悪代官の伏魔殿掲示板
検索語:
OR  AND

OTLログ1
OTL logfile created on: 2016/09/24 20:34:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18449)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

5.92 Gb Total Physical Memory | 4.33 Gb Available Physical Memory | 73.23% Memory free
11.83 Gb Paging File | 10.24 Gb Available in Paging File | 86.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 212.68 Gb Free Space | 45.67% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/09/24 20:32:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2016/09/24 08:36:10 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
PRC - [2016/09/20 10:14:56 | 025,382,344 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2016/09/13 03:42:43 | 009,107,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/09/12 03:06:44 | 000,939,984 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2016/09/12 03:06:42 | 046,052,816 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2016/09/12 03:06:42 | 001,535,440 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2016/09/01 16:21:20 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/08/08 14:16:06 | 000,703,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe
PRC - [2016/08/04 17:27:48 | 002,391,248 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\epson\MyEPSON Connect\mep.exe
PRC - [2016/04/26 15:40:00 | 000,921,112 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2016/04/26 15:37:32 | 000,417,304 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2015/01/12 01:04:00 | 000,023,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2012/04/02 15:44:14 | 001,058,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/09/20 10:15:24 | 000,024,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
MOD - [2016/09/20 10:15:24 | 000,023,376 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2016/09/20 10:15:24 | 000,022,352 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
MOD - [2016/09/20 10:15:24 | 000,020,800 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
MOD - [2016/09/20 10:15:24 | 000,019,776 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
MOD - [2016/09/20 10:15:22 | 000,025,424 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
MOD - [2016/09/20 10:15:22 | 000,021,312 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
MOD - [2016/09/20 10:15:22 | 000,020,800 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2016/09/20 10:15:22 | 000,020,288 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
MOD - [2016/09/20 10:15:20 | 000,381,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
MOD - [2016/09/20 10:15:20 | 000,019,760 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
MOD - [2016/09/20 10:15:16 | 003,928,880 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
MOD - [2016/09/20 10:15:14 | 000,224,056 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
MOD - [2016/09/20 10:15:14 | 000,168,760 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
MOD - [2016/09/20 10:15:14 | 000,133,424 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
MOD - [2016/09/20 10:15:12 | 000,546,096 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
MOD - [2016/09/20 10:15:12 | 000,357,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
MOD - [2016/09/20 10:15:12 | 000,207,672 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
MOD - [2016/09/20 10:15:12 | 000,042,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
MOD - [2016/09/20 10:15:10 | 001,972,528 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
MOD - [2016/09/20 10:15:10 | 001,826,096 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
MOD - [2016/09/20 10:15:10 | 000,531,248 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
MOD - [2016/09/20 10:15:08 | 000,052,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
MOD - [2016/09/20 10:15:08 | 000,024,392 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
MOD - [2016/09/20 10:15:06 | 000,038,696 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
MOD - [2016/09/20 10:15:04 | 000,084,280 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll
MOD - [2016/09/20 10:15:04 | 000,026,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
MOD - [2016/09/20 10:15:02 | 001,682,760 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
MOD - [2016/09/20 10:15:02 | 000,020,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
MOD - [2016/09/20 10:15:00 | 000,246,592 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
MOD - [2016/09/20 10:15:00 | 000,020,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
MOD - [2016/09/20 10:15:00 | 000,020,280 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
MOD - [2016/09/01 16:21:47 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016/09/01 16:21:30 | 000,482,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2016/09/01 16:21:22 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/08/24 13:45:04 | 000,350,152 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
MOD - [2016/08/24 13:45:04 | 000,116,176 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32security.pyd
MOD - [2016/08/24 13:45:04 | 000,048,592 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32service.pyd
MOD - [2016/08/24 13:45:04 | 000,028,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
MOD - [2016/08/24 13:45:02 | 000,175,560 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
MOD - [2016/08/24 13:45:02 | 000,124,880 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32file.pyd
MOD - [2016/08/24 13:45:02 | 000,060,880 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32print.pyd
MOD - [2016/08/24 13:45:02 | 000,043,472 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32process.pyd
MOD - [2016/08/24 13:45:02 | 000,030,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
MOD - [2016/08/24 13:45:02 | 000,024,016 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
MOD - [2016/08/24 13:45:00 | 000,105,928 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32api.pyd
MOD - [2016/08/24 13:45:00 | 000,057,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
MOD - [2016/08/24 13:45:00 | 000,024,528 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32event.pyd
MOD - [2016/08/24 13:45:00 | 000,024,016 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
MOD - [2016/08/24 13:45:00 | 000,020,936 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
MOD - [2016/08/24 13:44:00 | 000,241,104 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
MOD - [2016/08/24 13:43:44 | 000,123,856 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
MOD - [2016/08/24 13:43:44 | 000,083,912 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\sip.pyd
MOD - [2016/08/24 13:43:42 | 000,019,408 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
MOD - [2016/08/24 13:43:10 | 000,144,848 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
MOD - [2016/08/24 13:43:10 | 000,100,296 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
MOD - [2016/08/24 13:43:10 | 000,035,792 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
MOD - [2016/08/24 13:43:08 | 000,694,224 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
  • sagume
  • 2016/09/25 (Sun) 02:20:10
トピックを確認する 
OTLログ2
続き

