インターネット中他サイトへ飛ばされる事が有ります。
お久しぶりです。
以前お世話になりました
http://akudaikan-0.bbs.fc2.com/?act=reply&tid=6819111#14154550 ふさふさ野と申します。

前回ご相談させていただいた際には大変お世話になりました。
先週より二度ほどインターネット使用中にウインドウズのセキュリティシステムが破損しておりますと言うポップが出るサイトや、
使ってるクロームのバージョンが古いので新しくダウンロードしてください。と言うサイトに飛ばされる事が起きました。
その時はウインドウを閉じて終えたのですが、念のためAdwCleanerにてチェックしたところ

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL

こちらが検出され削除する事ができましたが、そちらが原因が分からず不安が有るため
またお力を貸して頂きたく、書き込みさせて頂きました。
お忙しいとは思いますが宜しくお願いいたします。
ブラウザはChromeを使用しております。

HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:42:48, on 2018/05/01
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18978)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\NTTW\Security\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\chrome_extension2\host\chrome_native_msg_host.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
C:\Users\atsuko\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: Windows Live ID サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: 故障かな?と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {4D8DD706-6972-460D-A51B-EB7F7687E450} (ActiveMpp Class) - http://muji.livingstyle.jp/sim/dfls//3dx/ActiveMPP.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10816 bytes

CCログ

Acer Crystal Eye Webcam CyberLink Corp. 2012/05/16 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2012/05/16 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/04/16 5.00.3507
Acer Instant Update Service Acer Incorporated 2012/04/16 9.42 MB 1.00.3004
Acer Registration Acer Incorporated 2016/04/06 1.04.3506
Apple Application Support(32 ビット) Apple Inc. 2018/04/01 138 MB 6.4
Apple Application Support(64 ビット) Apple Inc. 2018/04/01 153 MB 6.4
Apple Mobile Device Support Apple Inc. 2018/04/21 25.8 MB 11.3.1.6
Apple Software Update Apple Inc. 2018/04/01 4.03 MB 2.6.0.1
Bonjour Apple Inc. 2015/09/22 2.01 MB 3.1.0.1
Broadcom Card Reader Driver Installer Broadcom Corporation 2012/09/16 2.76 MB 15.0.7.2
Broadcom NetLink Controller Broadcom Corporation 2012/05/16 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2012/05/16 5.100.82.120
CCleaner Piriform 2018/05/01 5.42
Dolby Home Theater v4 Dolby Laboratories Inc 2012/05/16 28.0 MB 7.2.7000.7
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2012/05/16 10.6.9.9
Google Chrome Google Inc. 2016/10/11 65.0.3325.181
iCloud Apple Inc. 2018/04/02 153 MB 7.4.0.111
Identity Card Acer Incorporated 2016/04/06 1.00.3501
Intel(R) Control Center Intel Corporation 2012/05/16 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/05/16 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2012/05/16
Intel(R) Processor Graphics Intel Corporation 2012/05/16 8.15.10.2653
Intel(R) Rapid Storage Technology Intel Corporation 2012/05/16 11.1.0.1006
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2012/05/16 1.0.4.220
Intel® Trusted Connect Service Client Intel Corporation 2012/05/16 10.6 MB 1.23.605.1
iTunes Apple Inc. 2018/04/21 400 MB 12.7.4.80
Launch Manager Acer Inc. 2016/04/06 5.1.15
Microsoft .NET Framework 4.7.1 Microsoft Corporation 2018/02/14 38.8 MB 4.7.02558
Microsoft .NET Framework 4.7.1 (日本語) Microsoft Corporation 2018/02/15 4.7.02558
Microsoft Silverlight Microsoft Corporation 2017/06/14 745 MB 5.1.50907.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/04/16 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/04/16 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2012/05/16 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2012/05/16 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/09/02 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/04/16 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/04/16 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2012/05/16 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/09/02 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 25.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 12.1 MB 10.0.30319
Mozilla Firefox 59.0.3 (x64 ja) Mozilla 2018/05/01 144 MB 59.0.3
Mozilla Maintenance Service Mozilla 2018/05/01 279 KB 59.0.3
MyWinLocker Suite Egis Technology Inc. 2012/04/16 2.63 MB 4.0.14.19
NTI Media Maker 9 NTI Corporation 2012/05/16 0.96 GB 9.0.2.9006
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2013/12/26
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2012/05/16 6.0.1.6543
WIDCOMM Bluetooth Software Broadcom Corporation 2012/05/16 289 MB 6.5.1.2610
Windows Live Essentials Microsoft Corporation 2012/04/16 15.4.3538.0513
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2012/05/16 13.2 MB 2.5.1.0
スタートアップツール 西日本電信電話株式会社 2016/10/07 3.30 MB 8.0.2
セキュリティ対策ツール 西日本電信電話株式会社 2017/05/30 450 MB 11.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2017/05/30 3.60 MB 7.6.0.14
診断復旧ツール 西日本電信電話株式会社 2014/05/31 12.5 MB
コミュニケーションツール 西日本電信電話株式会社 2012/09/12 30.6 MB 7.5.0000

  • ふさふさ野
  • 2018/05/01 (Tue) 10:58:05
ACのバージョンとログ確認から
こんばんは。
管理人の悪代官です。

2年前にも来られた方ですね。
今回はACでの検出結果での相談ですか。

2つのログを見せてもらいましたが、少し脆弱性は見えるものの現時点では感染らしい兆候は見えないようです。
直接の被害は出てなくてもそのままでは今後問題も起きるので、修正しながら調べてみましょうか。

まず確認しますが、今回検出されたACのバージョンはいくつですか?
ACは最新版がリリースされているので現在は7.1.1が最新です。
まだ更新されてないバージョンでスキャン、検出されたなら最新版をDLしてから再度スキャンしてみてください。
既に最新版でスキャンしたなら、そのログも見せてもらえますか。
ACを起動して「ログファイル」欄でスキャンと検出があった日時のリストを選択してダブルクリックすればそのログが表示されるので、そのログを次回レスで見せてください。

それと下記アプリは既にサポート終了なので、入れていても脆弱性を抱えるだけです。
>Windows Live Essentials Microsoft Corporation 2012/04/16 15.4.3538.0513

本来は削除と以後は非使用推奨ですが必要として使うなら完全に自己責任になります。

とりあえずACの結果ログを見せてもらってから対処を考えましょう
  • 悪代官
  • 2018/05/01 (Tue) 19:28:31
削除時のACのログ
こんばんは、迅速なお返事有難うございます。

>それと下記アプリは既にサポート終了なので、入れていても脆弱性を抱えるだけです。
>Windows Live Essentials Microsoft Corporation 2012/04/16 15.4.3538.0513
こちらは使っていなかったので早速アンインストール致しました。

ACのバージョンですが、最新の7.1.1でした。
ログの方貼らせて頂きます。
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-04-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-01-2018
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Scanned: 40814
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

宜しくお願いいたします。
  • ふさふさ野
  • 2018/05/01 (Tue) 22:18:10
同様事例を参考にFF入れなおしを
早速のレスありがとうございます。
ログを見せてもらって大体見えてきました。

本日他の方からも同事例の相談来て、確認したところACスキャンでFFがおかしくなった可能性が大です。

ということで、下記の自分のレスを参考に
http://akudaikan-0.bbs.fc2.com/?act=reply&tid=7743185#16285589

一度FFの入れなおししてから、そこで動作確認してください。

その時点でFF動作を確認後、再度ACでスキャンだけしてみてください。

そこでまた件のエントリが再検出されても隔離は一切せず、ログだけを保存したらそのログを状態報告とともにレスください。

それを見てからまた自分もレスに来ますが、自分が次にレスできるのは明日夕か夜になりそうなので、作業も急がなくていいです。
動作に異常なくなっていれば様子見しながらPCも普通に使っていいでしょう
  • 悪代官
  • 2018/05/01 (Tue) 22:25:24
Re: インターネット中他サイトへ飛ばされる事が有ります。
迅速なお返事有難うございます。

実はFFは本日こちらでご相談をさせていただく際に、推奨ブラウザと言う事で導入したもので、
(使い慣れてておらずひとまずchromeより書き込みさせて頂いております。)
前回貼らせて頂きましたACのスキャンする際には入れていなかったため、
ひとまず教えていただきましたアドレスを参考にFFのアンインストールのみさせて頂いた状態で、保留にさせて頂きました。
こちらの説明不足で申し訳ございません。

