悪代官の伏魔殿掲示板

yahoo知恵袋での質問の続き

https://detail.chiebukuro.yahoo.co.jp/qa/question_detail/q12193178357でお世話になりました、s42236nyです。
何気なくベストアンサーを選んだら解決済みになってしまったので、ここで質問させていただけますか？

s42236ny
2018/07/19 (Thu) 18:23:48

返信フォームへ

【案内】まずは解析ログの準備を

こんばんは。
知恵袋の下記スレの方ですね。
https://detail.chiebukuro.yahoo.co.jp/qa/question_detail/q12193178357

あちらでもレスしたakuda_ikanこと悪代官です。
こちらへ来られたなら知恵袋での文字数＆時間制限も気にせずやりとりできるので引き続き相談をお受けしましょう。

では改めて説明からしますね。
この掲示板ではできるだけPC内を解析してから、それで見えた問題点を慎重にひとつずつ対処していく流れになります。
具体的には各種ツールで解析ログをとってから、それを見て処置にあたっていきます。
状態がわからないまま頭からいきなりセキュリティツールを次々と投入しても効果は得られません。
PCトラブル時は正常ではない部分が解析ログにも現れる事が多いので、それで異常個所が見えたらそこを中心に探るわけです。

とりあえず解析用のログを準備してもらえますか。
下記2ページの説明を読んでから
http://akumaden.web.fc2.com/prepare.html

http://akumaden.web.fc2.com/index.html

その説明と規約に沿って、2つのログをとってから、そのログをまるごと返信に貼り付けてレスで見せてください。
それを自分が調べてから対処を案内していく流れです。

注意としてはPCのユーザー名を本名など身元特定されそうな名前にしている場合はそのままログにユーザー名が現れてしまうので、もし本名でユーザー名設定しているならログをupする前にその旨だけレスで教えてください。
名前を掲示板に公開しないよう対処を案内しますので

悪代官
2018/07/19 (Thu) 19:28:52

返信フォームへ

Re: yahoo知恵袋での質問の続き

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:15:02, on 2018/07/19
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhrcusr.exe
C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe
C:\Users\●\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O4 - HKLM\..\Run: [LLHDUSER] "C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe"
O4 - HKLM\..\Run: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe" -h
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKUS\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192018060434314\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (User '?')
O4 - S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192018060434314 Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe (User '?')
O4 - Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
O23 - Service: CLHNServiceForToshiba - CyberLink Corp. - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LLHDClient - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDClient.exe
O23 - Service: LLHDCloader - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDCldr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OEMRegistrationProgram - Toshiba Corporation - C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMITS - Unknown owner - C:\Windows\SysWOW64\SMITSC.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: Toshiba Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe
O23 - Service: Toshiba Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe
O23 - Service: TPCHKarteSVC - Toshiba Corporation - C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9477 bytes

s42236ny
2018/07/19 (Thu) 20:17:50

返信フォームへ

Re: yahoo知恵袋での質問の続き CC

Adobe Flash Player 30 PPAPI Adobe Systems Incorporated 2018/07/13 8.82 MB 30.0.0.134
Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74
Adobe Revel Adobe Systems Incorporated 2014/12/13 1.5.101.6
AUPEO! PERSONAL RADIO for TOSHIBA sMedio 2014/12/06 1.0.0.10
Bitdefender Agent Bitdefender 2017/07/29 1.0.1
Bitdefender Antivirus Free Bitdefender 2017/07/29 1.0.8.29
Conexant HD Audio Conexant 2014/05/07 8.65.36.50
Corel PaintShop Pro X5 Corel Corporation 2014/04/03 179 MB 15.3.1.27
Corel VideoStudio X6 Corel Corporation 2014/05/07 627 MB 16.0.4.53
CyberLink MediaShow 6 CyberLink Corp. 2014/05/07 715 MB 6.0.6227
CyberLink PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
DigiBookBrowser Version 1.5.3.87 LECRE Inc. 2014/04/03 8.53 MB 1.5.3.87
DTS Sound DTS, Inc. 2014/05/07 4.00 MB 1.01.6700
dynabookランチャー用バナー 2014/05/07
ebi.BookReader4 eBOOK Initiative Japan Co., Ltd. 2014/04/03 24.6 MB 4.51.14
ebi.SampleContents eBOOK Initiative Japan Co., Ltd. 2014/04/03 94.6 MB 4.5.1.14_MSI_T
Fresh Paint Microsoft Corporation 2016/01/16 2.0.15133.0
Google Chrome Google Inc. 2015/03/01 67.0.3396.99
Intel(R) Management Engine Components Intel Corporation 2014/04/11 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 2014/04/11 10.18.10.3345
Intel(R) Rapid Storage Technology Intel Corporation 2014/05/07 12.9.0.1001
Jane Style Version 3.75 Jane, Inc. 2014/12/13 3.75
LAPLINK ヘルプデスククライアント Intercom, Inc. 2014/05/07 2.11
Lhaplus 2014/12/14
LoiLoScope 2 LoiLo inc 2014/04/03 166 MB 2.5.3.4
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/07/15 185 MB 3.5.1.2522
Microsoft Minesweeper Microsoft Studios 2018/05/20 2.7.4300.0
Microsoft Office Microsoft Corporation 2014/05/07 317 MB 15.0.4569.1506
Microsoft Silverlight Microsoft Corporation 2015/02/07 50.7 MB 5.1.30514.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/05/07 4.84 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/07 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/02/26 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/04/03 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/05/07 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/02/26 8.79 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/05/07 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/05/07 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/05/28 20.5 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2014/05/07 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN 2014/04/03
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2014/05/07 10.0.31119
MSN スポーツ Microsoft Corporation 2016/05/01 3.0.4.345
MSN トラベル Microsoft Corporation 2015/07/18 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2015/07/18 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/18 3.0.4.336
MSN マネー Microsoft Corporation 2016/08/14 3.0.4.344
MSN 天気 Microsoft Corporation 2016/11/27 3.0.4.350
music.jp STORE for TOSHIBA MTI, Ltd. 2015/03/27 2.11.0.1
OEM Registration Program Toshiba Corporation 2014/05/07 516 KB 1.1.0
OneNote Microsoft Corporation 2015/08/01 16.0.3327.1048
OpenOffice 4.1.2 Apache Software Foundation 2016/02/26 336 MB 4.12.9782
PAC-MAN Championship Edition DX+ for Toshiba NAMCO BANDAI Games Inc 2014/12/13 1.0.1.2
PCあんしん点検ユーティリティ Toshiba Corporation 2014/05/07 3.53 MB 2.00.01.02
PC引越ナビ東芝情報機器株式会社 2014/04/03 12.7 MB 5.0.6
PhotoWizard 2014/05/07 334 MB
PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
Realtek Card Reader Realtek Semiconductor Corp. 2014/05/07 6.3.9600.29077
Realtek Ethernet Controller Driver Realtek 2014/05/07 8.20.815.2013
Roxio Creator LJ Roxio 2014/05/07 245 MB 12.2.60.0
Roxio MediaBook Express Corel Corporation 2014/12/13 1.7.0.1
Roxio MediaBook Reader Corel Corporation 2014/12/13 1.0.0.11
RZスイート express CYBERLINK COM CORPORATION. 2016/11/04 1.0.4529.42911
RZポーター設定ユーティリティ CyberLink Corp. 2014/05/07 130 MB 1.8.02605
Synaptics Pointing Device Driver Synaptics Incorporated 2014/05/07 46.4 MB 18.1.3.0
TOSHIBA Audio Enhancement Toshiba Corporation 2014/05/07 2.16 MB 2.0.18.0
TOSHIBA Blu-ray Disc Player Toshiba Corporation 2014/05/07 106 MB 2.1.2.1
TOSHIBA Desktop Apps Menu Toshiba Corporation 2014/05/07 610 KB 1.03.02.6402
TOSHIBA Display Utility Toshiba Corporation 2014/05/07 32.1 MB 1.1.17.0
TOSHIBA eco Utility Toshiba Corporation 2014/05/07 25.1 MB 2.4.2.6403
TOSHIBA Function Key Toshiba Corporation 2014/05/07 37.5 MB 1.1.5.6402
TOSHIBA Manual TOSHIBA CORPORATION 2014/05/07 32.3 MB 0169.01.3101
TOSHIBA Media Player by sMedio TrueLink+ sMedio 2016/04/23 3.1.1.33
TOSHIBA PalaDouga TOSHIBA CORPORATION 2014/04/03 686 MB 2014.0203.0001
TOSHIBA Password Utility Toshiba Corporation 2014/05/07 6.0.3.0
TOSHIBA PC Health Monitor Toshiba Corporation 2014/05/07 28.9 MB 3.01.02.6400
TOSHIBA Recovery Media Creator Toshiba Corporation 2014/04/03 3.2.00.56006005
TOSHIBA Service Station Toshiba Corporation 2014/05/07 2.92 MB 2.6.13
TOSHIBA Speech Synthesis Toshiba Corporation 2014/05/07 65.1 MB 1.5.2.0
TOSHIBA Start Screen Option Toshiba Corporation 2014/05/07 394 KB 1.00.03.01
TOSHIBA System Driver Toshiba Corporation 2014/05/07 5.72 MB 1.00.0033
TOSHIBA System Settings Toshiba Corporation 2014/05/07 3.45 MB 2.0.1.32003
Unity Web Player Unity Technologies ApS 2014/12/13 12.0 MB 4.6.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/12/20 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/09/13 41.7 MB 16.0.1065.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/13 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2014/12/20 17.0 KB 16.0.1016.1
VLC media player VideoLAN 2014/12/13 2.1.5
Windows Media Encoder 9 Series 2014/05/07
Windows アラーム Microsoft Corporation 2014/12/06 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2014/12/06 6.3.9600.20280
Windows スキャン Microsoft Corporation 2014/12/13 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2014/12/13 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/06/18 6.3.9654.21234
Windows 電卓 Microsoft Corporation 2014/12/06 6.3.9600.20278
Yadotan 繝舌Μ繝･繝ｼ繧ｳ繝槭・繧ｹ譬ｪ蠑丈ｼ夂､ｾ 2014/12/06 1.3.0.1
Yahoo!オークション (ts) 繝､繝輔・繧ｸ繝｣繝代Φ 2014/12/06 2.0.0.4
YouCam for Toshiba CYBERLINK COM CORPORATION. 2014/12/13 2.5.3124.30208
あんしんWeb by Internet SagiWall for Toshiba BB繧ｽ繝輔ヨ繧ｵ繝ｼ繝薙せ譬ｪ蠑丈ｼ夂､ｾ 2017/10/08 2.2.0.3
いつもNAVI PC ZENRIN 2014/04/03 6.1.2
おたすけナビ東芝情報機器株式会社 2014/04/03 36.1 MB 8.0.2
ぱらちゃんカフェ譚ｱ闃晄ュ蝣ｱ讖溷勣譬ｪ蠑丈ｼ夂､ｾ 2015/09/19 1.1.0.3
アタッシェケース#3 ver.3.1.1.2 Mitsuhiro Hibara 2017/01/09 3.89 MB 3.1.1.2
インテル(R) ワイヤレス Bluetooth(R) 4.0 Intel Corporation 2014/05/07 8.48 MB 3.0.1342.02
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2014/05/07 390 MB 16.6.0
ゲーム Microsoft Corporation 2014/12/06 2.0.139.0
トレンドマイクロコネクト Trend Micro, Inc. 2014/12/13 7.0.0.1057
バックアップナビクラウド東芝情報機器株式会社 2014/04/03 5.15 MB 1.2.0
ビデオ Microsoft Corporation 2015/11/07 2.6.446.0
ミュージック Microsoft Corporation 2015/03/21 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2018/02/12 6.4.9926.18907
動画で解決！操作ガイド東芝情報機器株式会社 2014/04/03 16.2 MB 3.0.6
動画で解決！操作ガイド－コンテンツ－東芝情報機器株式会社 2014/04/03 148 KB 3.0.6
地図 Microsoft Corporation 2014/12/13 2.1.3230.2048
思い出フォトビューア譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2015/08/01 4.2.1.4
東芝スクリーンミラーリング for スマートフォン／タブレット APUSONE Technology Inc. 2014/05/07 4.16 MB 1.0.11.8
東芝プレイス譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2014/12/06 1.0.0.31
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2016/01/10 2.2.2.4
筆ぐるめ 21 富士ソフト株式会社 2014/04/03 895 MB 21.00.0500

s42236ny
2018/07/19 (Thu) 20:18:57

返信フォームへ

Orbitの残骸が見えました

早速の作業と報告、ご苦労様です。
ログを見せてもらってだいぶ状況も見えてきました。

PCのユーザー名はご自身で編集してくれましたね。ありがとうございます。

本題のOrbitもまだ残骸が残ってますね。
先に知恵袋でAC検出されたのもそれが原因でしょう。
>O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)

レジストリ値でわかりますがこれがOrbitです。

McAfee Safe Connectも入っているようだし、それらの掃除もおいおい進めましょう。
では以下の説明を読んでから順番に作業をお願いします。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
https://www.piriform.com/ccleaner/builds
最新バージョンの「ポータブル版」(Portable)をダウンロード後、解凍して起動してください。
片付けるときはそのフォルダを削除すればいいです。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初に確認ですが、該当のPCはお仕事に使っているPCですか？
業務にも使われる下記のようなアプリが見えてますので。
>Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74

仕事使用のPCで起きたトラブルには外部の人間はまずタッチできません。処置の施肥に関係なく重大な責任問題にまで発展します。
お仕事とは無縁の完全な個人私用PCなら上記を含めて支障ない範囲でPC環境を説明ください。
説明で協力可能と判断できれば続けてレスしていきますが、本当にお仕事PCならこのあとの作業は一切止めて、その旨をレスください。

次にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

GUを使って下記をアンインストールしてください。
これがまだ旧バージョンのままで危険です。
>OpenOffice 4.1.2 Apache Software Foundation 2016/02/26 336 MB 4.12.9782

削除したら公式サイトで最新版をダウンロード、インストールするか、後継とも言える下記への乗り換えを推奨です。
https://forest.watch.impress.co.jp/library/software/libreoffice/

今度はPCをセーフモードで起動してください（やり方↓）
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGHJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)

>O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

マイコンピュータのCドライブを開いて、下記のフォルダを探して、見つかればゴミ箱に削除してください。
>C:\Program Files (x86)\McAfee Safe Connect

探しても見つからなければスルーでいいですが、見つかったのに削除できないときは無理に進めずキャンセルして、そのことをレス時に教えてください。

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

悪代官
2018/07/19 (Thu) 20:59:25

返信フォームへ

現状報告

返信ありがとうございます。今までWindowsUpdateをさぼっていたので、結構時間がかかってます。WindowsUpdateが終了次第、指示された操作を進めていきます。ちなみに、このPCは完全な個人用です。フォトショップは入れた記憶がないのですが

s42236ny
2018/07/20 (Fri) 22:43:32

返信フォームへ

windows

有効 HKLM:Run cAudioFilterAgent Conexant Systems, Inc. C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
有効 HKLM:Run CLMSTrayIcon Cyberlink "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"
有効 HKLM:Run HotKeysCmds Intel Corporation "C:\Windows\system32\hkcmd.exe"
有効 HKLM:Run IgfxTray Intel Corporation "C:\Windows\system32\igfxtray.exe"
有効 HKLM:Run LLHDUSER Intercom, Inc. "C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe"
有効 HKLM:Run Persistence Intel Corporation "C:\Windows\system32\igfxpers.exe"
有効 HKLM:Run SmartAudio Conexant Systems, Inc. C:\Program Files\CONEXANT\SAII\SACpl.exe /t
有効 HKLM:Run TCrdMain TOSHIBA Corporation C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
有効 HKLM:Run TecoResident TOSHIBA Corporation C:\Program Files\TOSHIBA\Teco\TecoResident.exe
有効 HKLM:Run TKRTL Toshiba Corporation "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe" -h
有効 HKLM:Run TosWaitSrv TOSHIBA Corporation %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
有効 HKLM:Run TSSSrv TOSHIBA Corporation C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
有効 HKLM:Run TSVU TOSHIBA "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
有効 Startup User ctfmon.exe - ショートカット.lnk Microsoft Corporation C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe

s42236ny
2018/07/21 (Sat) 12:44:14

返信フォームへ

タスク

有効 Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe -check pepperplugin
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 Bitdefender C:\Program Files\Bitdefender Agent\WatchDog.exe repair
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-500
有効 Task Resolution+ Setting Task TOSHIBA Corporation C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

s42236ny
2018/07/21 (Sat) 12:45:46

返信フォームへ

コンテキスト

有効 Directory Corel PaintShop Pro X5 Corel Software, Inc. c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll
有効 Directory Corel PaintShop Pro X5 で参照します Corel, Inc. "c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L"
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Drive Corel PaintShop Pro X5 Corel Software, Inc. c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll
有効 Drive Corel PaintShop Pro X5 で参照します Corel, Inc. "c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L"
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 File Corel PaintShop Pro X5 Corel Software, Inc. c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\PSPContextMenu64.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll

s42236ny
2018/07/21 (Sat) 12:46:57

返信フォームへ

ブラウザ

有効 App Gmail 8.1 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフラインドキュメント 1.4 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension スプレッドシート 1.2 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0
有効 Extension スライド 0.10 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0
有効 Extension ドキュメント 0.10 最初のユーザー C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0

