe
"Steam App 38400" = Fallout
"Steam App 49600" = Beat Hazard
"Steam App 518030" = Aim Hero
"Steam App 550" = Left 4 Dead 2
"Steam App 578080" = PLAYERUNKNOWN'S BATTLEGROUNDS
"Steam App 622590" = PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server)
"Steam App 730" = Counter-Strike: Global Offensive
"VulkanRT1.0.39.1" = Vulkan Run Time Libraries 1.0.39.1
"VulkanRT1.0.54.0" = Vulkan Run Time Libraries 1.0.54.0
"VulkanRT1.0.54.0-2" = Vulkan Run Time Libraries 1.0.54.0
"VulkanRT1.0.54.0-3" = Vulkan Run Time Libraries 1.0.54.0

Extras.Txt 続き3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1" = A3Launcher version 0.1.5.8
"{2636F1E4-2BC5-4B19-BFFD-A08F72598309}" = Python Launcher
"{2F6E7185-2BA2-4C56-8211-18DC9EFA9518}" = PluralMediaPlayer
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{5944EADE-74F8-0E8A-3899-CF9039036C2E}" = AMD Settings
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}" = Sound Blaster Z-Series Extras
"{a89d6e05-f7b5-490f-bb9e-ceca0dc8a2eb}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
"{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1" = AviSynth+ 0.1 (r1576)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{DAB64FB1-0BBB-486E-9C57-A3E34F463AEB}" = Sound Blaster Z-Series
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Avidemux 2.6 - 64 bits (64-bit)" = Avidemux 2.6 - 64 bits
"Avidemux 2.7 - 64 bits (64-bit)" = Avidemux 2.7 - 64 bits
"Battle.net" = Battle.net
"Destiny 2" = Destiny 2
"Dolby Digital Live Pack" = Dolby Digital Liveパック
"DTS Connect Pack" = DTS Connect Pack
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Origin" = Origin
"ProcessLasso" = Process Lasso
"Steam" = Steam
"VLC media player" = VLC media player

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{f71cfe9a-4a67-48a6-844b-571a76b33d33}" = Python 3.6.2 (64-bit)
"Discord" = Discord
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2017/11/03 6:45:37 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/04 0:48:49 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0 例外コード: 0xc0000005 障害オフセット: 0x000000000032a191
障害が発生しているプロセス
ID: 0x894 障害が発生しているアプリケーションの開始時刻: 0x01d3550b1f42aebd 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: e20020aa-81db-42c9-bb33-dc068114d146 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/04 12:42:13 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/04 12:42:13 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/06 2:38:09 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60547.0.0.0、タイム スタンプ: 0x59f3f9a0 例外コード: 0xc0000005 障害オフセット: 0x000000000031ad53
障害が発生しているプロセス
ID: 0x1cb4 障害が発生しているアプリケーションの開始時刻: 0x01d356ba93a46857 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: 9c188b17-bcbb-4141-849e-7947561607a9 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/06 5:11:41 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/06 5:11:41 | Computer Name = DESKTOP-1TRT9CD | Source = COM | ID = 10031
Description =

Error - 2017/11/07 11:28:05 | Computer Name = DESKTOP-1TRT9CD | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = パッケージ Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe+App
は、中断するのに時間がかかりすぎたため、停止されました。

Error - 2017/11/07 14:09:19 | Computer Name = DESKTOP-1TRT9CD | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: destiny2.exe、バージョン: 60642.0.0.0、タイム スタンプ: 0x59fbbbc6
障害が発生しているモジュール名:
destiny2.exe、バージョン: 60642.0.0.0、タイム スタンプ: 0x59fbbbc6 例外コード: 0xc0000005 障害オフセット: 0x000000000031ad13
障害が発生しているプロセス
ID: 0x1d7c 障害が発生しているアプリケーションの開始時刻: 0x01d357d707652d59 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Destiny 2\destiny2.exe 障害が発生しているモジュール パス: C:\Program Files (x86)\Destiny
2\destiny2.exe レポート ID: e7a32ecb-df87-4acb-b136-f4461b70a8e4 障害が発生しているパッケージの完全な名前:
? 障害が発生しているパッケージに関連するアプリケーション ID: ?

Error - 2017/11/07 15:26:04 | Computer Name = DESKTOP-1TRT9CD | Source = Application Hang | ID = 1002
Description = プログラム mbam.exe バージョン 1.75.0.1 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、セキュリティとメンテナンス
コントロール パネルで、問題の履歴を参照してください。 プロセス ID: 1c04 開始時刻: 01d357fe239489cd 終了時刻: 6 アプリケーション パス:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe レポート ID: 911c37f1-f082-4e73-9f91-87501eb11d09

障害が発生しているパッケージのフル
ネーム: ? 障害が発生しているパッケージに関連するアプリケーション ID: ?

[ System Events ]
Error - 2017/11/07 16:23:15 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:15 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:23:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:34 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:38 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:24:38 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10005
Description =

Error - 2017/11/07 16:25:19 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =

Error - 2017/11/07 16:25:24 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =

Error - 2017/11/08 5:31:45 | Computer Name = DESKTOP-1TRT9CD | Source = DCOM | ID = 10016
Description =


< End of report >

作業と報告、ご苦労様です。

OTLのスキャンログを見せてもらいましたが、どうもログが完全じゃなさそうですね。
OTL.txtの最初のほうが出ていないようです。

>[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

の欄からになってますが、とったログにその前の部分はありませんでしたか？
普通ならその前に

>Processes (SafeList)

で始まる項目等が出るのですが、もしやログのコピー時に見落としたなら、お手数ですが再度OTL.txtだけ再度全部を分割で上げてもらえますか。

コピーするとこを間違えてました、申し訳ないです。

OTL.Txt貼り直し

OTL logfile created on: 2017/11/09 0:31:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nomaku\Documents\Windward
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.27 Gb Available Physical Memory | 79.00% Memory free
11.69 Gb Paging File | 8.32 Gb Available in Paging File | 71.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118.28 Gb Total Space | 30.47 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 389.33 Gb Free Space | 13.93% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-1TRT9CD | User Name: maku | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2017/11/09 00:28:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nomaku\Documents\Windward\OTL.exe
PRC - [2017/11/02 14:50:53 | 000,777,840 | ---- | M] (Spotify Ltd) -- C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe
PRC - [2017/10/27 10:59:20 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017/10/21 14:32:25 | 003,002,720 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe
PRC - [2017/10/19 14:12:00 | 000,649,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2017/01/18 02:04:46 | 000,122,880 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHdaSvc.exe
PRC - [2014/11/24 16:53:18 | 000,877,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
PRC - [2012/10/08 16:53:20 | 000,423,424 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2017/10/20 17:06:04 | 013,659,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c9287eaf630bc35ce3ac0111feec2bdb\System.Windows.Forms.ni.dll
MOD - [2017/10/19 16:35:57 | 001,644,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9fa7853b7f08f94f82fdcd1b36939641\System.Drawing.ni.dll
MOD - [2017/09/29 22:43:17 | 020,514,464 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\f42a27fd30d9a54b9eb8cba239c2611f\mscorlib.ni.dll
MOD - [2017/09/29 22:43:17 | 010,523,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6b06ac83af180d308f3f484bcb050591\System.ni.dll
MOD - [2017/09/29 22:43:16 | 008,018,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\9be722d8c68270a743a0aea762f40e2d\System.Core.ni.dll
MOD - [2017/09/24 02:18:48 | 020,159,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\eaafb37362d55292465aa2ea1ce161fb\PresentationFramework.ni.dll
MOD - [2017/09/24 02:18:48 | 012,623,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\5a4e396b51a3622fd26d8ac2fa591bf4\PresentationCore.ni.dll
MOD - [2017/09/24 02:18:48 | 007,613,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\0d02952a8eb80d5163a9fbe555e70733\System.Xml.ni.dll
MOD - [2017/09/24 02:18:48 | 004,143,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ce28cee967406e721b2c0c18785d9a47\WindowsBase.ni.dll
MOD - [2017/09/24 02:18:48 | 002,058,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\7feefee293c48cdd7cbcdf6bb6dd2112\System.Xaml.ni.dll
MOD - [2017/09/24 02:18:47 | 001,041,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\7a2516f4eb29b02b8d4b39118f3d76ec\System.Configuration.ni.dll