今の所何も検出されませんでしたが、ひとます現在のACのログの方を貼らせて頂きたいと思います。
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-04-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-01-2018
# Duration: 00:00:10
# OS: Windows 7 Home Premium
# Scanned: 40814
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

宜しくお願いいたします。
  • ふさふさ野
  • 2018/05/01 (Tue) 23:54:48
今度はCCの各タブログも見ましょう
作業と報告、ご苦労様です。

FFは今のところアンインストールして再インストールはしてない状態ですね。
ではそこはいいでしょう。

見せてもらったACログでも怪しいところは見えないのでそれもいいです。
では続きの解析もしていきましょう。
現在ブラウザ状態が正常ならそれに越したことはないですが、表面上だけで安全と油断するのはいけませんし。

今度は先スレで行った作業も再試行してみてください。

CCleaner(CC)を起動して、「スタートアップ」と「ブラウザプラグイン」の各タブのログを取ってから、その各ログをレスで見せてください。
ここも見てから次の対応も考えましょう
  • 悪代官
  • 2018/05/02 (Wed) 20:40:29
CC各ログ
こんばんは、よろしくお願いいたします。

CCの各ログ貼らせて頂きます。

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run Broadcom Wireless Manager UI Broadcom Corporation C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
有効 HKLM:Run Dolby Home Theater v4 Dolby Laboratories Inc. "C:\Dolby PCEE4\pcee4.exe" -autostart
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run InstantUpdate Acer Incorporated C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
有効 HKLM:Run NTTW_OSA_AUS 西日本電信電話株式会社 "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup Common Bluetooth.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
有効 Startup Common スタートアップツール.lnk C:\Windows\Installer\{5DD4998C-C190-424F-9EC9-58C38AD67BB0}\_9B3CE635A99B6F92D5462F.exe

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EgisUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"

有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll

有効 Extension 故障かな?と思ったら・・・ 西日本電信電話株式会社 C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll

有効 Extension Activity Stream 2018.02.17.0026-173e2795 default C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Application Update Service Helper 2.0 default C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 25.0.0 default C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Follow-on Search Telemetry 0.9.6 default C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi
有効 Extension Form Autofill 1.0 default C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Mouse Gesture Events 2.3 Ternary default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\extensions\@mousegesture.xpi
有効 Extension Photon onboarding 1.0 default C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Shield Recipe Client 80 default C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi
有効 Extension TLS 1.3 gradual roll-out 8.0 default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\features\{abf7e507-3635-4e24-952f-e091a5d2b336}\tls13-rollout-bug1442042@mozilla.org.xpi
無効 Extension Trend Micro BEP Firefox Extension 9.2.0.1026 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1090 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20013\FxExt\firefoxextension
有効 Extension Trend Micro Toolbar 12.0.0.1205 default C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension
有効 Extension Web Compat 1.1 default C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

有効 App Gmail 8.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
無効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Trend ツールバー 12.0.0.1236 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\12.0.0.1236_0
無効 Extension ドキュメント 0.10 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0
無効 Plugin Adobe Acrobat 10.1.6.1 最初のユーザー C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
無効 Plugin Browser Exploit Prevention 7.5.0.1115 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1115_0\nptmbep.dll
無効 Plugin Chrome PDF Viewer 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\pdf.dll
無効 Plugin Chrome Remote Desktop Viewer 最初のユーザー internal-remoting-viewer
無効 Plugin Google Update 1.3.21.135 最初のユーザー C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
無効 Plugin Intel® Identity Protection Technology 2.0.59.0 最初のユーザー C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
無効 Plugin iTunes Application Detector 1.0.1.1 最初のユーザー C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
無効 Plugin Native Client 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\ppGoogleNaClPluginChrome.dll
無効 Plugin QuickTime Plug-in 7.7.3 7.7.3 (1680.64) 最初のユーザー C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
無効 Plugin Shockwave Flash 11.6.602.180 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\PepperFlash\pepflashplayer.dll
無効 Plugin Shockwave for Director 11.6.7r637 最初のユーザー C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
無効 Plugin Silverlight Plug-In 5.1.20125.0 最初のユーザー c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
無効 Plugin Trend Micro Titanium 6.11.0.1149 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.11.0.1175_0\npToolbarChrome.dll
無効 Plugin Windows Live™ Photo Gallery 15.4.3538.0513_ship.wlx.w4m4 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  • ふさふさ野
  • 2018/05/02 (Wed) 21:24:47
OTLで大詰めの解析します
作業と報告、ご苦労様です。
CCの各ログを見せてもらいました。
ここで見える範囲でもおかしなモノは入ってなさそうですね。

ますますACによるFFの過剰反応の疑いが高まりましたね。
まあFFはしばらく前から更新のたびにユーザーから不評な改悪を重ねているので、それらをACが検出した可能性もあります。

それでは大詰めの解析しましょう。
先のスレでも使ったOTLで踏み込んで調べます。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2018/05/03 (Thu) 19:38:22
OTLログ
お世話になっております、宜しくお願いいたします。

OTLのログの方、貼らせて頂きます。

OTL.txt
OTL logfile created on: 2018/05/03 22:33:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\atsuko\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18977)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.84 Gb Total Physical Memory | 5.93 Gb Available Physical Memory | 75.56% Memory free
15.68 Gb Paging File | 13.56 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.66 Gb Total Space | 217.70 Gb Free Space | 48.52% Space Free | Partition Type: NTFS

Computer Name: A-PC | User Name: atsuko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2018/05/03 22:24:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\atsuko\Desktop\OTL.exe
PRC - [2018/03/18 20:57:08 | 000,067,384 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2018/03/16 15:20:02 | 000,067,896 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2017/11/18 01:40:40 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
PRC - [2016/08/23 15:43:40 | 001,705,976 | ---- | M] (西日本電信電話株式会社) -- C:\Program Files (x86)\NTTW\StartUpToolN\StartUpTool_w.exe
PRC - [2012/04/06 20:29:22 | 000,022,120 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
PRC - [2012/04/06 20:29:20 | 000,040,552 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
PRC - [2012/03/23 18:33:48 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/03/23 18:33:46 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2012/03/23 18:33:44 | 001,105,488 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2012/02/27 20:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2018/03/16 15:20:14 | 001,042,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2018/03/16 15:19:32 | 000,189,752 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2018/02/11 01:09:46 | 012,437,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4ea97ae445cc4ce417b396037cd49621\System.Windows.Forms.ni.dll
MOD - [2018/02/11 01:09:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\223c5897d6951604bb47b2f3e4107a92\System.Drawing.ni.dll
MOD - [2018/02/11 01:04:16 | 008,003,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e45cf03d42149d19daffb3e0a5c61a68\System.ni.dll
MOD - [2017/11/30 18:55:04 | 000,076,088 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2017/09/13 18:47:44 | 011,500,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9f895c66454577eff9c77442d0c84f71\mscorlib.ni.dll
MOD - [2012/04/06 20:29:22 | 000,022,120 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
MOD - [2012/04/06 20:29:20 | 000,040,552 | ---- | M] () -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2018/03/23 06:06:18 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2017/03/28 20:40:28 | 001,145,856 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2016/08/23 01:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/05/16 01:14:28 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:[b]64bit:[/b] - [2012/03/21 13:03:16 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2012/02/07 17:53:48 | 000,871,296 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:[b]64bit:[/b] - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/01/20 16:15:14 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2017/10/04 01:21:36 | 000,107,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/05/16 01:18:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2012/02/20 13:18:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/06/21 12:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018/01/22 18:45:06 | 000,132,728 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2018/01/17 01:18:34 | 000,562,296 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2017/12/14 04:29:34 | 000,115,104 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TMUMH.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2017/10/16 00:53:44 | 000,120,464 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2017/10/16 00:53:42 | 000,437,400 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2017/10/16 00:53:38 | 000,143,512 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2016/06/21 11:23:12 | 000,143,648 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2015/06/10 23:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/05/16 01:14:26 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2012/05/16 01:14:26 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:[b]64bit:[/b] - [2012/05/16 01:14:25 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:[b]64bit:[/b] - [2012/05/03 22:59:06 | 000,081,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:[b]64bit:[/b] - [2012/04/16 23:48:03 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2012/04/16 23:48:03 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2012/04/16 23:48:03 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:22 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:22 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:18 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:18 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:18 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2012/03/22 06:23:18 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2012/03/07 22:48:20 | 000,238,384 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/27 20:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/02/27 20:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/02/27 20:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/02/15 03:47:38 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2012/01/20 16:14:34 | 000,016,128 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2012/01/19 00:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011/12/06 20:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/10 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:38 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:36 | 000,068,648 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:[b]64bit:[/b] - [2011/09/02 14:36:58 | 000,051,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.jp/
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = C1 8D 18 22 F1 01 D2 01 [binary data]
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "google.co.jp/"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff@trendmicro.com: C:\PROGRAM FILES\NTTW\SECURITY\AMSP\MODULE\20002\9.2.1026\9.2.1026\FIREFOXEXTENSION [2017/05/30 22:54:31 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{c2056674-a37f-4b29-9300-2004759d74fe}: C:\PROGRAM FILES\NTTW\SECURITY\AMSP\MODULE\20013\FXEXT\FIREFOXEXTENSION\ [2017/05/30 22:54:58 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fftmtoolbar@trendmicro.com: C:\PROGRAM FILES\NTTW\SECURITY\SEC\UIFRAMEWORK\TOOLBAR\FIREFOXEXTENSION [2018/01/10 22:09:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\NTTW\Security\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff@trendmicro.com: C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2017/05/30 22:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{c2056674-a37f-4b29-9300-2004759d74fe}: C:\Program Files\NTTW\Security\AMSP\module\20013\FxExt\firefoxextension\ [2017/05/30 22:54:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fftmtoolbar@trendmicro.com: C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension [2018/01/10 22:09:45 | 000,000,000 | ---D | M]