MOD - [2016/08/24 13:43:08 | 000,145,864 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
MOD - [2016/08/24 13:43:08 | 000,018,888 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\select.pyd
MOD - [2016/08/24 13:43:06 | 000,392,144 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
MOD - [2016/08/24 13:43:06 | 000,116,688 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
MOD - [2016/08/24 13:41:26 | 000,036,296 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsync.dll
MOD - [2008/12/06 06:22:48 | 000,839,680 | ---- | M] () -- C:\Windows\SysWOW64\timiditydrv.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/09/20 10:15:24 | 000,042,792 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:[b]64bit:[/b] - [2016/09/01 16:21:20 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2016/09/01 09:11:19 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2016/05/18 12:12:56 | 000,275,512 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2015/07/23 09:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/02/21 07:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:[b]64bit:[/b] - [2011/12/12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2016/09/19 06:53:09 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/09/17 03:47:19 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/09/12 03:06:44 | 000,939,984 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2016/08/08 14:16:06 | 000,703,696 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\epson\MyEPSON Connect\mepService.exe -- (MyEPSON Connect Service)
SRV - [2016/06/12 08:24:00 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2016/06/12 08:24:00 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2016/04/26 15:40:00 | 000,921,112 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2016/04/26 15:37:32 | 000,417,304 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2016/04/26 15:36:38 | 000,437,784 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2016/04/26 15:34:22 | 000,437,784 | ---- | M] (BlueStack Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe -- (BstHdPlusAndroidSvc)
SRV - [2015/11/05 20:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/06/01 21:00:40 | 000,290,224 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/01/12 01:04:00 | 000,023,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010/11/20 21:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 21:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 01:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/09/22 21:26:26 | 000,513,632 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2016/09/18 20:25:00 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:[b]64bit:[/b] - [2016/09/13 22:42:54 | 000,969,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:57 | 000,292,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:57 | 000,163,416 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:56 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:55 | 000,108,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:55 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2016/09/01 16:21:54 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2016/09/01 16:20:57 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2016/03/29 16:46:02 | 000,498,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:[b]64bit:[/b] - [2016/03/28 12:41:34 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2016/03/24 12:07:14 | 000,034,416 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:[b]64bit:[/b] - [2016/03/17 21:28:36 | 000,034,472 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2015/11/16 09:31:54 | 000,096,776 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\IntelHaxm.sys -- (IntelHaxm)
DRV:[b]64bit:[/b] - [2015/09/08 11:47:40 | 000,117,768 | ---- | M] (Oracle Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp6.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2015/06/01 21:00:18 | 005,384,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2013/07/19 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/05/12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2012/04/19 22:56:56 | 002,811,392 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/06 15:48:26 | 000,376,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2011/12/07 20:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/12/20 15:12:08 | 000,014,848 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nececfil.sys -- (Nececfilter)
  • sagume
  • 2016/09/25 (Sun) 02:24:57
トピックを確認する 
OTLログ3
続き

DRV:[b]64bit:[/b] - [2010/11/20 22:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2010/11/20 22:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2010/11/20 22:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 20:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2010/11/20 20:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2010/11/20 20:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009/09/01 11:54:40 | 000,015,360 | ---- | M] (ELECOM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElcMouLFlt.sys -- (ElcMouLFlt)
DRV:[b]64bit:[/b] - [2009/09/01 11:51:48 | 000,016,896 | ---- | M] (ELECOM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElcMouUFlt.sys -- (ElcMouUFlt)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 01:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2016/04/26 15:37:12 | 000,154,168 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2016/04/06 21:25:02 | 000,270,904 | ---- | M] (Bluestack System Inc. ) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\BstkDrv.sys -- (BstkDrv)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 40 60 7E B8 F1 15 D2 01 [binary data]
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0: C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/09/02 03:41:46 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016/09/02 03:41:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/09/02 03:41:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/09/02 03:41:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016/09/19 06:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2016/09/24 08:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\3x5fvx37.default\extensions
[2016/09/24 08:39:17 | 000,007,076 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\3x5fvx37.default\features\{db8549fc-2ad3-42ac-8fb8-b25b40557165}\e10srollout@mozilla.org.xpi
[2016/09/23 21:24:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  • sagume
  • 2016/09/25 (Sun) 02:27:07
トピックを確認する 
OTLログ4
続き

CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod\3.5.5_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacfnookefkldifaigjdedpophfjkjeh\2.0.0.2_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.12.2_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall\1.17_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\4.1.0_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\4.1.10_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.43_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkccpmgeknngdmagkjjacapdecnoeiai\0.0.5_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.4.7_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh\3.4.3_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik\1.0.2441_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagnffmpahidgbhkeomnfcngnhapddha\3.4.0.0_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe\1.9.2_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflnemhkomgploogccdmcloekbloobgb\8.3.5_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niepjjjfafhadmfdminbckmciijcaagc\1.9.2_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\19.2.16_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5316.725.0.15_1\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AWiC] C:\Program Files (x86)\Atheros\AWiCMgr.exe (Atheros)
O4:[b]64bit:[/b] - HKLM..\Run: [DispSw] C:\Program Files\DispSw\DispSw.exe (NEC Personal Computers, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NECBatt] C:\Program Files\NECBatt\nbSched.exe (NEC Corporation, NEC Personal Products, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [NPSpeed] C:\Program Files\NPSpeed\NPSpeed.exe (NEC Corporation, NEC Personal Products, Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes File not found
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-820934588-4127442196-1940865894-1000..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKU\S-1-5-21-820934588-4127442196-1940865894-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIGJ.EXE /EPT "EPLTarget\P0000000000000000" /M "PX-045A Series" File not found
O4 - HKU\S-1-5-21-820934588-4127442196-1940865894-1000..\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-820934588-4127442196-1940865894-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F032B92-3037-420F-8DB6-4A401B94D147}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F032B92-3037-420F-8DB6-4A401B94D147}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/09/18 20:25:54 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
  • sagume
  • 2016/09/25 (Sun) 02:30:21
トピックを確認する 
OTLログ5
続き

O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/09/24 08:49:32 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/09/24 08:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016/09/24 08:49:12 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2016/09/24 08:49:12 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2016/09/24 08:49:12 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016/09/24 08:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016/09/24 08:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/09/24 08:45:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/09/24 08:38:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome アプリ
[2016/09/24 08:36:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Google
[2016/09/23 21:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016/09/22 20:53:58 | 000,150,208 | ---- | C] (Tracker Software Products (Canada) Ltd.) -- C:\Windows\SysNative\pxcpm5L.dll
[2016/09/22 20:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
[2016/09/22 20:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2016/09/22 20:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2016/09/22 20:47:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Geek Uninstaller
[2016/09/22 10:05:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2016/09/22 10:04:05 | 003,262,184 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE2.dll
[2016/09/22 10:04:05 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2016/09/22 10:04:05 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2016/09/22 10:04:05 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2016/09/22 10:04:05 | 000,871,856 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaeapo64.dll
[2016/09/22 10:04:05 | 000,582,056 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosasfapo64.dll
[2016/09/22 10:04:05 | 000,213,432 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tossaemaxapo64.dll
[2016/09/22 10:04:05 | 000,162,224 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\toseaeapo64.dll
[2016/09/22 10:04:05 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2016/09/22 10:04:04 | 001,413,776 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRRPTR64.dll
[2016/09/22 10:04:04 | 001,104,040 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2016/09/22 10:04:04 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2016/09/22 10:04:04 | 000,943,784 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2016/09/22 10:04:04 | 000,858,256 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEHDRA64.dll
[2016/09/22 10:04:04 | 000,856,992 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2016/09/22 10:04:04 | 000,734,376 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2016/09/22 10:04:04 | 000,684,176 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SECOMN64.dll
[2016/09/22 10:04:04 | 000,555,664 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysWow64\SECOMN32.DLL
[2016/09/22 10:04:04 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2016/09/22 10:04:04 | 000,454,288 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRAPO64.dll
[2016/09/22 10:04:04 | 000,435,856 | ---- | C] (Sound Research, Corp.) -- C:\Windows\SysNative\SEAPO64.dll
[2016/09/22 10:04:04 | 000,369,296 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM64.dll
[2016/09/22 10:04:04 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysWow64\SRCOM.dll
[2016/09/22 10:04:04 | 000,329,360 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SRCOM.dll
[2016/09/22 10:04:04 | 000,250,536 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2016/09/22 10:04:04 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2016/09/22 10:04:04 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2016/09/22 10:04:04 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2016/09/22 10:04:04 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2016/09/22 10:04:04 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2016/09/22 10:04:04 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2016/09/22 10:04:04 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
  • sagume
  • 2016/09/25 (Sun) 02:32:20
トピックを確認する 
≪前へ  次へ≫
Template by  マシマロック