続き1

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2017/10/07 03:02:00 | 000,552,464 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,654,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,636,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2017/09/29 22:43:11 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 001,346,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,588,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,518,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,421,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,889,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,795,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 003,164,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:03 | 000,213,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:02 | 000,699,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:58 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,951,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,820,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 002,632,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,779,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,307,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_3896c50)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,898,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:38 | 000,194,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:37 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:37 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 001,345,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,702,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,555,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,456,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)

続き2

SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 004,487,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,573,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,245,184 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 001,082,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,806,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,374,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,363,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,208,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,086,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 001,232,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 000,561,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 001,272,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 001,107,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,484,352 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,223,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,096,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:26 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 002,223,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 001,230,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 001,143,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,824,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,666,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,355,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,105,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 001,827,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)

続き3

SRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2017/09/29 04:01:00 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV - [2017/10/31 12:22:30 | 001,641,248 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2017/10/21 14:32:25 | 003,002,720 | ---- | M] (Electronic Arts) [Auto | Running] -- C:\Program Files (x86)\Origin\OriginWebHelperService.exe -- (Origin Web Helper Service)
SRV - [2017/10/21 14:32:25 | 002,123,104 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2017/09/29 22:42:22 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2017/09/29 22:42:14 | 000,566,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017/09/29 22:42:11 | 003,981,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2017/09/29 22:42:11 | 001,005,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2017/09/29 22:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/09/29 22:42:09 | 000,916,480 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2017/09/29 22:42:08 | 000,966,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2017/09/29 22:42:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017/09/29 22:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017/01/18 02:04:46 | 000,122,880 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Windows\SysWOW64\CtHdaSvc.exe -- (CtHdaSvc)
SRV - [2012/10/08 16:53:20 | 000,423,424 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,373,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,060,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,045,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2017/10/07 03:02:00 | 038,778,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0318724.inf_amd64_3e17b73ae627ea03\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2017/10/07 03:02:00 | 000,541,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\c0318724.inf_amd64_3e17b73ae627ea03\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:19 | 000,037,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:17 | 000,056,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2017/09/30 23:38:15 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,770,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,081,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 000,060,312 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:51 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,087,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,034,200 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,225,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,055,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 001,849,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,209,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdnsfltr.sys -- (wdnsfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:40 | 000,936,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:40 | 000,384,000 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,266,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,154,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,147,864 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,081,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,076,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)

続き4

DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,074,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,071,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,039,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,169,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,163,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,124,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,073,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:25 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,056,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,309,144 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,119,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,044,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:17 | 000,030,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,227,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,225,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,127,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,123,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,039,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:14 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,555,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,437,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,285,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,281,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,229,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,140,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,107,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,097,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,096,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,050,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,049,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,027,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:08 | 000,018,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,192,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

続き5

DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:04 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,674,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,571,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,149,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,118,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,103,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,079,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,055,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vnvdimm.sys -- (vnvdimm)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\invdimm.sys -- (invdimm)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,037,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,015,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:03 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 001,723,288 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,357,272 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,258,592 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,123,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,103,320 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,082,840 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,896 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,520 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,063,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:02 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,130,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,103,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2017/09/29 22:41:01 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)

続き6

DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,524,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,091,648 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,060,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2017/09/29 22:40:59 | 000,036,864 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2017/06/22 02:22:54 | 000,048,400 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtxHdb.sys -- (CtxHdb)
DRV:[b]64bit:[/b] - [2017/04/26 12:39:04 | 000,110,088 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2017/01/18 02:04:26 | 000,042,792 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cthdb.sys -- (cthdb)
DRV:[b]64bit:[/b] - [2017/01/18 02:04:24 | 001,074,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cthda.sys -- (cthda)
DRV:[b]64bit:[/b] - [2016/09/06 21:59:28 | 000,204,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2016/08/18 21:41:28 | 000,049,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV - [2017/11/08 19:34:18 | 000,058,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B2AEC22-1E19-4B2F-A789-E4C592CC38CC}\MpKslb0bb5928.sys -- (MpKslb0bb5928)
DRV - [2017/10/07 03:02:00 | 038,778,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0318724.inf_amd64_3e17b73ae627ea03\atikmdag.sys -- (amdkmdag)
DRV - [2017/10/07 03:02:00 | 000,541,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\c0318724.inf_amd64_3e17b73ae627ea03\atikmpag.sys -- (amdkmdap)
DRV - [2017/09/29 22:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC




IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 99 B7 03 1D D3 48 D3 01 [binary data]
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E6 92 F0 70 EA 3E D3 01 [binary data]
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 57 3E 48 A5 D6 8B 95 8B B3 38 86 74 47 92 6B 9F 28 78 EA 6F 8D 0D 40 0E 7E 0C BA E0 0A 5E 27 99 11 B9 A6 D2 69 DC A3 42 9F E7 CE BA CD C9 E7 39 C2 5E 58 02 00 00 00 0E 00 00 00 4A 62 47 55 59 46 62 4E 4B 58 51 25 33 64 [binary data]
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)



[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

続き7

O1 HOSTS File: ([2017/03/19 06:01:13 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Sound Blaster Z-Series Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1002..\Run: [AMDDVR] C:\Program Files\AMD\CNext\CNext\amddvr.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1002..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1002..\Run: [Spotify Web Helper] C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-173564043-4270010925-3132834754-1001..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[C0].txt File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{a7e0ff84-5244-4184-982c-71c5062eb833}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05} - .NET Framework
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\inf\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {54BDBDCB-ED26-30CA-BFFC-5B5E414C3793} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2017/11/08 04:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2017/11/08 04:29:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/11/08 04:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2017/11/08 04:25:15 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Roaming\Malwarebytes
[2017/11/08 04:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/11/07 19:22:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2017/11/05 13:10:30 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Steam
[2017/11/05 13:10:10 | 000,000,000 | -H-D | C] -- C:\Users\maku\MicrosoftEdgeBackups
[2017/11/05 13:09:52 | 000,000,000 | R--D | C] -- C:\Users\maku\3D Objects
[2017/11/04 15:43:07 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Google
[2017/11/04 15:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017/11/04 15:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