普段使っているブラウザがchromeなので、IEのログはありませんでした。

s42236ny
2018/07/21 (Sat) 12:49:56

返信フォームへ

ログ取り直しhjt

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:53:20, on 2018/07/21
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhrcusr.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe
C:\Users\●\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [LLHDUSER] "C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe"
O4 - HKLM\..\Run: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe" -h
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"
O4 - Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
O23 - Service: CLHNServiceForToshiba - CyberLink Corp. - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LLHDClient - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDClient.exe
O23 - Service: LLHDCloader - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDCldr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OEMRegistrationProgram - Toshiba Corporation - C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMITS - Unknown owner - C:\Windows\SysWOW64\SMITSC.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: Toshiba Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe
O23 - Service: Toshiba Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe
O23 - Service: TPCHKarteSVC - Toshiba Corporation - C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8725 bytes

s42236ny
2018/07/21 (Sat) 16:56:14

返信フォームへ

ログ取り直しcc

Adobe Flash Player 30 PPAPI Adobe Systems Incorporated 2018/07/13 8.82 MB 30.0.0.134
Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74
Adobe Revel Adobe Systems Incorporated 2014/12/13 1.5.101.6
AUPEO! PERSONAL RADIO for TOSHIBA sMedio 2014/12/06 1.0.0.10
Bitdefender Agent Bitdefender 2017/07/29 1.0.1
Bitdefender Antivirus Free Bitdefender 2017/07/29 1.0.8.29
Conexant HD Audio Conexant 2014/05/07 8.65.36.50
Corel PaintShop Pro X5 Corel Corporation 2014/04/03 179 MB 15.3.1.27
Corel VideoStudio X6 Corel Corporation 2014/05/07 627 MB 16.0.4.53
CyberLink MediaShow 6 CyberLink Corp. 2014/05/07 715 MB 6.0.6227
CyberLink PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
DigiBookBrowser Version 1.5.3.87 LECRE Inc. 2014/04/03 8.53 MB 1.5.3.87
DTS Sound DTS, Inc. 2014/05/07 4.00 MB 1.01.6700
dynabookランチャー用バナー 2014/05/07
ebi.BookReader4 eBOOK Initiative Japan Co., Ltd. 2014/04/03 24.6 MB 4.51.14
ebi.SampleContents eBOOK Initiative Japan Co., Ltd. 2014/04/03 94.6 MB 4.5.1.14_MSI_T
Fresh Paint Microsoft Corporation 2016/01/16 2.0.15133.0
Google Chrome Google Inc. 2015/03/01 67.0.3396.99
Intel(R) Management Engine Components Intel Corporation 2014/04/11 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 2014/04/11 10.18.10.3345
Intel(R) Rapid Storage Technology Intel Corporation 2014/05/07 12.9.0.1001
Jane Style Version 3.75 Jane, Inc. 2014/12/13 3.75
LAPLINK ヘルプデスククライアント Intercom, Inc. 2014/05/07 2.11
Lhaplus 2014/12/14
LoiLoScope 2 LoiLo inc 2014/04/03 166 MB 2.5.3.4
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/07/15 185 MB 3.5.1.2522
Microsoft Minesweeper Microsoft Studios 2018/05/20 2.7.4300.0
Microsoft Office Microsoft Corporation 2014/05/07 317 MB 15.0.4569.1506
Microsoft Silverlight Microsoft Corporation 2015/02/07 50.7 MB 5.1.30514.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/05/07 4.84 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/07 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/02/26 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/04/03 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/05/07 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/02/26 8.79 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/05/07 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/05/07 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/05/28 20.5 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2014/05/07 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN 2014/04/03
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2014/05/07 10.0.31119
MSN スポーツ Microsoft Corporation 2016/05/01 3.0.4.345
MSN トラベル Microsoft Corporation 2015/07/18 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2015/07/18 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/18 3.0.4.336
MSN マネー Microsoft Corporation 2016/08/14 3.0.4.344
MSN 天気 Microsoft Corporation 2016/11/27 3.0.4.350
music.jp STORE for TOSHIBA MTI, Ltd. 2015/03/27 2.11.0.1
OEM Registration Program Toshiba Corporation 2014/05/07 516 KB 1.1.0
OneNote Microsoft Corporation 2015/08/01 16.0.3327.1048
PAC-MAN Championship Edition DX+ for Toshiba NAMCO BANDAI Games Inc 2014/12/13 1.0.1.2
PCあんしん点検ユーティリティ Toshiba Corporation 2014/05/07 3.53 MB 2.00.01.02
PC引越ナビ東芝情報機器株式会社 2014/04/03 12.7 MB 5.0.6
PhotoWizard 2014/05/07 334 MB
PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
Realtek Card Reader Realtek Semiconductor Corp. 2014/05/07 6.3.9600.29077
Realtek Ethernet Controller Driver Realtek 2014/05/07 8.20.815.2013
Roxio Creator LJ Roxio 2014/05/07 245 MB 12.2.60.0
Roxio MediaBook Express Corel Corporation 2014/12/13 1.7.0.1
Roxio MediaBook Reader Corel Corporation 2014/12/13 1.0.0.11
RZスイート express CYBERLINK COM CORPORATION. 2016/11/04 1.0.4529.42911
RZポーター設定ユーティリティ CyberLink Corp. 2014/05/07 130 MB 1.8.02605
Synaptics Pointing Device Driver Synaptics Incorporated 2014/05/07 46.4 MB 18.1.3.0
TOSHIBA Audio Enhancement Toshiba Corporation 2014/05/07 2.16 MB 2.0.18.0
TOSHIBA Blu-ray Disc Player Toshiba Corporation 2014/05/07 106 MB 2.1.2.1
TOSHIBA Desktop Apps Menu Toshiba Corporation 2014/05/07 610 KB 1.03.02.6402
TOSHIBA Display Utility Toshiba Corporation 2014/05/07 32.1 MB 1.1.17.0
TOSHIBA eco Utility Toshiba Corporation 2014/05/07 25.1 MB 2.4.2.6403
TOSHIBA Function Key Toshiba Corporation 2014/05/07 37.5 MB 1.1.5.6402
TOSHIBA Manual TOSHIBA CORPORATION 2014/05/07 32.3 MB 0169.01.3101
TOSHIBA Media Player by sMedio TrueLink+ sMedio 2016/04/23 3.1.1.33
TOSHIBA PalaDouga TOSHIBA CORPORATION 2014/04/03 686 MB 2014.0203.0001
TOSHIBA Password Utility Toshiba Corporation 2014/05/07 6.0.3.0
TOSHIBA PC Health Monitor Toshiba Corporation 2014/05/07 28.9 MB 3.01.02.6400
TOSHIBA Recovery Media Creator Toshiba Corporation 2014/04/03 3.2.00.56006005
TOSHIBA Service Station Toshiba Corporation 2014/05/07 2.92 MB 2.6.13
TOSHIBA Speech Synthesis Toshiba Corporation 2014/05/07 65.1 MB 1.5.2.0
TOSHIBA Start Screen Option Toshiba Corporation 2014/05/07 394 KB 1.00.03.01
TOSHIBA System Driver Toshiba Corporation 2014/05/07 5.72 MB 1.00.0033
TOSHIBA System Settings Toshiba Corporation 2014/05/07 3.45 MB 2.0.1.32003
Unity Web Player Unity Technologies ApS 2014/12/13 12.0 MB 4.6.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/12/20 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/09/13 41.7 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/13 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2018/07/21 9.00 KB 16.0.1515.1
VLC media player VideoLAN 2014/12/13 2.1.5
Windows Media Encoder 9 Series 2014/05/07
Windows アラーム Microsoft Corporation 2014/12/06 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2014/12/06 6.3.9600.20280
Windows スキャン Microsoft Corporation 2014/12/13 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2014/12/13 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/06/18 6.3.9654.21234
Windows 電卓 Microsoft Corporation 2014/12/06 6.3.9600.20278
Yadotan 繝舌Μ繝･繝ｼ繧ｳ繝槭・繧ｹ譬ｪ蠑丈ｼ夂､ｾ 2014/12/06 1.3.0.1
Yahoo!オークション (ts) 繝､繝輔・繧ｸ繝｣繝代Φ 2014/12/06 2.0.0.4
YouCam for Toshiba CYBERLINK COM CORPORATION. 2014/12/13 2.5.3124.30208
あんしんWeb by Internet SagiWall for Toshiba BB繧ｽ繝輔ヨ繧ｵ繝ｼ繝薙せ譬ｪ蠑丈ｼ夂､ｾ 2017/10/08 2.2.0.3
いつもNAVI PC ZENRIN 2014/04/03 6.1.2
おたすけナビ東芝情報機器株式会社 2014/04/03 36.1 MB 8.0.2
ぱらちゃんカフェ譚ｱ闃晄ュ蝣ｱ讖溷勣譬ｪ蠑丈ｼ夂､ｾ 2015/09/19 1.1.0.3
アタッシェケース#3 ver.3.1.1.2 Mitsuhiro Hibara 2017/01/09 3.89 MB 3.1.1.2
インテル(R) ワイヤレス Bluetooth(R) 4.0 Intel Corporation 2014/05/07 8.48 MB 3.0.1342.02
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2014/05/07 390 MB 16.6.0
ゲーム Microsoft Corporation 2014/12/06 2.0.139.0
トレンドマイクロコネクト Trend Micro, Inc. 2014/12/13 7.0.0.1057
バックアップナビクラウド東芝情報機器株式会社 2014/04/03 5.15 MB 1.2.0
ビデオ Microsoft Corporation 2015/11/07 2.6.446.0
ミュージック Microsoft Corporation 2015/03/21 2.6.672.0
メール、カレンダー、People 2015/07/03
リーダー Microsoft Corporation 2018/02/12 6.4.9926.18907
動画で解決！操作ガイド東芝情報機器株式会社 2014/04/03 16.2 MB 3.0.6
動画で解決！操作ガイド－コンテンツ－東芝情報機器株式会社 2014/04/03 148 KB 3.0.6
地図 Microsoft Corporation 2014/12/13 2.1.3230.2048
思い出フォトビューア譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2015/08/01 4.2.1.4
東芝スクリーンミラーリング for スマートフォン／タブレット APUSONE Technology Inc. 2014/05/07 4.16 MB 1.0.11.8
東芝プレイス譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2014/12/06 1.0.0.31
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2016/01/10 2.2.2.4
筆ぐるめ 21 富士ソフト株式会社 2014/04/03 895 MB 21.00.0500

s42236ny
2018/07/21 (Sat) 16:59:13

返信フォームへ

フォトショインストの時期と経緯が鍵かも

早速の作業と報告、ご苦労様です。

>今までWindowsUpdateをさぼっていたので、結構時間がかかってます。WindowsUpdateが終了次第、指示された操作を進めていきます。ちなみに、このPCは完全な個人用です。

WUは怠ると本当に深刻な攻撃と被害に直結します。
まだ感染受けていなければ間に合うでしょうが、このあとの解析で明らかに異常な痕跡が見つかったら安全最優先の意味でリカバリ一択の対処になる可能性も認識しておいてください。

>フォトショップは入れた記憶がないのですが

これも妙ですね。該当PCを家族含めて他のユーザーが使ったことでもあるならそのユーザーが入れた可能性もあるでしょうが、そうでなければそのフォトショは削除推奨です。
>Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74

インストの日付は昨年9月末ですがその時期に誰かにPCを貸した覚えあれば支障ない範囲で教えてください。
PC自体まったく他の方に貸してもなければ、そのフォトショをGUを使ってアンインストール推奨です。

>普段使っているブラウザがchromeなので、IEのログはありませんでした

ではそれもいいです。

今回見せてもらった各ログではフォトショ以外には怪しいところは見えないようですが、まずはひとつ処置しておきます。

先の要領でCCを起動して「スケジュールされたタスク」タブを開いて、そこで表示されているエントリを全部「無効」にしておいてください。

これを全無効化したら一度PC再起動して、少し様子見してから、本題のhy.dentially.infoポップアップが出るか沈静化したかを返信で教えてください

悪代官
2018/07/21 (Sat) 20:54:28

返信フォームへ

Re: yahoo知恵袋での質問の続き

このPCは誰にも貸した記憶はありません。とりあえずフォトショはアンインストールします。ちなみに、GUではフォトショが表示されないので、CCでアンインストールします。あと、ブラウザをリセットした辺り(?)からhy.dentially.infoのポップアップは出ていません

s42236ny
2018/07/21 (Sat) 21:58:01

返信フォームへ

Re: yahoo知恵袋での質問の続き

OpenOffice 4.1.2 (ja) Installation Filesというフォルダがデスクトップ上に残っているんですが、削除しても大丈夫ですか？中身は
・licenses
・readmes
・redist
・openoffice1.cab
・openoffice412.msi
・setup.exe
・setup.ini
です

s42236ny
2018/07/22 (Sun) 09:36:34

返信フォームへ

回線障害でレスが遅れてます

レスが遅くなってごめんなさい。
うちのネット回線がここ3日まともにつながらずにネットもメールもまともにできませんでした。
かろうじてつながってる今のうちに可能な分だけレスします。

>OpenOffice 4.1.2 (ja) Installation Filesというフォルダがデスクトップ上に残っているんですが、削除しても大丈夫ですか？

OOのインストーラーでしょう。
インストール情報ログを見ると現在OOは入っていないようですが、今後はそれは使わないならファイルも削除でいいです。

では続きの作業の案内です。
今度は2つのツールで調べます。

次は下記のツールを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html
MBAMはご自身でも使っていたようなので使い方もわかるでしょうが一応再確認していてください。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除したあと、PCをセーフモードで再起動してしてください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
またセーフモード起動してからMBAM起動してスキャンしてください。
MBAM起動したら「スキャン」タブで「カスタムスキャン」選択後、Cドライブを含む全ドライブを選択してください。
それとルートキットスキャンの項目もチェック入れておいてください。

この形でスキャンすると時間はかかりますができるだけ細かくスキャンするためです。

両ツールのスキャンの順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、画面右下にその結果を知らせるメッセージが出るので、それを押すとその結果が表示されるはずです。
そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

悪代官
2018/07/23 (Mon) 21:09:14

返信フォームへ

MBAM

Malwarebytes
www.malwarebytes.com

-ログの詳細-
スキャン日付: 2018/07/24
スキャン時間: 18:01
ログファイル: 29859766-8f20-11e8-bcd2-c454444e6f6c.json
管理者: はい

-ソフトウェア情報-
バージョン: 3.5.1.2522
コンポーネントバージョン: 1.0.391
パッケージバージョンをアップデート: 1.0.6037
ライセンス: トライアル版

-システム情報-
OS: Windows 8.1
CPU: x64
ファイルシステム: NTFS
ユーザー: ●\\u00e7\u009b\u00b4\u00e5\u00b9\u00b8

-スキャン結果の概要-
スキャンタイプ: カスタムスキャン
スキャン開始日時: マニュアル
結果: 完了
スキャンされたオブジェクト: 391604
検出された脅威: 0
(悪意のあるアイテムは検出されませんでした)
隔離された脅威: 0
(悪意のあるアイテムは検出されませんでした)
経過時間: 5 時 32 分 6 秒

-スキャンオプション-
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 検出
PUM: 検出

-スキャンの詳細-
プロセス: 0
(悪意のあるアイテムは検出されませんでした)

モジュール: 0
(悪意のあるアイテムは検出されませんでした)

レジストリキー: 0
(悪意のあるアイテムは検出されませんでした)

レジストリ値: 0
(悪意のあるアイテムは検出されませんでした)

レジストリデータ: 0
(悪意のあるアイテムは検出されませんでした)

データストリーム: 0
(悪意のあるアイテムは検出されませんでした)

フォルダ: 0
(悪意のあるアイテムは検出されませんでした)

ファイル: 0
(悪意のあるアイテムは検出されませんでした)

物理セクタ: 0
(悪意のあるアイテムは検出されませんでした)

WMI: 0
(悪意のあるアイテムは検出されませんでした)

(end)

s42236ny
2018/07/25 (Wed) 18:12:48

返信フォームへ

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-12-2018
# Database: 2018-06-19.4
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-25-2018
# Duration: 00:00:23
# OS: Windows 8.1
# Scanned: 41582
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

AdwCleaner[S00].txt - [4212 octets] - [15/07/2018 15:07:18]
AdwCleaner[C00].txt - [3890 octets] - [15/07/2018 15:12:12]
AdwCleaner[S01].txt - [1456 octets] - [15/07/2018 15:18:26]
AdwCleaner[C01].txt - [1622 octets] - [15/07/2018 15:18:43]
AdwCleaner[S02].txt - [1578 octets] - [15/07/2018 17:06:41]
AdwCleaner[S03].txt - [1639 octets] - [15/07/2018 17:16:07]
AdwCleaner[C03].txt - [1805 octets] - [15/07/2018 17:17:29]
AdwCleaner[S04].txt - [1761 octets] - [15/07/2018 19:18:33]
AdwCleaner[C04].txt - [1927 octets] - [15/07/2018 19:18:49]
AdwCleaner[S05].txt - [1883 octets] - [15/07/2018 19:28:47]
AdwCleaner[S06].txt - [1944 octets] - [16/07/2018 06:50:08]
AdwCleaner[C06].txt - [2110 octets] - [16/07/2018 06:50:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########