[2018/05/01 10:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\Extensions
[2018/05/01 10:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\SystemExtensionsDev
[2018/05/01 10:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\Firefox\Profiles\l6gkqugu.default\browser-extension-data
[2018/05/01 11:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\Firefox\Profiles\l6gkqugu.default\browser-extension-data\@mousegesture
[2018/05/01 10:07:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\Firefox\Profiles\l6gkqugu.default\browser-extension-data\{506e023c-7f2b-40a3-8066-bc5deb40aebe}
[2018/05/01 11:00:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\Firefox\Profiles\l6gkqugu.default\extensions
[2018/05/01 10:07:05 | 000,020,899 | ---- | M] () (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\firefox\profiles\l6gkqugu.default\extensions\@mousegesture.xpi
[2018/05/01 10:13:34 | 000,006,212 | ---- | M] () (No name found) -- C:\Users\atsuko\AppData\Roaming\mozilla\firefox\profiles\l6gkqugu.default\features\{abf7e507-3635-4e24-952f-e091a5d2b336}\tls13-rollout-bug1442042@mozilla.org.xpi

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\12.0.0.1236_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6518.129.0.1_0\
CHR - Extension: No name found = C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6618.312.0.2_0\

O1 HOSTS File: ([2016/04/05 21:37:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロネットワークフィルタプラグイン) - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロIEプロテクション) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (トレンドマイクロネットワークフィルタプラグイン) - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (トレンドマイクロIEプロテクション) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (セキュリティツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (セキュリティツールバー) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [InstantUpdate] C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Platinum] C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NTTW_OSA_AUS] C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe (西日本電信電話株式会社)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-822167610-4187586497-2688661879-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-822167610-4187586497-2688661879-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: 故障かな?と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe (西日本電信電話株式会社)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4D8DD706-6972-460D-A51B-EB7F7687E450} http://muji.livingstyle.jp/sim/dfls//3dx/ActiveMPP.cab (ActiveMpp Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77F2CAEF-BD87-4CDA-863E-FC455F11258D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F757B5EC-0773-42CA-923D-9F31888D019B}: DhcpNameServer = 172.20.10.1
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmop {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmop {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll (–|ÈÕ±¾ëŠÐÅëŠÔ’Öêʽ»áÉç)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  • ふさふさ野
  • 2018/05/03 (Thu) 23:22:26
OTLログ2
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB} - .NET Framework
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E0C7523C-686B-3EE6-8FB1-CB4339E30EDD} - .NET Framework
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BCF0C1F7-671C-3922-A7EA-8AC11F4FC0EB} - .NET Framework
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E0C7523C-686B-3EE6-8FB1-CB4339E30EDD} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/05/03 22:24:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\atsuko\Desktop\OTL.exe
[2018/05/01 22:08:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2018/05/01 22:05:32 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Local\{0C1E312B-40A7-455D-91BA-E0C1AC09C21D}
[2018/05/01 22:03:15 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Local\{6E0DB177-4173-4299-8B97-9B97F982CA18}
[2018/05/01 10:59:34 | 000,000,000 | ---D | C] -- C:\Users\atsuko\Desktop\pc
[2018/05/01 10:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2018/05/01 10:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2018/05/01 10:40:26 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\atsuko\Desktop\HijackThis.exe
[2018/05/01 10:04:55 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Roaming\Mozilla
[2018/05/01 10:04:55 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Local\Mozilla
[2018/05/01 01:37:04 | 007,271,632 | ---- | C] (Malwarebytes) -- C:\Users\atsuko\Desktop\adwcleaner_7.1.1.exe
[2018/04/21 01:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2018/04/21 01:47:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2018/04/21 01:47:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2018/04/12 00:17:49 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018/04/12 00:17:49 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2018/04/12 00:17:49 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018/04/12 00:17:49 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018/04/12 00:17:49 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2018/04/12 00:17:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018/04/12 00:17:49 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018/04/12 00:17:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2018/04/12 00:17:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018/04/12 00:17:49 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2018/04/12 00:17:49 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2018/04/12 00:17:48 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018/04/12 00:17:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2018/04/12 00:17:48 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2018/04/12 00:17:47 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018/04/12 00:17:47 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2018/04/12 00:17:47 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018/04/12 00:17:47 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018/04/12 00:17:47 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018/04/12 00:17:47 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018/04/12 00:17:47 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018/04/12 00:17:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2018/04/12 00:17:47 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2018/04/12 00:17:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018/04/12 00:17:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2018/04/12 00:17:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2018/04/12 00:17:46 | 002,135,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018/04/12 00:17:46 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2018/04/12 00:17:46 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018/04/12 00:17:46 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018/04/12 00:17:45 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018/04/12 00:17:45 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018/04/12 00:17:45 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018/04/12 00:17:45 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018/04/12 00:17:45 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2018/04/12 00:17:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018/04/12 00:17:45 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018/04/12 00:17:44 | 005,780,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018/04/12 00:17:44 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2018/04/12 00:17:44 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018/04/12 00:17:44 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018/04/12 00:17:43 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018/04/12 00:17:43 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018/04/12 00:17:43 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018/04/12 00:17:42 | 003,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018/04/12 00:17:41 | 005,583,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/04/12 00:17:41 | 004,046,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018/04/12 00:17:41 | 001,665,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/04/12 00:17:41 | 000,995,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2018/04/12 00:17:41 | 000,922,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2018/04/12 00:17:41 | 000,631,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/04/12 00:17:41 | 000,383,680 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2018/04/12 00:17:41 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2018/04/12 00:17:41 | 000,309,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2018/04/12 00:17:41 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2018/04/12 00:17:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2018/04/12 00:17:41 | 000,170,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2018/04/12 00:17:41 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2018/04/12 00:17:41 | 000,148,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2018/04/12 00:17:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2018/04/12 00:17:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2018/04/12 00:17:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2018/04/12 00:17:41 | 000,066,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2018/04/12 00:17:41 | 000,063,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2018/04/12 00:17:41 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2018/04/12 00:17:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2018/04/12 00:17:41 | 000,020,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2018/04/12 00:17:41 | 000,019,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2018/04/12 00:17:41 | 000,019,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2018/04/12 00:17:41 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2018/04/12 00:17:41 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2018/04/12 00:17:41 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2018/04/12 00:17:41 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2018/04/12 00:17:41 | 000,016,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2018/04/12 00:17:41 | 000,016,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2018/04/12 00:17:41 | 000,015,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2018/04/12 00:17:41 | 000,015,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2018/04/12 00:17:41 | 000,014,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2018/04/12 00:17:41 | 000,014,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2018/04/12 00:17:41 | 000,014,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-2-0.dll
[2018/04/12 00:17:41 | 000,014,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-2-0.dll
[2018/04/12 00:17:41 | 000,013,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2018/04/12 00:17:41 | 000,013,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-2-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-2-0.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-1.dll
[2018/04/12 00:17:41 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-1.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l2-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l2-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-timezone-l1-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-timezone-l1-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l2-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l2-1-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-2-0.dll
[2018/04/12 00:17:41 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-2-0.dll
[2018/04/12 00:17:40 | 001,461,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/04/12 00:17:40 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/04/12 00:17:40 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018/04/12 00:17:40 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/04/12 00:17:40 | 000,708,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/04/12 00:17:40 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018/04/12 00:17:40 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/04/12 00:17:40 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/04/12 00:17:40 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018/04/12 00:17:40 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/04/12 00:17:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018/04/12 00:17:40 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/04/12 00:17:40 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018/04/12 00:17:40 | 000,262,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/04/12 00:17:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/04/12 00:17:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018/04/12 00:17:40 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018/04/12 00:17:40 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/04/12 00:17:40 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018/04/12 00:17:40 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/04/12 00:17:40 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018/04/12 00:17:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/04/12 00:17:40 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018/04/12 00:17:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2018/04/12 00:17:40 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018/04/12 00:17:40 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018/04/12 00:17:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/04/12 00:17:40 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2018/04/12 00:17:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/04/12 00:17:40 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018/04/12 00:17:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/04/12 00:17:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018/04/12 00:17:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2018/04/12 00:17:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018/04/12 00:17:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018/04/12 00:17:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/04/12 00:17:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018/04/12 00:17:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/04/12 00:17:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2018/04/12 00:17:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/04/12 00:17:38 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018/04/12 00:17:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018/04/12 00:17:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018/04/12 00:17:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/04/12 00:17:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018/04/12 00:17:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018/04/12 00:17:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018/04/12 00:17:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/04/12 00:17:37 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/04/12 00:17:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018/04/12 00:17:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018/04/12 00:17:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/04/12 00:17:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/04/12 00:17:37 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2018/04/12 00:17:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2018/04/12 00:17:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/04/12 00:17:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018/04/12 00:17:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018/04/12 00:17:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/04/12 00:17:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018/04/12 00:17:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018/04/12 00:17:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018/04/12 00:17:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018/04/12 00:17:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018/04/12 00:17:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018/04/12 00:17:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018/04/12 00:17:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018/04/12 00:09:24 | 001,559,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2018/04/12 00:09:24 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2018/04/12 00:09:24 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2018/04/12 00:09:23 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2018/04/12 00:09:23 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2018/04/12 00:09:23 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2018/04/12 00:09:23 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll
[2018/04/12 00:09:23 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2018/04/12 00:09:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2018/04/12 00:09:23 | 000,135,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2018/04/05 01:21:54 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Local\{F58D6AA2-584B-4B89-9592-B6F2B0774F8C}
[2018/04/04 04:42:14 | 000,000,000 | ---D | C] -- C:\Users\atsuko\AppData\Local\{AD9B18E1-7F4F-4A1B-ABF9-6BE3A810B983}