続き8


[2017/10/25 10:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Destiny 2
[2017/10/25 10:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2017/10/25 10:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2017/10/25 10:08:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2017/10/25 10:07:58 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Battle.net
[2017/10/25 10:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2017/10/22 15:15:57 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\CEF
[2017/10/22 15:15:34 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Warframe
[2017/10/21 14:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2017/10/21 14:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2017/10/21 14:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2017/10/21 14:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2017/10/21 14:32:31 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Origin
[2017/10/19 21:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
[2017/10/19 21:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2017/10/19 14:52:23 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\Updreg.EXE
[2017/10/19 14:52:22 | 001,898,496 | ---- | C] (Creative) -- C:\WINDOWS\SysNative\Sens_oal.dll
[2017/10/19 14:52:22 | 001,609,728 | ---- | C] (Creative) -- C:\WINDOWS\SysWow64\Sens_oal.dll
[2017/10/19 14:52:22 | 000,466,520 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2017/10/19 14:52:22 | 000,445,016 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2017/10/19 14:52:22 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2017/10/19 14:52:22 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2017/10/19 14:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2017/10/19 14:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2017/10/19 14:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017/10/19 14:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017/10/19 14:29:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2017/10/19 14:29:01 | 000,000,000 | -HSD | C] -- C:\Recovery
[2017/10/19 14:29:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2017/10/19 14:29:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2017/10/19 14:25:58 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2017/10/19 14:25:13 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Packages
[2017/10/19 14:24:49 | 000,000,000 | --SD | C] -- C:\Users\maku\AppData\Roaming\Microsoft
[2017/10/19 14:24:49 | 000,000,000 | R--D | C] -- C:\Users\maku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017/10/19 14:24:49 | 000,000,000 | R--D | C] -- C:\Users\maku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/10/19 14:24:49 | 000,000,000 | R--D | C] -- C:\Users\maku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/10/19 14:24:49 | 000,000,000 | R--D | C] -- C:\Users\maku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\スタート メニュー
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\AppData\Local\Temporary Internet Files
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Templates
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\SendTo
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Recent
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\PrintHood
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\NetHood
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Documents\My Videos
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Documents\My Pictures
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Documents\My Music
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\My Documents
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Local Settings
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\AppData\Local\History
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Cookies
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\Application Data
[2017/10/19 14:24:49 | 000,000,000 | -HSD | C] -- C:\Users\maku\AppData\Local\Application Data
[2017/10/19 14:24:49 | 000,000,000 | -H-D | C] -- C:\Users\maku\AppData
[2017/10/19 14:24:49 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Temp
[2017/10/19 14:24:49 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Local\Microsoft
[2017/10/19 14:24:49 | 000,000,000 | ---D | C] -- C:\Users\maku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/10/19 14:23:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017/10/19 14:23:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017/10/19 14:12:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017/10/19 14:12:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017/10/19 14:12:04 | 025,246,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017/10/19 14:12:04 | 021,752,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2017/10/19 14:12:04 | 018,913,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017/10/19 14:12:04 | 017,080,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2017/10/19 14:12:04 | 008,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017/10/19 14:12:04 | 006,032,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017/10/19 14:12:04 | 004,744,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017/10/19 14:12:04 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017/10/19 14:12:04 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2017/10/19 14:12:04 | 000,664,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017/10/19 14:12:04 | 000,664,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2017/10/19 14:12:04 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2017/10/19 14:12:04 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicRuntimes.dll
[2017/10/19 14:12:04 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017/10/19 14:12:04 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017/10/19 14:12:00 | 001,664,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017/10/19 14:12:00 | 001,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017/10/19 14:12:00 | 001,470,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017/10/19 14:12:00 | 001,436,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017/10/19 14:12:00 | 001,261,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017/10/19 14:12:00 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017/10/19 14:12:00 | 000,649,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017/10/19 14:12:00 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll
[2017/10/19 14:12:00 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017/10/19 14:12:00 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017/10/19 14:12:00 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2017/10/19 14:12:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2017/10/19 14:12:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2017/10/19 14:12:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2017/10/19 14:12:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll
[2017/10/19 14:11:59 | 008,592,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017/10/19 14:11:59 | 005,906,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017/10/19 14:11:59 | 001,463,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017/10/19 14:11:59 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017/10/19 14:11:59 | 000,464,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017/10/19 14:11:59 | 000,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2017/10/19 14:11:59 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2017/10/19 14:11:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll

続き9

[2017/10/19 14:11:58 | 003,672,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017/10/19 14:11:58 | 002,905,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017/10/19 14:11:58 | 002,106,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017/10/19 14:11:58 | 001,633,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017/10/19 14:11:58 | 001,554,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017/10/19 14:11:58 | 001,547,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017/10/19 14:11:58 | 001,200,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017/10/19 14:11:58 | 001,165,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2017/10/19 14:11:58 | 001,053,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017/10/19 14:11:58 | 000,739,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017/10/19 14:11:58 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2017/10/19 14:11:58 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017/10/19 14:11:58 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2017/10/19 14:11:58 | 000,559,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017/10/19 14:11:58 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2017/10/19 14:11:58 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2017/10/19 14:11:58 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2017/10/19 14:11:58 | 000,373,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2017/10/19 14:11:58 | 000,246,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017/10/19 14:11:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2017/10/19 14:11:58 | 000,060,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\urscx01000.sys
[2017/10/19 14:11:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsi.sys
[2017/10/19 14:11:58 | 000,045,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2017/10/19 14:11:58 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017/10/19 14:10:21 | 006,347,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsData0009.dll
[2017/10/19 14:10:21 | 005,739,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prm0009.dll
[2017/10/19 14:10:21 | 002,629,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsLexicons0009.dll
[2017/10/19 14:10:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2017/10/19 14:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017/10/19 14:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017/10/19 14:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017/10/19 14:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017/10/19 14:09:49 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2017/10/19 14:09:49 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2017/10/19 14:09:49 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2017/10/19 14:09:48 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2017/10/19 14:09:47 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2017/10/19 14:09:47 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2017/10/19 13:50:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017/10/19 13:41:59 | 126,925,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2017/10/13 10:25:00 | 000,045,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\RapidFireServer64.dll
[2017/10/13 10:24:56 | 000,043,024 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\RapidFireServer.dll
[2017/10/13 10:24:54 | 000,552,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\Rapidfire64.dll
[2017/10/13 10:24:50 | 000,484,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\Rapidfire.dll
[2017/10/13 10:24:42 | 000,170,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\mantleaxl64.dll
[2017/10/13 10:24:42 | 000,136,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\mantleaxl32.dll
[2017/10/13 10:24:36 | 000,192,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\mantle64.dll
[2017/10/13 10:24:32 | 000,151,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\mantle32.dll
[2017/10/13 10:24:06 | 000,925,200 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\coinst_17.30.dll
[2017/10/13 10:24:06 | 000,029,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\detoured.dll
[2017/10/13 10:24:06 | 000,029,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\detoured.dll
[2017/10/13 10:23:56 | 000,168,464 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atisamu64.dll
[2017/10/13 10:23:52 | 000,134,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atisamu32.dll
[2017/10/13 10:23:36 | 000,124,944 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2017/10/13 10:23:34 | 000,131,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atimpc64.dll
[2017/10/13 10:23:32 | 000,103,176 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll
[2017/10/13 10:23:24 | 000,245,776 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6txx.dll
[2017/10/13 10:23:24 | 000,204,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atigktxx.dll
[2017/10/13 10:23:20 | 000,552,464 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2017/10/13 10:23:14 | 000,781,840 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2017/10/13 10:23:06 | 000,131,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdpcom64.dll
[2017/10/13 10:23:02 | 000,103,176 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll
[2017/10/13 10:22:56 | 000,467,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atidemgy.dll
[2017/10/13 10:22:56 | 000,196,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\amdhcp64.dll
[2017/10/13 10:22:54 | 000,157,360 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\aticfx64.dll
[2017/10/13 10:22:54 | 000,149,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\aticfx32.dll
[2017/10/13 10:22:52 | 000,165,064 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\amdhcp32.dll
[2017/10/13 10:22:46 | 000,666,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiapfxx.exe
[2017/10/13 10:22:44 | 001,540,112 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiadlxx.dll
[2017/10/13 10:22:44 | 001,057,808 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll
[2017/10/13 10:22:44 | 000,069,648 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\ati2erec.dll
[2017/10/13 10:22:42 | 002,917,904 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\amfrt64.dll
[2017/10/13 10:22:40 | 002,532,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\amfrt32.dll
[2017/10/13 10:22:40 | 000,139,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdave64.dll
[2017/10/13 10:22:38 | 000,116,728 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdave32.dll
[2017/10/13 10:22:30 | 000,113,168 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdxc64.dll
[2017/10/13 10:22:28 | 012,515,344 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdvlk64.dll
[2017/10/13 10:22:28 | 000,099,856 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdxc32.dll
[2017/10/13 10:22:26 | 010,294,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdvlk32.dll
[2017/10/13 10:21:36 | 000,092,176 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdmcl64.dll
[2017/10/13 10:21:34 | 000,075,792 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdmcl32.dll
[2017/10/13 10:21:26 | 000,864,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\amdlvr64.dll
[2017/10/13 10:21:24 | 000,696,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\amdlvr32.dll
[8 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[8 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

