悪代官の伏魔殿掲示板
検索語:
OR  AND

Extras.txt ありました
不注意でした。Extras.txt ありました。

OTL Extras logfile created on: 2015/10/14 0:50:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kw\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.75 Gb Total Physical Memory | 1.85 Gb Available Physical Memory | 49.44% Memory free
7.49 Gb Paging File | 4.94 Gb Available in Paging File | 65.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.43 Gb Total Space | 129.07 Gb Free Space | 45.70% Space Free | Partition Type: NTFS
Drive D: | 15.36 Gb Total Space | 2.21 Gb Free Space | 14.39% Space Free | Partition Type: NTFS

Computer Name: KW-HP | User Name: kw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0507BA0D-765B-4CDA-AD6D-8BA21378E8CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{0CF57A8F-2144-430C-A6AE-DF27F4F8A312}" = rport=139 | protocol=6 | dir=out | app=system |
"{10107F64-13A8-4D97-BDFF-3595A4455876}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1283FD08-137F-4341-B187-D0D087777C15}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12937268-5703-4B5C-8440-9DF32EE1174D}" = lport=137 | protocol=17 | dir=in | app=system |
"{29E77ED3-BBD5-4991-AAA4-8A5559E1A3DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AD18AEA-DED7-4C3A-B4F9-C9CC841D8F49}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44161D57-BCFA-4E24-9A76-99E18A9F8C2D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4E8A74DA-FE05-4760-9A53-6A11D7CD029B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5143FF61-0743-4615-BB19-E872B08EFFA2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{585E9226-9780-482D-97C8-9804797F1FD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AAE7C7B-6501-49AA-86D7-69DB854215EE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5D8187E7-DCC3-497E-A225-E786001F20FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{618BCA23-3320-4691-89F0-C7F3D2F0DDA8}" = lport=445 | protocol=6 | dir=in | app=system |
"{70614F77-39AB-4773-9915-5FDB3ED5F494}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7285359C-0093-4CA6-B03A-90F15D82FE39}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{73F440A1-7F06-4DEE-9AE5-1E311A986B56}" = rport=138 | protocol=17 | dir=out | app=system |
"{74AD309A-7FDA-47F6-9FBC-2A4DE3CDCBA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8207297E-B674-40C6-BFD5-6AB7022329F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{855CCE5B-AE6D-4D71-B66F-66CDB579474E}" = rport=137 | protocol=17 | dir=out | app=system |
"{895AF1FA-D51B-475F-B63E-0DCF2676B201}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9C37A142-6AB4-4FA4-BE4F-71C185BA27C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AFFC5066-0DAC-4F23-BF7A-D9F8E46419ED}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{B1F1E9E8-B785-420C-9DD7-E8C82D6C81A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F5FAE51A-5323-4842-A384-57B3EDBF622C}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6377F99-42CC-43F4-B943-4994788B9C89}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F957DB9C-0CA3-43C0-BC53-9B5F0BDA18DE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC46A0DB-5666-4B49-8605-AE079296E463}" = rport=445 | protocol=6 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04991DDA-8040-415F-BBED-4A6CEDA35677}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\auditorserver.exe |
"{05A2372B-89FE-4F74-A453-E6C5289B3C5A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{090473C4-1C8F-40CD-8D69-601C1B7403C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0906EE9B-446A-4824-B4B0-8489D0A7ACCD}" = protocol=6 | dir=in | app=c:\users\kw\downloads\aviconvertersetup.exe |
"{114109E6-2DEE-4DB0-B46E-89F41B83EA44}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\discover.exe |
"{11D95288-A005-4C5F-8AAB-FB7D44BF428F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{241F5CB0-09A2-45BD-ACDF-78890BBF3A91}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\auditorserver.exe |
"{28FC40A1-8229-4EBF-893F-73E2268C94AA}" = protocol=6 | dir=out | app=system |
"{2DDF8A24-8AC4-42AE-9480-F3A275D18116}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\bradminv3.exe |
"{2E1A44EB-49C1-4567-8B30-CBC9191B0B9E}" = dir=in | app=c:\users\kw\appdata\local\microsoft\onedrive\onedrive.exe |
"{389A9826-6D1B-4BA0-A2C9-0610FA5F4CE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E03A060-75A6-4288-805C-56BBAA505F19}" = protocol=6 | dir=in | app=c:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe |
"{40C675F0-F67F-43A2-931F-52128D6C9091}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{40DDDC91-44A9-4BEA-8EBC-E17C046835D9}" = protocol=17 | dir=in | app=c:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe |
"{4575ED84-AAC2-4149-B648-F1B7A1C97BB6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{470B5DC4-1C4D-4F1C-A4C9-84A5B29A8867}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{4A886760-052C-4C1D-BDE8-3DD9BF300CDC}" = protocol=17 | dir=in | app=c:\users\kw\downloads\aviconvertersetup.exe |
"{4C2631F6-3194-4A0E-B151-1C4FAB83FB4B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4C98DD45-227D-474D-94EE-69E8701CE7AB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{4E9257D3-5DE9-4A1C-8A1F-5FE4A97BF6FB}" = dir=out | app=c:\program files (x86)\apowersoft\youtube to mp3\youtube to mp3.exe |
"{6145840F-A27D-4D8B-BFB1-37455C731407}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6664ECE0-B923-4279-94EA-41705FFCA640}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{6BEE8E35-068F-4DDB-A804-8C265036BA63}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{6BFB8610-63F7-46E4-B867-06935E47E836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71191C69-D5EB-403E-A274-99C2ABF4E028}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{7593DCCF-A9B7-4B56-9A03-84808A1A5CCC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7858C6FD-94AF-4FAA-BDDD-D022E77CC673}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{7CF65093-4AB5-4403-A410-3BFC85531DD0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{81E23A92-A727-46E6-A3A4-CAC2A4151FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\bradminv3.exe |