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/05/03 22:24:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\atsuko\Desktop\OTL.exe
[2018/05/03 22:24:11 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018/05/03 22:24:11 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018/05/03 22:15:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018/05/03 22:15:22 | 2020,360,191 | -HS- | M] () -- C:\hiberfil.sys
[2018/05/03 03:13:46 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/05/01 22:44:16 | 006,086,080 | ---- | M] (Geek Unіnstaller) -- C:\Users\atsuko\Desktop\geek.exe
[2018/05/01 10:46:08 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/05/01 10:40:27 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\atsuko\Desktop\HijackThis.exe
[2018/05/01 10:09:58 | 000,757,681 | ---- | M] () -- C:\Users\atsuko\Desktop\bookmarks_2018_05_01.html
[2018/05/01 01:37:11 | 007,271,632 | ---- | M] (Malwarebytes) -- C:\Users\atsuko\Desktop\adwcleaner_7.1.1.exe
[2018/04/29 01:06:51 | 001,375,550 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018/04/29 01:06:51 | 000,677,504 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018/04/29 01:06:51 | 000,434,452 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2018/04/29 01:06:51 | 000,130,146 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2018/04/29 01:06:51 | 000,130,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018/04/21 01:47:58 | 000,001,751 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2018/04/12 06:10:17 | 000,267,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018/04/12 03:03:48 | 136,971,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/05/01 10:46:08 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018/05/01 10:09:58 | 000,757,681 | ---- | C] () -- C:\Users\atsuko\Desktop\bookmarks_2018_05_01.html
[2018/04/21 01:47:58 | 000,001,751 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/08/09 23:55:30 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2016/12/31 19:11:10 | 000,125,549 | ---- | C] () -- C:\Users\atsuko\image913.JPG
[2016/12/31 19:10:50 | 000,127,644 | ---- | C] () -- C:\Users\atsuko\image412.JPG
[2016/12/31 19:10:45 | 000,109,144 | ---- | C] () -- C:\Users\atsuko\image311.JPG
[2016/12/31 19:10:29 | 000,130,757 | ---- | C] () -- C:\Users\atsuko\image210.JPG
[2016/12/31 19:10:23 | 000,122,101 | ---- | C] () -- C:\Users\atsuko\image109.JPG
[2016/12/31 19:10:15 | 000,926,622 | ---- | C] () -- C:\Users\atsuko\image508.JPG
[2016/12/31 19:10:07 | 000,055,300 | ---- | C] () -- C:\Users\atsuko\image407.JPG
[2016/12/31 19:10:00 | 000,066,394 | ---- | C] () -- C:\Users\atsuko\image306.JPG
[2016/12/31 19:09:53 | 000,050,624 | ---- | C] () -- C:\Users\atsuko\image205.JPG
[2016/12/31 19:09:45 | 000,079,395 | ---- | C] () -- C:\Users\atsuko\image104.JPG
[2016/12/31 19:09:34 | 000,051,383 | ---- | C] () -- C:\Users\atsuko\image303.JPG
[2016/12/31 19:09:23 | 000,049,924 | ---- | C] () -- C:\Users\atsuko\image202.JPG
[2016/12/31 19:09:13 | 000,067,922 | ---- | C] () -- C:\Users\atsuko\image101.JPG
[2016/11/06 04:43:38 | 002,346,058 | ---- | C] () -- C:\Users\atsuko\bookmarks_2016_11_06.html
[2013/02/21 21:42:47 | 000,253,226 | ---- | C] () -- C:\Users\atsuko\IMG_1306.png
[2013/01/29 19:57:46 | 002,739,871 | ---- | C] () -- C:\Users\atsuko\IMG_0482.JPG
[2013/01/15 02:49:09 | 000,000,036 | ---- | C] () -- C:\Users\atsuko\AppData\Local\housecall.guid.cache
[2012/11/09 00:16:08 | 002,113,081 | ---- | C] () -- C:\Users\atsuko\IMGP0179.JPG
[2012/11/09 00:16:00 | 002,361,400 | ---- | C] () -- C:\Users\atsuko\IMGP0178.JPG
[2012/11/09 00:15:33 | 002,310,858 | ---- | C] () -- C:\Users\atsuko\IMGP0176.JPG
[2012/11/09 00:15:22 | 002,342,053 | ---- | C] () -- C:\Users\atsuko\IMGP0175.JPG
[2012/11/09 00:14:58 | 002,337,082 | ---- | C] () -- C:\Users\atsuko\IMGP0173.JPG
[2012/09/28 22:39:01 | 000,057,066 | ---- | C] () -- C:\Users\atsuko\130.gif
[2012/09/28 22:37:07 | 000,005,226 | ---- | C] () -- C:\Users\atsuko\010.gif
[2012/09/28 22:29:20 | 000,032,293 | ---- | C] () -- C:\Users\atsuko\38.png
[2012/09/02 03:52:08 | 000,134,692 | ---- | C] () -- C:\Users\atsuko\6a0133f38cb3f3970b0167624f2989970b.png
[2012/09/02 01:15:40 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018/01/01 11:18:30 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018/01/01 11:00:12 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  • ふさふさ野
  • 2018/05/03 (Thu) 23:23:43
OTLログ3
[color=#E56717]========== Custom Scans ==========[/color]
[2012/05/16 00:59:12 | 000,000,000 | -H-D | M] -- C:\book
[2012/05/16 00:55:09 | 000,000,000 | -H-D | M] -- C:\Intel
[2012/09/01 23:55:09 | 000,000,000 | -H-D | M] -- C:\OEM
[2017/05/23 04:45:20 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk
[2012/09/02 00:30:13 | 000,000,000 | -H-D | M] -- C:\OEM\Registration
[2012/09/04 03:48:24 | 000,000,000 | -H-D | M] -- C:\OEM\Preload\OEM\Recovery\HPartition
[2017/05/23 04:45:32 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/05/16 01:02:03 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2018/04/21 01:47:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2012/09/14 00:19:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\BDNAV
[2013/11/30 21:34:02 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2012/09/02 04:33:00 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\MediaEspresso\6.5
[2012/09/02 04:32:59 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\MediaEspresso\6.5
[2012/09/14 00:19:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\Movie SDK\9.00
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\2017-05-30-13-59-11
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\bffaae00
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\Config\bffaae00\2017-05-30-13-59-11
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\MBR\2017-05-30-13-59-11
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\bffaae00
[2017/05/30 22:59:11 | 000,000,000 | -H-D | M] -- C:\TMRescueDisk\VBR\bffaae00\2017-05-30-13-59-11
[2012/09/01 23:53:12 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2018/04/21 01:47:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2012/09/14 00:19:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\BDNAV
[2013/11/30 21:34:02 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2012/09/02 04:33:00 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\MediaEspresso\6.5
[2012/09/02 04:32:59 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\MediaEspresso\6.5
[2012/09/14 00:19:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\Movie SDK\9.00
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2012/09/01 23:53:23 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData
[2012/09/20 22:40:52 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2012/09/01 23:55:30 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2016/03/23 05:34:44 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2012/09/02 02:38:13 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2012/09/01 23:55:35 | 000,000,000 | RH-D | M] -- C:\Users\atsuko\AppData\Local\Microsoft\Windows\Burn\Burn
[2013/11/30 21:33:56 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\CyberLink\MediaCache
[2017/05/30 22:55:06 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/02/19 01:56:54 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\Microsoft\Windows\DNTException\Low
[2013/05/31 02:51:49 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[2013/05/31 04:52:00 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
[2013/05/29 14:13:10 | 000,000,000 | -H-D | M] -- C:\Users\atsuko\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[2009/07/14 12:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2018/05/01 23:05:50 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2012/09/02 00:04:57 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2013/11/30 21:33:49 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg
[2013/11/30 21:33:50 | 000,000,000 | -H-D | M] -- C:\Users\Public\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{7AD1ACC7-6558-427a-8564-76F67706C366}\Version\6.5
[2014/11/26 23:57:58 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2009/07/14 13:45:47 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2012/09/02 00:05:19 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2012/09/02 01:15:40 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9500325AS
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 17.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 18254659584
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 449.00GB
Starting Offset: 18359517184
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2015/10/30 02:50:29 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2018/02/03 03:14:47 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2018/01/01 11:18:17 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2018/03/31 09:58:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2017/12/06 02:36:37 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2017/12/06 02:08:22 | 000,145,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2018/01/01 11:18:28 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/07/14 16:24:58 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/13 02:14:48 | 000,502,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2018/01/01 11:18:24 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2017/08/11 15:35:01 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/09/21 20:51:57 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2018/01/01 11:04:05 | 000,559,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2018/03/31 09:58:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2018/01/01 11:18:28 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/02/09 18:55:34 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2018/03/31 09:58:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2018/01/01 11:18:28 | 001,110,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/06/15 02:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2016/06/15 02:16:23 | 000,680,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2018/01/01 11:18:23 | 000,828,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2018/02/03 02:36:19 | 000,128,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2018/02/03 02:46:17 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2017/05/11 00:14:53 | 002,651,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2017/09/14 00:28:12 | 000,886,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • ふさふさ野
  • 2018/05/03 (Thu) 23:24:47
Extras.txtログ
OTL Extras logfile created on: 2018/05/03 22:33:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\atsuko\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18977)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.84 Gb Total Physical Memory | 5.93 Gb Available Physical Memory | 75.56% Memory free
15.68 Gb Paging File | 13.56 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.66 Gb Total Space | 217.70 Gb Free Space | 48.52% Space Free | Partition Type: NTFS