続き10

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2017/11/08 18:30:47 | 3408,121,856 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/08 18:30:44 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/11/08 05:29:46 | 002,109,690 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/08 05:29:46 | 000,853,012 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017/11/08 05:29:46 | 000,735,142 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2017/11/08 05:29:46 | 000,251,776 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2017/11/08 05:29:46 | 000,248,814 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017/11/08 05:24:56 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2017/11/08 05:22:01 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2017/11/05 13:09:52 | 000,002,342 | ---- | M] () -- C:\Users\maku\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/11/05 13:09:52 | 000,002,318 | ---- | M] () -- C:\Users\maku\Desktop\Google Chrome.lnk
[2017/10/27 04:54:33 | 000,835,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017/10/27 04:54:33 | 000,177,648 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017/10/20 14:03:53 | 000,000,128 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2017/10/19 14:52:22 | 000,466,520 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2017/10/19 14:52:22 | 000,445,016 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2017/10/19 14:52:22 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2017/10/19 14:52:22 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2017/10/19 14:51:48 | 000,000,105 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2017/10/19 14:28:03 | 000,011,433 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017/10/19 14:28:03 | 000,011,433 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017/10/19 14:27:47 | 000,023,208 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/10/19 14:26:48 | 000,269,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/10/19 14:12:04 | 025,246,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017/10/19 14:12:04 | 021,752,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2017/10/19 14:12:04 | 018,913,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017/10/19 14:12:04 | 017,080,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2017/10/19 14:12:04 | 008,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017/10/19 14:12:04 | 006,032,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017/10/19 14:12:04 | 004,744,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017/10/19 14:12:04 | 000,812,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2017/10/19 14:12:04 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2017/10/19 14:12:04 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2017/10/19 14:12:04 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2017/10/19 14:12:04 | 000,538,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2017/10/19 14:12:04 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicRuntimes.dll
[2017/10/19 14:12:04 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2017/10/19 14:12:04 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017/10/19 14:12:01 | 002,474,080 | ---- | M] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017/10/19 14:12:00 | 003,312,432 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2017/10/19 14:12:00 | 001,664,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2017/10/19 14:12:00 | 001,641,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017/10/19 14:12:00 | 001,470,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2017/10/19 14:12:00 | 001,436,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017/10/19 14:12:00 | 001,261,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017/10/19 14:12:00 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2017/10/19 14:12:00 | 000,649,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2017/10/19 14:12:00 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswstr10.dll
[2017/10/19 14:12:00 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2017/10/19 14:12:00 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msexcl40.dll
[2017/10/19 14:12:00 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2017/10/19 14:12:00 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\t2embed.dll
[2017/10/19 14:12:00 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XblAuthTokenBrokerExt.dll
[2017/10/19 14:12:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2017/10/19 14:12:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjint40.dll
[2017/10/19 14:11:59 | 008,592,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017/10/19 14:11:59 | 005,906,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2017/10/19 14:11:59 | 001,463,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2017/10/19 14:11:59 | 000,778,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2017/10/19 14:11:59 | 000,464,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2017/10/19 14:11:59 | 000,184,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2017/10/19 14:11:59 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\t2embed.dll
[2017/10/19 14:11:59 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2017/10/19 14:11:58 | 003,672,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017/10/19 14:11:58 | 002,905,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017/10/19 14:11:58 | 002,106,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017/10/19 14:11:58 | 001,633,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2017/10/19 14:11:58 | 001,554,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017/10/19 14:11:58 | 001,547,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017/10/19 14:11:58 | 001,200,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2017/10/19 14:11:58 | 001,165,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2017/10/19 14:11:58 | 001,053,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2017/10/19 14:11:58 | 000,739,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2017/10/19 14:11:58 | 000,665,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2017/10/19 14:11:58 | 000,591,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2017/10/19 14:11:58 | 000,566,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2017/10/19 14:11:58 | 000,559,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2017/10/19 14:11:58 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2017/10/19 14:11:58 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2017/10/19 14:11:58 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2017/10/19 14:11:58 | 000,373,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2017/10/19 14:11:58 | 000,246,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017/10/19 14:11:58 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XblAuthTokenBrokerExt.dll
[2017/10/19 14:11:58 | 000,060,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\urscx01000.sys
[2017/10/19 14:11:58 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsi.sys
[2017/10/19 14:11:58 | 000,045,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2017/10/19 14:11:58 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2017/10/19 14:10:21 | 006,347,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsData0009.dll
[2017/10/19 14:10:21 | 005,739,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prm0009.dll