"{8387EFE0-1436-49B9-8775-906D9118718A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A6A79C8-A63A-4E37-8BD9-4E5BD6E5E079}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{8BA166A5-8501-4163-8376-AA426F3A5F6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8C13EB76-4CFB-44E7-9BF1-30589DA5791A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91E9196E-BF4F-4CCF-B06E-9D9B788C6A75}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\bradmin light\bradmlight.exe |
"{98EDB861-8FFF-47F9-ADBA-D7F64B26D648}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9D5EBB57-462C-49D2-84DC-6F8E31BF9FC5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{A08642E2-74C1-44D6-8DA3-0FDD74A6A4BE}" = dir=in | app=c:\program files (x86)\apowersoft\youtube to mp3\youtube to mp3.exe |
"{A16F2EE5-F9C3-4291-8171-B8557AA427C5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{A5DA71EA-76C2-4AFA-B82D-AF61B77DF10A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9F5F3B1-A90D-45D3-8013-DDEFBF896D43}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AE03E1D9-4EEA-4C96-8081-DC866EB2E701}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{B4683C6F-80EE-4006-A981-C285696883A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B7E14206-9AEA-49BA-9DD4-DE7A2AFE141C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C33ECB7E-D15E-4CA4-A283-F04EF682AAC3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C5E4258B-5850-41AF-B397-06F459D25EEB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{CE052D3D-5C12-44C1-8641-9468B6D910AE}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{D8E60441-342C-4610-A7FD-6814171D2E84}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF32BE8F-5A9A-4200-A58B-735AF6C56B64}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E61A03A1-CBF3-40D3-BA6C-B3C156DED21D}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\bradmin professional 3\discover.exe |
"{EEA326F4-2213-4519-8FCA-DA7C883A8C07}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{EF3546D0-AD74-4C61-9DFE-1E22BD16FD71}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F1735021-A518-4064-87EB-0D649FF2FA4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F1932533-75CC-423D-ACDD-36ED7A3927F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{34B36130-0B42-4CD6-A4AF-ED7B9F3514AD}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{57C6F9CB-4346-4656-899B-E0C35060556B}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{6B724C16-C46E-4A98-9BDD-FDE188803743}C:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{7131C873-E695-401F-9D90-B1831DE6E203}C:\program files (x86)\dc software\dl10xp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dc software\dl10xp.exe |
"TCP Query User{78F8E9E0-86FB-431B-AA77-0FDB90DF45E0}C:\program files (x86)\ez-design\radikool\libs\rtmpsrv\rtmpsrv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ez-design\radikool\libs\rtmpsrv\rtmpsrv.exe |
"TCP Query User{B8827C60-6D0A-4E42-AD3B-82F0867585A4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{C00C593D-31F3-4412-93DA-FAD50B6E8ED8}C:\program files (x86)\dc software\dl10xp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dc software\dl10xp.exe |
"TCP Query User{E7EF753F-228B-45F8-9F82-E706E7F51B21}C:\program files (x86)\ez-design\radikool\radikool.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ez-design\radikool\radikool.exe |
"UDP Query User{127CE047-02E9-4FE2-933E-43A54341EE86}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{30255A93-2EFA-43BF-924C-800DE60C1ED5}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{43B038BE-7AB8-4F81-A947-D7C9099CF9CE}C:\program files (x86)\ez-design\radikool\radikool.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ez-design\radikool\radikool.exe |
"UDP Query User{9324E419-0909-4AEA-A1F1-83A6D052244F}C:\program files (x86)\dc software\dl10xp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dc software\dl10xp.exe |
"UDP Query User{96127C44-9E1D-4425-B211-BE82C2C7E5D3}C:\program files (x86)\ez-design\radikool\libs\rtmpsrv\rtmpsrv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ez-design\radikool\libs\rtmpsrv\rtmpsrv.exe |
"UDP Query User{97F155F4-A586-4454-B236-76EB1FA48AD4}C:\program files (x86)\dc software\dl10xp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dc software\dl10xp.exe |
"UDP Query User{A6621A65-DB21-4CA7-80D9-A7E876E81875}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{D65EB0AC-6841-45B1-B183-B43088DD50DD}C:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kw\appdata\roaming\dropbox\bin\dropbox.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}" = ATI Catalyst Install Manager
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2A292181-A541-4DEF-8D72-B2C8AA180B9C}" = HP 3D DriveGuard
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EB14E5A-1B5C-44E7-A3AD-07DBBA8C963C}" = HP Wireless Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{E2BDBC42-A7F5-BE3C-CAE7-672461BADFBB}" = ccc-utility64
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{06C75F9A-97AD-5248-E32E-DF614E74CB30}" = CCC Help English
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}" = Google Drive
"{13364813-4BAE-4F34-B0E9-32AF14A4E1B3}" = Windows Live Sync
"{14E9F865-E300-4F6B-91E7-7AD9C392CECF}" = HP Software Framework
"{17AAFDC8-0126-8325-99C3-BA94ECC88719}" = CCC Help Chinese Standard
"{1C7D54A1-3EAF-1FA6-865A-5BD68563978F}" = Catalyst Control Center Graphics Previews Vista
