悪代官の伏魔殿掲示板

初めまして、さそりと申します。4,5日前に誤ってreg clean pro と怪しいフリーの麻雀ソフトをインストールしてしまいました。
ネット上に上がっている削除のやりかたを行ったのですが、どうも2日ほど前からwindowsのエクスプローラの読み込みが遅いです。
タイミング的にreg clean proが原因だと思うのですが、対処法がわかりません。
どなたかお力を貸していただけないでしょうか。
よろしくお願いします。

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:36:20, on 2014/02/06
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
D:\Program Files (x86)\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\Sleipnir.exe
D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\TouchPaging.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
D:\ダウンロード\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\lgfw.exe blrun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "D:\Program Files (x86)\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ryo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [NextLive] C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Ryo\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2013/08/29 21:19:35 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13320 bytes

7-Zip 9.20 (x64 edition) Igor Pavlov 2013/08/31 4.53 MB 9.20.00.0
Adobe Flash Player 12 Plugin Adobe Systems Incorporated 2014/02/05 6.00 MB 12.0.0.44
Adobe Reader X (10.1.9) - Japanese Adobe Systems Incorporated 2014/01/30 139 MB 10.1.9
Advanced SystemCare 7 IObit 2014/01/31 103 MB 7.1.0
Apple Application Support Apple Inc. 2014/02/05 93.2 MB 3.0
Apple Mobile Device Support Apple Inc. 2014/02/05 21.3 MB 7.1.0.32
Apple Software Update Apple Inc. 2013/09/03 2.38 MB 2.1.3.127
Asmedia ASM106x SATA Host Controller Driver Asmedia Technology 2013/08/29 92.0 KB 1.3.8.000
Bonjour Apple Inc. 2013/09/03 2.00 MB 3.0.0.10
BOSS Userlist Manager Surazal 2013/10/14 7.15 MB 6.6.4
BUFFALO AirStation設定ツール 2013/11/04
CCleaner Piriform 2014/02/05 4.10
Classic Shell IvoSoft 2013/08/31 5.75 MB 3.6.6
CyberLink BD_3D Advisor 2.0 CyberLink Corp. 2013/10/29 2.0.5913
CyberLink Media Suite 10 CyberLink Corp. 2013/10/29 1.06 GB 10.0
CyberLink PowerProducer 5.5 CyberLink Corp. 2013/08/29 168 MB 5.5.3.4118
DAEMON Tools Lite Disc Soft Ltd 2013/10/29 4.47.1.0337
Driver Booster IObit 2014/01/31 25.1 MB 1.1
ESET NOD32 Antivirus ESET, spol s r. o. 2013/08/31 71.4 MB 6.0.316.2
Google 日本語入力 Google Inc. 2014/01/09 83.0 MB 1.13.1641.0
Intel(R) Manageability Engine Firmware Recovery Agent Intel Corporation 2013/08/29 57.9 MB 1.0.0.36702
Intel(R) Management Engine Components Intel Corporation 2013/08/29 9.0.0.1323
Intel(R) Network Connections 18.2.63.0 Intel 2013/08/29 27.0 MB 18.2.63.0
Intel(R) Rapid Storage Technology Intel Corporation 2013/08/29 12.5.0.1066
IObit Malware Fighter IObit 2013/09/10 41.3 MB 2.1
IObit Uninstaller IObit 2014/01/31 3.0.5.1228
iTunes Apple Inc. 2014/02/05 215 MB 11.1.4.62
Jane Style Version 3.74 Jane, Inc. 2013/09/30 3.74
Java 7 Update 51 Oracle 2013/09/22 118 MB 7.0.510
KeePass Password Safe 1.26 Dominik Reichl 2013/09/17 3.66 MB 1.26
LG ODD Auto ファームウェア アップデート 2013/10/29 10.01.0712.01
MediaCoder 0.8.28.5588 Mediatronic 2014/02/01 0.8.28.5588
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/08/29 4.84 MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/02/02 12.4 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/10/27 11.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2013/09/18 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/08/29 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/10/27 8.52 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/08/29 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/08/29 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation 2013/10/29 20.5 MB 11.0.51106.1
Nexus Mod Manager Black Tree Gaming 2013/09/05 14.7 MB 0.45.6
NVIDIA 3D Vision コントローラー ドライバー 331.65 NVIDIA Corporation 2013/10/29 331.65
NVIDIA 3D Vision ドライバー 331.65 NVIDIA Corporation 2013/10/29 331.65
NVIDIA GeForce Experience 1.8.2 NVIDIA Corporation 2014/01/25 1.8.2
NVIDIA HD オーディオ ドライバー 1.3.26.4 NVIDIA Corporation 2013/11/18 1.3.26.4
NVIDIA PhysX システム ソフトウェア 9.13.0725 NVIDIA Corporation 2013/10/29 9.13.0725
NVIDIA Virtual Audio 1.2.20 NVIDIA Corporation 2014/01/25 1.2.20
NVIDIA グラフィックス ドライバー 331.65 NVIDIA Corporation 2013/10/29 331.65
OpenOffice 4.0.1 Apache Software Foundation 2013/10/27 341 MB 4.01.9714
Origin Electronic Arts, Inc. 2013/10/29 9.3.6.4643
Paint.NET v3.5.11 dotPDN LLC 2013/10/23 11.2 MB 3.61.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/11/18 6.0.1.7083
RPGツクールVX Ace RTP Enterbrain 2014/01/06 194 MB 1.00
Skype(TM) 6.11 Skype Technologies S.A. 2013/11/27 26.9 MB 6.11.102
Sleipnir Version 4.3.2 Fenrir Inc. 2013/08/31 201 MB 4.3.2
Smart Defrag 3 IObit 2014/02/02 23.6 MB 3.0
Smart Technology Programming Software 7.0.27.13 Mad Catz 2013/08/31 158 MB 7.0.27.13
Smart Technology Volume Tracker 7.0.23.0 Mad Catz 2013/09/01 137 KB 7.0.23.0
SMPlayer 0.8.6.5949 Ricardo Villalba 2014/01/31 0.8.6.5949
Start Menu 8 IObit 2014/02/02 22.1 MB 1.4.0.0
Steam Valve Corporation 2013/11/29
Surfing Protection IObit 2014/01/31 11.3 MB 1.0
Surgeon Simulator 2013 Bossa Studios 2013/11/29
TechPowerUp GPU-Z TechPowerUp 2013/10/29
The Elder Scrolls V: Skyrim Bethesda Game Studios 2013/11/29
True Image 2013 Acronis 2013/08/31 360 MB 16.0.6514
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2013/11/19 7.58 MB 15.0.1157
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/01/31 40.3 MB 15.0.1215
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/01/31 11.5 MB 15.0.1215
Wrye Bash Wrye & Wrye Bash Development Team 2013/10/29 0.3.0.2
XCOM: Enemy Unknown Firaxis Games 2014/02/02
µTorrent BitTorrent Inc. 2013/11/19 3.3.2.30303
ザ･シムズ３ Electronic Arts 2013/11/25 1.63.4