続き11

[2017/10/19 14:10:21 | 002,629,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NlsLexicons0009.dll
[2017/10/19 14:09:49 | 001,166,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2017/10/19 14:09:49 | 000,124,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2017/10/19 14:09:49 | 000,035,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2017/10/19 14:09:48 | 000,778,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2017/10/19 14:09:47 | 000,103,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2017/10/19 14:09:47 | 000,035,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2017/10/19 14:02:29 | 000,007,600 | ---- | M] () -- C:\Users\maku\AppData\Local\Resmon.ResmonCfg
[2017/10/19 13:42:00 | 126,925,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2017/10/13 10:01:56 | 000,154,384 | ---- | M] () -- C:\WINDOWS\SysNative\samu_krnl_ci.sbin
[2017/10/13 10:01:56 | 000,138,832 | ---- | M] () -- C:\WINDOWS\SysNative\samu_krnl_isv_ci.sbin
[2017/10/13 10:01:56 | 000,120,880 | ---- | M] () -- C:\WINDOWS\SysNative\kapp_ci.sbin
[2017/10/13 10:01:56 | 000,114,704 | ---- | M] () -- C:\WINDOWS\SysNative\kapp_si.sbin
[2017/10/13 10:01:54 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2017/10/13 10:01:54 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2017/10/13 10:01:54 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2017/10/13 10:01:54 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2017/10/13 10:01:50 | 000,032,804 | ---- | M] () -- C:\WINDOWS\SysNative\AMDKernelEvents.man
[8 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[8 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/11/04 15:43:11 | 000,002,318 | ---- | C] () -- C:\Users\maku\Desktop\Google Chrome.lnk
[2017/10/27 10:59:33 | 000,002,342 | ---- | C] () -- C:\Users\maku\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/10/27 10:59:33 | 000,002,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2017/10/20 14:03:53 | 000,000,128 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2017/10/19 14:51:40 | 000,004,850 | ---- | C] () -- C:\WINDOWS\cthdaENG.reg
[2017/10/19 14:51:40 | 000,004,708 | ---- | C] () -- C:\WINDOWS\cthdaJPN.reg
[2017/10/19 14:32:50 | 002,109,690 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/10/19 14:27:57 | 000,011,433 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017/10/19 14:27:57 | 000,011,433 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017/10/19 14:27:47 | 000,023,208 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/10/19 14:25:23 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017/10/19 14:24:49 | 000,000,352 | ---- | C] () -- C:\Users\maku\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/10/19 14:24:49 | 000,000,334 | ---- | C] () -- C:\Users\maku\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/10/19 14:24:28 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017/10/19 14:23:45 | 000,269,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/10/19 14:12:01 | 002,474,080 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017/10/19 14:12:00 | 003,312,432 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2017/10/19 14:08:43 | 000,150,810 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2017/10/19 14:08:43 | 000,150,810 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017/10/13 10:24:28 | 000,277,008 | ---- | C] () -- C:\WINDOWS\SysNative\hsa-thunk64.dll
[2017/10/13 10:24:22 | 000,242,704 | ---- | C] () -- C:\WINDOWS\SysWow64\hsa-thunk.dll
[2017/10/13 10:24:18 | 000,531,984 | ---- | C] () -- C:\WINDOWS\SysNative\GameManager64.dll
[2017/10/13 10:24:14 | 000,366,096 | ---- | C] () -- C:\WINDOWS\SysWow64\GameManager32.dll
[2017/10/13 10:24:08 | 000,552,976 | ---- | C] () -- C:\WINDOWS\SysNative\dgtrayicon.exe
[2017/10/13 10:24:04 | 000,370,192 | ---- | C] () -- C:\WINDOWS\SysNative\clinfo.exe
[2017/10/13 10:23:10 | 000,484,368 | ---- | C] () -- C:\WINDOWS\SysNative\atieah64.exe
[2017/10/13 10:23:06 | 000,334,864 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe
[2017/10/13 10:23:02 | 000,115,728 | ---- | C] () -- C:\WINDOWS\SysNative\atidxx64.dll
[2017/10/13 10:23:02 | 000,102,416 | ---- | C] () -- C:\WINDOWS\SysWow64\atidxx32.dll
[2017/10/13 10:22:58 | 000,574,456 | ---- | C] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2017/10/13 10:21:02 | 000,515,088 | ---- | C] () -- C:\WINDOWS\SysNative\amdgfxinfo64.dll
[2017/10/13 10:21:02 | 000,360,976 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
[2017/10/13 10:01:56 | 000,154,384 | ---- | C] () -- C:\WINDOWS\SysNative\samu_krnl_ci.sbin
[2017/10/13 10:01:56 | 000,138,832 | ---- | C] () -- C:\WINDOWS\SysNative\samu_krnl_isv_ci.sbin
[2017/10/13 10:01:56 | 000,120,880 | ---- | C] () -- C:\WINDOWS\SysNative\kapp_ci.sbin
[2017/10/13 10:01:56 | 000,114,704 | ---- | C] () -- C:\WINDOWS\SysNative\kapp_si.sbin
[2017/10/13 10:01:54 | 003,471,376 | ---- | C] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2017/10/13 10:01:54 | 003,437,632 | ---- | C] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2017/10/13 10:01:54 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2017/10/13 10:01:54 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2017/10/13 10:01:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2017/10/13 10:01:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2017/10/13 10:01:52 | 000,831,736 | ---- | C] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2017/10/13 10:01:52 | 000,831,736 | ---- | C] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2017/10/13 10:01:50 | 000,032,804 | ---- | C] () -- C:\WINDOWS\SysNative\AMDKernelEvents.man
[2017/10/13 10:01:50 | 000,000,145 | ---- | C] () -- C:\WINDOWS\SysNative\amd-vulkan64.json
[2017/10/13 10:01:50 | 000,000,145 | ---- | C] () -- C:\WINDOWS\SysWow64\amd-vulkan32.json
[2017/09/29 22:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017/09/29 22:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017/09/29 22:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017/09/29 22:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/09/29 22:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017/09/29 22:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017/09/29 22:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017/09/29 22:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017/09/29 22:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017/09/29 22:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017/09/29 22:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017/09/29 22:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017/09/29 22:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017/09/29 22:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017/09/29 22:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/09/29 22:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017/08/21 07:56:09 | 001,527,650 | ---- | C] () -- C:\WINDOWS\SysWow64\libfftw3f-3.dll
[2017/08/12 15:10:51 | 000,007,600 | ---- | C] () -- C:\Users\maku\AppData\Local\Resmon.ResmonCfg
[2017/07/26 12:50:54 | 000,776,992 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2017/07/26 12:50:54 | 000,477,472 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2017/07/13 01:54:00 | 000,776,992 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-54-0.dll
[2017/07/13 01:53:54 | 000,477,472 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-54-0.exe
[2017/01/28 07:05:24 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017/01/28 07:04:54 | 000,326,656 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-39-1.dll

続き12

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2017/10/21 18:52:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017/09/29 22:41:31 | 007,675,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/09/29 22:42:11 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/09/29 22:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017/09/29 22:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017/09/29 22:42:04 | 000,506,880 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2017/11/08 04:24:34 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/10/19 14:45:42 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2017/11/08 19:34:38 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2017/10/19 14:30:09 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2017/10/19 14:29:01 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2017/10/19 14:30:09 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2017/09/29 22:46:33 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2017/10/19 14:25:15 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData
[2017/11/05 13:10:10 | 000,000,000 | -H-D | M] -- C:\Users\maku\MicrosoftEdgeBackups
[2017/10/19 21:09:30 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2017/11/05 13:10:16 | 000,000,000 | RH-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Windows\Burn\Burn
[2017/11/05 13:10:29 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2017/07/26 12:42:03 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE
[2017/07/26 12:42:03 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2017/07/26 12:42:03 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2017/10/19 14:27:37 | 000,000,000 | -H-D | M] -- C:\Users\maku\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/10/19 14:25:06 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData
[2017/10/19 14:29:40 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\MicrosoftEdgeBackups
[2017/10/07 06:31:17 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2017/10/19 14:30:49 | 000,000,000 | RH-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Windows\Burn\Burn
[2017/10/28 04:20:24 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2017/07/26 12:25:25 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE
[2017/07/26 12:25:25 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2017/07/26 12:25:25 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2017/10/19 14:27:27 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/08/02 03:04:06 | 000,000,000 | -H-D | M] -- C:\Users\nomaku\Videos\Radeon ReLive\replay_cache
[2017/11/05 13:09:52 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2017/11/04 16:08:21 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2017/10/19 14:15:41 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2017/09/29 22:46:39 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2017/10/19 14:13:43 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2017/10/19 14:13:43 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD30EZRZ-00Z5HB0
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ADATA SP900
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 2,794.00GB
Starting Offset: 135266304
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 500.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #1, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 118.00GB
Starting Offset: 525336576
Hidden sectors: 0


DeviceID: Disk #1, Partition #2
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 480.00MB
Starting Offset: 127528861696
Hidden sectors: 0

続き13

[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2017/09/29 22:41:50 | 000,144,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:33 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:27 | 001,345,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:31 | 000,841,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2017/09/29 22:42:14 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:41 | 000,450,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2017/09/29 22:42:16 | 000,332,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2017/09/30 23:38:18 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2017/09/29 22:42:16 | 000,314,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,286,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,109,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:50 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2017/09/29 22:42:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:58 | 000,600,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:47 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2017/09/29 22:42:05 | 000,460,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2017/09/29 22:42:07 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:56 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,760,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:57 | 000,930,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 001,117,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:55 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,057,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:06 | 000,246,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,270,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,613,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2017/09/29 22:42:14 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2017/09/29 22:42:00 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:00 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2017/09/29 22:42:25 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:00 | 000,069,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:44 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 001,558,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 001,488,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:23 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:13 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:19 | 000,105,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:35 | 001,816,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2017/10/19 14:11:58 | 000,925,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:45 | 000,610,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:52 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2017/09/29 22:42:18 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:04 | 000,220,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:30 | 002,782,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2017/09/29 22:42:08 | 002,528,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2017/09/29 22:41:43 | 000,276,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

こんばんは。
再度のOTLログを見せてもらいました。
今度は最初から普通に表示されてますね。

ではOTLで見えたところを今度はOTLから掃除にかかりましょう。

作業の前にひとつ注意です。
今回の作業後にChromeの拡張をひとつ掃除することになるので、もし必要な拡張が消えていたら後でその拡張は入れなおしてください。
ですが「スライド」という拡張をご自身で入れた覚えがないならそれは入れなおししなくていいです。