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22EE5E99-E75B-4BB2-8BAC-8019BB96E834}" = Windows Live Writer Resources
"{2469F651-772F-53D7-66D6-EC065F786E38}" = CCC Help French
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A708B4E-B226-4EBB-AA55-639C17E7939E}" = DC Software
"{2E228408-8C07-BF2B-E3BE-6FE3226D0557}" = Catalyst Control Center Graphics Full Existing
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3418A50C-5B73-420F-A617-B680D778573C}" = CCC Help Greek
"{37F60BAC-09CB-4D81-BFE0-7F1CB3A9B761}" = Antenna House 瞬簡PDF 変換 8
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C886FA8-C569-43F7-A035-C964FED22D66}" = Photo Common
"{3CE8DBEF-2A88-F180-F62C-43AA930D6D47}" = CCC Help Korean
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43C189A4-D61F-F7C7-F4BC-C3FE800FF7BB}" = ccc-core-static
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4903D695-D3D5-4867-B928-3725EE1A3BE9}" = Presto! PageManager 7.18.40
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F81D311-FA20-4AB1-AF18-28B428731AAD}" = Windows Live Essentials
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{527B2D1F-0129-70C1-3D8E-D7C13994F3D8}" = Catalyst Control Center Graphics Previews Common
"{56ED64FD-BFD7-4A5E-B210-3AC1C08B0590}" = Windows Live メール
"{5911C3EB-2E4F-80CC-4A1F-65DD5BFFEA0D}" = CCC Help German
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{639BDAFA-4A48-62A1-E2D9-13A84E9582FE}" = CCC Help Polish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6B6A1FFD-AF4B-2348-1854-1BBDD6A4E852}" = CCC Help Chinese Traditional
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6EA74C3B-9A6E-45A5-9BD4-ABDC6B07A577}" = Windows Live UX Platform Language Pack
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{705893E4-960A-E551-4825-B63B7BE8959A}" = CCC Help Czech
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{766BF6D1-A746-9B26-EC0B-E76DF6D5DE07}" = CCC Help Norwegian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{783C5B03-DF9C-30B0-BC32-066150B77F19}" = CCC Help Japanese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}" = Brother ドライバー&ソフトウェア DCP-J715N
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83853D8B-E9F1-1E35-2F1B-4210D2875A8C}" = CCC Help Spanish
"{845E9545-2A7F-FFCB-D2FA-A292B0137325}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8C6E13F3-44FB-A8A6-D9F5-2AF030A47F2C}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90110411-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0411-0000-0000000FF1CE}" = 2007 Office system 互換機能パック
"{90140000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2010
"{90140000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2010
"{90140000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2010
"{90140000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2010
"{90140000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0033-0000-0000-0000000FF1CE}" = Microsoft Office Personal 2010
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{996FF46F-797F-AFE4-2932-3F391B5BB4A5}" = CCC Help Thai
"{99B87886-CD77-4466-8002-96FD09B9B3DE}" = XVL Player / XVL Player Pro (Ver. 9以降)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA11D798-A4C3-F2BF-E9C8-584D1AA7C891}" = Catalyst Control Center Graphics Full New
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB14AFDF-990F-C0FD-DDDF-6113BD111593}" = Catalyst Control Center Localization All
"{AC20F304-F02A-473E-BDE7-2400FC7429ED}" = SoftStylus
"{AEBFE622-2807-E0D5-E7E2-0D5AA4977B48}" = CCC Help Danish
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B34FE99A-48DD-3564-761E-6BB78FBE5DB9}" = Catalyst Control Center InstallProxy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFC1210F-19B0-A7F0-B027-82AD610DA5B7}" = CCC Help Italian
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A60E54-C9FF-4965-9B15-14C5B6EE2861}" = Google SketchUp 8
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2D49B64-FBC1-15EE-5734-97BB457F197E}" = Catalyst Control Center Core Implementation
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5EA734C-2DEC-76F6-9D98-97D57A6F61CE}" = CCC Help Swedish
"{DB6A09A0-34B0-BFE5-7026-C91829ED879D}" = CCC Help Turkish
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.24.0000
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DEEDAC18-019D-4E91-A37F-F706EEB18FC8}" = XVL Player [Pro]
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1600759-7AB3-A146-5ED4-4A50E743D3D3}" = CCC Help Russian
"{E22B38FA-7A08-3CEE-EB31-970C4CF2AA54}" = CCC Help Dutch
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5AE53A7-1A79-4840-998F-A18042A2F568}" = HP Documentation
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3620D5D-B046-41F0-AB8D-3C56A36AFD60}" = Catalyst Control Center - Branding
"{F55BB217-BB0F-4A7A-A499-8A0C34D842E2}" = Catalyst Control Center Graphics Light
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE39FB6F-05FB-4B09-4DE7-6E2BEC08427D}" = CCC Help Finnish
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"avast" = Avast Free Antivirus
"BUFFALO_AirSet2_is1" = BUFFALO エアステーション設定ツール
"BUFFALO_BPCEnv_is1" = BUFFALO パソコン環境表示ツール
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"http://www.radikool.com/_is1" = Radikool 3.10.6
"HyKen10" = ハイパー建築法令集 平成22年度版
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JexPad" = JexPad
"Jw_win" = Jw_cad
"Lhaca" = +Lhaca
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Thunderbird 38.3.0 (x86 ja)" = Mozilla Thunderbird 38.3.0 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PERSONALR" = Microsoft Office Personal 2010
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ST5UNST #1" = 名刺を作ろう!
"UN900113" = BUFFALO エアステーション設定ガイド
"UN900119" = BUFFALO クライアントマネージャV
"WinLiveSuite" = Windows Live Essentials