今のところ、ポップアップも出てきません

s42236ny
2018/07/25 (Wed) 18:17:49

返信フォームへ

今度はOTLで踏み込んで調べます

作業と報告、ご苦労様です。

両ツールのログを見せてもらいましたが特に検出もなくきれいですね。

では両ツールは準備時の説明に沿って片付けていいです。

それではまだ隠れているモノがないか、今度は別のツールで踏み込んで解析します。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

悪代官
2018/07/25 (Wed) 21:16:49

返信フォームへ

extras

OTL Extras logfile created on: 2018/07/26 17:59:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\直幸\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19078)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.92 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 50.71% Memory free
6.67 Gb Paging File | 4.32 Gb Available in Paging File | 64.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 861.49 Gb Total Space | 759.48 Gb Free Space | 88.16% Space Free | Partition Type: NTFS
Drive D: | 50.00 Gb Total Space | 27.85 Gb Free Space | 55.71% Space Free | Partition Type: NTFS

Computer Name: 39-HIGH | User Name: 直幸 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Corel PaintShop Pro X5 で参照します] -- "c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Corel PaintShop Pro X5 で参照します] -- "c:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20091201-A1B0-48CC-99EB-458B79F5AE66}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{29F5ECBB-2E93-4E51-AC9A-6C488F618475}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B7F8AA9-B2D1-4279-A4AF-C493751CCCFE}" = rport=445 | protocol=6 | dir=out | app=system |
"{4512CD72-D90B-474B-95A5-E4C79C4BF8C7}" = rport=137 | protocol=17 | dir=out | app=system |
"{47C61197-8260-433C-B641-A744A821F365}" = rport=138 | protocol=17 | dir=out | app=system |
"{5592B7C1-C486-44EF-808E-DEDF3411BEF0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A08C8FD-4AD8-4D24-8DFD-4BB7C254529A}" = lport=445 | protocol=6 | dir=in | app=system |
"{7D2C6597-FDB6-45A2-A3BB-666B3441D4FD}" = lport=138 | protocol=17 | dir=in | app=system |
"{82444534-EFA7-444E-BFCF-CB58AFC5BDB5}" = rport=139 | protocol=6 | dir=out | app=system |
"{880A38A3-14DE-43E8-ABC0-6AC02CB2F098}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8BD04A79-3E87-4A69-AD6B-D665CB2CEB29}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8CF186E9-D495-4312-B886-4C3FFB6BFD92}" = lport=10243 | protocol=6 | dir=in | app=system |
"{92C87CB1-EA24-401C-BF72-5FB78BD67A38}" = rport=10243 | protocol=6 | dir=out | app=system |
"{93500237-A363-487D-A8D8-75EDB4F427A9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E07BFB1-4663-4DB4-8C31-E87081354FCA}" = lport=137 | protocol=17 | dir=in | app=system |
"{AEAAC12C-3C5C-47B2-9B08-0D42E595018E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{B698481C-E4D9-4BEB-92D2-A85791B8BFD9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8EEDED8-DAF2-4F30-BBA8-E99CE4BE7417}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BC4D74D7-8D57-453B-8FBB-902F49DE17F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEED0ADF-E84B-4235-A871-2763CAD22DE9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E05F364F-6BD2-4842-A411-63AFDBD2168C}" = lport=139 | protocol=6 | dir=in | app=system |
"{ECA0EA57-EB07-465D-8A44-3F4B927AF5F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04477877-8EB7-471A-A745-50881B57F0D5}" = dir=out | name=あんしんweb by internet sagiwall for toshiba |
"{04AEE59D-C1F4-4EDD-82D6-A0D4F5A3823F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{061ABD58-DFD0-46CE-A8C1-D7D5E0A773C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0D78E2C9-AEE7-45DD-B55A-59D940192325}" = dir=out | name=@{14c78905.trendmicroconnect_7.0.0.1057_x86__y1xsffnhj35f6?ms-resource://14c78905.trendmicroconnect/resources/productname} |
"{125833A4-9592-4747-B24C-EE85E57636C7}" = dir=out | name=roxio mediabook reader |
"{128D8839-89E3-487A-88E5-8BBDEFF640F1}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{1C4580C9-77C8-4C85-8685-7C9D70131F40}" = dir=out | name=yadotan |
"{200D6E8C-D1BE-4AFF-B1DB-4EC674C47925}" = dir=in | name=@{cyberlinkcorp.to.rzexpress_1.0.4529.42911_x64__0nrkv0a31nfem?ms-resource://cyberlinkcorp.to.rzexpress/resources/productname} |
"{25DA8813-657E-43CB-8151-DC971B6B0EA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{25E8E565-2658-46FE-9F55-D7ECF21F5733}" = dir=out | name=roxio mediabook express |
"{26BD9D08-4B26-49EF-A2F2-9BE0DBF597D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{26EB0EC6-1A2D-44A5-9936-62E6D5A8DBBF}" = dir=out | name=@{microsoft.bingsports_3.0.4.345_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{27454760-7EF0-43E6-925E-35335B591B11}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2899851C-0A11-4ED8-B097-B730A63299A5}" = dir=out | name=楽天gateway |
"{28DCE003-C53F-4014-9D85-7D1CED3FA656}" = dir=out | name=aupeo! personal radio for toshiba |
"{2C161913-1887-48D0-B982-D06FDAC0014E}" = dir=in | name=@{adobesystemsincorporated.adobephotoshopexpress_1.3.5.74_x64__ynb6jyjzte8ga?ms-resource://adobesystemsincorporated.adobephotoshopexpress/resources/appnametitle} |
"{306B7EE0-8EF2-4917-8E0C-56A46F3E8A24}" = protocol=6 | dir=in | app=c:\program files (x86)\rightsnetwork\rightsplugin\bin\msupdate.exe |
"{30CB9E92-288A-436E-BBFA-205DED135E23}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{35FACA6D-E5F4-44A4-9EF6-E5E9F6D247EA}" = protocol=6 | dir=out | app=system |
"{3C570920-45AA-4B59-A126-DE2C3F84C4DB}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{430C3EAD-6266-4493-82CB-8563ED23FCDB}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{4752399E-339C-4190-BE87-B5F2790EFCF6}" = dir=out | name=pac-man championship edition dx+ for toshiba |
"{4F475043-B430-407D-8C7C-A651470FF818}" = dir=out | name=fresh paint |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58ED52B7-0D2B-46A0-9453-9F6331FA8B80}" = dir=in | name=adobe revel |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{67C12824-1842-44DF-A815-5242E60341FD}" = dir=in | name=microsoft minesweeper |
"{6a052b0e-c276-4a61-9a64-628d132aee0d}" = protocol=6 | dir=in | app=c:\program files (x86)\toshiba\screen mirroring\screen mirroring.exe |
"{6B0A8871-8AB6-4F92-AF14-EB67877F7E42}" = dir=out | name=adobe revel |
"{6FCFE38A-E3C0-4FDA-A6B0-63302E81A62A}" = dir=out | name=@{microsoft.bingfinance_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{75255795-7AF4-4961-B99F-6F6C8FE1723E}" = dir=out | name=東芝プレイス |
"{7546DE36-6D9C-4A13-BD28-5E022712E83C}" = dir=out | name=youcam for toshiba |
"{7679867C-66B0-41BB-A21C-9BAAA5DEAC23}" = dir=in | name=onenote |
"{7BC64A96-064B-4EFC-972F-492A26AC17E4}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{7F24D87A-BFFF-42C6-9299-1A87956D594E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{80F93085-86C9-4CAD-98C7-9FAD5807732A}" = dir=in | name=@{14c78905.trendmicroconnect_7.0.0.1057_x86__y1xsffnhj35f6?ms-resource://14c78905.trendmicroconnect/resources/productname} |
"{831A4B1D-0669-44BF-A624-50263C4662AC}" = dir=in | app=c:\program files (x86)\cyberlink\rz player\softdma.exe |
"{84492B96-9D16-4988-B185-9346789F8CA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8ABC7DD7-528F-4944-B2BD-806FA058116D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8B8B2BA7-A3EB-471F-A65A-B1A3A3C5E1CC}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9338D3A1-81B0-4CC6-B48F-6151B6A26AEF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{95ABC6BC-950A-476E-A0EA-710F9315DAD1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9914E5B0-53DE-4A85-8896-CB30360A90E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9A0B16A5-C30B-424B-9965-C17347A8298F}" = dir=in | name=toshiba media player by smedio truelink+ |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0300EBC-3379-401E-BDA8-0E1264950AC7}" = dir=out | name=yahoo!オークション (ts) |
"{A142EA0F-6612-44A6-B12B-B6B7EC22BAFA}" = dir=out | name=music.jp for toshiba |
"{A84D5B37-EE4A-4283-AB96-293FA8F17841}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1F80249-5E36-470B-8B40-4E27CF939993}" = dir=in | name=思い出フォトビューア |
"{B2311891-ED1A-4AD2-9D6A-3B63224A3FA3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{c2bd9ce1-3f97-4afe-9c26-eefb98daa5d6}" = protocol=17 | dir=in | app=c:\program files (x86)\toshiba\screen mirroring\screen mirroring.exe |
"{C8DF9038-0811-4F13-96E1-5F5F3088D47A}" = dir=in | name=pac-man championship edition dx+ for toshiba |
"{C97A21C4-11E0-44CF-BB89-56F0C4F1FB12}" = dir=out | name=@{cyberlinkcorp.to.rzexpress_1.0.4529.42911_x64__0nrkv0a31nfem?ms-resource://cyberlinkcorp.to.rzexpress/resources/productname} |
"{CB1486E8-7678-4201-930F-AD76B5F4EF31}" = dir=in | name=aupeo! personal radio for toshiba |
"{CBB3F2F5-2D0A-42F4-8E11-F4CFB5F16D20}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CDC94AED-D379-4C9F-8B83-2D9181EBCE58}" = dir=out | name=思い出フォトビューア |
"{D017B040-E72D-48CA-89CD-841A468C75DA}" = dir=out | name=windows_ie_ac_001 |
"{D1C7C252-95A0-425F-BFFC-E40020B66DA7}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{D3A8296A-4639-4F46-AD8F-DA5679C72E0A}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D4BDB0FE-49DA-4FD3-81CC-9E8EF8E610F8}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D628668B-79FA-482F-84A0-E81BC8CEC245}" = dir=out | name=onenote |
"{D64CA6F6-EEE4-45EB-B599-6C0855CE4CA6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC0471CF-6D80-47A0-9D76-224BCA125BAA}" = dir=out | name=@{adobesystemsincorporated.adobephotoshopexpress_1.3.5.74_x64__ynb6jyjzte8ga?ms-resource://adobesystemsincorporated.adobephotoshopexpress/resources/appnametitle} |
"{DE199167-9E71-46C6-8C95-AE88D0E8D14F}" = protocol=17 | dir=in | app=c:\program files (x86)\rightsnetwork\rightsplugin\bin\msupdate.exe |
"{E0E23199-776A-4805-93FC-381D1E3EDD1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E35FAFD0-B328-48DF-93A8-8345E8B2E236}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE58FA7C-141C-4ED9-BCB9-08917A8354F2}" = dir=out | name=microsoft minesweeper |
"{EFACF28F-2FA0-457E-8A92-D33118626C89}" = dir=out | name=@{microsoft.bingnews_3.0.4.344_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{F18BC628-1E3A-40FC-88BB-CA49806E4AFE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1B3E8F3-8A09-4FEB-B504-97F0F7F795C0}" = dir=out | name=toshiba media player by smedio truelink+ |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F755D9AB-5019-4D11-98B0-FFC9CDE8D4B4}" = dir=out | name=@{microsoft.bingweather_3.0.4.350_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F86C3BCF-F2A4-436B-8225-51A72987DA45}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F9AF78DA-7921-4F68-8DE2-8E44046E4585}" = dir=in | app=c:\program files (x86)\cyberlink\rz player\kernel\dms\toshibamsserver.exe |
"{FB9DD45D-D324-4EBC-88E2-2284CAD97FC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEE37BB8-4348-4110-8A11-43D2038F6256}" = dir=out | name=@{microsoft.zunevideo_2.6.446.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"TCP Query User{4A907E0F-86DA-4CFC-AF31-D5B82BA45BA6}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{BB44699F-53DD-4137-ABD9-C5BC5CE05A38}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{F9FA41FC-A90A-4091-BB33-2180E1EF9B45}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{10F00214-5106-41AD-95C6-02A1477F03AF}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{4918CB5C-4AF3-4D28-83C6-073AA142A7ED}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{AB2BD65F-32E2-4B45-9D93-8F62ED5AAA82}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06B71035-F19F-4F76-9875-FFCCD4FC3F83}" = TOSHIBA Start Screen Option
"{10AAED5B-1575-3EA3-97D0-C5E514DE777C}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{1515F5E3-29EA-4CD1-A981-032D88880F09}" = TOSHIBA Audio Enhancement
"{1551A29F-B1B0-43CA-90B5-E6E5186F683E}" = PSPPro64
"{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}" = TOSHIBA Function Key
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F186722-B9C5-48D4-9184-CE197B42D22E}" = TOSHIBA Manual
"{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}" = Bitdefender Antivirus Free
"{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}" = TOSHIBA Password Utility
"{27DEA29A-222C-45F8-B70D-0A7B303FC71B}" = Intel(R) Rapid Storage Technology
"{3008095C-B516-4A5E-8B99-F0E113C21C72}" = Share64
"{3181229B-05DA-46F9-B8D4-4966BDA99A74}" = Intel® PROSet/Wireless WiFi Software
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes バージョン 3.5.1.2522
"{36B0B896-6CD8-4C5F-B7E1-2AC8E9588ACC}" = TOSHIBA Speech Synthesis
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}" = PhotoWizard
"{40557F0F-7488-496F-B97F-2AC3DFE15B2B}" = TOSHIBA Service Station
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{484A4296-6F3D-4182-8CFA-D664F7DA34AA}" = TOSHIBA Display Utility
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{94D2A899-0C34-4420-880E-AE337E635AB0}" = TOSHIBA eco Utility
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}" = Intel(R) Chipset Device Software
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C4CDCEF0-0A7A-4425-887C-33E39533D758}" = TOSHIBA Desktop Assist
"{c7565395-3662-4b78-8c42-e7cf02c6edd7}" = Intel(R) PRO/Wireless Driver
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{DC604EA2-684F-4fad-80E6-10A090F85E7D}" = CyberLink PowerDirector Touch
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{FF07604E-C860-40E9-A230-E37FA41F103A}" = TOSHIBA Blu-ray Disc Player
"Bitdefender Agent" = Bitdefender Agent
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = Corel PaintShop Pro X5
"_{6688A246-F6E8-48AD-9806-8D5832E9F15D}" = Corel VideoStudio X6
"{01E87699-A49D-413A-B75B-7C434FEF979C}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0F02A029-3792-4D6E-A1CB-D5520360B601}" = PC引越ナビ
"{0FBC4D50-F28B-445B-8A7F-669C886E91A7}" = 筆ぐるめ 21
"{105fa5c4-72e1-41f2-a82c-884d8aa4b381}" = インテル® PROSet/Wireless ソフトウェア
"{15002A1B-C1E7-4E91-A3EC-5502BF924A32}" = Setup
"{15015752-9990-4516-A2B1-93823281FB8E}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{15180A90-1FC0-47E4-A150-3AECEF07B3B6}" = Corel PaintShop Pro X5
"{1522E36C-3739-41E4-8CD3-A4AFEA70086A}" = PSPPContent
"{153DD765-C8C6-4893-8CEF-D965351D82EC}" = PSPPHelp
"{154B0B16-ABCD-4A06-B0B7-8146B7A89B25}" = IPM_PSP_COM
"{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}" = ICA
"{16F31AD1-65B1-471A-B788-E90B6AD292D0}" = インテル(R) ワイヤレス Bluetooth(R) 4.0
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21357E10-BDCB-4CDD-B2A3-905DD7ED653D}_is1" = DigiBookBrowser Version 1.5.3.87
"{21CEB4A6-0FF1-444F-A0CC-6F648F74C7F6}" = TOSHIBA PalaDouga
"{286B5435-9A16-4A06-8E56-87E7EC4E1315}" = dynabookランチャー用バナー
"{2C96F677-7D9C-4087-8CA5-21EB27150F41}" = Roxio Creator LJ
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{48E6E16B-00D2-4A96-A448-A9891B3CED51}" = バックアップナビクラウド
"{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}" = TOSHIBA System Settings
"{5705EC66-E894-454D-A014-ADF1DF920C10}" = いつもNAVI PC
"{5B54DDC3-0ACC-4722-9C23-C3F07AF4825D}" = DTS Sound
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63C9CD5E-E875-4716-B899-A8CF6CFDBEAE}" = 動画で解決！操作ガイド－コンテンツ－
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6688A246-F6E8-48AD-9806-8D5832E9F15D}" = ICA
"{6C6EEA9F-3998-4E0D-B91F-43CB218C715C}" = Setup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716C8275-A4A9-48CB-88C0-9829334CA3C5}" = Toshiba Quality Application
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator LJ
"{7DF86E78-8CFC-4C44-A6FA-7C6C9720C315}" = ebi.BookReader4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator LJ
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{aa4bf92b-2aaf-11da-9d78-000129760d75}" = RZポーター設定ユーティリティ
"{AD7DA145-3118-4D69-BE89-D3ED1510BD15}" = Share
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B206C83F-DB99-45A7-905D-861B53151D51}" = おたすけナビ
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B69F4E72-CCA4-4352-BF1C-708CE3D96E25}" = OEM Registration Program
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1" = LoiLoScope 2
"{CCC10E8E-7FD1-4D55-87C2-D0A5ABC0A62B}" = IPM_VS_Pro
"{D0096E50-D99E-4178-A988-E5192B6F6B91}" = VSClassic
"{D29406CE-C5A4-41DA-9A7B-37EAB5B9ED50}" = 動画で解決！操作ガイド
"{D88D7ECD-F173-4A97-96F9-2B05C5DC90DC}" = VSPro
"{D9CD7DB3-E2BE-4BC6-85A6-EF9235C0B096}" = PCあんしん点検ユーティリティ
"{D9DD0D4F-6E5A-484D-AD8C-FD3BAF5D4450}" = VSHelp
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{e48a2f61-851a-4155-82f9-af1b04db8c3b}" = インテル® チップセットデバイスソフトウェア
"{E75B82FD-B6FD-4653-8685-F3A97BDFEA6E}" = Update for Japanese Microsoft IME Standard Dictionary
"{EE0B1766-153A-4251-A192-F8FD3D941711}" = Contents
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FB840BB8-82D9-43F8-B7AD-C1DE01185294}" = 東芝スクリーンミラーリング
"Adobe Flash Player PPAPI" = Adobe Flash Player 30 PPAPI
"ebi.SampleContents_is1" = ebi.SampleContents
"Google Chrome" = Google Chrome
"InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}" = TOSHIBA Password Utility
"InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"InstallShield_{aa4bf92b-2aaf-11da-9d78-000129760d75}" = RZポーター設定ユーティリティ
"InstallShield_{DC604EA2-684F-4fad-80E6-10A090F85E7D}" = CyberLink PowerDirector Touch
"InstallShield_{FB840BB8-82D9-43F8-B7AD-C1DE01185294}" = 東芝スクリーンミラーリング for スマートフォン／タブレット
"Jane Style_is1" = Jane Style Version 3.75
"LAPLINK HelpDesk Client" = LAPLINK ヘルプデスククライアント
"Lhaplus" = Lhaplus
"VLC media player" = VLC media player
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"アタッシェケース#3_is1" = アタッシェケース#3 ver.3.1.1.2