こんばんは、たまに出てくる回答者のイルカです。管理人の悪代官さんではありませんがご勘弁を。


ログを見ますと、RegCleanProの他に、迷惑ソフトのnewnext.meが見えますね。
まとめて駆除しましょう。

また、P2Pソフトをお使いのようですね。
私はあまりこの辺についてはあれこれ言わない主義なのですが、使い方にはお気を付けください。


まずは、解析ソフトで状況を調べます。


■OTLによる解析
OTLと呼ばれる、高機能解析ツールを使って調べます。

1. 以下にある(直リンクです)解析ツール「OTL」(OldTimer Listit)をダウンロードし、デスクトップに置いてください。
ウイルス対策ソフトやブラウザから危険判定されるかもしれませんが、誤検知ですので気にしないで進めてください。
http://oldtimer.geekstogo.com/OTL.exe

2. 実行後、次の設定を変更してください。
・ウィンドウの上の方にある「Scan All Users」にチェックを入れる
・「Scan 64bit Files」があった場合には、それにもチェックを入れる
・「Extra Registry」を「Use SafeList」に設定する
・以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT

3. 左上の「Run Scan」を押してください。数分すると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に出来ます。


これらのファイルの内容を、分割した上で本文に貼り付けてください。特にOTL.txtは結構長いので、途中で分割しないと切れてしまいます。
最大文字数を超えた場合、貼り付けることはできても、投稿すると切れてしまいますので。
途中の「[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]」あたりで分割してみてください。


もし禁止ワードで貼り付けられないときは、どこかのアップローダーなどにデータをアップロードしてください。

アップロードされる場合、アップロート先はお好きなところで構いませんが、特にこだわりがなければ
http://www1.axfc.net/uploader/post.pl
あたりが比較的安定していていいかと思います。