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-439323414-3469710062-768405776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/10/02 16:59:46 | Computer Name = kw-HP | Source = ESENT | ID = 439
Description = Windows (192) Windows: ファイル C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
のシャドウ ヘッダーを書き込めません。エラー -1032 が発生しました。

Error - 2015/10/03 6:17:19 | Computer Name = kw-HP | Source = ESENT | ID = 490
Description = Windows (3792) Windows: 読み取りまたは書き込みのためにファイル "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk"
を開こうとしましたが、システム エラー 32 (0x00000020): "プロセスはファイルにアクセスできません。別のプロセスが使用中です。 " が発生したため開けませんでした。ファイルを開く処理は、エラー
-1032 (0xfffffbf8) のため失敗します。

Error - 2015/10/03 6:17:19 | Computer Name = kw-HP | Source = ESENT | ID = 439
Description = Windows (3792) Windows: ファイル C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
のシャドウ ヘッダーを書き込めません。エラー -1032 が発生しました。

Error - 2015/10/03 6:54:29 | Computer Name = kw-HP | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = アプリケーションまたはサービス 'BingR バー' をシャットダウンできませんでした。

Error - 2015/10/03 7:29:25 | Computer Name = kw-HP | Source = SideBySide | ID = 16842832
Description = "C:\Users\kw\Downloads\SoftonicDownloader_for_free-m4a-to-mp3-converter.exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシー ファイル "" 行 のエラーです。 アプリケーションで必要なコンポーネントのバージョンが、既にアクティブな別のコンポーネントのバージョンと競合しています。
競合しているコンポーネントは次のとおりです:
コンポーネント
1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest
コンポーネント
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest

Error - 2015/10/04 9:29:25 | Computer Name = kw-HP | Source = ESENT | ID = 490
Description = Windows (4432) Windows: 読み取りまたは書き込みのためにファイル "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk"
を開こうとしましたが、システム エラー 32 (0x00000020): "プロセスはファイルにアクセスできません。別のプロセスが使用中です。 " が発生したため開けませんでした。ファイルを開く処理は、エラー
-1032 (0xfffffbf8) のため失敗します。

Error - 2015/10/04 9:29:25 | Computer Name = kw-HP | Source = ESENT | ID = 439
Description = Windows (4432) Windows: ファイル C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk
のシャドウ ヘッダーを書き込めません。エラー -1032 が発生しました。

Error - 2015/10/05 7:59:15 | Computer Name = kw-HP | Source = ESENT | ID = 490
Description = taskhost (3232) WebCacheLocal: 読み取りまたは書き込みのためにファイル "C:\Users\kw\AppData\Local\Microsoft\Windows\WebCache\V01.chk"
を開こうとしましたが、システム エラー 32 (0x00000020): "プロセスはファイルにアクセスできません。別のプロセスが使用中です。 " が発生したため開けませんでした。ファイルを開く処理は、エラー
-1032 (0xfffffbf8) のため失敗します。

Error - 2015/10/08 9:32:28 | Computer Name = kw-HP | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: conhost.exe、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afca68
障害が発生しているモジュール名:
conhost.exe、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afca68 例外コード: 0xc0000094 障害オフセット:
0x000000000000f36c 障害が発生しているプロセス ID: 0x1be0 障害が発生しているアプリケーションの開始時刻: 0x01d101cdc568c405
障害が発生しているアプリケーション
パス: C:\Windows\system32\conhost.exe 障害が発生しているモジュール パス: C:\Windows\system32\conhost.exe
レポート
ID: 042ffa72-6dc1-11e5-b939-e4a1d0b47b36

Error - 2015/10/08 9:32:28 | Computer Name = kw-HP | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: conhost.exe、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afca68
障害が発生しているモジュール名:
conhost.exe、バージョン: 6.1.7601.18939、タイム スタンプ: 0x55afca68 例外コード: 0xc0000094 障害オフセット:
0x000000000000f36c 障害が発生しているプロセス ID: 0x1abc 障害が発生しているアプリケーションの開始時刻: 0x01d101cdc4c7edca
障害が発生しているアプリケーション
パス: C:\Windows\system32\conhost.exe 障害が発生しているモジュール パス: C:\Windows\system32\conhost.exe
レポート
ID: 04304893-6dc1-11e5-b939-e4a1d0b47b36

[ Hewlett-Packard Events ]
Error - 2012/08/29 13:43:08 | Computer Name = kw-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 場所 HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) 場所 HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

場所 HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: 場所 HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) 場所 HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

場所 HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
オブジェクト '/dcdd3614_5ab7_44bb_b4d1_e679f5eee166/glhjn4tfdbvgb_kk1_ggjr0h_5.rem' が切断されたか、サーバーに存在しません。

Name:
hpsa_service.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\hpsa_service.exe Format: ja-JP RAM: 3834 Ram Utilization: 50 TargetSite:
Void UpdateDetail(System.String)

Error - 2012/09/05 10:05:32 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/09/05 10:05:32 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/09/05 10:05:58 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/09/05 10:05:58 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/10/31 7:52:41 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/11/28 9:29:58 | Computer Name = kw-HP | Source = HPSFMsgr.exe | ID = 2000
Description = HP Error ID: -2147467261 場所 HPSA_Messenger.MessengerPopUpWindow.btnStackPopUp_Click(Object
sender, RoutedEventArgs e) Message: オブジェクト参照がオブジェクト インスタンスに設定されていません。 StackTrace:
場所 HPSA_Messenger.MessengerPopUpWindow.btnStackPopUp_Click(Object sender, RoutedEventArgs
e) Source: HPSFMsgr Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format:
ja-JP RAM: 3834 Ram Utilization: 40 TargetSite: Void btnStackPopUp_Click(System.Object,
System.Windows.RoutedEventArgs)