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3991521682-1757786244-955927445-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2018/07/26 5:58:06 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0xdb8 障害が発生しているアプリケーションの開始時刻: 0x01d424c726798e80
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 64667909-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:12 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x157c 障害が発生しているアプリケーションの開始時刻: 0x01d424c72a16a270
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 68038cea-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:18 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0xa80 障害が発生しているアプリケーションの開始時刻: 0x01d424c72dbadc3b
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 6ba7c7da-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:25 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x994 障害が発生しているアプリケーションの開始時刻: 0x01d424c73157f148
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 6f49a078-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:31 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x12e4 障害が発生しているアプリケーションの開始時刻: 0x01d424c7352250e0
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 73140143-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:37 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x1568 障害が発生しているアプリケーションの開始時刻: 0x01d424c738ecb1a3
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 76d013c3-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:43 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x190c 障害が発生しているアプリケーションの開始時刻: 0x01d424c73c7dd9aa
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 7a554ffe-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:49 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x684 障害が発生しているアプリケーションの開始時刻: 0x01d424c73ff00302
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 7dc2b4a9-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:58:55 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x84 障害が発生しているアプリケーションの開始時刻: 0x01d424c7435641cb
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 81458e98-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2018/07/26 5:59:01 | Computer Name = 39-high | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: ToshibaMSServer.exe、バージョン: 2.2.0.12205、タイムスタンプ:
0x52f1d347 障害が発生しているモジュール名: MSVCP120.dll、バージョン: 6.3.9600.18895、タイムスタンプ: 0x5a4b127e
例外コード:
0xc0000135 障害オフセット: 0x0009d4e2 障害が発生しているプロセス ID: 0x13bc 障害が発生しているアプリケーションの開始時刻: 0x01d424c746ff404b
障害が発生しているアプリケーション
パス: C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe 障害が発生しているモジュール
パス: MSVCP120.dll レポート ID: 84ddddbd-90ba-11e8-829c-a08869998d32 障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

[ System Events ]
Error - 2018/07/20 21:32:49 | Computer Name = 39-high | Source = Service Control Manager | ID = 7001
Description = Windows Media Player Network Sharing Service サービスは、次のエラーが原因で開始できなかった
Windows Search サービスに依存しています: %%1070

Error - 2018/07/20 22:49:14 | Computer Name = 39-high | Source = Service Control Manager | ID = 7011
Description = vsserv サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2018/07/20 22:49:15 | Computer Name = 39-high | Source = Service Control Manager | ID = 7011
Description = vsservppl サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2018/07/20 22:49:15 | Computer Name = 39-high | Source = Service Control Manager | ID = 7011
Description = MBAMService サービスからのトランザクション応答を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2018/07/20 22:51:03 | Computer Name = 39-high | Source = Microsoft-Windows-Directory-Services-SAM | ID = 16953
Description = エラー 126 によりパスワード通知 DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
を読み込むことができませんでした。通知 DLL のパスがレジストリ HKLM\System\CurrentControlSet\Control\Lsa\Notification
Packages に登録されていること、参照先が正しいこと、相対パスや無効なパスではなく絶対パス (<ドライブ>:\<パス>\<ファイル名>.<拡張子>) であることを確認してください。DLL
のパスが正しい場合には、サポートファイルが同じディレクトリにあること、システムアカウントに DLL のパスとサポートファイルの両方の読み取りアクセス権があることを確認してください。追加サポートについては、通知
DLL のプロバイダーにお問い合わせください。詳細については、Web サイト http://go.microsoft.com/fwlink/?LinkId=245898
を参照してください。

Error - 2018/07/20 22:51:18 | Computer Name = 39-high | Source = Service Control Manager | ID = 7001
Description = Conexant Audio Message Service サービスは、次のエラーが原因で開始できなかった Windows Audio
サービスに依存しています: %%1068

Error - 2018/07/20 22:51:18 | Computer Name = 39-high | Source = Service Control Manager | ID = 7001
Description = DTS APO Service サービスは、次のエラーが原因で開始できなかった Windows Audio サービスに依存しています:
%%1068

Error - 2018/07/20 22:51:37 | Computer Name = 39-high | Source = DCOM | ID = 10005
Description =

Error - 2018/07/20 22:51:38 | Computer Name = 39-high | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN 拡張性モジュールを開始できませんでした。モジュールパス: C:\Windows\System32\IWMSSvc.dll
エラー
コード: 21

Error - 2018/07/20 22:51:40 | Computer Name = 39-high | Source = DCOM | ID = 10005
Description =

< End of report >

s42236ny
2018/07/26 (Thu) 19:35:23

返信フォームへ

OTL

OTL logfile created on: 2018/07/26 17:59:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\●\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19078)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.92 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 50.71% Memory free
6.67 Gb Paging File | 4.32 Gb Available in Paging File | 64.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 861.49 Gb Total Space | 759.48 Gb Free Space | 88.16% Space Free | Partition Type: NTFS
Drive D: | 50.00 Gb Total Space | 27.85 Gb Free Space | 55.71% Space Free | Partition Type: NTFS

Computer Name: 39-HIGH | User Name: ● | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2018/07/26 17:57:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\●\Downloads\OTL.exe
PRC - [2018/06/20 08:17:50 | 003,783,376 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2018/05/16 18:51:01 | 001,275,776 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender Agent\ProductAgentService.exe
PRC - [2014/03/06 13:15:18 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014/03/06 13:15:02 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2014/03/06 13:14:40 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014/02/27 13:31:46 | 000,013,312 | ---- | M] () -- C:\Windows\SysWOW64\SMITSC.exe
PRC - [2014/02/05 16:10:26 | 000,089,864 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe
PRC - [2014/02/05 16:09:42 | 000,134,920 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe
PRC - [2013/10/21 19:51:24 | 000,296,008 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
PRC - [2013/09/05 10:08:24 | 002,021,760 | ---- | M] (Toshiba Corporation) -- C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe
PRC - [2013/01/24 13:48:36 | 000,029,296 | ---- | M] (Intercom, Inc.) -- C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe
PRC - [2013/01/22 17:22:56 | 000,244,144 | ---- | M] (Toshiba Corporation) -- C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
PRC - [2013/01/10 15:36:10 | 000,052,856 | ---- | M] (Intercom, Inc.) -- C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhrcusr.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2018/06/09 12:14:38 | 002,195,280 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender Antivirus Free\bdredline.exe -- (bdredline)
SRV:[b]64bit:[/b] - [2018/06/09 12:14:23 | 000,239,400 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe -- (updatesrv)
SRV:[b]64bit:[/b] - [2018/06/09 12:14:21 | 000,239,400 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender Antivirus Free\vsserv.exe -- (vsserv)
SRV:[b]64bit:[/b] - [2018/06/09 12:13:08 | 000,239,400 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe -- (vsservppl)
SRV:[b]64bit:[/b] - [2018/05/16 18:51:01 | 001,275,776 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender Agent\ProductAgentService.exe -- (ProductAgentService)
SRV:[b]64bit:[/b] - [2018/05/09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:[b]64bit:[/b] - [2018/03/11 01:46:10 | 000,840,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2018/01/02 14:17:04 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2017/01/13 01:51:17 | 000,361,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2017/01/13 01:51:17 | 000,119,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2016/12/25 08:39:34 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2016/08/22 22:34:40 | 001,628,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/02/09 01:53:04 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/02/04 00:11:56 | 001,673,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/07/17 03:58:34 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/05/31 04:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/05/12 22:19:37 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/05/08 00:21:51 | 000,522,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/08/16 12:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/02/14 10:08:42 | 000,469,064 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:[b]64bit:[/b] - [2013/10/11 13:42:42 | 003,671,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2013/10/11 13:42:20 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2013/10/11 13:41:56 | 000,631,024 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2013/10/11 13:41:28 | 000,154,864 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2013/09/24 12:16:18 | 000,053,864 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV:[b]64bit:[/b] - [2013/09/13 15:52:28 | 000,347,488 | ---- | M] (Toshiba Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Teco\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/12/12 15:38:40 | 000,205,560 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV - [2018/07/13 11:09:21 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/05/08 00:05:40 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/08/16 12:29:40 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/03/26 13:25:24 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/21 14:09:28 | 000,021,840 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe -- (dts_apo_service)
SRV - [2014/03/06 13:15:18 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014/03/06 13:15:02 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2014/03/06 13:14:40 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014/02/27 13:31:46 | 000,013,312 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\SMITSC.exe -- (SMITS)
SRV - [2014/02/05 16:10:26 | 000,089,864 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe -- (CLHNServiceForToshiba)
SRV - [2014/02/05 16:09:43 | 000,375,560 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe -- (Toshiba Media Server Service)
SRV - [2014/02/05 16:09:42 | 000,134,920 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe -- (Toshiba Media Server Monitor Service)
SRV - [2013/06/13 11:33:12 | 000,310,656 | ---- | M] (Intercom, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDClient.exe -- (LLHDClient)
SRV - [2013/01/22 17:22:56 | 000,244,144 | ---- | M] (Toshiba Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe -- (TPCHKarteSVC)
SRV - [2012/12/17 12:57:26 | 000,016,384 | ---- | M] (Toshiba Corporation) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\OEM Registration Program\OEMRegistrationProgram.exe -- (OEMRegistrationProgram)
SRV - [2011/06/29 10:44:04 | 000,008,704 | ---- | M] (Intercom, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDCldr.exe -- (LLHDCloader)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018/07/26 17:53:48 | 000,102,632 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:[b]64bit:[/b] - [2018/07/25 18:08:42 | 000,048,360 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:[b]64bit:[/b] - [2018/07/25 18:08:37 | 000,114,920 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:[b]64bit:[/b] - [2018/07/25 18:08:32 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2018/07/25 18:03:28 | 000,191,208 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon)
DRV:[b]64bit:[/b] - [2018/06/30 13:05:06 | 000,193,184 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:[b]64bit:[/b] - [2018/06/21 03:48:27 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2018/06/19 14:09:20 | 000,152,688 | ---- | M] (Malwarebytes) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:[b]64bit:[/b] - [2018/06/09 12:13:48 | 001,283,464 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\atc.sys -- (atc)
DRV:[b]64bit:[/b] - [2018/05/26 11:57:48 | 001,723,552 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:[b]64bit:[/b] - [2018/05/26 11:56:55 | 000,152,648 | ---- | M] (Bitdefender) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\bddci.sys -- (BdDci)
DRV:[b]64bit:[/b] - [2018/05/26 11:56:08 | 000,607,640 | ---- | M] (Bitdefender) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:[b]64bit:[/b] - [2018/05/26 11:55:30 | 000,246,064 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\edrsensor.sys -- (edrsensor)
DRV:[b]64bit:[/b] - [2018/05/26 11:55:27 | 000,023,032 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bdelam.sys -- (bdelam)
DRV:[b]64bit:[/b] - [2018/05/23 14:45:28 | 000,027,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2018/05/13 05:51:23 | 000,923,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2018/05/04 08:02:07 | 000,325,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2018/05/04 08:02:07 | 000,187,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2018/04/07 06:27:09 | 000,376,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2018/04/06 02:47:55 | 000,087,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2018/01/02 16:56:11 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2017/11/09 00:55:00 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2017/10/10 20:42:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2017/07/08 12:16:36 | 000,086,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2017/05/16 07:09:32 | 000,057,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2017/02/10 23:37:28 | 000,046,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2017/01/13 01:51:18 | 000,274,776 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2017/01/13 01:51:18 | 000,117,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2017/01/12 02:28:42 | 000,422,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2016/01/27 04:15:40 | 000,072,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/11 15:34:30 | 000,468,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/09/29 21:24:42 | 000,155,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/03/20 10:56:10 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/03/13 13:03:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/03/09 11:02:51 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/03/26 13:24:48 | 004,195,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/03/26 13:24:20 | 000,449,496 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2014/03/24 11:28:56 | 001,455,808 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2014/03/13 21:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/03/06 13:14:50 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2014/02/23 00:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/02/21 08:34:18 | 000,540,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2014/02/21 08:34:18 | 000,031,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:[b]64bit:[/b] - [2014/02/11 17:55:20 | 000,293,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:[b]64bit:[/b] - [2013/12/05 03:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2013/11/21 08:31:28 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/11/01 03:22:28 | 000,027,032 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:[b]64bit:[/b] - [2013/10/26 10:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2013/10/18 08:45:44 | 000,142,280 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:[b]64bit:[/b] - [2013/10/18 07:41:31 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/10/18 07:41:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2013/10/14 04:24:22 | 003,607,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwbw02.sys -- (NETwNb64)
DRV:[b]64bit:[/b] - [2013/10/10 15:49:32 | 000,033,168 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Thotkey.sys -- (Thotkey)
DRV:[b]64bit:[/b] - [2013/09/14 23:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2013/08/23 07:50:08 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/15 14:28:42 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2013/08/15 01:13:32 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 16:15:42 | 000,014,000 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/07/19 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2013/06/07 15:21:50 | 000,017,208 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:[b]64bit:[/b] - [2012/06/18 10:30:56 | 000,499,096 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:[b]64bit:[/b] - [2010/03/05 20:19:00 | 000,011,296 | ---- | M] (Intercom, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\llhrcmi6.sys -- (llhrcmi6)
DRV - [2012/07/10 15:22:37 | 000,081,904 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\ntk3_Toshiba_64.sys -- (ntk3_Toshiba)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=TAJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=TAJB

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175346702\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.jp/
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001\..\SearchScopes,DefaultScope = {7F291DAB-3236-43EE-9D1E-0900C725EDAF}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001\..\SearchScopes\{7F291DAB-3236-43EE-9D1E-0900C725EDAF}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.jp/
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\..\SearchScopes,DefaultScope = {7F291DAB-3236-43EE-9D1E-0900C725EDAF}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\..\SearchScopes\{7F291DAB-3236-43EE-9D1E-0900C725EDAF}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\●\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6718.423.0.0_0\