アップロード後、ダウンロードリンクをこちらに貼り付けてください。
ダウンロード用パスワード(DLキーワード)を設定できますので、設定しておくとプライバシー上少しだけましになります。

イルカ様ありがとうございます。
OTLを使えましたので貼らせていただきたいと思います。

OTL logfile created on: 2014/02/06 20:09:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Ryo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

15.94 Gb Total Physical Memory | 12.57 Gb Available Physical Memory | 78.89% Memory free
18.31 Gb Paging File | 11.43 Gb Available in Paging File | 62.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118.90 Gb Total Space | 40.27 Gb Free Space | 33.87% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1543.67 Gb Free Space | 82.86% Space Free | Partition Type: NTFS

Computer Name: THE8X6EQUAL42 | User Name: Ryo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/02/06 20:08:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Ryo\Desktop\OTL.exe
PRC - [2014/01/25 09:40:24 | 000,849,216 | ---- | M] (Fenrir Inc.) -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\sleipnir_engine_cv.exe
PRC - [2014/01/25 09:40:16 | 000,312,640 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\TouchPaging.exe
PRC - [2014/01/25 09:40:15 | 000,645,952 | ---- | M] (Fenrir Inc.) -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\Sleipnir.exe
PRC - [2014/01/21 11:56:25 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/01/21 11:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/01/09 14:14:48 | 003,529,504 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
PRC - [2013/12/19 03:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/18 01:56:20 | 054,253,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2013/12/18 01:56:16 | 001,334,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/12/13 17:44:36 | 001,573,184 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/12/02 19:48:30 | 001,706,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
PRC - [2013/12/02 17:12:56 | 000,030,016 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
PRC - [2013/12/02 17:12:52 | 000,072,512 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
PRC - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/11/04 11:01:40 | 001,025,856 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
PRC - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/09/01 12:08:04 | 001,130,576 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ryo\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/08/31 13:49:37 | 003,722,232 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013/05/14 16:51:40 | 006,560,168 | ---- | M] (Acronis) -- D:\Program Files (x86)\TrueImageHome\TrueImageMonitor.exe
PRC - [2013/03/26 18:32:12 | 007,080,016 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013/03/22 08:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/03/12 13:19:38 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/03/08 18:04:01 | 000,181,208 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2013/03/08 16:18:33 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/03/09 14:21:54 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/02/05 10:54:02 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014/01/25 09:40:24 | 001,726,784 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\extension\SuperDragExtension.fx
MOD - [2014/01/25 09:40:24 | 001,115,968 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\dock\headlinefeedpanel.fx
MOD - [2014/01/25 09:40:24 | 000,886,080 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\libglesv2.dll
MOD - [2014/01/25 09:40:24 | 000,496,448 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\dock\headlinearticledock.fx
MOD - [2014/01/25 09:40:24 | 000,465,728 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\ppGoogleNaClPluginChrome.dll
MOD - [2014/01/25 09:40:24 | 000,278,848 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\dock\headlinetooldock.fx
MOD - [2014/01/25 09:40:24 | 000,109,376 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\libegl.dll
MOD - [2014/01/25 09:40:23 | 000,880,448 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\plugins\ChromiumEngine\ffmpegsumo.dll
MOD - [2014/01/25 09:40:21 | 001,472,320 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\bin\PassConnectExtension.fx
MOD - [2014/01/25 09:40:21 | 001,457,984 | ---- | M] () -- C:\Users\Ryo\AppData\Roaming\Fenrir Inc\Sleipnir\~temp\bin\RecoveryManagerExtension.fx
MOD - [2014/01/25 09:40:16 | 000,863,040 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\Supplement.fx
MOD - [2014/01/25 09:40:16 | 000,312,640 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\TouchPaging.exe
MOD - [2014/01/25 09:40:15 | 009,349,440 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\Core.fx
MOD - [2014/01/25 09:40:15 | 000,857,920 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\FenrirLib.fx
MOD - [2014/01/25 09:40:15 | 000,200,512 | ---- | M] () -- D:\Program Files (x86)\Fenrir Inc\Sleipnir\bin\ipc.fx
MOD - [2013/12/02 17:12:42 | 000,039,744 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
MOD - [2013/12/02 17:12:40 | 000,089,920 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
MOD - [2013/12/02 17:12:38 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\madexcept_.bpl
MOD - [2013/12/02 17:12:36 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\maddisAsm_.bpl
MOD - [2013/12/02 17:12:32 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Start Menu 8\madbasic_.bpl
MOD - [2013/11/18 23:15:33 | 001,070,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\794a8144be43ae5dc504376111b6690b\System.ServiceModel.Web.ni.dll
MOD - [2013/10/29 23:07:59 | 002,964,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\465c275dbc64704479d17bc1096a711a\System.IdentityModel.ni.dll
MOD - [2013/10/29 23:07:55 | 000,785,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\6f148949888c20d25b9292ea5b80b9cb\System.ServiceModel.Internals.ni.dll
MOD - [2013/10/29 23:07:55 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\347c1cd4d2f491bbf28168f51c3e8da1\SMDiagnostics.ni.dll
MOD - [2013/10/29 18:25:39 | 007,803,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e6b0fac086c9f63921dc57ccb85a0ee4\System.Xml.ni.dll
MOD - [2013/10/29 18:25:36 | 012,856,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\af4e47767c78d7335dc160fbe925558c\System.Windows.Forms.ni.dll
MOD - [2013/10/29 18:25:36 | 001,874,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\184a908676205d46994e3096a3eb1cea\System.Xaml.ni.dll
MOD - [2013/10/29 18:25:32 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\46b4609a23cd36da267dacc7db3be849\System.ServiceModel.ni.dll
MOD - [2013/10/29 18:25:25 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d5ec652ee752e275276098614a3b07a6\System.Runtime.Serialization.ni.dll
MOD - [2013/10/29 18:25:23 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\5d9c806d510ce30645b2118d96589486\System.Drawing.ni.dll