Computer Name: A-PC | User Name: atsuko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00673338-3345-4C0E-8ECB-FEF47CC1B920}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0EF8067C-500F-40B7-9DDC-8F2FCB08B8F8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17C20271-89AE-4277-9475-7919D76D1B92}" = lport=137 | protocol=17 | dir=in | app=system |
"{191F411A-0309-40E6-92BF-FA79B83A6C0E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{20652E7B-A285-4DC2-A0D5-D51E26B500D7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2322E236-AC08-445F-B834-12A887859095}" = rport=445 | protocol=6 | dir=out | app=system |
"{3266B361-0062-4FA0-B086-EBF1EF6DA3CE}" = rport=137 | protocol=17 | dir=out | app=system |
"{38C21635-E8E5-4B3D-89F0-A96A2A916CF7}" = lport=138 | protocol=17 | dir=in | app=system |
"{5AA59C7D-4014-477D-B42A-D2FA83AE3063}" = lport=139 | protocol=6 | dir=in | app=system |
"{5CABFEC9-B340-4DB6-837D-DAFE6B6104F3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{613FE233-E0C6-4001-A50A-48916C252C19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A1A6C3C-5403-4786-A42D-1289F80B31BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{934860D1-8670-4BEB-A0B1-F938F905DD38}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{989F6B15-F2AB-4EE9-9C6D-4A78AE18FB5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A7C827F-1B64-41EA-8992-A2CCE3B124DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6F24D01-F77A-4642-B606-FF4E99F8EF08}" = rport=139 | protocol=6 | dir=out | app=system |
"{B7E9D056-D28A-4CDE-93DF-6DA9AF96E950}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{C4D0D8D5-E7F1-4CA9-9E56-8BDEF18C9D89}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C74FB15C-8F17-4AD0-80FC-99B6CF1F3AD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD53235D-30E8-413F-93BD-3E297EBEC251}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFCD8D9E-C145-446F-A4BC-7E0A2060F2E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3E338F5-9745-417E-A860-A6146E10F41F}" = rport=138 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15C9162A-927E-48D9-A78F-FBC7028EBE94}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1BB91484-5DF7-4C55-A023-9CC300CE330E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{22B399EB-92FC-4713-9FA1-452B4D6FB7B5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2516EDC9-886C-42B1-B3AD-BF82BE4139A9}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe |
"{32CF19AE-6BB9-4105-B895-E88B35BCBC03}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3CA431E6-A2B6-4229-9D6C-A45F934F6BA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41B4AC04-A998-4589-BF28-B03ABA38C1C2}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4AEE4888-256A-4E36-96EC-86EDCF7864B3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4CCE96DD-46EF-4840-99FA-45FC1DF466F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4EBE6A8F-0654-4763-A612-6CD098D618D2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{50258977-E1DF-4450-A433-C344E74FF92B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{534488EF-FAFF-40AF-96BD-17F6610CD645}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E3A9875-2ABF-40D3-A1C5-32FACE610103}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64BCDB9B-0E51-45E6-9DB7-15520C7637A7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{6913A5DB-2112-4EB8-9177-E50619E3368A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{698B86F6-642F-46DF-BC95-9856200ED746}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{6DD4E819-6CD4-41EA-A118-E4665C4004B9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{6F286104-B4FC-4FBC-95A6-E83467A69D81}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{70A894F6-D511-41C5-AD8C-C07269D8F6A9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7A1152E1-B27D-4497-B6FF-4F87C4115E98}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7AF74056-D5A2-4577-859E-86E4B11ADCE2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{84FEA1BB-E2F8-4309-AA7B-45C0BD8A41EB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{89EBDDBF-E7A3-4978-87ED-3914AC04E5C2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{8AF5E3C3-A060-428A-94AB-3104F9ADD7DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E1D6F70-5AA3-4B87-9EA0-078FDE668E13}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9006689C-D3E8-46B4-8DD5-94A42D2C0824}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{91C3B5F2-D0AC-435F-9D26-C46A63CC0742}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{943CB216-8158-4501-B244-7BA03659BB97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94882DA9-09DC-44F5-B080-13F7EC13AFD1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C0319B5-DD11-4A21-BD0A-A7F8BD5A6C6A}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{AA33C98E-AC8A-463D-A9EE-26A12AB65208}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3BEBD0E-9354-4320-A8F3-F0FDFD34369A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{C2FDA95F-B07A-4584-80CA-B0B0815E7F55}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4B2027B-909A-4EFF-93A7-5733B129D891}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6D5315B-F894-48C3-A9CA-A85FED71B147}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5FD0D62-B633-4F5A-AEDB-17BE13AF1C06}" = protocol=58 | dir=in | app=system |
"{E3898130-4216-4004-8E99-1382D5B5616E}" = protocol=6 | dir=out | app=system |
"{E89113ED-018E-4C44-9D78-7226D4AEA562}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe |
"{F64EE6EF-C18F-4727-A82D-F54EDDD0CBD3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCD8F6BB-399C-44C6-9018-4D8C316E96DE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0ECA3BB5-4410-414B-B226-241FF1C12CD0}" = Apple Application Support(64 ビット)
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{42E08F76-1021-4B1D-8413-7AA26B1C05A0}" = Acer Instant Update Service
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{892423A1-CAEC-3262-870F-DD0711ED8D56}" = Microsoft .NET Framework 4.7.1 (JPN)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.7.1 (日本語)
"{9E005AAA-81A3-478E-8944-532D350952EE}" = Apple Mobile Device Support
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = セキュリティ対策ツール
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BF5ECCBD-BD5E-440A-BB4C-3AC29986DF60}" = iTunes
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}" = Microsoft .NET Framework 4.7.1
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.6.9.9_WHQL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{139C06F6-2DC5-485F-B34A-D333AA122379}" = セキュリティ申込・設定ツール
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}" = Apple Application Support(32 ビット)
"{5DD4998C-C190-424F-9EC9-58C38AD67BB0}" = スタートアップツール
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6AB64BE6-F975-40C0-90F9-648154433097}" = コミュニケーションツール
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"{A30EA700-5515-48F0-88B0-9E99DC356B88}" = Apple Software Update
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Acer Registration" = Acer Registration
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{6AB64BE6-F975-40C0-90F9-648154433097}" = コミュニケーションツール
"InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"RemoteToolGuider.west_is1" = NTT西日本 リモートサポートツール
"診断復旧ツール_is1" = 診断復旧ツール