O1 HOSTS File: ([2017/07/02 09:16:08 | 000,000,830 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:[b]64bit:[/b] - HKLM..\Run: [] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [TCrdMain] C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TecoResident] C:\Program Files\Toshiba\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TSSSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CLMSTrayIcon] C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe (Cyberlink)
O4 - HKLM..\Run: [LLHDUSER] C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe (Intercom, Inc.)
O4 - HKLM..\Run: [TKRTL] C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe (Toshiba Corporation)
O4 - HKLM..\Run: [TSVU] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe (TOSHIBA)
O4 - Startup: C:\Users\●\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE40BF3-F17B-4244-B48D-DB093C4A59FA}: DhcpNameServer = 40.40.1.201 40.40.1.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3CBA107-80FF-4E08-AE6A-9922076940F2}: DhcpNameServer = 192.168.10.1
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {77238F90-C50E-36FD-982E-6975CF173EBE} - .NET Framework
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} -
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE323DE5-ABB6-3E2B-96D2-43ACCDDCFBAE} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018/07/21 11:29:49 | 000,000,000 | ---D | C] -- C:\Users\●\AppData\Roaming\Geek Uninstaller
[2018/07/21 11:29:02 | 000,000,000 | ---D | C] -- C:\Users\●\Desktop\geek
[2018/07/21 10:32:04 | 000,179,704 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018/07/21 10:32:02 | 000,835,064 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018/07/21 01:54:32 | 000,029,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2018/07/21 01:54:15 | 000,019,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2018/07/21 01:54:14 | 000,690,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp120_clr0400.dll
[2018/07/21 01:54:14 | 000,485,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp120_clr0400.dll
[2018/07/21 01:53:42 | 000,030,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2018/07/21 01:53:25 | 000,019,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2018/07/21 01:52:59 | 000,987,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2018/07/21 01:52:58 | 000,993,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2018/07/21 00:37:52 | 000,164,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Storage.ApplicationData.dll
[2018/07/21 00:37:50 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2018/07/21 00:37:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2018/07/21 00:37:48 | 001,178,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2018/07/21 00:37:48 | 000,918,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2018/07/21 00:37:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2018/07/21 00:37:48 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-utility-l1-1-0.dll
[2018/07/21 00:37:47 | 000,017,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-string-l1-1-0.dll
[2018/07/21 00:37:47 | 000,017,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-stdio-l1-1-0.dll
[2018/07/21 00:37:47 | 000,015,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-runtime-l1-1-0.dll
[2018/07/21 00:37:47 | 000,013,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-time-l1-1-0.dll
[2018/07/21 00:37:47 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-process-l1-1-0.dll
[2018/07/21 00:37:46 | 000,065,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-private-l1-1-0.dll
[2018/07/21 00:37:46 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-math-l1-1-0.dll
[2018/07/21 00:37:46 | 000,018,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-multibyte-l1-1-0.dll
[2018/07/21 00:37:46 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-locale-l1-1-0.dll
[2018/07/21 00:37:46 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-heap-l1-1-0.dll
[2018/07/21 00:37:45 | 000,015,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-convert-l1-1-0.dll
[2018/07/21 00:37:45 | 000,013,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-filesystem-l1-1-0.dll
[2018/07/21 00:37:45 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-conio-l1-1-0.dll
[2018/07/21 00:37:45 | 000,011,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-crt-environment-l1-1-0.dll
[2018/07/21 00:37:44 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2018/07/21 00:37:44 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2018/07/21 00:37:43 | 006,214,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2018/07/21 00:37:42 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wisp.dll
[2018/07/21 00:37:41 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2018/07/21 00:37:40 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2018/07/21 00:37:40 | 000,174,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2018/07/21 00:37:40 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2018/07/21 00:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsSpellCheckingFacility.dll
[2018/07/21 00:37:36 | 005,275,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll
[2018/07/21 00:37:36 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2018/07/21 00:37:36 | 000,393,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2018/07/21 00:37:36 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2018/07/21 00:37:35 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2018/07/21 00:37:35 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PlayToDevice.dll
[2018/07/21 00:37:34 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offreg.dll
[2018/07/21 00:37:32 | 002,471,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2018/07/21 00:37:32 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/07/21 00:37:32 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2018/07/21 00:37:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/07/21 00:37:31 | 001,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll
[2018/07/21 00:37:31 | 000,399,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll
[2018/07/21 00:37:31 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2018/07/21 00:37:30 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2018/07/21 00:37:30 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2018/07/21 00:37:30 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2018/07/21 00:37:29 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2018/07/21 00:37:29 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2018/07/21 00:37:29 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2018/07/21 00:37:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2018/07/21 00:37:27 | 002,364,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2018/07/21 00:37:27 | 001,562,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2018/07/21 00:37:27 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2018/07/21 00:37:27 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcbase.dll
[2018/07/21 00:37:27 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cic.dll
[2018/07/21 00:37:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcshext.dll
[2018/07/21 00:37:26 | 001,311,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2018/07/21 00:37:26 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2018/07/21 00:37:26 | 000,343,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2018/07/21 00:37:26 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2018/07/21 00:37:26 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2018/07/21 00:37:24 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018/07/21 00:37:24 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018/07/21 00:37:24 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018/07/21 00:37:20 | 002,060,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018/07/21 00:37:18 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2018/07/21 00:37:16 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uReFS.dll
[2018/07/21 00:37:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2018/07/21 00:37:16 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2018/07/21 00:37:16 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uudf.dll
[2018/07/21 00:37:16 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2018/07/21 00:37:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uexfat.dll
[2018/07/21 00:37:15 | 003,551,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_47.dll
[2018/07/21 00:37:15 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2018/07/21 00:37:15 | 001,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2018/07/21 00:37:15 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2018/07/21 00:37:15 | 000,450,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2018/07/21 00:37:15 | 000,308,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2018/07/21 00:37:15 | 000,136,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wermgr.exe
[2018/07/21 00:37:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ufat.dll
[2018/07/21 00:37:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\werdiagcontroller.dll
[2018/07/21 00:37:14 | 005,270,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Data.Pdf.dll
[2018/07/21 00:37:14 | 001,942,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2018/07/21 00:37:09 | 000,837,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2018/07/21 00:37:09 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcuiu.dll
[2018/07/21 00:37:09 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cnvfat.dll
[2018/07/21 00:37:08 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2018/07/21 00:37:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2018/07/21 00:37:07 | 001,344,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2018/07/21 00:37:07 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2018/07/21 00:37:07 | 000,341,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2018/07/21 00:37:07 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/07/21 00:37:06 | 002,464,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2018/07/21 00:37:06 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCPTpm12.dll
[2018/07/21 00:37:05 | 002,749,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2018/07/21 00:37:05 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2018/07/21 00:37:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2018/07/21 00:37:04 | 001,920,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2018/07/21 00:37:04 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2018/07/21 00:37:00 | 003,553,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsrchvw.exe
[2018/07/21 00:37:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/07/21 00:37:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/07/21 00:37:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/07/21 00:36:58 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2018/07/21 00:36:58 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2018/07/21 00:36:58 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2018/07/21 00:36:58 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2018/07/21 00:36:58 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2018/07/21 00:36:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2018/07/21 00:36:58 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll
[2018/07/21 00:36:58 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2018/07/21 00:36:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2018/07/21 00:36:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Wind

s42236ny
2018/07/26 (Thu) 19:37:51

返信フォームへ

OTL.txtだけ途切れてますね

こんばんは。
OTLスキャンのログを見せてもらいました。

Extraのログはそれでいいですが、メインのOTL.txtログが途切れてますね。
fc2の文字数制限1万文字で途切れたんでしょう。

OTL.txtもExtraもスキャンログの末尾に

< End of report >

と表示されますから、その末尾までの全文を再度分割で返信もらえますか。
文字数カウントサイトを利用して、ログを適当なところで分割して複数回に分けてレスすればいいです
http://www1.odn.ne.jp/megukuma/count.htm