MOD - [2013/10/29 18:25:19 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\a651a53f70ec4356e530497679d60d59\System.Configuration.ni.dll
MOD - [2013/10/29 18:25:08 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\b23c1312ec0a64893e596e2fc2aa875b\System.Core.ni.dll
MOD - [2013/10/29 18:25:05 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\220f99197372e34d3a6ca5005e7ef1f0\System.ni.dll
MOD - [2013/10/29 18:25:02 | 017,360,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\9ce38091b2e714845369c9bc3b5b5395\mscorlib.ni.dll
MOD - [2013/05/14 16:31:36 | 013,595,440 | ---- | M] () -- D:\Program Files (x86)\TrueImageHome\ti_managers.dll
MOD - [2012/09/05 18:55:36 | 000,892,288 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
MOD - [2011/03/09 14:21:56 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2011/03/09 14:21:48 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/02/05 21:10:02 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/02/05 21:10:01 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/01/21 11:55:35 | 016,939,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013/11/28 00:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013/11/08 12:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2013/10/22 10:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2013/10/19 14:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/10/04 17:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2013/09/30 13:07:02 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013/09/30 13:07:01 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/09/30 13:07:01 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2013/08/22 21:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2013/08/22 21:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/08/22 21:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2013/08/22 20:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2013/08/22 20:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2013/08/22 20:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2013/08/22 20:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2013/08/22 20:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2013/08/22 19:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2013/08/22 19:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2013/08/22 18:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2013/08/22 18:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 18:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2013/08/22 18:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2013/08/22 18:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013/08/22 18:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2013/03/22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2013/02/23 04:46:08 | 000,183,048 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/02/13 12:47:04 | 000,820,184 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/02/13 12:46:48 | 000,731,648 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/02/05 10:54:03 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/21 11:55:50 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/19 03:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/12/12 04:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/12/03 16:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/12/02 17:12:52 | 000,072,512 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe -- (StartMenuService)
SRV - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/30 13:07:00 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/31 13:49:37 | 003,722,232 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013/08/22 21:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 12:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 11:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/03/26 18:32:12 | 007,080,016 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/03/12 13:19:38 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2013/03/08 17:04:02 | 000,247,768 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2013/02/15 13:01:52 | 001,143,720 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/12/28 03:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/12/24 10:40:32 | 000,021,184 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:[b]64bit:[/b] - [2013/11/11 11:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2013/11/09 20:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013/11/01 20:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/10/31 09:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013/10/26 10:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2013/10/13 11:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013/10/06 00:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2013/09/30 13:07:00 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013/09/30 13:07:00 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013/09/30 13:07:00 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2013/09/30 12:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013/09/30 12:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013/09/17 22:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/09/01 14:06:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:38 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:36 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:35 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:35 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:34 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:[b]64bit:[/b] - [2013/08/31 13:49:34 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 21:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013/08/22 21:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2013/08/22 20:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:[b]64bit:[/b] - [2013/04/30 11:55:32 | 000,052,640 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:[b]64bit:[/b] - [2013/04/30 11:55:32 | 000,025,120 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:[b]64bit:[/b] - [2013/03/22 08:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/03/12 13:19:38 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/02/14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2013/01/10 10:25:22 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:[b]64bit:[/b] - [2013/01/10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/12/05 14:23:26 | 000,180,584 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK1107.sys -- (SaiK1107)
DRV:[b]64bit:[/b] - [2012/09/20 14:45:36 | 000,047,168 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiU0CCF.sys -- (SaiU0CCF)
DRV:[b]64bit:[/b] - [2012/09/20 14:45:34 | 000,180,544 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0ccf.sys -- (SaiK0ccf)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/18 11:29:46 | 000,049,048 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV - [2013/11/19 16:10:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/11/19 16:10:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/23 15:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.jp.msn.com/