ではまた説明に沿って作業をお願いします。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 99 B7 03 1D D3 48 D3 01 [binary data]
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E6 92 F0 70 EA 3E D3 01 [binary data]
IE - HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 57 3E 48 A5 D6 8B 95 8B B3 38 86 74 47 92 6B 9F 28 78 EA 6F 8D 0D 40 0E 7E 0C BA E0 0A 5E 27 99 11 B9 A6 D2 69 DC A3 42 9F E7 CE BA CD C9 E7 39 C2 5E 58 02 00 00 00 0E 00 00 00 4A 62 47 55 59 46 62 4E 4B 58 51 25 33 64 [binary data]
CHR - Extension: No name found = C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\

:Files
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

:reg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

拡張は一つも入れてないのでchromeに元々入ってるものだと思います。
それと、セキュリティ対策で管理者権限のユーザーアカウントと標準アカウントを作って標準の方でやった方がいいと聞いて
そうしてるんですが、結局何か実行する時に自分でパスワードを打つだけであまり意味はないのでしょうか？


otl,txtのログです。

All processes killed
========== OTL ==========
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-173564043-4270010925-3132834754-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_metadata folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\zh_TW folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\zh_CN folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\vi folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\uk folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\tr folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\th folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sv folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sr folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sl folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sk folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ru folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ro folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pt_PT folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pt_BR folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pl folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\no folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\nl folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ms folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\lv folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\lt folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ko folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ja folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\it folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\id folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\hu folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\hi folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\he folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fr folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fil folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fi folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\et folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\es_419 folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\es folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\en_US folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\en_GB folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\el folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\de folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\da folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\cs folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ca folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\bg folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ar folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales folder moved successfully.
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0 folder moved successfully.
========== FILES ==========
C:\Users\maku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: maku
->Temp folder emptied: 4786115 bytes
->Temporary Internet Files folder emptied: 8702466 bytes
->Google Chrome cache emptied: 7127428 bytes

User: nomaku
->Temp folder emptied: 48995895 bytes
->Temporary Internet Files folder emptied: 5309969 bytes
->Google Chrome cache emptied: 354468435 bytes
->Flash cache emptied: 1419 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2821464 bytes
%systemroot%\System32 (64bit) .tmp files removed: 7455680 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 599171629 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 991.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 11102017_221425

作業と報告、ご苦労様です。

>拡張は一つも入れてないのでchromeに元々入ってるものだと思います。

はい、ではそこはいいです。

>管理者権限のユーザーアカウントと標準アカウントを作って標準の方でやった方がいいと聞いて
>そうしてるんですが、結局何か実行する時に自分でパスワードを打つだけであまり意味はないのでしょうか？

必要のない場合は標準ユーザーでログインするならそれに越したことはないです。
常に管理者アカウントでPCを操作していると、ユーザー自身が見落とした罠にかかってしまうおそれがあります。
PCセキュリティのうえでは手間を惜しんで設定や操作を省くとそのままセキュリティ上のレベルが下がると思ってください。
例えばWindows標準のユーザーアカウント制御（UAC）などはレベルを上げると頻繁に確認や警告メッセージが出るので、ほとんどの方が面倒がってレベルを下げるか「通知しない」にしているようです。
これをしっかり固めておくだけでも有効なのは、その警告の元となるプログラム名が表示されるのでそれをユーザーが確認することで覚えのないモノを「許可」してPC内に入れてしまうのを防ぐことができるからです。

さて、OTLの結果ログも見せてもらいましたが、おおむね掃除できたようです。
対象エントリはsuccessfully（処置成功）になってます。

ではここでまたHJTログとCCでのインストール情報と各タブのログを取り直して、それらをレスで見せてください。
それとOTL処置後にChromeを含めて状態変化があればそれも教えてください

>それとOTL処置後にChromeを含めて状態変化があればそれも教えてください
特に気になるような変化はなさそうです。

初めに言っておかないといけなかったんですが、家族でそれぞれPCを使っていて家に3台あります。
もし他のPCがウイルス感染していた場合、ルーターで繋がっていては防ぎようがないんでしょうか？
まだ途中ですが、相談に乗っていただいてありがとうございます。

hijackthisのログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:13:32, on 2017/11/12
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)


Boot mode: Normal

Running processes:
C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
C:\ProgramData\Battle.net\Agent\Agent.5857\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.9526\Battle.net Helper.exe
C:\Users\nomaku\Documents\Windward\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Sound Blaster Z-Series Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-173564043-4270010925-3132834754-1002\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe" (User 'nomaku')
O4 - HKUS\S-1-5-21-173564043-4270010925-3132834754-1002\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User 'nomaku')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{a7e0ff84-5244-4184-982c-71c5062eb833}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oem1.inf,%Creative.CTHdaSvcDesc%;Sound Blaster Audio Service (CtHdaSvc) - Creative Technology Ltd - C:\WINDOWS\sysWow64\CtHdaSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 6788 bytes