悪代官
2018/07/26 (Thu) 20:51:33

返信フォームへ

OTL続き

[2018/07/21 00:36:58 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll
[2018/07/21 00:36:57 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2018/07/21 00:36:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2018/07/21 00:36:55 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmitomi.dll
[2018/07/21 00:36:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAgent.dll
[2018/07/21 00:36:53 | 012,879,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2018/07/21 00:36:53 | 000,954,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.appcore.dll
[2018/07/21 00:36:53 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2018/07/21 00:36:52 | 001,086,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2018/07/21 00:36:51 | 001,495,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll
[2018/07/21 00:36:50 | 001,108,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mispace.dll
[2018/07/21 00:36:50 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2018/07/21 00:36:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mgmtapi.dll
[2018/07/21 00:36:49 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018/07/21 00:36:49 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018/07/21 00:36:47 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2018/07/21 00:36:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmxs.dll
[2018/07/21 00:36:47 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasser.dll
[2018/07/21 00:36:46 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll
[2018/07/21 00:36:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2018/07/21 00:36:46 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kmddsp.tsp
[2018/07/21 00:36:45 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2018/07/21 00:36:45 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2018/07/21 00:36:44 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2018/07/21 00:36:43 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2018/07/21 00:36:43 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\compstui.dll
[2018/07/21 00:36:43 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2018/07/21 00:36:43 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DafPrintProvider.dll
[2018/07/21 00:36:43 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2018/07/21 00:36:43 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2P.dll
[2018/07/21 00:36:43 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2018/07/21 00:36:41 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2018/07/21 00:36:40 | 000,787,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll
[2018/07/21 00:36:40 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2018/07/21 00:36:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmjpegdec.dll
[2018/07/21 00:36:39 | 013,317,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2018/07/21 00:36:39 | 009,323,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2018/07/21 00:36:39 | 002,324,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2018/07/21 00:36:33 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018/07/21 00:36:33 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018/07/21 00:36:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2018/07/21 00:36:33 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018/07/21 00:36:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018/07/21 00:36:32 | 000,868,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll
[2018/07/21 00:36:32 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hhctrl.ocx
[2018/07/21 00:36:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsiwmi.dll
[2018/07/21 00:36:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsidsc.dll
[2018/07/21 00:36:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2018/07/21 00:36:31 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2018/07/21 00:36:30 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2018/07/21 00:36:29 | 000,315,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2018/07/21 00:36:28 | 002,712,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2018/07/21 00:36:28 | 001,501,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2018/07/21 00:36:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2018/07/21 00:36:11 | 000,741,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2018/07/21 00:36:09 | 000,548,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinTypes.dll
[2018/07/21 00:36:05 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincorlib.dll
[2018/07/21 00:36:03 | 001,565,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\combase.dll
[2018/07/21 00:36:03 | 000,066,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/07/21 00:34:15 | 003,631,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2018/07/21 00:34:15 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netvsc63.sys
[2018/07/21 00:34:15 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetVscCoinstall.dll
[2018/07/21 00:34:14 | 002,551,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2018/07/21 00:34:14 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2018/07/21 00:34:14 | 000,748,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2018/07/21 00:34:14 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2018/07/21 00:34:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2018/07/21 00:34:14 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2018/07/21 00:34:14 | 000,214,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Storage.ApplicationData.dll
[2018/07/21 00:34:11 | 000,117,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdNisDrv.sys
[2018/07/21 00:34:09 | 000,439,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2018/07/21 00:34:09 | 000,325,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2018/07/21 00:34:09 | 000,274,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2018/07/21 00:34:09 | 000,187,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2018/07/21 00:34:09 | 000,046,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2018/07/21 00:34:07 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\uefi.sys
[2018/07/21 00:34:06 | 000,422,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2018/07/21 00:34:06 | 000,057,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stornvme.sys
[2018/07/21 00:34:03 | 000,754,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll
[2018/07/21 00:34:03 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2018/07/21 00:34:03 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icfupgd.dll
[2018/07/21 00:34:02 | 001,753,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2018/07/21 00:34:00 | 004,690,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsrchvw.exe
[2018/07/21 00:34:00 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2018/07/21 00:34:00 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/07/21 00:34:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2018/07/21 00:34:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/07/21 00:33:59 | 002,240,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2018/07/21 00:33:59 | 001,763,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2018/07/21 00:33:59 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2018/07/21 00:33:59 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2018/07/21 00:33:59 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2018/07/21 00:33:59 | 000,374,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2018/07/21 00:33:59 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2018/07/21 00:33:59 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2018/07/21 00:33:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininit.exe
[2018/07/21 00:33:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll
[2018/07/21 00:33:58 | 001,543,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2018/07/21 00:33:58 | 000,672,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wimgapi.dll
[2018/07/21 00:33:58 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wimserv.exe
[2018/07/21 00:33:58 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll
[2018/07/21 00:33:58 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2018/07/21 00:33:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2018/07/21 00:33:57 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2018/07/21 00:33:57 | 000,136,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2018/07/21 00:33:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2018/07/21 00:33:56 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2018/07/21 00:33:56 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2018/07/21 00:33:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2018/07/21 00:33:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2018/07/21 00:33:54 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2018/07/21 00:33:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2018/07/21 00:33:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAgent.dll
[2018/07/21 00:33:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2018/07/21 00:33:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2018/07/21 00:33:52 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmitomi.dll
[2018/07/21 00:33:51 | 001,541,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2018/07/21 00:33:51 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2018/07/21 00:33:51 | 000,998,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2018/07/21 00:33:51 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2018/07/21 00:33:51 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2018/07/21 00:33:51 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2018/07/21 00:33:50 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2018/07/21 00:33:50 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-string-l1-1-0.dll
[2018/07/21 00:33:50 | 000,017,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-stdio-l1-1-0.dll
[2018/07/21 00:33:50 | 000,014,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-time-l1-1-0.dll
[2018/07/21 00:33:50 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-utility-l1-1-0.dll
[2018/07/21 00:33:49 | 014,466,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2018/07/21 00:33:49 | 001,628,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagtrack.dll
[2018/07/21 00:33:49 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.appcore.dll
[2018/07/21 00:33:49 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TpmTasks.dll
[2018/07/21 00:33:49 | 000,063,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-private-l1-1-0.dll
[2018/07/21 00:33:49 | 000,020,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-math-l1-1-0.dll
[2018/07/21 00:33:49 | 000,019,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-multibyte-l1-1-0.dll
[2018/07/21 00:33:49 | 000,016,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-runtime-l1-1-0.dll
[2018/07/21 00:33:49 | 000,015,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-convert-l1-1-0.dll
[2018/07/21 00:33:49 | 000,013,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-filesystem-l1-1-0.dll
[2018/07/21 00:33:49 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-conio-l1-1-0.dll
[2018/07/21 00:33:49 | 000,012,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-process-l1-1-0.dll
[2018/07/21 00:33:49 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-locale-l1-1-0.dll
[2018/07/21 00:33:49 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-heap-l1-1-0.dll
[2018/07/21 00:33:49 | 000,012,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-crt-environment-l1-1-0.dll
[2018/07/21 00:33:48 | 000,121,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tm.sys
[2018/07/21 00:33:47 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2018/07/21 00:33:46 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2018/07/21 00:33:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdsdwmdr.dll
[2018/07/21 00:33:45 | 007,033,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2018/07/21 00:33:45 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2018/07/21 00:33:45 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2018/07/21 00:33:45 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
[2018/07/21 00:33:45 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisp.dll
[2018/07/21 00:33:44 | 001,384,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2018/07/21 00:33:43 | 002,513,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll
[2018/07/21 00:33:43 | 000,380,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2018/07/21 00:33:42 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mispace.dll
[2018/07/21 00:33:42 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2018/07/21 00:33:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2018/07/21 00:33:42 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mgmtapi.dll
[2018/07/21 00:33:40 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smbwmiv2.dll
[2018/07/21 00:33:39 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2018/07/21 00:33:39 | 000,202,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2018/07/21 00:33:39 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ScDeviceEnum.dll
[2018/07/21 00:33:39 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SCardDlg.dll
[2018/07/21 00:33:38 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2018/07/21 00:33:38 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2018/07/21 00:33:37 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2018/07/21 00:33:36 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2018/07/21 00:33:36 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018/07/21 00:33:36 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018/07/21 00:33:36 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018/07/21 00:33:35 | 005,779,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018/07/21 00:33:35 | 001,001,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.dll
[2018/07/21 00:33:34 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tpmvsc.dll
[2018/07/21 00:33:31 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2018/07/21 00:33:31 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-system-events.dll
[2018/07/21 00:33:30 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2018/07/21 00:33:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2018/07/21 00:33:29 | 001,308,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/07/21 00:33:29 | 000,923,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\refs.sys
[2018/07/21 00:33:29 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msra.exe
[2018/07/21 00:33:28 | 007,079,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll
[2018/07/21 00:33:28 | 000,607,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2018/07/21 00:33:27 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2018/07/21 00:33:27 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2018/07/21 00:33:26 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll
[2018/07/21 00:33:26 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2018/07/21 00:33:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmxs.dll
[2018/07/21 00:33:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasser.dll
[2018/07/21 00:33:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2018/07/21 00:33:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2018/07/21 00:33:24 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rfxvmt.dll
[2018/07/21 00:33:23 | 003,548,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2018/07/21 00:33:19 | 001,436,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2018/07/21 00:33:19 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2018/07/21 00:33:19 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2018/07/21 00:33:19 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PlayToDevice.dll
[2018/07/21 00:33:19 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2P.dll
[2018/07/21 00:33:19 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2018/07/21 00:33:18 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2018/07/21 00:33:18 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2018/07/21 00:33:18 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2018/07/21 00:33:18 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2018/07/21 00:33:18 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2018/07/21 00:33:18 | 000,086,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2018/07/21 00:33:17 | 001,096,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2018/07/21 00:33:17 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2018/07/21 00:33:17 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2018/07/21 00:33:17 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compstui.dll
[2018/07/21 00:33:17 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DafPrintProvider.dll
[2018/07/21 00:33:17 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiapi.dll
[2018/07/21 00:33:13 | 007,398,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/07/21 00:33:13 | 000,803,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2018/07/21 00:33:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
[2018/07/21 00:33:08 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2018/07/21 00:33:07 | 001,737,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/07/21 00:33:07 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2018/07/21 00:33:06 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2018/07/21 00:33:06 | 000,470,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2018/07/21 00:33:06 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2018/07/21 00:33:04 | 000,137,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/07/21 00:33:03 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2018/07/21 00:33:02 | 003,084,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2018/07/21 00:33:02 | 002,334,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2018/07/21 00:33:02 | 000,955,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll
[2018/07/21 00:33:02 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/07/21 00:33:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2018/07/21 00:33:02 | 000,244,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2018/07/21 00:33:02 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmjpegdec.dll
[2018/07/21 00:33:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/07/21 00:33:01 | 015,431,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2018/07/21 00:33:01 | 009,323,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2018/07/21 00:33:01 | 000,497,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll
[2018/07/21 00:33:00 | 001,317,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll
[2018/07/21 00:32:59 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2018/07/21 00:32:56 | 002,003,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2018/07/21 00:32:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcbase.dll
[2018/07/21 00:32:56 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cic.dll
[2018/07/21 00:32:56 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcshext.dll
[2018/07/21 00:32:55 | 001,436,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/07/21 00:32:55 | 000,388,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2018/07/21 00:32:54 | 003,320,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2018/07/21 00:32:54 | 001,137,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/07/21 00:32:54 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2018/07/21 00:32:51 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018/07/21 00:32:51 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018/07/21 00:32:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018/07/21 00:32:48 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018/07/21 00:32:47 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018/07/21 00:32:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018/07/21 00:32:46 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018/07/21 00:32:46 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018/07/21 00:32:44 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018/07/21 00:32:44 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018/07/21 00:32:43 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018/07/21 00:32:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2018/07/21 00:32:43 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018/07/21 00:32:42 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018/07/21 00:32:42 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2018/07/21 00:32:42 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icm32.dll
[2018/07/21 00:32:32 | 002,135,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018/07/21 00:32:32 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018/07/21 00:32:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsiwmi.dll
[2018/07/21 00:32:31 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2018/07/21 00:32:30 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hhctrl.ocx
[2018/07/21 00:32:30 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsidsc.dll
[2018/07/21 00:32:29 | 001,001,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2018/07/21 00:32:29 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2018/07/21 00:32:29 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hlink.dll
[2018/07/21 00:32:27 | 001,200,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll
[2018/07/21 00:32:27 | 000,418,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/07/21 00:32:27 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GlobCollationHost.dll
[2018/07/21 00:32:27 | 000,135,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2018/07/21 00:32:27 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2018/07/21 00:32:27 | 000,044,032 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2018/07/21 00:32:26 | 001,364,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2018/07/21 00:32:26 | 000,374,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2018/07/21 00:32:24 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2018/07/21 00:32:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2018/07/21 00:32:23 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2018/07/21 00:32:23 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uexfat.dll
[2018/07/21 00:32:22 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2018/07/21 00:32:22 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uReFS.dll
[2018/07/21 00:32:22 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uudf.dll
[2018/07/21 00:32:22 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ufat.dll
[2018/07/21 00:32:21 | 003,119,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2018/07/21 00:32:21 | 000,537,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2018/07/21 00:32:21 | 000,420,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2018/07/21 00:32:21 | 000,140,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wermgr.exe
[2018/07/21 00:32:21 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werdiagcontroller.dll
[2018/07/21 00:32:19 | 002,896,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2018/07/21 00:32:19 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2018/07/21 00:32:19 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapisrv.dll
[2018/07/21 00:32:18 | 004,298,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_47.dll
[2018/07/21 00:32:18 | 002,315,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2018/07/21 00:32:18 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2018/07/21 00:32:18 | 000,738,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2018/07/21 00:32:16 | 001,697,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2018/07/21 00:32:16 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2018/07/21 00:32:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2018/07/21 00:32:15 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dab.dll
[2018/07/21 00:32:13 | 007,797,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Data.Pdf.dll
[2018/07/21 00:32:12 | 002,255,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2018/07/21 00:32:12 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DAFWSD.dll
[2018/07/21 00:32:02 | 001,968,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2018/07/21 00:32:02 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2018/07/21 00:32:01 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\convert.exe
[2018/07/21 00:32:00 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2018/07/21 00:32:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cnvfat.dll
[2018/07/21 00:31:59 | 001,725,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2018/07/21 00:31:59 | 000,376,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\clfs.sys
[2018/07/21 00:31:58 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2018/07/21 00:31:58 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcuiu.dll
[2018/07/21 00:31:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xolehlp.dll
[2018/07/21 00:31:57 | 002,176,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\combase.dll
[2018/07/21 00:31:57 | 001,063,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinTypes.dll
[2018/07/21 00:31:56 | 001,662,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018/07/21 00:31:56 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2018/07/21 00:31:56 | 000,532,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2018/07/21 00:31:55 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2018/07/21 00:31:54 | 001,707,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2018/07/21 00:31:54 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/07/21 00:31:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cmimcext.sys
[2018/07/21 00:31:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2018/07/21 00:31:52 | 000,397,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2018/07/21 00:31:51 | 001,676,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/07/21 00:31:51 | 001,536,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2018/07/21 00:31:51 | 001,500,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/07/21 00:31:51 | 001,371,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2018/07/21 00:31:51 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PCPTpm12.dll
[2018/07/21 00:31:51 | 000,152,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/07/21 00:31:49 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/07/21 00:31:49 | 000,075,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/07/21 00:31:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/07/21 00:31:48 | 000,685,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/07/21 00:31:48 | 000,069,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/07/21 00:31:47 | 002,882,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2018/07/21 00:31:47 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2018/07/21 00:31:44 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2018/07/21 00:31:37 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmrdvcore.dll
[2018/07/21 00:31:30 | 000,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2018/07/21 00:31:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys
[2018/07/21 00:31:14 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BasicRender.sys
[2018/07/20 23:41:22 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\polstore.dll
[2018/07/20 23:41:21 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2018/07/20 23:41:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2018/07/20 23:41:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2018/07/20 23:41:17 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2018/07/20 23:41:16 | 000,898,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2018/07/20 23:41:16 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2018/07/20 23:41:15 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2018/07/20 23:41:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgbkend.dll
[2018/07/20 23:41:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cfgbkend.dll
[2018/07/20 23:13:41 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.dll
[2018/07/20 23:13:41 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.dll
[2018/07/20 23:11:18 | 000,218,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2018/07/20 23:11:12 | 002,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlowUI.dll
[2018/07/20 23:10:54 | 000,273,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemSettingsAdminFlows.exe
[2018/07/20 23:10:53 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingsHandlers.dll
[2018/07/20 23:10:50 | 000,841,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncCore.dll
[2018/07/20 23:10:50 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2018/07/20 23:10:49 | 000,653,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncHost.exe
[2018/07/20 23:10:49 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxAllUserStore.dll
[2018/07/20 23:10:49 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxAllUserStore.dll
[2018/07/20 23:10:48 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2018/07/20 23:10:48 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2018/07/20 23:10:47 | 001,278,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2018/07/20 23:10:47 | 000,955,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2018/07/20 23:10:47 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncCore.dll
[2018/07/20 23:10:46 | 002,592,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2018/07/20 23:10:45 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2018/07/20 23:10:45 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2018/07/20 23:10:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingMonitor.dll
[2018/07/20 23:10:44 | 002,551,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2018/07/20 23:10:43 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2018/07/20 23:10:43 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncHost.exe
[2018/07/20 23:10:41 | 001,348,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2018/07/20 23:10:41 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingMonitor.dll
[2018/07/20 23:06:28 | 001,673,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\workfolderssvc.dll
[2018/07/20 23:06:27 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WorkfoldersControl.dll
[2018/07/20 23:06:26 | 000,177,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2018/07/20 23:06:26 | 000,148,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2018/07/20 23:05:02 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2018/07/20 23:05:02 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2018/07/20 23:05:01 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2018/07/20 23:03:58 | 000,072,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpci.sys
[2018/07/20 23:03:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsparse.dll
[2018/07/20 23:03:51 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsparse.dll
[2018/07/20 23:02:57 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpsapi.dll
[2018/07/20 23:02:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpsapi.dll
[2018/07/20 23:01:37 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeui.exe
[2018/07/20 23:01:32 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2018/07/20 23:01:31 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2018/07/20 23:01:05 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2018/07/20 23:01:04 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2018/07/20 23:01:04 | 000,377,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2018/07/20 23:01:02 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2018/07/20 23:00:54 | 000,197,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dssenh.dll
[2018/07/20 23:00:53 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2018/07/20 23:00:52 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascustom.dll
[2018/07/20 23:00:52 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasman.dll
[2018/07/20 23:00:37 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2018/07/20 22:56:30 | 000,292,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMASF.DLL
[2018/07/20 22:55:40 | 000,179,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/07/20 22:52:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2018/07/20 22:52:41 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2018/07/20 22:52:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/07/20 22:51:54 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSync.dll
[2018/07/20 22:51:53 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSync.dll
[2018/07/20 22:51:38 | 000,160,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2018/07/20 22:48:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2018/07/20 22:48:18 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2018/07/20 22:48:17 | 001,156,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2018/07/20 22:48:17 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2018/07/20 22:48:15 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2018/07/20 22:48:14 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2018/07/20 22:44:11 | 000,363,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2018/07/20 22:44:00 | 000,149,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2018/07/20 22:43:59 | 001,602,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2018/07/20 22:43:59 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2018/07/20 22:43:59 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2018/07/20 22:43:59 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2018/07/20 22:43:58 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2018/07/20 22:43:58 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2018/07/20 22:43:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2018/07/20 22:43:57 | 000,783,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2018/07/20 22:43:57 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\centel.dll
[2018/07/20 22:43:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2018/07/20 22:43:41 | 000,113,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RestoreOptIn.exe
[2018/07/20 22:43:37 | 002,411,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2018/07/20 22:43:30 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RestoreOptIn.exe
[2018/07/20 22:43:29 | 002,755,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2018/07/20 22:20:27 | 000,118,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2018/07/20 22:20:11 | 018,825,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2018/07/20 22:20:07 | 015,158,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2018/07/20 22:19:59 | 001,487,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2018/07/20 22:19:41 | 002,635,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2018/07/20 22:19:38 | 000,261,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2018/07/20 22:19:35 | 000,331,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2018/07/20 22:19:34 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2018/07/20 22:19:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2018/07/20 22:19:24 | 003,820,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2018/07/20 22:19:22 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2018/07/20 22:19:20 | 003,273,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2018/07/20 22:19:07 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Devices.Geolocation.dll
[2018/07/20 22:19:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2018/07/20 22:19:04 | 000,091,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2018/07/20 22:18:52 | 000,072,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys
[2018/07/20 22:18:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpresult.exe
[2018/07/20 22:18:41 | 000,107,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2018/07/20 22:18:39 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Devices.Geolocation.dll
[2018/07/20 22:18:35 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2018/07/20 22:18:22 | 000,125,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptxml.dll
[2018/07/20 22:18:21 | 000,099,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptxml.dll
[2018/07/20 22:18:16 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2018/07/20 22:18:16 | 000,034,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountBroker.exe
[2018/07/20 22:18:16 | 000,030,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountBroker.exe
[2018/07/20 22:18:13 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2018/07/20 22:18:11 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2018/07/20 22:18:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeHdCfgLib.dll
[2018/07/20 22:18:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfapigp.dll
[2018/07/20 22:17:38 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2018/07/20 22:17:37 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2018/07/20 22:17:26 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2018/07/20 22:17:26 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfapigp.dll
[2018/07/20 22:17:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2018/07/20 22:17:06 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fvecpl.dll
[2018/07/20 22:17:06 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2018/07/20 22:16:54 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2018/07/20 22:16:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll
[2018/07/17 20:48:24 | 000,000,000 | ---D | C] -- C:\Users\●\Desktop\ccsetup544
[2018/07/16 09:06:47 | 000,102,632 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2018/07/15 21:03:28 | 000,048,360 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2018/07/15 21:03:18 | 000,191,208 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2018/07/15 21:03:18 | 000,114,920 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2018/07/15 21:03:09 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018/07/15 21:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018/07/15 21:02:36 | 000,152,688 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
[2018/07/15 21:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2018/07/15 21:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2018/07/15 15:04:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018/07/26 17:53:48 | 000,102,632 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2018/07/26 17:50:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018/07/25 18:14:52 | 001,492,458 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018/07/25 18:14:52 | 000,723,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018/07/25 18:14:52 | 000,498,264 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2018/07/25 18:14:52 | 000,135,930 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018/07/25 18:14:52 | 000,132,914 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2018/07/25 18:10:13 | 000,029,729 | ---- | M] () -- C:\ProgramData\agent.update.1532509703.bdinstall.bin
[2018/07/25 18:08:42 | 000,048,360 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2018/07/25 18:08:37 | 000,114,920 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2018/07/25 18:08:32 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018/07/25 18:07:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2018/07/25 18:07:14 | 3368,980,480 | -HS- | M] () -- C:\hiberfil.sys
[2018/07/25 18:03:28 | 000,191,208 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2018/07/24 19:16:26 | 000,028,452 | ---- | M] () -- C:\ProgramData\agent.1532427380.bdinstall.bin
[2018/07/21 11:51:02 | 000,407,808 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018/07/15 21:02:48 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/07/15 15:17:45 | 000,000,000 | ---- | M] () -- C:\Users\●\AppData\Local\{9F789795-746D-49D9-B592-0A6BCC01121A}
[2018/06/30 13:05:06 | 000,193,184 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2018/06/30 12:39:23 | 000,002,258 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/06/29 07:07:37 | 000,835,064 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018/06/29 07:07:37 | 000,179,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018/07/25 18:10:13 | 000,029,729 | ---- | C] () -- C:\ProgramData\agent.update.1532509703.bdinstall.bin
[2018/07/24 19:16:26 | 000,028,452 | ---- | C] () -- C:\ProgramData\agent.1532427380.bdinstall.bin
[2018/07/21 00:37:30 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2018/07/21 00:34:00 | 000,448,629 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2018/07/15 21:02:48 | 000,001,894 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018/07/15 15:17:45 | 000,000,000 | ---- | C] () -- C:\Users\●\AppData\Local\{9F789795-746D-49D9-B592-0A6BCC01121A}
[2017/07/29 13:24:51 | 000,028,733 | ---- | C] () -- C:\ProgramData\agent.1501302286.bdinstall.bin
[2017/07/29 13:17:22 | 000,047,337 | ---- | C] () -- C:\ProgramData\agent.1501301840.bdinstall.bin
[2017/07/29 13:16:43 | 000,030,358 | ---- | C] () -- C:\ProgramData\agent.uninstall.1501301799.bdinstall.bin
[2017/07/29 13:12:55 | 000,028,734 | ---- | C] () -- C:\ProgramData\agent.1501301570.bdinstall.bin
[2017/07/29 13:09:46 | 000,028,733 | ---- | C] () -- C:\ProgramData\agent.1501301380.bdinstall.bin
[2017/07/29 12:04:38 | 000,028,732 | ---- | C] () -- C:\ProgramData\agent.1501297475.bdinstall.bin
[2017/07/29 11:53:52 | 000,100,318 | ---- | C] () -- C:\ProgramData\1501296491.bdinstall.bin
[2017/07/29 11:48:11 | 000,037,672 | ---- | C] () -- C:\ProgramData\1501296487.bdinstall.bin
[2017/07/29 11:42:14 | 000,039,919 | ---- | C] () -- C:\ProgramData\1501296023.bdinstall.bin
[2017/07/29 11:40:23 | 000,037,673 | ---- | C] () -- C:\ProgramData\1501296010.bdinstall.bin
[2017/07/29 11:35:32 | 000,049,664 | ---- | C] () -- C:\ProgramData\agent.1501295712.bdinstall.bin
[2014/12/14 11:13:25 | 000,263,170 | ---- | C] () -- C:\ProgramData\1418521916.bdinstall.bin
[2014/12/14 10:48:56 | 000,000,190 | ---- | C] () -- C:\ProgramData\1418521711.11096.bin
[2014/12/14 10:48:43 | 000,002,063 | ---- | C] () -- C:\ProgramData\1418521711.12456.bin
[2014/12/14 10:48:31 | 000,042,739 | ---- | C] () -- C:\ProgramData\1418521711.10880.bin
[2014/12/13 18:02:03 | 000,043,448 | ---- | C] () -- C:\ProgramData\1418461303.bdinstall.bin
[2014/12/13 18:01:30 | 000,044,771 | ---- | C] () -- C:\ProgramData\1418461264.bdinstall.bin
[2014/12/13 17:59:39 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/12/13 17:58:35 | 000,045,251 | ---- | C] () -- C:\ProgramData\1418461067.bdinstall.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2014/05/07 21:42:44 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018/06/12 17:00:25 | 022,374,248 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018/06/12 16:57:16 | 019,790,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018/03/03 13:47:56 | 001,005,056 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2018/03/03 13:32:42 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2018/07/25 18:10:13 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/05/07 22:46:11 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2018/07/22 08:54:27 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2014/05/07 21:29:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel\WiFi\bin\WLANProfiles
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\Settings
[2014/05/07 21:29:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\Intel\Wireless\WLANProfiles
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2014/12/06 21:30:53 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming\Intel\Wireless\Settings
[2014/12/06 21:02:19 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\Settings
[2014/05/07 21:29:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Intel\Wireless\WLANProfiles
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2014/12/06 21:30:53 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Roaming\Intel\Wireless\Settings
[2013/08/23 00:36:30 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\Users\Default\Roaming\Intel\Wireless\Settings
[2014/12/06 21:04:29 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2015/10/10 23:39:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\Users\Public\Roaming\Intel\Wireless\Settings
[2014/12/06 21:22:26 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData
[2015/04/19 16:00:43 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2015/04/19 16:00:43 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2014/12/13 15:44:10 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Media Player\アートキャッシュ
[2014/12/06 21:23:08 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Windows\PrivacIE
[2018/07/25 18:09:01 | 000,000,000 | RH-D | M] -- C:\Users\●\AppData\Local\Microsoft\Windows\Burn\Burn
[2014/12/06 21:31:09 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2014/12/06 21:23:08 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Local\Microsoft\Windows\PrivacIE\Low
[2017/09/30 20:07:03 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Roaming\Intel\Wireless\Settings
[2014/12/06 21:22:58 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Roaming\Intel\Wireless\WLANProfiles
[2014/12/06 21:23:50 | 000,000,000 | -H-D | M] -- C:\Users\●\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2017/10/20 20:40:03 | 000,000,000 | RH-D | M] -- C:\Users\●\AppData\Roaming\Orbit\AdConfig
[2014/05/07 21:29:07 | 000,000,000 | -H-D | M] -- C:\Users\●\Roaming\Intel\Wireless\Settings
[2014/12/13 17:59:18 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2014/05/07 21:46:19 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp
[2014/12/06 21:35:13 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2014/12/14 10:55:47 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData
[2014/12/13 17:59:39 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\GroupPolicy
[2014/05/07 21:29:31 | 000,000,000 | -H-D | M] -- C:\Windows\SysNative\WLANProfiles