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 08 2D 95 EF 1F CF 01 [binary data]
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx?ctid=CT3323897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP99A834CF-7922-4C36-BBD0-9915AAAAAE03&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/08/31 15:25:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/08/31 15:25:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe (Saitek)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\lgfw.exe (Bitleader)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Program Files (x86)\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [CCleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [NextLive] C:\Users\Ryo\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [uTorrent] C:\Users\Ryo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C1183EC-0043-45AB-A55B-05F98CF1647C}: DhcpNameServer = 192.168.11.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/02/06 20:08:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\Ryo\Desktop\OTL.exe
[2014/02/06 10:49:19 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Desktop\東方触手宮
[2014/02/05 22:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/05 22:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/05 21:10:05 | 002,142,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/05 21:10:05 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/05 21:10:05 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/05 21:10:05 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/05 21:10:05 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/05 21:10:05 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/05 21:10:05 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/05 21:10:05 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/05 21:10:05 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/05 21:10:04 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/05 21:10:04 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/05 21:10:04 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/05 21:10:04 | 001,371,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/05 21:10:04 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/05 21:10:04 | 000,764,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/05 21:10:04 | 000,669,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/05 21:10:04 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/05 21:10:03 | 018,577,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/05 21:10:03 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/05 21:10:03 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/05 21:10:03 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/05 21:10:03 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/05 21:10:03 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/05 21:10:03 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/05 21:10:02 | 004,106,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/05 21:10:02 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/05 21:10:02 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/05 21:10:02 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/05 21:10:02 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/05 21:10:02 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/05 21:10:02 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/05 21:10:02 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/05 21:10:02 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/05 21:10:02 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/05 21:10:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/05 21:10:01 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/05 21:10:01 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/05 21:10:01 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/05 21:10:01 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/05 21:10:01 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/05 21:10:01 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/05 21:10:01 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/05 21:10:01 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/05 21:10:01 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/05 21:10:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/05 11:18:56 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/02/05 11:18:56 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/05 10:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/02/05 10:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/05 10:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/05 10:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/02/05 10:43:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/02 18:48:13 | 000,034,080 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\SmartDefragBootTime.exe
[2014/02/02 18:48:12 | 000,121,856 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\IObitSmartDefragExtension.dll
[2014/02/02 18:48:03 | 000,021,184 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\drivers\SmartDefragDriver.sys
[2014/02/02 18:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
[2014/02/02 18:08:13 | 000,000,000 | ---D | C] -- C:\Users\Ryo\.android
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\newnext.me
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Documents\Mobogenie
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Local\genienext
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Local\cache
[2014/02/02 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\Systweak
[2014/02/02 11:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
[2014/02/02 11:27:31 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Desktop\eratohoM
[2014/02/02 11:17:55 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Desktop\eratohoYM
[2014/02/01 22:27:20 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
[2014/02/01 22:27:09 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\Mediatronic
[2014/01/31 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Local\fontconfig
[2014/01/31 21:14:40 | 000,000,000 | ---D | C] -- C:\Users\Ryo\.smplayer
[2014/01/31 21:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
[2014/01/31 20:32:13 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Desktop\BWroop
[2014/01/31 10:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014/01/25 09:47:50 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2014/01/25 09:47:50 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2014/01/25 09:47:42 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvvad64v.sys
[2014/01/25 09:47:42 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvaudcap64v.dll