cc_インストール情報

7-Zip 16.04 (x64) Igor Pavlov 2017/11/06 4.75 MB 16.04
A3Launcher version 0.1.5.8 Maca134 2017/08/26 49.8 MB 0.1.5.8
Aim Hero ProGames Studio 2017/10/19 138 MB
AMD Software Advanced Micro Devices, Inc. 2017/10/19 26.3 MB 9.0.000.8
Arma 3 Bohemia Interactive 2017/10/19
Avidemux 2.6 - 64 bits 2017/10/19 2.6.21.170501
Avidemux 2.7 - 64 bits 2017/10/19 2.7.0.170814
AviSynth+ 0.1 (r1576) The Public 2017/08/20 40.8 MB 2.6.0.5
Battle.net Blizzard Entertainment 2017/10/25
Beat Hazard Cold Beam Games 2017/10/19 235 MB
Bluesky Frame Rate Converter Version 2.8.1 Bluesky 2017/08/21 2.09 MB
Candy Crush Soda Saga king.com 2017/11/08 1.101.900.0
CCleaner Piriform 2017/11/04 5.36
ComicsPlusPlus Comics++ 2017/11/07 1.4.2.0
Counter-Strike: Global Offensive Valve 2017/10/19 14.8 GB
Destiny 2 Blizzard Entertainment 2017/10/25
Discord Discord Inc. 2017/07/31 50.8 MB 0.0.298
Dolby Digital Liveパック Creative Technology Limited 2017/10/19 6.84 MB 3.03
DTS Connect Pack Creative Technology Limited 2017/10/19 6.84 MB 1.00
Fallout Interplay Inc. 2017/10/19 708 MB
GIMP 2.8.22 The GIMP Team 2017/08/19 288 MB 2.8.22
Google Chrome Google Inc. 2017/10/27 62.0.3202.75
Groove ミュージック Microsoft Corporation 2017/11/11 10.17084.21621.0
Guns of Icarus Online Muse Games 2017/10/28
Haali Media Splitter 2017/10/19
HEVC Video Extension Microsoft Corporation 2017/10/19 1.0.2512.0
Instagram Instagram 2017/09/20 10.1096.22724.0
Left 4 Dead 2 Valve 2017/10/28
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2017/11/08 19.3 MB 1.75.0.1300
Microsoft OneDrive Microsoft Corporation 2017/11/01 100 MB 17.3.7074.1023
Microsoft Solitaire Collection Microsoft Studios 2017/10/31 3.18.10182.0
Microsoft Sticky Notes Microsoft Corporation 2017/10/19 1.8.2.0
Microsoft Store Microsoft Corporation 2017/11/10 11710.1001.27.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2017/10/21 4.99 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Corporation 2017/08/22 1.62 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2017/09/04 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2017/08/22 1.32 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2017/09/04 708 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2017/07/28 14.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2017/10/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2017/10/19 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/10/19 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 Microsoft Corporation 2017/10/19 20.5 MB 12.0.40649.5
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2017/10/19 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 Microsoft Corporation 2017/10/19 23.5 MB 14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 2017/10/19 19.5 MB 14.0.24215.1
Mixed Reality Viewer Microsoft Corporation 2017/09/28 2.1709.8012.0
MPC-HC 1.7.13 (64-bit) MPC-HC Team 2017/08/21 47.0 MB 1.7.13
NVIDIA PhysX NVIDIA Corporation 2017/09/19 95.1 MB 9.12.1031
OneNote Microsoft Corporation 2017/10/31 17.8625.21151.0
Origin Electronic Arts, Inc. 2017/10/21 329 MB 10.5.4.63358
People Microsoft Corporation 2017/10/31 10.2.2791.0
PLAYERUNKNOWN'S BATTLEGROUNDS Bluehole, Inc. 2017/10/19 7.05 GB
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) 2017/10/19 6.89 GB
PluralMediaPlayer ZeroMethod 2017/08/18 3.02 MB 4.5.5
Print 3D Microsoft Corporation 2017/10/19 1.0.2572.0
Process Lasso Bitsum 2017/10/19 29.5 MB 9.0.0.402
Python 3.6.2 (64-bit) Python Software Foundation 2017/10/19 91.0 MB 3.6.2150.0
Python Launcher Python Software Foundation 2017/08/05 1.10 MB 3.6.6032.0
Recuva Piriform 2017/10/19 10.4 MB 1.53
Sound Blaster Z-Series Creative Technology Limited 2017/10/19 155 MB 1.01.10
Sound Blaster Z-Series Extras Creative Technology Limited 2017/10/19 1.0
Spotify Spotify AB 2017/11/02 1.0.66.478.g1296534d
Steam Valve Corporation 2017/10/21 2.10.91.91
VLC media player VideoLAN 2017/10/19 123 MB 2.2.6
Vulkan Run Time Libraries 1.0.39.1 LunarG, Inc. 2017/10/19 1.66 MB 1.0.39.1
Vulkan Run Time Libraries 1.0.54.0 LunarG, Inc. 2017/10/19 1.66 MB 1.0.54.0
Wallet Microsoft Corporation 2017/07/26 1.0.16328.0
Warframe Digital Extremes 2017/10/25
Xbox Microsoft Corporation 2017/11/03 33.34.30002.0
Xbox Game bar Microsoft Corporation 2017/11/07 1.22.30001.0
Xbox Game Speech Window Microsoft Corporation 2017/10/19 1.17.29001.0
Xbox Identity Provider Microsoft Corporation 2017/10/19 12.30.5001.0
Xbox Live Microsoft Corporation 2017/10/31 1.10.3002.0
アプリ インストーラー Microsoft Corporation 2017/10/19 1.0.12161.0
アラーム & クロック Microsoft Corporation 2017/10/20 10.1710.2841.0
カメラ Microsoft Corporation 2017/10/28 2017.921.10.0
ストア エクスペリエンス ホスト Microsoft Corporation 2017/11/10 11710.1710.30001.0
ヒント Microsoft Corporation 2017/10/27 6.5.2851.0
フィードバック Hub Microsoft Corporation 2017/10/19 1.1708.2831.0
フォト Microsoft Corporation 2017/10/05 2017.39081.15820.0
ヘルプの表示 Microsoft Corporation 2017/10/19 10.1706.1981.0
ペイント 3D Microsoft Corporation 2017/11/11 3.1710.30027.0
ボイス レコーダー Microsoft Corporation 2017/10/25 10.1710.2861.0
マップ Microsoft Corporation 2017/10/19 5.1708.2764.0
メッセージング Microsoft Corporation 2017/10/19 3.32.15001.0
メール/カレンダー Microsoft Corporation 2017/11/11 17.8700.40645.0
天気 Microsoft Corporation 2017/10/19 4.21.2492.0
映画 & テレビ Microsoft Corporation 2017/10/19 10.17092.13511.0
電卓 Microsoft Corporation 2017/10/25 10.1710.2791.0

startup_windows
有効 HKCU:Run AMDDVR Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Spotify Web Helper Spotify Ltd C:\Users\nomaku\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
有効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
有効 HKLM:Run Sound Blaster Z-Series Control Panel Creative Technology Ltd "C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe" /r
無効 HKLM:Run UpdReg Creative Technology Ltd. C:\WINDOWS\UpdReg.EXE

startup_スケジュールされたタスク
有効 Task AMD ThankingURL Advanced Micro Devices, Inc. "C:\Program Files\AMD\CIM\Bin64\Setup.exe" -LAUNCHTHQURL
無効 Task OneDrive Standalone Update Task-S-1-5-21-173564043-4270010925-3132834754-1002 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
有効 Task Process Lasso Core Engine Only Bitsum LLC "C:\Program Files\Process Lasso\processgovernor.exe"
有効 Task Process Lasso Management Console (GUI) Bitsum LLC "C:\Program Files\Process Lasso\processlasso.exe"
有効 Task StartCN Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay

startup_コンテキストメニュー
有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 Directory RecuvaShellExt Piriform Ltd C:\Program Files\Recuva\RecuvaShell64.dll
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Directory ファイルの所有権
有効 Drive PowerShell ウィンドウをここに開く(S) powershell.exe -noexit -command Set-Location -literalPath '%V'
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder RecuvaShellExt Piriform Ltd C:\Program Files\Recuva\RecuvaShell64.dll

browserPlugins_IE
なし

browserPlugins_Google Chrome
有効 App Gmail 8.1 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google ドライブ 14.1 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.4 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1
有効 Extension スプレッドシート 1.2 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0
有効 Extension スライド 0.10 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0
有効 Extension ドキュメント 0.10 ユーザー 1 C:\Users\nomaku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0

レスが遅くなってすみません。
OTL処置後の状態変化はないとのことですね。

ところで、ご家庭で3代のPCをルーターで接続しているとのことですか。
先のレスでルーターのファームウェアは最新とわかりましたが、ルーターが乗っ取られる被害も増えてきています。

ルーターの設定を確認することで、改ざんの有無を見つけることも可能です。
http://pcmainbuilding.blog.fc2.com/blog-entry-5.html

こちらのページを参考に、改ざんチェックをしてみてください。

今回異常を感じたのはネットゲームがきっかけでしたか。
ネトゲは元々不正アクセス、アカウント乗っ取りが珍しくない世界なので、それをしっかり認識したうえで過剰にのめりこまない範囲で自己責任でプレイするものと思ってください。
世界的に有名なネトゲでも、そのゲームのアカウント情報を優先に盗むマルウェアが存在してます。
サーバーが海外にあり運営会社も過去の実績や素性が怪しいネトゲだとユーザーが登録した情報を集めたままいきなりサービス終了、閉鎖ということもありえます。

ネトゲで情報を盗まれる場合は、PCが感染を受けていなくても被害は防げないことを理解しておいてください。

今のところ各ログで見えた部分の脆弱性は修正されたと思われます。
ネトゲ以外に不安を感じる症状が出ていればそのことを教えてもらえますか

ルーターのDNS設定が空白だったので変更しました。
そのサイトの通りにしようとしましたが、ipv6の設定しかできないみたいなので
GoogleのIPv6のDNSサーバーアドレスの方に変更しました。