[color=#A23BEC]< %windir%\tasks\*.job >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MQ01ABD100
Partitions: 5
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1,024.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1074790400
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 861.00GB
Starting Offset: 1313865728
Hidden sectors: 0

DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 50.00GB
Starting Offset: 926326718464
Hidden sectors: 0

DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 19.00GB
Starting Offset: 980013809664
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2018/01/02 14:37:09 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C

s42236ny
2018/07/26 (Thu) 21:51:00

返信フォームへ

OTL続き2

SRV:[b]64bit:[/b] - [2018/01/02 14:37:09 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2018/01/02 13:33:41 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2018/01/02 13:29:27 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2018/06/09 02:53:15 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/13 00:59:54 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2018/01/02 13:21:29 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2018/01/02 13:09:39 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2017/08/07 06:20:31 | 000,542,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2018/01/02 13:29:27 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/02/07 03:08:28 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2016/01/07 01:47:23 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2017/09/08 04:54:15 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2018/01/02 13:07:43 | 001,265,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2015/07/10 01:14:45 | 000,228,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2016/02/05 23:46:47 | 001,455,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/05/31 04:35:47 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2015/05/31 04:36:24 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2017/01/13 01:51:17 | 000,119,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2018/01/12 02:13:50 | 001,695,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2018/01/02 13:16:19 | 000,881,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2016/05/06 02:18:31 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2016/05/06 01:37:04 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2018/03/11 01:33:27 | 003,717,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2018/01/02 13:17:15 | 001,547,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2017/11/19 17:30:00 | 000,844,420 | ---- | M] ()(C:\Users\●\Desktop\ﾇｲ??(??ω?)???ﾇｲ.png) -- C:\Users\●\Desktop\ﾇｲ₍₍(ง˘ω˘)ว⁾⁾ﾇｲ.png
[2017/11/19 17:29:59 | 000,844,420 | ---- | C] ()(C:\Users\●\Desktop\ﾇｲ??(??ω?)???ﾇｲ.png) -- C:\Users\●\Desktop\ﾇｲ₍₍(ง˘ω˘)ว⁾⁾ﾇｲ.png

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\●\OneDrive:ms-properties

< End of report >

s42236ny
2018/07/26 (Thu) 21:53:04

返信フォームへ

まだOrbitが生き残ってます

今夜もレスが遅くなってすみません。

再度のOTLログを見せてもらいました。
今度は全体が見えました。おかげで大体の状態もわかりました。

まだ残っていたOrbitがわらわら見つかってます。
つくづく一筋縄じゃ行かない曲者ですね。

ではOTLで見つかったモノを今度はOTLから掃除にかかります。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。
ただし、スクリプト内のユーザー名部分は作業前に本来のユーザー名に書き換えてから作業してください。

>C:\Users\●

となっている箇所ですね。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.jp/
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\..\SearchScopes,DefaultScope = {7F291DAB-3236-43EE-9D1E-0900C725EDAF}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\..\SearchScopes\{7F291DAB-3236-43EE-9D1E-0900C725EDAF}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
CHR - Extension: No name found = C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6718.423.0.0_0\
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE40BF3-F17B-4244-B48D-DB093C4A59FA}: DhcpNameServer = 40.40.1.201 40.40.1.203

:Files
C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6718.423.0.0_0
C:\Program Files (x86)\Orbitdownloader

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit
"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit
"TCP Query User{4A907E0F-86DA-4CFC-AF31-D5B82BA45BA6}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{F9FA41FC-A90A-4091-BB33-2180E1EF9B45}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{4918CB5C-4AF3-4D28-83C6-073AA142A7ED}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{AB2BD65F-32E2-4B45-9D93-8F62ED5AAA82}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

悪代官
2018/07/27 (Fri) 20:36:55

返信フォームへ

報告

OTLのログです

All processes killed
========== OTL ==========
Unable to set value : HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKEY_USERS\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E!
Registry key HKEY_USERS\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\Software\Microsoft\Internet Explorer\SearchScopes\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}\ not found.
Unable to set value : HKU\S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07262018175348309\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E!
File C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6718.423.0.0_0 not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9CE40BF3-F17B-4244-B48D-DB093C4A59FA}\\DhcpNameServer| /E : value set successfully!
========== FILES ==========
File\Folder C:\Users\●\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6718.423.0.0_0 not found.
File\Folder C:\Program Files (x86)\Orbitdownloader not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" | C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" | C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" | C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" | C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"TCP Query User{4A907E0F-86DA-4CFC-AF31-D5B82BA45BA6}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app|c:\program files (x86)\orbitdownloader\orbitnet.exe | /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"TCP Query User{F9FA41FC-A90A-4091-BB33-2180E1EF9B45}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app|c:\program files (x86)\orbitdownloader\orbitnet.exe | /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"UDP Query User{4918CB5C-4AF3-4D28-83C6-073AA142A7ED}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app|c:\program files (x86)\orbitdownloader\orbitnet.exe | /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\"UDP Query User{AB2BD65F-32E2-4B45-9D93-8F62ED5AAA82}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app|c:\program files (x86)\orbitdownloader\orbitnet.exe | /E :invalid edit format. Invalid data type.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: ●
->Temp folder emptied: 3749747 bytes
->Temporary Internet Files folder emptied: 12345846 bytes
->Google Chrome cache emptied: 17798494 bytes
->Flash cache emptied: 40659 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 713286449 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 713.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 07272018_205957

Files\Folders moved on Reboot...
C:\Users\●\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

今のところ、特に異常は出ていないと思います

s42236ny
2018/07/27 (Fri) 21:36:17

返信フォームへ

ここで全体を洗い直します

作業と報告、ご苦労様です。
処置後のOTLログを見せてもらいました。

>今のところ、特に異常は出ていないと思います

はい、状態も良好のようですね。
Orbitのうざさはして知っていたつもりでしたがますます手ごわくもなってます。
ダウンロード支援ツールは総じて安易に手を出していいものではないことを認識しておいてください。

それではここで全体を見直します。
お手数ですがまたHJTのログと、CCでインストール情報と各タブのログを取り直して、それらをレスで見せてください。
ここまでの作業の間に別口のモノが入り込んだりしてないかを含めて全体を洗い直します（じゃぶじゃぶ

悪代官
2018/07/28 (Sat) 20:51:24

返信フォームへ

HJTのログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:21:58, on 2018/07/29
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhrcusr.exe
C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe
C:\Users\直幸\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [LLHDUSER] "C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe"
O4 - HKLM\..\Run: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe" -h
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"
O4 - S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07292018090942397 Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe (User '?')
O4 - Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
O23 - Service: CLHNServiceForToshiba - CyberLink Corp. - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LLHDClient - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDClient.exe
O23 - Service: LLHDCloader - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDCldr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OEMRegistrationProgram - Toshiba Corporation - C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMITS - Unknown owner - C:\Windows\SysWOW64\SMITSC.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: Toshiba Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe
O23 - Service: Toshiba Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe
O23 - Service: TPCHKarteSVC - Toshiba Corporation - C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11183 bytes

s42236ny
2018/07/29 (Sun) 09:29:24

返信フォームへ

CC　innsuto-ru

Adobe Flash Player 30 PPAPI Adobe Systems Incorporated 2018/07/13 8.82 MB 30.0.0.134
Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74
Adobe Revel Adobe Systems Incorporated 2014/12/13 1.5.101.6
AUPEO! PERSONAL RADIO for TOSHIBA sMedio 2014/12/06 1.0.0.10
Bitdefender Agent Bitdefender 2017/07/29 1.0.1
Bitdefender Antivirus Free Bitdefender 2017/07/29 1.0.8.29
Conexant HD Audio Conexant 2014/05/07 8.65.36.50
Corel PaintShop Pro X5 Corel Corporation 2014/04/03 179 MB 15.3.1.27
Corel VideoStudio X6 Corel Corporation 2014/05/07 627 MB 16.0.4.53
CyberLink MediaShow 6 CyberLink Corp. 2014/05/07 715 MB 6.0.6227
CyberLink PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
DigiBookBrowser Version 1.5.3.87 LECRE Inc. 2014/04/03 8.53 MB 1.5.3.87
DTS Sound DTS, Inc. 2014/05/07 4.00 MB 1.01.6700
dynabookランチャー用バナー 2014/05/07
ebi.BookReader4 eBOOK Initiative Japan Co., Ltd. 2014/04/03 24.6 MB 4.51.14
ebi.SampleContents eBOOK Initiative Japan Co., Ltd. 2014/04/03 94.6 MB 4.5.1.14_MSI_T
Fresh Paint Microsoft Corporation 2016/01/16 2.0.15133.0
Google Chrome Google Inc. 2015/03/01 68.0.3440.75
Intel(R) Management Engine Components Intel Corporation 2014/04/11 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 2014/04/11 10.18.10.3345
Intel(R) Rapid Storage Technology Intel Corporation 2014/05/07 12.9.0.1001
Jane Style Version 3.75 Jane, Inc. 2014/12/13 3.75
LAPLINK ヘルプデスククライアント Intercom, Inc. 2014/05/07 2.11
Lhaplus 2014/12/14
LoiLoScope 2 LoiLo inc 2014/04/03 166 MB 2.5.3.4
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/07/15 185 MB 3.5.1.2522
Microsoft Minesweeper Microsoft Studios 2018/05/20 2.7.4300.0
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2018/07/28 15.0.4569.1506
Microsoft OneDrive Microsoft Corporation 2018/07/28 26.7 MB 17.0.4023.1211
Microsoft Silverlight Microsoft Corporation 2015/02/07 50.7 MB 5.1.30514.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/05/07 4.84 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/07 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/02/26 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/04/03 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/05/07 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/02/26 8.79 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/05/07 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/05/07 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/05/28 20.5 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2014/05/07 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN 2014/04/03
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2014/05/07 10.0.31119
MSN スポーツ Microsoft Corporation 2016/05/01 3.0.4.345
MSN トラベル Microsoft Corporation 2015/07/18 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2015/07/18 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/18 3.0.4.336
MSN マネー Microsoft Corporation 2016/08/14 3.0.4.344
MSN 天気 Microsoft Corporation 2016/11/27 3.0.4.350
music.jp STORE for TOSHIBA MTI, Ltd. 2015/03/27 2.11.0.1
OEM Registration Program Toshiba Corporation 2014/05/07 516 KB 1.1.0
OneNote Microsoft Corporation 2015/08/01 16.0.3327.1048
PAC-MAN Championship Edition DX+ for Toshiba NAMCO BANDAI Games Inc 2014/12/13 1.0.1.2
PCあんしん点検ユーティリティ Toshiba Corporation 2014/05/07 3.53 MB 2.00.01.02
PC引越ナビ東芝情報機器株式会社 2014/04/03 12.7 MB 5.0.6
PhotoWizard 2014/05/07 334 MB
PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
Realtek Card Reader Realtek Semiconductor Corp. 2014/05/07 6.3.9600.29077
Realtek Ethernet Controller Driver Realtek 2014/05/07 8.20.815.2013
Roxio Creator LJ Roxio 2014/05/07 245 MB 12.2.60.0
Roxio MediaBook Express Corel Corporation 2014/12/13 1.7.0.1
Roxio MediaBook Reader Corel Corporation 2014/12/13 1.0.0.11
RZスイート express CYBERLINK COM CORPORATION. 2016/11/04 1.0.4529.42911
RZポーター設定ユーティリティ CyberLink Corp. 2014/05/07 130 MB 1.8.02605
Synaptics Pointing Device Driver Synaptics Incorporated 2014/05/07 46.4 MB 18.1.3.0
TOSHIBA Audio Enhancement Toshiba Corporation 2014/05/07 2.16 MB 2.0.18.0
TOSHIBA Blu-ray Disc Player Toshiba Corporation 2014/05/07 106 MB 2.1.2.1
TOSHIBA Desktop Apps Menu Toshiba Corporation 2014/05/07 610 KB 1.03.02.6402
TOSHIBA Display Utility Toshiba Corporation 2014/05/07 32.1 MB 1.1.17.0
TOSHIBA eco Utility Toshiba Corporation 2014/05/07 25.1 MB 2.4.2.6403
TOSHIBA Function Key Toshiba Corporation 2014/05/07 37.5 MB 1.1.5.6402
TOSHIBA Manual TOSHIBA CORPORATION 2014/05/07 32.3 MB 0169.01.3101
TOSHIBA Media Player by sMedio TrueLink+ sMedio 2016/04/23 3.1.1.33
TOSHIBA PalaDouga TOSHIBA CORPORATION 2014/04/03 686 MB 2014.0203.0001
TOSHIBA Password Utility Toshiba Corporation 2014/05/07 6.0.3.0
TOSHIBA PC Health Monitor Toshiba Corporation 2014/05/07 28.9 MB 3.01.02.6400
TOSHIBA Recovery Media Creator Toshiba Corporation 2014/04/03 3.2.00.56006005
TOSHIBA Service Station Toshiba Corporation 2014/05/07 2.92 MB 2.6.13
TOSHIBA Speech Synthesis Toshiba Corporation 2014/05/07 65.1 MB 1.5.2.0
TOSHIBA Start Screen Option Toshiba Corporation 2014/05/07 394 KB 1.00.03.01
TOSHIBA System Driver Toshiba Corporation 2014/05/07 5.72 MB 1.00.0033
TOSHIBA System Settings Toshiba Corporation 2014/05/07 3.45 MB 2.0.1.32003
Unity Web Player Unity Technologies ApS 2014/12/13 12.0 MB 4.6.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/12/20 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/09/13 41.7 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/13 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2018/07/21 9.00 KB 16.0.1515.1
VLC media player VideoLAN 2014/12/13 2.1.5
Windows Media Encoder 9 Series 2014/05/07
Windows アラーム Microsoft Corporation 2014/12/06 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2014/12/06 6.3.9600.20280
Windows スキャン Microsoft Corporation 2014/12/13 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2014/12/13 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/06/18 6.3.9654.21234
Windows 電卓 Microsoft Corporation 2014/12/06 6.3.9600.20278
Yadotan 繝舌Μ繝･繝ｼ繧ｳ繝槭・繧ｹ譬ｪ蠑丈ｼ夂､ｾ 2014/12/06 1.3.0.1
Yahoo!オークション (ts) 繝､繝輔・繧ｸ繝｣繝代Φ 2014/12/06 2.0.0.4
YouCam for Toshiba CYBERLINK COM CORPORATION. 2014/12/13 2.5.3124.30208
あんしんWeb by Internet SagiWall for Toshiba BB繧ｽ繝輔ヨ繧ｵ繝ｼ繝薙せ譬ｪ蠑丈ｼ夂､ｾ 2017/10/08 2.2.0.3
いつもNAVI PC ZENRIN 2014/04/03 6.1.2
おたすけナビ東芝情報機器株式会社 2014/04/03 36.1 MB 8.0.2
ぱらちゃんカフェ譚ｱ闃晄ュ蝣ｱ讖溷勣譬ｪ蠑丈ｼ夂､ｾ 2015/09/19 1.1.0.3
アタッシェケース#3 ver.3.1.1.2 Mitsuhiro Hibara 2017/01/09 3.89 MB 3.1.1.2
インテル(R) ワイヤレス Bluetooth(R) 4.0 Intel Corporation 2014/05/07 8.48 MB 3.0.1342.02
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2014/05/07 390 MB 16.6.0
ゲーム Microsoft Corporation 2014/12/06 2.0.139.0
トレンドマイクロコネクト Trend Micro, Inc. 2014/12/13 7.0.0.1057
バックアップナビクラウド東芝情報機器株式会社 2014/04/03 5.15 MB 1.2.0
ビデオ Microsoft Corporation 2015/11/07 2.6.446.0
ミュージック Microsoft Corporation 2015/03/21 2.6.672.0
メール、カレンダー、People 2018/07/21
リーダー Microsoft Corporation 2018/02/12 6.4.9926.18907
動画で解決！操作ガイド東芝情報機器株式会社 2014/04/03 16.2 MB 3.0.6
動画で解決！操作ガイド－コンテンツ－東芝情報機器株式会社 2014/04/03 148 KB 3.0.6
地図 Microsoft Corporation 2014/12/13 2.1.3230.2048
思い出フォトビューア譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2015/08/01 4.2.1.4
東芝スクリーンミラーリング for スマートフォン／タブレット APUSONE Technology Inc. 2014/05/07 4.16 MB 1.0.11.8
東芝プレイス譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2014/12/06 1.0.0.31
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2016/01/10 2.2.2.4
筆ぐるめ 21 富士ソフト株式会社 2014/04/03 895 MB 21.00.0500

s42236ny
2018/07/29 (Sun) 09:40:02

返信フォームへ

CC スタートアップ

s42236ny
2018/07/29 (Sun) 09:42:08

返信フォームへ

CC タスク

有効 Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe -check pepperplugin
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 Bitdefender C:\Program Files\Bitdefender Agent\WatchDog.exe repair
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-3991521682-1757786244-955927445-1001 Microsoft Corporation %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-500
有効 Task Resolution+ Setting Task TOSHIBA Corporation C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

s42236ny
2018/07/29 (Sun) 09:45:08

返信フォームへ

CC コンテキスト

s42236ny
2018/07/29 (Sun) 09:49:38

返信フォームへ

洗い直しに来ました

こんばんは。
状態の洗い直しに来た「あらいぐま悪代官」です（←森に帰れ

現在の各ログを見せてもらいました。
見落してましたが下記のブラウザがまだ旧バージョンですね。
>Jane Style Version 3.75 Jane, Inc. 2014/12/13 3.75