[2014/01/25 09:47:42 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvaudcap32v.dll
[2014/01/19 01:43:09 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\ProgSense
[2014/01/19 01:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\Orbit
[2014/01/18 18:54:30 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/01/18 18:54:29 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/01/18 18:54:29 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/01/18 18:54:29 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/01/18 18:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/18 18:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/01/15 17:22:26 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/01/15 17:22:26 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 17:22:26 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/01/15 17:22:25 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/01/15 17:22:25 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/01/15 17:22:25 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/01/15 17:22:25 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/01/15 17:22:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/01/15 17:22:22 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/02/06 20:08:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Ryo\Desktop\OTL.exe
[2014/02/06 19:54:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/06 18:41:50 | 001,499,946 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/02/06 18:41:50 | 000,723,316 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/02/06 18:41:50 | 000,500,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2014/02/06 18:41:50 | 000,135,994 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2014/02/06 18:41:50 | 000,135,930 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/02/06 18:38:57 | 000,165,659 | ---- | M] () -- C:\MyXML.xml
[2014/02/06 18:38:46 | 000,000,708 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/06 18:38:46 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Update.job
[2014/02/06 18:35:39 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/06 18:35:37 | 805,650,429 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/06 10:12:11 | 000,371,648 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/02/06 10:11:51 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/06 10:11:49 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2014/02/06 02:03:26 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\ASC7_SkipUac_Ryo.job
[2014/02/05 22:04:57 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/05 22:01:25 | 000,126,943 | ---- | M] () -- D:\Users\Ryo\Desktop\aa.png
[2014/02/05 21:11:09 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/02/05 21:10:05 | 002,142,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/05 21:10:05 | 002,131,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/05 21:10:05 | 001,399,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/05 21:10:05 | 001,374,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/05 21:10:05 | 001,204,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/05 21:10:05 | 000,663,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/05 21:10:05 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/05 21:10:05 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/05 21:10:05 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/05 21:10:04 | 003,210,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/05 21:10:04 | 002,804,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/05 21:10:04 | 002,295,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/05 21:10:04 | 001,371,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/05 21:10:04 | 000,809,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/05 21:10:04 | 000,764,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/05 21:10:04 | 000,669,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/05 21:10:04 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/05 21:10:03 | 018,577,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/05 21:10:03 | 000,980,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/05 21:10:03 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/05 21:10:03 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/05 21:10:03 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/05 21:10:03 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/05 21:10:03 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/05 21:10:02 | 004,106,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/05 21:10:02 | 002,617,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/05 21:10:02 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/05 21:10:02 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/05 21:10:02 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/05 21:10:02 | 000,461,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/05 21:10:02 | 000,385,614 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/05 21:10:02 | 000,263,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/05 21:10:02 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/05 21:10:02 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/05 21:10:02 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/05 21:10:02 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/05 21:10:01 | 013,925,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/05 21:10:01 | 001,928,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/05 21:10:01 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/05 21:10:01 | 001,227,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/05 21:10:01 | 000,745,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/05 21:10:01 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/05 21:10:01 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/05 21:10:01 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/05 21:10:01 | 000,032,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/05 21:10:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/05 10:44:51 | 000,001,590 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/02 18:48:03 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 3.lnk
[2014/02/02 11:31:18 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Start Menu 8.lnk
[2014/02/01 22:27:20 | 000,000,864 | ---- | M] () -- D:\Users\Ryo\Desktop\MediaCoder.lnk
[2014/01/31 21:13:27 | 000,000,734 | ---- | M] () -- C:\Users\Public\Desktop\SMPlayer.lnk
[2014/01/31 10:22:48 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2014/01/31 10:22:29 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/01/31 05:47:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/01/31 05:47:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/21 11:53:40 | 001,048,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvspcap.dll
[2014/01/21 11:53:29 | 001,179,576 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvspcap64.dll