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2018/04/30 13:46:40 | Computer Name = a-PC | Source = Application Hang | ID = 1002
Description = プログラム IEXPLORE.EXE バージョン 11.0.9600.18978 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 934 開始時刻: 01d3e0ab171a00eb 終了時刻: 30 アプリケーション
パス: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE レポート ID:

Error - 2018/04/30 13:57:43 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/04/30 20:50:27 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/01 8:50:50 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/01 9:12:17 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/01 10:02:57 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/01 10:10:01 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/02 8:01:05 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/02 14:01:03 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

Error - 2018/05/03 9:16:04 | Computer Name = a-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2018/05/01 10:02:39 | Computer Name = a-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2018/05/01 10:02:39 | Computer Name = a-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2018/05/01 10:02:39 | Computer Name = a-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2018/05/01 10:02:39 | Computer Name = a-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2018/05/01 10:02:39 | Computer Name = a-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2018/05/01 10:11:11 | Computer Name = a-PC | Source = Schannel | ID = 36888
Description = 次の致命的な警告が生成されました: 70。内部エラーの状態は 105 です。

Error - 2018/05/01 14:08:33 | Computer Name = a-PC | Source = DCOM | ID = 10010
Description =

Error - 2018/05/02 8:01:39 | Computer Name = a-PC | Source = Schannel | ID = 36888
Description = 次の致命的な警告が生成されました: 70。内部エラーの状態は 105 です。

Error - 2018/05/02 14:01:32 | Computer Name = a-PC | Source = Schannel | ID = 36888
Description = 次の致命的な警告が生成されました: 70。内部エラーの状態は 105 です。

Error - 2018/05/03 9:16:28 | Computer Name = a-PC | Source = Schannel | ID = 36888
Description = 次の致命的な警告が生成されました: 70。内部エラーの状態は 105 です。


< End of report >


ご確認のほどよろしくお願いいたします。
  • ふさふさ野
  • 2018/05/03 (Thu) 23:26:35
OTLで少しだけゴミ掃除を
今夜もレスが遅くなってすみません。
OTLスキャンログを見せてもらいました。

おおむねおかしなものはなさそうですが少しゴミがあるようなので、OTLで掃除しましょうか。
といってもツール起動してすぐに片付くので時間もかからないでしょう。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = C1 8D 18 22 F1 01 D2 01 [binary data]
IE - HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.

:Files

:reg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2018/05/04 (Fri) 22:16:41
OTLログ
こんばんは、いつも遅くまで有難うございます。
昨晩OTLの作業をし、しばらく様子見をしておりましたが今の所別のサイトに飛ばされるなどの異常は無く大丈夫でした。

OTLのログの方貼らせて頂きます。

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page_TIMESTAMP| /E : value set successfully!
HKU\S-1-5-21-822167610-4187586497-2688661879-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
========== FILES ==========
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: atsuko
->Temp folder emptied: 16735076 bytes
->Temporary Internet Files folder emptied: 8081949 bytes
->FireFox cache emptied: 35216290 bytes
->Google Chrome cache emptied: 454907800 bytes
->Flash cache emptied: 506 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115104776 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 601.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 05042018_230833

Files\Folders moved on Reboot...
C:\Users\atsuko\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\atsuko\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

ご確認の程宜しくお願いいたします。
  • ふさふさ野
  • 2018/05/05 (Sat) 19:22:23
ここで全体の再確認を
作業と報告、ご苦労様です。
処置後のログを見せてもらいました。
対象のエントリも無事掃除出できましたね。
掃除対象はsuccessfully(処置成功)になってます。
OTLは準備時の説明に沿って片付けていいです。

それではここで全体の見直ししますか。
お手数ですがまたHJTログと、CCでインストール情報と各タブのログを取り直して、それらをレスください。

現在異常もなさそうですし危険はないと思いますが、処置後に別口の悪玉をだまし討ちで仕込まれたり見落としがあってもいけないので、再度全体を洗い直しましょう
  • 悪代官
  • 2018/05/05 (Sat) 22:02:46
HJTログ、CCログ
お世話になっております、今日もありがとうございます。
各ログの方貼らせて頂きます。

HJTログ
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:58:41, on 2018/05/05
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18978)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\NTTW\Security\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\chrome_extension2\host\chrome_native_msg_host.exe
C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
C:\Users\atsuko\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: 故障かな?と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {4D8DD706-6972-460D-A51B-EB7F7687E450} (ActiveMpp Class) - http://muji.livingstyle.jp/sim/dfls//3dx/ActiveMPP.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9765 bytes