Error - 2012/12/13 9:13:26 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2012/12/13 9:13:26 | Computer Name = kw-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2013/01/03 9:07:43 | Computer Name = kw-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 場所 HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
オブジェクト参照がオブジェクト インスタンスに設定されていません。 StackTrace: 場所 HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: ja-JP RAM: 3834
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


[ HP Wireless Assistant Events ]
Error - 2015/04/19 9:40:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:42:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:44:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:46:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:48:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:50:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:52:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:54:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:56:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 2015/04/19 9:58:17 | Computer Name = kw-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException メッセージ フィルターによって呼び出しが取り消されました。
(HRESULT からの例外: 0x80010002 (RPC_E_CALL_CANCELED)) 場所 System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) 場所 System.Management.ManagementScope.InitializeGuts(Object
o) 場所 System.Management.ManagementScope.Initialize() 場所 System.Management.ManagementObject.Initialize(Boolean
getObject) 場所 System.Management.ManagementBaseObject.get_Properties() 場所 System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) 場所 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ System Events ]
Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/12 7:24:29 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/13 11:42:44 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/13 11:42:44 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。

Error - 2015/10/13 11:42:44 | Computer Name = kw-HP | Source = atapi | ID = 262155
Description = ドライバーは \Device\Ide\IdePort0 でコントローラー エラーを検出しました。


< End of report >
  • xjan
  • 2015/10/14 (Wed) 06:05:53
トピックを確認する 
Re: Google Chromeを開くとHigh Stairsというとこの広告が・・・
(windows)
有効 HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\owner\AppData\Local\Microsoft\BingSvc\BingSvc.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run SpybotPostWindows10UpgradeReInstall Safer-Networking Ltd. "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
有効 HKCU:Run Steam Valve Corporation "E:\Steam\steam.exe" -silent
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run Broadcom Wireless Manager UI Broadcom Corporation C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
有効 HKLM:Run Dolby Home Theater v4 Dolby Laboratories Inc. "C:\Dolby PCEE4\pcee4.exe" -autostart
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run InstantUpdate Acer Incorporated C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "E:\iTunesHelper.exe"
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run RtHDVBg_Dolby Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup Common Bluetooth.lnk Broadcom Corporation. C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
有効 Startup Common コンテンツ管理アシスタント for PlayStation(R).lnk Sony Computer Entertainment Inc. C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

(IE)

有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
無効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
無効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
有効 Helper Windows Live ID サインイン ヘルパー Microsoft Corp. C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
有効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
有効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
有効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
有効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
有効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll


(google chrome)

有効 App Gmail 8.1 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 14.0 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0
有効 App YouTube 4.2.8 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google スプレッドシート 1.1 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
有効 Extension Google ドキュメント オフライン 0.5 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0
無効 Extension HGPlugin 1.1.0.1 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgpfjbejkpcnpadohokpjllldkejfpp\1.1.0.1_0
無効 Extension Skype Click to Call 7.4.0.9058 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.4.0.9058_0
無効 Extension Trend ツールバー 9.0.0.1150 Default C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\9.0.0.1150_0


(スケジュール)
有効 Task Adobe Flash Player Updater C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EgisUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"
有効 Task WpsUpdateTask_owner Zhuhai Kingsoft Office-software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe -from=task
有効 Task {AE5D73CC-8B83-4CF6-9ABC-8EAF8F90FBC6} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\owner\Desktop\HijackThis.exe -d C:\Users\owner\Desktop


よろしくお願い致します。
  • 高神フェイト
  • 2015/10/14 (Wed) 07:07:57
トピックを確認する 
La superbaという広告の件です。お願いします。
はじめまして。


先月の下旬から突然Lasuperbaなる広告が頻?に出たり、別なページに突如飛ばされ、お姉さんが喋り出したり等々な事になっております。

現在アバストを使用しており、それのフルスキャンとブートスキャンも試みたものの何も感知出来ませんでした。
ココを見つけるまで日本語で対策を講じているページを見つける事が出来なかったので、要らなかったり怪しそうなファイルを検索・消去、AdwCleanerを使用しましたが結果お姉さんは喋らなくなったものの、広告が消えませんでした。

こんな経験も心当たりも無く、ホントに突然だったもので…お助けいただければと…。

HJT



Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:03:11, on 2015/10/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\○○○\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_18\Modules\ypho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_18\Modules\YahooToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\MediaShow4" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [GIZMO2] "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON PX-501A] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGJ.EXE /FU "C:\Windows\TEMP\E_S6631.tmp" /EF "HKCU"
O9 - Extra button: このコンテンツを引用 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer でこのコンテンツに関する記事を書く(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google アップデート サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: StationTV Data Service (STVDataService) - PIXELA CORPORATION - C:\Program Files (x86)\PIXELA\StationTV\StationTVService.exe
O23 - Service: StationTV EAC Service (STVEACService) - PIXELA CORPORATION - C:\Program Files (x86)\PIXELA\StationTV\StationTVService.exe
O23 - Service: StationTV Service (STVService) - PIXELA CORPORATION - C:\Program Files (x86)\PIXELA\StationTV\StationTVService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9828 bytes