[2014/01/08 15:54:02 | 000,121,856 | ---- | M] (IObit) -- C:\WINDOWS\SysNative\IObitSmartDefragExtension.dll
[5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/02/06 10:11:49 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2014/02/05 22:04:57 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/05 21:59:37 | 000,126,943 | ---- | C] () -- D:\Users\Ryo\Desktop\aa.png
[2014/02/05 21:10:02 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/05 10:44:51 | 000,001,590 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/02 18:48:03 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 3.lnk
[2014/02/02 11:31:18 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Start Menu 8.lnk
[2014/02/01 22:27:20 | 000,000,864 | ---- | C] () -- D:\Users\Ryo\Desktop\MediaCoder.lnk
[2014/01/31 21:13:27 | 000,000,734 | ---- | C] () -- C:\Users\Public\Desktop\SMPlayer.lnk
[2014/01/31 10:22:48 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2014/01/31 10:22:47 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/01/31 10:22:42 | 000,165,659 | ---- | C] () -- C:\MyXML.xml
[2014/01/31 10:22:30 | 000,000,322 | ---- | C] () -- C:\WINDOWS\tasks\Driver Booster Update.job
[2014/01/31 10:22:29 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/01/30 10:04:06 | 000,002,487 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/01/19 10:40:52 | 000,514,520 | ---- | C] () -- D:\Users\Ryo\Desktop\tardis-iphone5.png
[2014/01/15 17:22:24 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/01/15 17:22:24 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/14 12:23:23 | 004,594,624 | ---- | C] () -- D:\Users\Ryo\Desktop\【Orpheus】パカッと参上！カラーマン.mp3
[2013/11/18 18:20:59 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/11 18:15:07 | 000,148,312 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2013/10/18 16:23:17 | 000,007,609 | ---- | C] () -- C:\Users\Ryo\AppData\Local\Resmon.ResmonCfg
[2013/08/29 21:23:23 | 000,000,344 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2013/08/29 21:00:11 | 001,405,050 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 12:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2014/02/02 18:09:46 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/02/05 21:10:02 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/02/05 21:10:03 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 18:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 11:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 18:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2014/02/06 19:54:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/06 02:03:26 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\ASC7_SkipUac_Ryo.job
[2014/02/06 18:38:46 | 000,000,322 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Update.job
[2014/02/06 18:38:46 | 000,000,708 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/07 16:02:09 | 000,000,726 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cef31a3ef64806.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA THNSNH128GCST
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA DT01ACA200
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 350.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119.00GB
Starting Offset: 368050176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2013/08/22 20:31:58 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/08/22 20:34:22 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2013/08/22 18:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2013/10/13 06:48:42 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2013/08/22 11:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 18:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2013/08/22 11:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2013/08/22 19:00:58 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/08/22 19:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2013/09/30 13:07:00 | 000,353,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2013/09/30 13:07:07 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2013/10/08 14:48:10 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2013/08/22 18:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2013/08/22 20:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2013/08/22 13:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2013/09/14 18:11:03 | 000,433,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2013/08/22 18:35:27 | 000,403,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2013/08/22 18:23:23 | 000,716,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2013/08/22 18:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 18:35:48 | 000,387,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 22:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2013/08/22 20:35:42 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2013/08/22 18:10:12 | 000,798,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2013/08/22 20:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2013/08/22 18:18:58 | 000,534,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,761,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2013/08/22 20:32:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2013/08/22 22:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2013/08/22 18:12:56 | 000,133,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:48:09 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2013/08/22 18:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2013/08/22 11:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2013/08/22 18:07:32 | 001,212,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2013/08/22 19:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2013/08/22 12:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2013/08/22 19:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2013/10/10 20:38:48 | 000,221,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:19:19 | 001,436,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/02/05 21:10:01 | 000,834,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2013/08/22 18:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2013/08/22 21:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/08/22 18:44:27 | 001,669,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2013/08/22 18:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2013/08/22 20:23:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2013/08/22 12:56:51 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2013/08/22 18:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2013/10/07 11:13:16 | 003,532,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2013/08/22 19:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/02/05 21:10:02 | 001,503,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 199 bytes -> C:\Users\Ryo\SkyDrive:ms-properties