使うなら最新版に更新推奨です。

これの入れ替えできたら、他に異常出てないようなら様子見をお願いします。

普通にPCを使いながらでいいので1週間様子見してから、そのあとまた今回と同じHJTログとCCの各ログを取り直して、それらを様子見中の報告とともにレスください。

この時点でログと状態にも異常なくなっていればヤマも越えられそうですが、何か異常出たら1週間待たなくていいのでそこでレスください

あらいぐま悪代官
2018/07/29 (Sun) 17:21:42

返信フォームへ

再スキャン　hjt

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:02:49, on 2018/08/05
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe
C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe
C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhrcusr.exe
C:\Users\直幸\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [LLHDUSER] "C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\llhuser.exe"
O4 - HKLM\..\Run: [TKRTL] "C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLiteLauncher.exe" -h
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [CLMSTrayIcon] "C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\CLMSTrayIcon.exe"
O4 - S-1-5-21-3991521682-1757786244-955927445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302018070804099 Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe (User '?')
O4 - Startup: ctfmon.exe - ショートカット.lnk = C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.3.9600.17415_none_321cec36abf18bed\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: bdredline - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
O23 - Service: CLHNServiceForToshiba - CyberLink Corp. - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMP\CLHNServiceForToshiba.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LLHDClient - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDClient.exe
O23 - Service: LLHDCloader - Intercom, Inc. - C:\Program Files (x86)\Intercom\LAPLINK HelpDesk Client\LLHDCldr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OEMRegistrationProgram - Toshiba Corporation - C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMITS - Unknown owner - C:\Windows\SysWOW64\SMITSC.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\Toshiba\Teco\TecoService.exe
O23 - Service: Toshiba Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSMonitorService.exe
O23 - Service: Toshiba Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\RZ Player\Kernel\DMS\ToshibaMSServer.exe
O23 - Service: TPCHKarteSVC - Toshiba Corporation - C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - IntelR Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11191 bytes

s42236ny
2018/08/05 (Sun) 09:30:25

返信フォームへ

再スキャン　ccスタートアップ

s42236ny
2018/08/05 (Sun) 09:36:09

返信フォームへ

再スキャン　ccタスク

有効 Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe -check pepperplugin
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 Bitdefender C:\Program Files\Bitdefender Agent\WatchDog.exe repair
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-3991521682-1757786244-955927445-1001 Microsoft Corporation %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3991521682-1757786244-955927445-500
有効 Task Resolution+ Setting Task TOSHIBA Corporation C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
有効 Task Synaptics TouchPad Enhancements Synaptics Incorporated "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

s42236ny
2018/08/05 (Sun) 09:38:41

返信フォームへ

再スキャン　ccコンテキスト

s42236ny
2018/08/05 (Sun) 09:44:03

返信フォームへ

すみません

ユーザーネームの変換忘れてました。まあ、見る人なんていないと思いますが。
現在も特に異常なしです。ポップアップも出ませんし。よろしくお願いします。

s42236ny
2018/08/05 (Sun) 09:47:46

返信フォームへ

あとひとつインストール情報ログもお願いします

こんばんは。
様子見後の報告ですね。

現在の各ログを見せてもらいましたが、おかしなところもないみたいですね。
状態も安定してますか。

あとひとつ、インストール情報ログだけ取り直し分が出てないので、このログも一応見せてもらえますか。

この1週間の間に不審なインストールもされてなければヤマも越えられるでしょう

悪代官
2018/08/05 (Sun) 21:48:39

返信フォームへ

忘れてました

Adobe Flash Player 30 PPAPI Adobe Systems Incorporated 2018/07/13 8.82 MB 30.0.0.134
Adobe Photoshop Express Adobe Systems Incorporated 2017/09/30 1.3.5.74
Adobe Revel Adobe Systems Incorporated 2014/12/13 1.5.101.6
AUPEO! PERSONAL RADIO for TOSHIBA sMedio 2014/12/06 1.0.0.10
Bitdefender Agent Bitdefender 2017/07/29 1.0.1
Bitdefender Antivirus Free Bitdefender 2017/07/29 1.0.8.29
Conexant HD Audio Conexant 2014/05/07 8.65.36.50
Corel PaintShop Pro X5 Corel Corporation 2014/04/03 179 MB 15.3.1.27
Corel VideoStudio X6 Corel Corporation 2014/05/07 627 MB 16.0.4.53
CyberLink MediaShow 6 CyberLink Corp. 2014/05/07 715 MB 6.0.6227
CyberLink PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
DigiBookBrowser Version 1.5.3.87 LECRE Inc. 2014/04/03 8.53 MB 1.5.3.87
DTS Sound DTS, Inc. 2014/05/07 4.00 MB 1.01.6700
dynabookランチャー用バナー 2014/05/07
ebi.BookReader4 eBOOK Initiative Japan Co., Ltd. 2014/04/03 24.6 MB 4.51.14
ebi.SampleContents eBOOK Initiative Japan Co., Ltd. 2014/04/03 94.6 MB 4.5.1.14_MSI_T
Fresh Paint Microsoft Corporation 2016/01/16 2.0.15133.0
Google Chrome Google Inc. 2015/03/01 68.0.3440.84
Intel(R) Management Engine Components Intel Corporation 2014/04/11 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 2014/04/11 10.18.10.3345
Intel(R) Rapid Storage Technology Intel Corporation 2014/05/07 12.9.0.1001
LAPLINK ヘルプデスククライアント Intercom, Inc. 2014/05/07 2.11
Lhaplus 2014/12/14
LoiLoScope 2 LoiLo inc 2014/04/03 166 MB 2.5.3.4
Malwarebytes バージョン 3.5.1.2522 Malwarebytes 2018/07/15 185 MB 3.5.1.2522
Microsoft Minesweeper Microsoft Studios 2018/05/20 2.7.4300.0
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2018/07/28 15.0.4569.1506
Microsoft OneDrive Microsoft Corporation 2018/07/28 26.7 MB 17.0.4023.1211
Microsoft Silverlight Microsoft Corporation 2015/02/07 50.7 MB 5.1.30514.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/05/07 4.84 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/05/07 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2016/02/26 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/04/03 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/05/07 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2016/02/26 8.79 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/05/07 13.8 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/05/07 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/05/07 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2017/05/28 20.5 MB 12.0.30501.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2014/05/07 10.0.31119
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN 2014/04/03
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2014/05/07 10.0.31119
MSN スポーツ Microsoft Corporation 2016/05/01 3.0.4.345
MSN トラベル Microsoft Corporation 2015/07/18 3.0.4.336
MSN ニュース Microsoft Corporation 2016/04/30 3.0.4.344
MSN フード&レシピ Microsoft Corporation 2015/07/18 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/07/18 3.0.4.336
MSN マネー Microsoft Corporation 2016/08/14 3.0.4.344
MSN 天気 Microsoft Corporation 2016/11/27 3.0.4.350
music.jp STORE for TOSHIBA MTI, Ltd. 2015/03/27 2.11.0.1
OEM Registration Program Toshiba Corporation 2014/05/07 516 KB 1.1.0
OneNote Microsoft Corporation 2015/08/01 16.0.3327.1048
PAC-MAN Championship Edition DX+ for Toshiba NAMCO BANDAI Games Inc 2014/12/13 1.0.1.2
PCあんしん点検ユーティリティ Toshiba Corporation 2014/05/07 3.53 MB 2.00.01.02
PC引越ナビ東芝情報機器株式会社 2014/04/03 12.7 MB 5.0.6
PhotoWizard 2014/05/07 334 MB
PowerDirector Touch CyberLink Corp. 2014/05/07 172 MB 1.2.1427.0
Realtek Card Reader Realtek Semiconductor Corp. 2014/05/07 6.3.9600.29077
Realtek Ethernet Controller Driver Realtek 2014/05/07 8.20.815.2013
Roxio Creator LJ Roxio 2014/05/07 245 MB 12.2.60.0
Roxio MediaBook Express Corel Corporation 2014/12/13 1.7.0.1
Roxio MediaBook Reader Corel Corporation 2014/12/13 1.0.0.11
RZスイート express CYBERLINK COM CORPORATION. 2016/11/04 1.0.4529.42911
RZポーター設定ユーティリティ CyberLink Corp. 2014/05/07 130 MB 1.8.02605
Synaptics Pointing Device Driver Synaptics Incorporated 2014/05/07 46.4 MB 18.1.3.0
TOSHIBA Audio Enhancement Toshiba Corporation 2014/05/07 2.16 MB 2.0.18.0
TOSHIBA Blu-ray Disc Player Toshiba Corporation 2014/05/07 106 MB 2.1.2.1
TOSHIBA Desktop Apps Menu Toshiba Corporation 2014/05/07 610 KB 1.03.02.6402
TOSHIBA Display Utility Toshiba Corporation 2014/05/07 32.1 MB 1.1.17.0
TOSHIBA eco Utility Toshiba Corporation 2014/05/07 25.1 MB 2.4.2.6403
TOSHIBA Function Key Toshiba Corporation 2014/05/07 37.5 MB 1.1.5.6402
TOSHIBA Manual TOSHIBA CORPORATION 2014/05/07 32.3 MB 0169.01.3101
TOSHIBA Media Player by sMedio TrueLink+ sMedio 2016/04/23 3.1.1.33
TOSHIBA PalaDouga TOSHIBA CORPORATION 2014/04/03 686 MB 2014.0203.0001
TOSHIBA Password Utility Toshiba Corporation 2014/05/07 6.0.3.0
TOSHIBA PC Health Monitor Toshiba Corporation 2014/05/07 28.9 MB 3.01.02.6400
TOSHIBA Recovery Media Creator Toshiba Corporation 2014/04/03 3.2.00.56006005
TOSHIBA Service Station Toshiba Corporation 2014/05/07 2.92 MB 2.6.13
TOSHIBA Speech Synthesis Toshiba Corporation 2014/05/07 65.1 MB 1.5.2.0
TOSHIBA Start Screen Option Toshiba Corporation 2014/05/07 394 KB 1.00.03.01
TOSHIBA System Driver Toshiba Corporation 2014/05/07 5.72 MB 1.00.0033
TOSHIBA System Settings Toshiba Corporation 2014/05/07 3.45 MB 2.0.1.32003
Unity Web Player Unity Technologies ApS 2014/12/13 12.0 MB 4.6.1f1
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/12/20 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/09/13 41.7 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2015/09/13 11.6 MB 15.0.2013
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2018/07/21 9.00 KB 16.0.1515.1
VLC media player VideoLAN 2014/12/13 2.1.5
Windows Media Encoder 9 Series 2014/05/07
Windows アラーム Microsoft Corporation 2014/12/06 6.3.9654.20335
Windows サウンドレコーダー Microsoft Corporation 2014/12/06 6.3.9600.20280
Windows スキャン Microsoft Corporation 2014/12/13 6.3.9654.17133
Windows ヘルプ+使い方 Microsoft Corporation 2014/12/13 6.3.9654.20559
Windows リーディングリスト Microsoft Corporation 2016/06/18 6.3.9654.21234
Windows 電卓 Microsoft Corporation 2014/12/06 6.3.9600.20278
Yadotan 繝舌Μ繝･繝ｼ繧ｳ繝槭・繧ｹ譬ｪ蠑丈ｼ夂､ｾ 2014/12/06 1.3.0.1
Yahoo!オークション (ts) 繝､繝輔・繧ｸ繝｣繝代Φ 2014/12/06 2.0.0.4
YouCam for Toshiba CYBERLINK COM CORPORATION. 2014/12/13 2.5.3124.30208
あんしんWeb by Internet SagiWall for Toshiba BB繧ｽ繝輔ヨ繧ｵ繝ｼ繝薙せ譬ｪ蠑丈ｼ夂､ｾ 2017/10/08 2.2.0.3
いつもNAVI PC ZENRIN 2014/04/03 6.1.2
おたすけナビ東芝情報機器株式会社 2014/04/03 36.1 MB 8.0.2
ぱらちゃんカフェ譚ｱ闃晄ュ蝣ｱ讖溷勣譬ｪ蠑丈ｼ夂､ｾ 2015/09/19 1.1.0.3
アタッシェケース#3 ver.3.1.1.2 Mitsuhiro Hibara 2017/01/09 3.89 MB 3.1.1.2
インテル(R) ワイヤレス Bluetooth(R) 4.0 Intel Corporation 2014/05/07 8.48 MB 3.0.1342.02
インテル® PROSet/Wireless ソフトウェア Intel Corporation 2014/05/07 390 MB 16.6.0
ゲーム Microsoft Corporation 2014/12/06 2.0.139.0
トレンドマイクロコネクト Trend Micro, Inc. 2014/12/13 7.0.0.1057
バックアップナビクラウド東芝情報機器株式会社 2014/04/03 5.15 MB 1.2.0
ビデオ Microsoft Corporation 2015/11/07 2.6.446.0
ミュージック Microsoft Corporation 2015/03/21 2.6.672.0
メール、カレンダー、People 2018/07/21
リーダー Microsoft Corporation 2018/02/12 6.4.9926.18907
動画で解決！操作ガイド東芝情報機器株式会社 2014/04/03 16.2 MB 3.0.6
動画で解決！操作ガイド－コンテンツ－東芝情報機器株式会社 2014/04/03 148 KB 3.0.6
地図 Microsoft Corporation 2014/12/13 2.1.3230.2048
思い出フォトビューア譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2015/08/01 4.2.1.4
東芝スクリーンミラーリング for スマートフォン／タブレット APUSONE Technology Inc. 2014/05/07 4.16 MB 1.0.11.8
東芝プレイス譬ｪ蠑丈ｼ夂､ｾ譚ｱ闃・ 2014/12/06 1.0.0.31
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2016/01/10 2.2.2.4
筆ぐるめ 21 富士ソフト株式会社 2014/04/03 895 MB 21.00.0500

お願いします

s42236ny
2018/08/06 (Mon) 19:58:14

返信フォームへ

異常は消えても以後の自衛は怠りなく

今日も暑い中の作業と報告、ご苦労様です。
インストール情報ログも見せてもらいましたが、これもおかしなところはなさそうですね。

では作業に使った各ツールは準備時の説明に沿って片付けていいでしょう。
本題の相談については「解決」ということで、あとは今後の自衛も固め直してください。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

知恵袋から移動して2か月またいで長期間の作業お疲れ様でした。

orbitに限りませんが、ユーザーが自分で「許可」して入れたモノに対してはどれほど高性能なセキュリティソフトでも一切面倒見てくれないことを再認識しておいてください。

基本的な自衛だけでもできていれば大半の感染は高確率で防げます。
そんな状況で感染するのは、セキュリティソフトが出してくれた警告をユーザーが煩わしいと思って無視かキャンセルして、よくないモノをPC内に招き入れた場合です。

ここで苦労した経験を糧に替えて、以後は再被害に遭わないようひとつずつPC環境とセキュリティ意識を見直してください。

以後は安全で快適なPCライフを

悪代官
2018/08/06 (Mon) 21:28:44

返信フォームへ

本当にありがとうございました。

長い間お付き合いいただきありがとうございました。掲示板の過去ログも参考にして、以後気を付けます。

s42236ny
2018/08/06 (Mon) 21:58:05

返信フォームへ

返信フォーム

Template by マシマロック

名前件名 URL メールアドレス画像	メッセージプレビュー（投稿前に内容を確認）
	パスワード