CC

7-Zip 9.22beta 2015/10/02
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/07/16 207 MB 15.008.20082
Adobe Flash Player 19 ActiveX Adobe Systems Incorporated 2015/09/25 17.4 MB 19.0.0.185
Adobe Flash Player 19 NPAPI Adobe Systems Incorporated 2015/09/25 17.9 MB 19.0.0.185
Adobe Shockwave Player 12.2 Adobe Systems, Inc. 2015/10/02 12.2.0.162
Avast Free Antivirus AVAST Software 2015/10/02 10.4.2233
CCleaner Piriform 2015/10/13 5.10
CyberLink BD Advisor 2.0 2010/05/31
CyberLink Blu-ray Disc Suite CyberLink Corp. 2010/05/31 14.8 MB 6.0.2806
CyberLink MediaShow CyberLink Corp. 2010/05/31 192 MB 4.1.3102
CyberLink Power2Go CyberLink Corp. 2010/05/31 122 MB 6.1.3108
CyberLink PowerDVD 8 CyberLink Corp. 2010/05/31 142 MB 8.0.3228
CyberLink PowerProducer CyberLink Corp. 2010/05/31 164 MB 5.0.1.1520
CyberLink YouCam CyberLink Corp. 2010/05/31 37.2 MB 1.0.2609
Epson E-Photo SEIKO EPSON CORPORATION 2012/12/31 1.1.0.0
EPSON PX-501A プリンタ アンインストール SEIKO EPSON Corporation 2012/12/31
Epson PX-501A 電子マニュアル 2012/12/31
EPSON Scan 2012/12/31
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2012/12/31 1.10.0000
GameXN GO GameXN AS 2012/05/27
GIZMO ants Inc. 2010/05/31 7.66 MB 3.11.2000
GIZMO テレビ連携 for PIXELA ants Inc. 2010/05/31 14.0 KB 1.0.0
GIZMO テレビ連携 for Windows Media Center ants Inc. 2010/05/31 2.00 KB 1.1.1
GIZMO テレビ連携 コアコンポーネント ants Inc. 2010/05/31 26.0 KB 1.0.1
Google Chrome Google Inc. 2010/06/05 45.0.2454.101
Google Toolbar for Internet Explorer Google Inc. 2015/10/01 7.5.6904.2028
LG Tool Kit 2012/07/21 10.01.0712.01
Lhaplus 2010/09/20
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/10/08 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2015/10/09 2.93 MB 4.5.51209
Microsoft Silverlight Microsoft Corporation 2012/03/18 20.4 MB 4.1.10111.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2009/10/30 1.72 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2010/05/31 2.69 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2010/05/31 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2010/06/05 596 KB 9.0.30729.4148
MSXML 4.0 SP3 Parser Microsoft Corporation 2011/09/06 1.47 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 2012/07/11 1.53 MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 2013/01/11 1.54 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 2011/09/08 1.53 MB 4.30.2107.0
NVIDIA 3D Vision ドライバー 341.44 NVIDIA Corporation 2015/10/08 341.44
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2015/10/08 1.3.30.1
NVIDIA PhysX NVIDIA Corporation 2010/05/31 120 MB 9.09.0814
NVIDIA Update 10.4.0 NVIDIA Corporation 2015/10/08 10.4.0
NVIDIA グラフィックス ドライバー 341.44 NVIDIA Corporation 2015/10/08 341.44
Pixela Digital TV Board Driver Installer PIXELA Corporation 2010/05/31 003.009.00005
PMB Sony Corporation 2011/09/06 282 MB 5.5.02.12220
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2010/05/31 6.0.1.5983
Skype(TM) 7.12 Skype Technologies S.A. 2015/10/02 75.2 MB 7.12.101
StationTV PIXELA 2010/05/31 8.9.3405
VLC media player VideoLAN 2015/07/29 2.2.1
Windows Live Sync Microsoft Corporation 2009/10/30 2.76 MB 14.0.8089.726
Windows Live おすすめパック Microsoft Corporation 2009/10/30 14.0.8089.0726
Windows Live アップロード ツール Microsoft Corporation 2009/10/30 224 KB 14.0.8014.1029
Windows Live サインイン アシスタント Microsoft Corporation 2009/10/30 1.93 MB 5.000.818.5
Windows XP Mode Microsoft Corporation 2010/08/30 1.13 GB 1.3.7600.16422
Yahoo!ツールバー Yahoo! JAPAN. 2012/12/31 2.77 MB 7.3.0.18
テレビNaviガジェット 株式会社プレゼントキャスト 2010/05/31 6.70 MB 1.01.1000
宛名職人MOOK版11 AGENDA Co.,Ltd. 2012/12/31

読んde!!ココ パーソナル 2012/12/31



以上です。
お忙しいとは思いますが、どうかよろしくお願いします
  • ワッパ
  • 2015/10/14 (Wed) 17:32:14
トピックを確認する 
今度は2つのツールでスキャンを
作業と報告、ご苦労様です。
また続きのログも見せてもらいました。

>C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Marvel Avengers Alliance Hack.rar.lnk

これは可能ならCCのWindowsタブから削除できるなら削除してください。

次に下記アプリがまだ最新になってないので、これはGUでアンインストールしてから、公式サイトで最新版を入れなおしてください。
Adobe Shockwave Player 12.0 Adobe Systems, Inc. 2013/09/17 12.0.4.144