ルーターのファームウェアは04.01.0003ですが、webで確認したら0002までしか表記されてないのですが大丈夫でしょうか？

アカウントを作る際に、同じメールアドレスをいろんな所で使っているので、
そこら辺を見直そうと思います。

レスが遅くなってすみません。

>ルーターのファームウェアは04.01.0003ですが、webで確認したら0002までしか表記されてないのですが大丈夫でしょうか？

はい、NTTのページに今年1月に更新されたバージョンがありますので、これを適用したんでしょう。
https://www.ntt-west.co.jp/kiki/download/flets/

ルーターのDNS設定も修正したようですね。

>アカウントを作る際に、同じメールアドレスをいろんな所で使っているので、
>そこら辺を見直そうと思います

いわゆる「捨てアド」ならひとつのメルアドで複数使いまわしてもいいでしょうが、それで登録した各サイトのログインパスワードは同じものを使い回さないように注意です。
普通の方は面倒がって同じパスワードを複数サイトで使いまわしたがるものですが、それが不正アクセス被害の上位に挙げられる要因のひとつです。
生年月日や電話番号をパスに設定するのは悪意の者にとっては容易に調べて試すのに実に狙いやすい条件です。
ひとつの登録サイトで不正ログインできたら、そのメールボックスにあるメールも見て他のサービスにも同じパスを使いまわしていればユーザーが気づいて対処する間の短時間のうちに次々と不正ログインされかねません。

それからこれも確認しますが、ネトゲでも何でもサイトでログインした状態で、同じブラウザの別タブを開いて別のサイトをサーフィンしたりはしませんか？
これはセキュリティ上は絶対に避けるべきと思っておいてください。

「クロスサイト・スクリプティング」という、古くから存在するわりに一般の方にはあまり知られていない攻撃手法があります。
https://www.ipa.go.jp/security/vuln/vuln_contents/xss.html

Yahooでもプロバイダのサイトでも、ログインしたまま他のサイトを閲覧するのは害はあっても益はないと認識しましょう。
ログイン状態で他のサイトにアクセスしてなければここは気にしなくていいです。

あと、ブラウザ起動時は可能ならInPrivate（Firefoxならプライベートブラウジング、Chromeならシークレットウインドウ）モードを使うのもセキュリティ上はいくらか有効です。
ですがこのモードだと正常に閲覧やログインさえできない（させない）サイトやサービスも多いので、そういうサイトはどこまで信頼できるかと、ご自身にとって必要かを秤にかけて判断してみるのも大事です。

ブラウザの基本設定だけでも調べてみると奥が深いのに気づくはずです。
使用している各ブラウザの設定項目を暇な時にでもひとつずつ観察し直すこともお勧めします

>登録した各サイトのログインパスワードは同じものを使い回さないように注意です。

>ネトゲでも何でもサイトでログインした状態で、同じブラウザの別タブを開いて別のサイトをサーフィンしたりはしませんか？

どちらも思い当たるところがあります。
気になったのが、時々youtubeで投稿者のページにいくとその人の名前と投稿されている動画が別物だったりして、
読み込みミスだと思ったのですが、そんなこと今までなかったので偽サイトだったのかもしれません。

ログインしたままと言うのは、ログインした状態のサイトのタブを消して他のサイトを見るということも同じでしょうか？

もう一つ思い出した。chrome実行時、左下に[スクリプトを実行しています]みたいな文字が出てきていました。
今は出てきていません。

今夜もレスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて倒すのが悪代官の策略です（←いったい何と戦ってるんだ

>ログインしたままと言うのは、ログインした状態のサイトのタブを消して他のサイトを見るということも同じでしょうか？

ログアウトしないのであればブラウザ自体を一度終了して再起動しない限り同じことです。
複数タブのうちログインしていたページのタブだけを閉じて、そのまま新規タブで同じサイトを開いてみればログイン状態が続いているのもわかります。

>chrome実行時、左下に[スクリプトを実行しています]みたいな文字が出てきていました

Chromeに入れた拡張によって、Chorme起動時に動作するものも変わります。
またChromeを含めてGoogle系のアプリはいずれもバックグラウンドで更新等の確認を含む通信も行うので、それらが動いていることもあるでしょう。

Chromeを使うなら各種コマンドを理解して使うのがいいでしょう。

Chromeのアドレスバーに下記をコピペで貼り付けて移動してみてください。

chrome://chrome-urls/

その画面では「chrome:」で始まるコマンドが並んでいるはずですが、そのコマンド類がChromeの設定と動作を管理するのに役立ちます。
例えば下記を開けば
chrome://extensions/

Chromeにインストールされた拡張類の確認とその設定ができます。

そして下記画面では

chrome://settings/

表示された項目を開くことで更に細かい設定も可能です。

chrome://chrome-urls/をブックマークに入れておけばいつでも各種設定画面を開けます。
ブラウザに限らずどんなプログラムでも、設定と機能を理解して使いこなすことで、眠っている機能を引き出すことも可能なのを覚えておくといいです

chrome://chrome-urls/を調べてみました。
私にはよく分からない項目がほとんどで使いこなすのは難しそうです。

関係ないかもしれませんが、前回のレス後、再起動した時に
「ごみ箱が壊れています。このドライブのごみ箱を空にしますか？」と出てきました。
はいを選択して今は問題なく使えています。

あと、chromeの設定で「危険なアプリやサイトの検出に役立てるために一部のシステム情報やページのコンテンツを
Google に自動送信する」がオンにしていたと思ってたのが、オフになっていました。
記憶違いかもしれないです。

悪代官様に相談させて頂いて、私のセキュリティ対策は偏っていたように思いました。
メルアド、アカウントの管理を見直していこうと思います。
相談に乗って頂き、様々なアドバイスありがとうございます。

連続ですみません。
今回のチェックで何か見つかっていたら安心したんですが、不安な部分もあって
他の投稿も見て調べてみたんですが、hostsファイルの改ざんのチェックで

https://freesoft.tvbok.com/tips/security/hosts_file_manipulation.html

このサイトに書いてあるようにhostsファイルを見てみたんですが、

-----------------------------------
127.0.0.1 localhost
::1 localhost
-----------------------------------

の2行だけでした。上のサイトのように#も付いてませんし、2行だけですが問題ないでしょうか？
一応書いてある通りにファイルを置き換えました。
知識がないだけに少しの違いにも敏感になってしまっていますが、よろしくお願いします。

こんばんは。サインと申します。

先の操作でOTLの[resethosts]を実行していますので、hostsファイルが初期化されています。
普段意識していないのであれば、その2行の#はついていてもいなくてもよいです。

#がどういう意味なのかついては、「コメントアウト」等のキーワードで検索するとわかるかと思います。

レスが遅くなってすみません。

サインさん、フォローありがとうございます。

hostsファイルについて確認ですね。
既にサインさんからも案内してくれたように、今回見せてくれた内容なら改ざんされていはいないでしょう。
改ざんされるときは本来安全なサイトへのアクセスを別のよくないサイトへリダイレクトさせたり、逆にセキュリティソフトのダウンロード、更新を阻害する形にしますが、そのような痕跡は見えませんので。

気になるなら、リンク先サイトを参考に「Windows 10/8.1/8の場合」の手順でhostsファイルの内容をデフォルトに置き換えて編集すればいいです。

ついでに案内すると、現在では検出保護力であまり高性能とは言えなくなったスパイウェア対策ソフトのSpybot-S&Dも「免疫化」機能を使うとhostsファイルをかなりの範囲で編集と保護してくれるので、それだけでも基本のセキュリティが高まりますが、Spybotは設定と機能をできるだけ把握して正しく使わないと不具合にもつながるので、自分としては皆にお勧めもしません。

また、Spybotは設定しておけば定期的にhostsファイルのバックアップも作成してくれるので、もしhostsが改ざんされても過去のバックアップでクリーンな時点のhostsに戻すことも可能です。

高性能とは見えないセキュリティソフトでも上手く使えば隠れた性能を引き出すことも可能と言うことは頭に入れておくといいです