CCログ

Acer Crystal Eye Webcam CyberLink Corp. 2012/05/16 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2012/05/16 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/04/16 5.00.3507
Acer Instant Update Service Acer Incorporated 2012/04/16 9.42 MB 1.00.3004
Acer Registration Acer Incorporated 2018/05/05 1.04.3506
Apple Application Support(32 ビット) Apple Inc. 2018/04/01 138 MB 6.4
Apple Application Support(64 ビット) Apple Inc. 2018/04/01 153 MB 6.4
Apple Mobile Device Support Apple Inc. 2018/04/21 25.8 MB 11.3.1.6
Apple Software Update Apple Inc. 2018/04/01 4.03 MB 2.6.0.1
Bonjour Apple Inc. 2015/09/22 2.01 MB 3.1.0.1
Broadcom Card Reader Driver Installer Broadcom Corporation 2012/09/16 2.76 MB 15.0.7.2
Broadcom NetLink Controller Broadcom Corporation 2012/05/16 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2012/05/16 5.100.82.120
CCleaner Piriform 2018/05/01 5.42
Dolby Home Theater v4 Dolby Laboratories Inc 2012/05/16 28.0 MB 7.2.7000.7
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2012/05/16 10.6.9.9
Google Chrome Google Inc. 2016/10/11 66.0.3359.139
iCloud Apple Inc. 2018/04/02 153 MB 7.4.0.111
Identity Card Acer Incorporated 2018/05/05 1.00.3501
Intel(R) Control Center Intel Corporation 2012/05/16 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/05/16 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2012/05/16
Intel(R) Processor Graphics Intel Corporation 2012/05/16 8.15.10.2653
Intel(R) Rapid Storage Technology Intel Corporation 2012/05/16 11.1.0.1006
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2012/05/16 1.0.4.220
Intel® Trusted Connect Service Client Intel Corporation 2012/05/16 10.6 MB 1.23.605.1
iTunes Apple Inc. 2018/04/21 400 MB 12.7.4.80
Launch Manager Acer Inc. 2018/05/05 5.1.15
Microsoft .NET Framework 4.7.1 Microsoft Corporation 2018/02/14 38.8 MB 4.7.02558
Microsoft .NET Framework 4.7.1 (日本語) Microsoft Corporation 2018/02/15 4.7.02558
Microsoft Silverlight Microsoft Corporation 2017/06/14 745 MB 5.1.50907.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/04/16 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2012/05/16 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2012/05/16 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/09/02 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/04/16 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/04/16 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2012/05/16 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/09/02 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 25.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 12.1 MB 10.0.30319
MyWinLocker Suite Egis Technology Inc. 2012/04/16 2.63 MB 4.0.14.19
NTI Media Maker 9 NTI Corporation 2012/05/16 0.96 GB 9.0.2.9006
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2013/12/26
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2012/05/16 6.0.1.6543
WIDCOMM Bluetooth Software Broadcom Corporation 2012/05/16 289 MB 6.5.1.2610
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2012/05/16 13.2 MB 2.5.1.0
スタートアップツール 西日本電信電話株式会社 2016/10/07 3.30 MB 8.0.2
セキュリティ対策ツール 西日本電信電話株式会社 2017/05/30 450 MB 11.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2017/05/30 3.60 MB 7.6.0.14
診断復旧ツール 西日本電信電話株式会社 2014/05/31 12.5 MB
コミュニケーションツール 西日本電信電話株式会社 2012/09/12 30.6 MB 7.5.0000

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run Broadcom Wireless Manager UI Broadcom Corporation C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
有効 HKLM:Run Dolby Home Theater v4 Dolby Laboratories Inc. "C:\Dolby PCEE4\pcee4.exe" -autostart
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run InstantUpdate Acer Incorporated C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
有効 HKLM:Run NTTW_OSA_AUS 西日本電信電話株式会社 "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup Common Bluetooth.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
有効 Startup Common スタートアップツール.lnk C:\Windows\Installer\{5DD4998C-C190-424F-9EC9-58C38AD67BB0}\_9B3CE635A99B6F92D5462F.exe

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EgisUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"

有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll

有効 Extension 故障かな?と思ったら・・・ 西日本電信電話株式会社 C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll

有効 Extension Activity Stream 2018.02.17.0026-173e2795 default C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Application Update Service Helper 2.0 default C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 25.0.0 default C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Follow-on Search Telemetry 0.9.6 default C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi
有効 Extension Form Autofill 1.0 default C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Mouse Gesture Events 2.3 Ternary default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\extensions\@mousegesture.xpi
有効 Extension Photon onboarding 1.0 default C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Shield Recipe Client 80 default C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi
有効 Extension TLS 1.3 gradual roll-out 8.0 default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\features\{abf7e507-3635-4e24-952f-e091a5d2b336}\tls13-rollout-bug1442042@mozilla.org.xpi
無効 Extension Trend Micro BEP Firefox Extension 9.2.0.1026 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1090 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20013\FxExt\firefoxextension
有効 Extension Trend Micro Toolbar 12.0.0.1205 default C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension
有効 Extension Web Compat 1.1 default C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

有効 App Gmail 8.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
無効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Trend ツールバー 12.0.0.1236 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\12.0.0.1236_0
無効 Extension ドキュメント 0.10 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0
無効 Plugin Adobe Acrobat 10.1.6.1 最初のユーザー C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
無効 Plugin Browser Exploit Prevention 7.5.0.1115 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1115_0\nptmbep.dll
無効 Plugin Chrome PDF Viewer 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\pdf.dll
無効 Plugin Chrome Remote Desktop Viewer 最初のユーザー internal-remoting-viewer
無効 Plugin Google Update 1.3.21.135 最初のユーザー C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
無効 Plugin Intel® Identity Protection Technology 2.0.59.0 最初のユーザー C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
無効 Plugin iTunes Application Detector 1.0.1.1 最初のユーザー C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
無効 Plugin Native Client 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\ppGoogleNaClPluginChrome.dll
無効 Plugin QuickTime Plug-in 7.7.3 7.7.3 (1680.64) 最初のユーザー C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
無効 Plugin Shockwave Flash 11.6.602.180 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\PepperFlash\pepflashplayer.dll
無効 Plugin Shockwave for Director 11.6.7r637 最初のユーザー C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
無効 Plugin Silverlight Plug-In 5.1.20125.0 最初のユーザー c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
無効 Plugin Trend Micro Titanium 6.11.0.1149 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.11.0.1175_0\npToolbarChrome.dll
無効 Plugin Windows Live™ Photo Gallery 15.4.3538.0513_ship.wlx.w4m4 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

お手数ですが宜しくお願いいたします。
  • ふさふさ野
  • 2018/05/05 (Sat) 23:09:34
洗い直しに来ました
こんばんは。
状態の洗い直しに来た「あらいぐま悪代官」です(←森に帰れ

現在の各ログを見せてもらいました。
特に怪しいところもないみたいですね。

ただCCの常駐機能が有効になっているのでこれは無効化しましょうか。

CCを起動して画面左側の「オプション」から「モニタリング」を開いてください。

そこで「システムモニタリング」「アクティブモニタリング」が有効になっていればそのチェックを外して無効化してください。
この時確認メッセージが出るはずですがかまわず「はい」で進めていいです。

CCのこの機能は常駐してPCの状態を監視するものですが、結構リソース消費してPCの動作を重くすることもあるので、ユーザーが設定と機能を把握して必要と判断してなければ無効化しておくのが無難です。

これを無効化したら異常もないようなのであとは様子見しましょう。
そのまま普通にPCを使いながらでいいので1週間様子見してください。

1週間後にまた今回と同じくHJTとCCのインストール情報と各タブのログを取り直して、それらを様子見中の状態報告とともにレスください。

この時点でログと状態にも異常なくなっていれば「解決」に持って行けそうですが、何か異常でも見えたら1週間待たなくていいのでそこでレスをどうぞ
  • あらいぐま悪代官
  • 2018/05/06 (Sun) 21:19:19
無事に一週間たちました
こんばんは、お世話になっております。
ご報告の方おくれてしまい申し訳ございません。
悪代官様にお力を貸していただけたお陰で、今の所最初に相談させていただいた際に起きておりました
他のサイトに飛ばされる事や、他にも特に気になる症状も今の所出ておりません。
本当に有難うございます。
早速ですがHJT、CCの各ログの方貼らせていただきたいと思っております。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:40:29, on 2018/05/15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19003)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Users\atsuko\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: 故障かな?と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {4D8DD706-6972-460D-A51B-EB7F7687E450} (ActiveMpp Class) - http://muji.livingstyle.jp/sim/dfls//3dx/ActiveMPP.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\NTTW\Security\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\NTTW\Security\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSvcHost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9339 bytes