次にCCの「スケジュールされたタスク」タブ内の下記を右クリックから「無効」にしたあと「エントリの削除」してください。
有効 Task Task_ShellExecuteAs Mozilla Corporation "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "http://www.gomplayer.jp/?utm_source=promo&utm_medium=pic&utm_campaign=cancel"

有効 Task {8FE9C55C-7097-4916-87E8-3CB0B391F2CC} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\SalePlus\DJWs7Jqeep9W8I.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""

有効 Task {E14BA17C-9B04-465C-B401-351CE1D37FA5} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\Owner\Desktop\3GP_Converter034\3GP_Converter034\Setup.exe -d C:\Users\Owner\Desktop\3GP_Converter034\3GP_Converter034

CCを閉じたら次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2015/10/14 (Wed) 21:08:33
トピックを確認する 
OTLのログを送付します
まずOTL.txtの1/2です。

OTL logfile created on: 2015/10/14 21:34:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tatsu\Desktop\work\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18015)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.87 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 52.03% Memory free
7.73 Gb Paging File | 5.88 Gb Available in Paging File | 76.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 462.93 Gb Total Space | 395.87 Gb Free Space | 85.51% Space Free | Partition Type: NTFS
Drive I: | 97.66 Gb Total Space | 26.35 Gb Free Space | 26.99% Space Free | Partition Type: NTFS

Computer Name: TATSU-DESKTOPPC | User Name: Tatsu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2015/10/13 21:23:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tatsu\Desktop\work\OTL\OTL.exe
PRC - [2015/09/06 10:28:08 | 055,175,056 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2015/09/06 10:28:08 | 001,378,192 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2015/09/06 10:28:08 | 000,840,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2015/05/11 17:42:06 | 000,244,392 | ---- | M] (Foxit Software Inc.) -- C:\Program Files (x86)\Foxit Software\Foxit J-Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2013/05/14 19:39:42 | 000,505,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2013/05/14 19:37:24 | 001,448,960 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2011/01/14 04:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/14 04:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/14 04:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/14 04:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/01/27 16:01:56 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/06/22 21:54:58 | 000,087,336 | ---- | M] () -- C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\CLHNService.exe
PRC - [2009/06/22 16:50:54 | 000,292,224 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSServer.exe
PRC - [2009/06/22 16:50:54 | 000,050,472 | ---- | M] () -- C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSMonitorService.exe
PRC - [2009/06/09 23:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/09/10 03:39:46 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96d744857eeaf0f2445213d08032e5cc\PresentationFramework.ni.dll
MOD - [2015/09/10 03:39:37 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09e9b52418dba5729ace249cf0487675\System.Windows.Forms.ni.dll
MOD - [2015/09/10 03:39:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/09/10 03:39:29 | 012,255,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9c4c2749b3cc38c602b59ee4fd68a8b4\PresentationCore.ni.dll
MOD - [2015/08/13 03:38:14 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3d4521ea040737939f831af5a10cd6ad\PresentationFramework.Aero.ni.dll
MOD - [2015/08/13 03:37:46 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\a6265e4a24c4f8361d84fc84f10e9736\WindowsBase.ni.dll
MOD - [2015/05/14 03:57:17 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\63e9d5c341d64a753cde97f5a3d65c71\System.Core.ni.dll
MOD - [2015/05/14 03:51:20 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2014/10/16 03:37:50 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 03:37:33 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 03:30:35 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2011/01/14 04:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
MOD - [2011/01/14 04:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/01/14 04:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
MOD - [2011/01/14 04:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
MOD - [2011/01/14 04:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
MOD - [2011/01/14 04:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
MOD - [2011/01/14 04:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
MOD - [2011/01/14 04:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
MOD - [2011/01/14 04:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
MOD - [2011/01/14 04:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
MOD - [2010/11/13 09:00:19 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ja_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/08/21 16:01:24 | 000,782,608 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:[b]64bit:[/b] - [2015/08/15 15:04:47 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/23 22:53:36 | 001,694,152 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe -- (mccspsvc)
SRV:[b]64bit:[/b] - [2015/07/23 09:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/07/21 20:24:04 | 000,368,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2015/07/21 20:24:04 | 000,368,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:[b]64bit:[/b] - [2015/07/21 20:24:04 | 000,368,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2015/07/21 20:24:04 | 000,368,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2015/07/21 20:24:04 | 000,368,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:[b]64bit:[/b] - [2015/07/17 18:41:28 | 000,639,456 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:[b]64bit:[/b] - [2015/07/06 17:27:18 | 000,373,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - [2015/06/29 10:03:32 | 000,254,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2015/06/29 10:01:22 | 000,232,656 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/04/23 21:36:00 | 000,176,272 | ---- | M] (Koozyt, Inc.) [Auto | Running] -- C:\Program Files\PlaceEngine\PlaceEngineService.exe -- (PlaceEngineService)
SRV:[b]64bit:[/b] - [2009/12/11 07:15:04 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/06/09 23:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2015/10/14 12:24:31 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/10/11 14:19:12 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/09/22 18:52:16 | 000,157,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2015/09/06 10:28:08 | 000,840,080 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2015/05/11 17:42:06 | 000,244,392 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit J-Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2015/02/05 17:25:38 | 000,131,608 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2)
SRV - [2015/01/27 10:12:02 | 000,167,208 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2011/01/14 04:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2009/06/22 21:54:58 | 000,087,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\CLHNService.exe -- (CLHNService3)
SRV - [2009/06/22 16:50:54 | 000,292,224 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSServer.exe -- (CyberLink Media Server Service)
SRV - [2009/06/22 16:50:54 | 000,050,472 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\MediaSharing\Kernel\DMS\CLMSMonitorService.exe -- (CyberLink Media Server Monitor Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,875,928 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,496,888 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,412,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack)
DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,347,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,344,704 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2015/07/02 15:33:00 | 000,077,536 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2015/06/28 22:37:02 | 000,529,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2015/06/28 22:37:02 | 000,109,728 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2015/05/19 13:59:02 | 000,207,208 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2014/05/04 01:53:40 | 000,034,816 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2012/08/15 15:24:54 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/16 00:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2011/11/24 22:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2011/11/10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 22:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 20:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2010/02/28 00:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010/02/10 11:14:40 | 000,544,256 | ---- | M] (NEC AccessTechnica, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wlaNUGvx.sys -- (WLATE300NUG)
DRV:[b]64bit:[/b] - [2010/02/04 14:38:32 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2009/12/11 09:40:28 | 006,179,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/10/16 20:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2009/10/01 15:34:00 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009/09/18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 09:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2015/09/22 18:52:48 | 000,037,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/22 21:55:02 | 000,082,416 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\RemoteMedia\Kernel\DMP\ntk3_64.sys -- (ntk3)
DRV - [2006/12/24 05:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\xPADFL02.sys -- (XPADFL02)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{EE4C02EB-466C-4224-B489-4175260FD82B}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8C5BD6E4-7E82-480F-BCB5-5F0BDD6AA082}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/USCON/3
IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\..\SearchScopes,DefaultScope = {E67ABE87-278E-42E9-838F-8D7F395BC53F}
IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_jaJP432
IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\..\SearchScopes\{E67ABE87-278E-42E9-838F-8D7F395BC53F}: "URL" = http://search.yahoo.co.jp/search?ei=UTF-8&fr=mcafeess1&p={searchTerms}
IE - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.order.1: "螳牙・讀懃エ「"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.search.selectedEngine: "螳牙・讀懃エ「"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?hl%3Dja%26shva%3D1&ss=1&scc=1&ltmpl=default&ltmplcache=2&hl=ja#inbox|http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B8b86149f-01fb-4842-9dd8-4d7eb02fd055%7D:0.26.1-signed
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:4.0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.co.jp/search?ei=UTF-8&fr=mcafeess1&p="
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2015/09/07 11:50:34 | 000,128,850 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015/09/07 11:50:34 | 000,128,850 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2015/10/11 14:57:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/10/11 15:05:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2015/10/11 14:57:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/10/11 15:05:30 | 000,000,000 | ---D | M]

[2010/08/29 22:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Extensions
[2015/10/12 21:37:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Firefox\Profiles\b9umqs09.tmp_prf\extensions
[2015/05/01 22:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Firefox\Profiles\wn2i11us.default\extension-data
[2015/05/01 22:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Firefox\Profiles\wn2i11us.default\extension-data\toolbar_ORJ-SPE@apn.ask.com
[2015/10/12 21:21:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Firefox\Profiles\wn2i11us.default\extensions
[2015/05/30 20:56:59 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Tatsu\AppData\Roaming\mozilla\Firefox\Profiles\wn2i11us.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2015/05/29 23:32:52 | 000,191,683 | ---- | M] () (No name found) -- C:\Users\Tatsu\AppData\Roaming\mozilla\firefox\profiles\wn2i11us.default\extensions\nclvauto@jetpack.xpi
[2013/07/24 11:14:13 | 000,001,000 | ---- | M] () -- C:\Users\Tatsu\AppData\Roaming\mozilla\firefox\profiles\wn2i11us.default\searchplugins\-customized-web-search.xml
[2015/10/14 21:31:02 | 000,001,983 | ---- | M] () -- C:\Users\Tatsu\AppData\Roaming\mozilla\firefox\profiles\wn2i11us.default\searchplugins\McSiteAdvisor.xml
[2015/09/13 20:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/10/11 14:19:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/09/07 11:50:34 | 000,128,850 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0\
CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla\0.2.4_0\
CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0\
CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tatsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdhfcagdlpjbpfldpabhkdibdcbaiih\3.4_0\

O1 HOSTS File: ([2015/10/13 21:32:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [PlaceEngine] C:\Program Files\PlaceEngine\PlaceEngine.exe (Koozyt Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN File not found
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PMSpeed9.02.10] C:\Program Files (x86)\NewSoft\Presto! PageManager 9.02\PMSpeed.EXE File not found
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3968067660-2613130667-2936475348-1000..\Run: [WDSMVx.EXE] C:\Program Files\NEC\AtermWL\WDSMVx.exe (NEC AccessTechnica,Ltd.)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\.DEFAULT..\RunOnce: [{90140000-001A-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [{90140000-006E-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [{90140000-00A1-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [{91140000-0013-0000-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{90140000-001A-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{90140000-006E-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{90140000-00A1-0411-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [{91140000-0013-0000-0000-0000000FF1CE}] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Tatsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwitCasting Alerts.lnk = C:\Program Files (x86)\TwitCasting Alerts\TwitCasting Alerts.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://supportapj.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://supportapj.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 14.193.100.8 14.193.100.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CD5B582-64B6-4BEA-85DF-6CB3AFF9523F}: DhcpNameServer = 14.193.100.8 14.193.100.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B31ABB-86BB-4412-8DDB-6BE1A73BF152}: DhcpNameServer = 14.193.100.8 14.193.100.40
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

  • ぽっぽ
  • 2015/10/14 (Wed) 22:07:00
トピックを確認する 
≪前へ  次へ≫
Template by  マシマロック