Acer Crystal Eye Webcam CyberLink Corp. 2012/05/16 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2012/05/16 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/04/16 5.00.3507
Acer Instant Update Service Acer Incorporated 2012/04/16 9.42 MB 1.00.3004
Acer Registration Acer Incorporated 2018/05/05 1.04.3506
Apple Application Support(32 ビット) Apple Inc. 2018/04/01 138 MB 6.4
Apple Application Support(64 ビット) Apple Inc. 2018/04/01 153 MB 6.4
Apple Mobile Device Support Apple Inc. 2018/04/21 25.8 MB 11.3.1.6
Apple Software Update Apple Inc. 2018/04/01 4.03 MB 2.6.0.1
Bonjour Apple Inc. 2015/09/22 2.01 MB 3.1.0.1
Broadcom Card Reader Driver Installer Broadcom Corporation 2012/09/16 2.76 MB 15.0.7.2
Broadcom NetLink Controller Broadcom Corporation 2012/05/16 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2012/05/16 5.100.82.120
CCleaner Piriform 2018/05/01 5.42
Dolby Home Theater v4 Dolby Laboratories Inc 2012/05/16 28.0 MB 7.2.7000.7
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2012/05/16 10.6.9.9
Google Chrome Google Inc. 2016/10/11 66.0.3359.139
iCloud Apple Inc. 2018/04/02 153 MB 7.4.0.111
Identity Card Acer Incorporated 2018/05/05 1.00.3501
Intel(R) Control Center Intel Corporation 2012/05/16 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/05/16 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2012/05/16
Intel(R) Processor Graphics Intel Corporation 2012/05/16 8.15.10.2653
Intel(R) Rapid Storage Technology Intel Corporation 2012/05/16 11.1.0.1006
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2012/05/16 1.0.4.220
Intel® Trusted Connect Service Client Intel Corporation 2012/05/16 10.6 MB 1.23.605.1
iTunes Apple Inc. 2018/04/21 400 MB 12.7.4.80
Launch Manager Acer Inc. 2018/05/05 5.1.15
Microsoft .NET Framework 4.7.1 Microsoft Corporation 2018/02/14 38.8 MB 4.7.02558
Microsoft .NET Framework 4.7.1 (日本語) Microsoft Corporation 2018/02/15 4.7.02558
Microsoft Silverlight Microsoft Corporation 2017/06/14 745 MB 5.1.50907.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/04/16 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2012/05/16 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2012/05/16 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/09/02 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/04/16 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/04/16 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2012/05/16 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/09/02 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 25.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2012/09/02 12.1 MB 10.0.30319
MyWinLocker Suite Egis Technology Inc. 2012/04/16 2.63 MB 4.0.14.19
NTI Media Maker 9 NTI Corporation 2012/05/16 0.96 GB 9.0.2.9006
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2013/12/26
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2012/05/16 6.0.1.6543
WIDCOMM Bluetooth Software Broadcom Corporation 2012/05/16 289 MB 6.5.1.2610
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2012/05/16 13.2 MB 2.5.1.0
スタートアップツール 西日本電信電話株式会社 2016/10/07 3.30 MB 8.0.2
セキュリティ対策ツール 西日本電信電話株式会社 2017/05/30 450 MB 11.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2017/05/30 3.60 MB 7.6.0.14
診断復旧ツール 西日本電信電話株式会社 2014/05/31 12.5 MB
コミュニケーションツール 西日本電信電話株式会社 2012/09/12 30.6 MB 7.5.0000

有効 HKCU:Run iCloudServices Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run Broadcom Wireless Manager UI Broadcom Corporation C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
有効 HKLM:Run Dolby Home Theater v4 Dolby Laboratories Inc. "C:\Dolby PCEE4\pcee4.exe" -autostart
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run InstantUpdate Acer Incorporated C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
有効 HKLM:Run NTTW_OSA_AUS 西日本電信電話株式会社 "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\NTTW\Security\SEC\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\NTTW\Security\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup Common Bluetooth.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
有効 Startup Common スタートアップツール.lnk C:\Windows\Installer\{5DD4998C-C190-424F-9EC9-58C38AD67BB0}\_9B3CE635A99B6F92D5462F.exe

有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EgisUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"

有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\NTTW\Security\UniClient\UiFrmwrk\tmdshell.dll

有効 Extension 故障かな?と思ったら・・・ 西日本電信電話株式会社 C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\NTTW\Security\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\UIFramework\ToolbarIE.dll
有効 Toolbar セキュリティツールバー Trend Micro Inc. C:\Program Files\NTTW\Security\SEC\plugin\ToolbarIE64\ToolbarIE.dll

有効 Extension Activity Stream 2018.02.17.0026-173e2795 default C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
有効 Extension Application Update Service Helper 2.0 default C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
有効 Extension Firefox Screenshots 25.0.0 default C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
有効 Extension Follow-on Search Telemetry 0.9.6 default C:\Program Files\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi
有効 Extension Form Autofill 1.0 default C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi
有効 Extension Mouse Gesture Events 2.3 Ternary default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\extensions\@mousegesture.xpi
有効 Extension Photon onboarding 1.0 default C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi
有効 Extension Pocket 1.0.5 default C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
有効 Extension Shield Recipe Client 80 default C:\Program Files\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi
有効 Extension TLS 1.3 gradual roll-out 8.0 default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\features\{abf7e507-3635-4e24-952f-e091a5d2b336}\tls13-rollout-bug1442042@mozilla.org.xpi
無効 Extension Trend Micro BEP Firefox Extension 9.2.0.1026 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension
無効 Extension Trend Micro Osprey Firefox Extension 2.0.0.1090 Trend Micro default C:\Program Files\NTTW\Security\AMSP\module\20013\FxExt\firefoxextension
有効 Extension Trend Micro Toolbar 12.0.0.1205 default C:\Program Files\NTTW\Security\SEC\UIFramework\Toolbar\firefoxextension
有効 Extension Web Compat 1.1 default C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
有効 Plugin 1.4.8.1008 Google Inc. default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-widevinecdm\1.4.8.1008\widevinecdm.dll
有効 Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default C:\Users\atsuko\AppData\Roaming\Mozilla\Firefox\Profiles\l6gkqugu.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll

有効 App Gmail 8.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
無効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
無効 Extension Trend ツールバー 12.0.0.1236 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\12.0.0.1236_0
無効 Extension ドキュメント 0.10 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0
無効 Plugin Adobe Acrobat 10.1.6.1 最初のユーザー C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
無効 Plugin Browser Exploit Prevention 7.5.0.1115 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1115_0\nptmbep.dll
無効 Plugin Chrome PDF Viewer 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\pdf.dll
無効 Plugin Chrome Remote Desktop Viewer 最初のユーザー internal-remoting-viewer
無効 Plugin Google Update 1.3.21.135 最初のユーザー C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
無効 Plugin Intel® Identity Protection Technology 2.0.59.0 最初のユーザー C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
無効 Plugin iTunes Application Detector 1.0.1.1 最初のユーザー C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
無効 Plugin Native Client 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\ppGoogleNaClPluginChrome.dll
無効 Plugin QuickTime Plug-in 7.7.3 7.7.3 (1680.64) 最初のユーザー C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
無効 Plugin Shockwave Flash 11.6.602.180 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\PepperFlash\pepflashplayer.dll
無効 Plugin Shockwave for Director 11.6.7r637 最初のユーザー C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
無効 Plugin Silverlight Plug-In 5.1.20125.0 最初のユーザー c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
無効 Plugin Trend Micro Titanium 6.11.0.1149 最初のユーザー C:\Users\atsuko\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.11.0.1175_0\npToolbarChrome.dll
無効 Plugin Windows Live™ Photo Gallery 15.4.3538.0513_ship.wlx.w4m4 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

お手数おかけしますが、ご確認宜しくお願いいたします。
  • ふさふさ野
  • 2018/05/15 (Tue) 23:54:02
あとは少しずつ自衛も固めてください
こんばんは。
様子見後の報告ですね。

>今の所最初に相談させていただいた際に起きておりました
>他のサイトに飛ばされる事や、他にも特に気になる症状も今の所出ておりません

現在は異常もでてないようで何よりです。
ログも見せてもらいましたが、こちらも特に怪しいところは見えないですね。

では本題の作業は「解決」でいいでしょう。
各ツールは準備時の説明に沿って片付けてください。

異常は消えても以後の再被害を防ぐための対策は怠りなく、先スレ解決時の対策事項も思い出しながら焦らずにPC環境とセキュリティ意識を固めていってください。

お疲れ様でした。
以後は安全で快適なPCライフを
  • 悪代官
  • 2018/05/16 (Wed) 21:04:21
Re: インターネット中他サイトへ飛ばされる事が有ります。
こんばんは、この度は再び貴重なお時間を割いて助けていただき感謝の気持ちでいっぱいです。
また少しづつでも、自衛をできるよう、快適に過ごせるよう学んで実践していけたらと思っております。
本当にありがとうございました。
  • ふさふさ野
  • 2018/05/17 (Thu) 23:23:04

返信フォーム






プレビュー (投稿前に内容を確認)