< End of report >

OTL Extras logfile created on: 2014/02/06 20:09:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Ryo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

15.94 Gb Total Physical Memory | 12.57 Gb Available Physical Memory | 78.89% Memory free
18.31 Gb Paging File | 11.43 Gb Available in Paging File | 62.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 118.90 Gb Total Space | 40.27 Gb Free Space | 33.87% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1543.67 Gb Free Space | 82.86% Space Free | Partition Type: NTFS

Computer Name: THE8X6EQUAL42 | User Name: Ryo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\WINDOWS\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\WINDOWS\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{179E586C-97C2-4F72-BA7B-EC504B5BD898}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{29FE100F-114A-453A-866C-60247CA380D1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2BAE1721-8BF4-4F0D-9E1F-899C54EB9455}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{39ACEA09-B502-429E-BCAF-2D9B48779C1C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C62DB0C-C2A3-4D53-B337-F65A5AD86131}" = rport=10243 | protocol=6 | dir=out | app=system |
"{49212141-A4D5-4066-8938-B96481060069}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{57DF65B0-619E-4DF1-819F-EFEA58AB91E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{615C029E-49FB-4F11-B133-D123EE750716}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6A4BE0AE-657E-4C24-9F99-867E55386841}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{72641FAD-C7A9-481D-8588-3CA3DFE4364A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7E4F1ED4-6C36-4CD8-AF16-B211F3F4CFE4}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{864EB55F-E75F-46DF-8F39-E566200D106F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{88873D74-E5BE-46FF-BE62-0631D0BDDE00}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{95BA16D1-52D7-4EA8-8608-83AF4E4558F8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{97C053C2-EEB4-4258-BC69-B4EA12B52E7A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{988F5F7D-F1F0-419D-A03B-A10D8E63E6B5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9A5BB182-FCDE-4071-A22C-6A7C8B46DB37}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9F86ECFB-2951-45A3-B765-81BBFA1FBEF0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C01B09BE-30EE-4C34-81FD-0927885D080F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C31FBA18-9FA5-455F-80A9-1AD8026B9042}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{C5B8CCA0-0C8F-4FF7-9200-168C871FFB31}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CB5AF153-1603-4298-8168-B0EFC39F292A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA4D23A2-C1C3-44AF-9C3E-FA69C5542EDE}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DAA01640-098B-4FE9-8919-5B5CA00CDE67}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DB3A4AAA-7FC2-4359-9A71-470F1C79E007}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{DB9AB27C-3B68-453B-ADA9-3D1ACAC65A8F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DC70931C-426D-4CEC-8975-A41DCA93AE94}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F312C23B-FCA5-45F4-8618-568C41000637}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F34E0A9B-306C-41A8-B1F9-75293B403330}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F34FDF85-3219-480C-996C-894EFEBFE1A1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F7B05BAE-75B5-4ADF-8747-A58CF92BCF64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FB6F0E73-C360-43EC-B18F-12CD54F6C74E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FE2C1FC3-FD15-4F6B-9868-45B3EC84C1D9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003844C8-B44E-4B9C-9815-FCEF54067D50}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{039DC8AA-8345-45BE-B8C7-F32506385F08}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{06969377-F873-4780-9886-D56FB5B18BB5}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{113D1D04-1268-454D-B671-03CE4B214E4D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe |
"{11A651C5-DE14-43C6-970C-F8861CA6B3C4}" = dir=in | name=f5 vpn |
"{156F1B6B-CED5-4656-81A0-7C0432E0AAEE}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1D0DBBBD-5B24-4127-A772-5A4E9C7101EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{1E47F2AC-AF63-4498-8E74-7567600F39D9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{22B721B3-C6AA-4D73-B14B-1CF33BCC0F9A}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{29D6B987-7D4D-4D99-B219-C945D558C906}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2AA828D2-9770-47A3-9DD7-B59B8431E0C8}" = dir=out | name=f5 vpn |
"{2ED014B7-C0E2-4E26-B017-53CF23943234}" = dir=in | name=sonicwall mobile connect |
"{32D81FFA-6F96-4EFC-A824-53DA58E738E6}" = dir=out | name=windows_ie_ac_001 |
"{342EBACD-0BCE-4EDC-989D-D6F81D5CC7E4}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{35C2B81C-D5BD-474F-9B15-9C5DD25F5653}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{39FD1BDE-283C-4CE7-9D99-DC5F4A513C18}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3C41430F-7CFE-4F2F-9EEE-278E41F648AB}" = dir=out | name=juniper networks junos pulse |
"{3DF82FC2-8F20-44A1-BD4A-F49722AB8193}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4057BA3F-FF80-47A8-B8B9-5E5B5F1B43D1}" = dir=out | name=check point vpn |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{470FCD7E-0F1D-405C-A569-D6DA2E7E1FD3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe |
"{4BBC7F2F-2EF7-44AA-BB6D-4A723CA8C348}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58861A7D-D4A3-425E-85C3-06A0617C7F02}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5A0D3CD4-59FF-43C2-9F9C-70E5A5F30A14}" = protocol=6 | dir=in | app=c:\users\ryo\appdata\roaming\utorrent\utorrent.exe |
"{5C9061F0-329B-4211-AEDB-D8E241D52F4E}" = protocol=6 | dir=in | app=c:\steamlibrary\steamapps\common\skyrim\skyrimlauncher.exe |
"{5DF33151-3037-4498-9F23-4128FC210243}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E5E466F-3864-496A-9FD9-AA5F7722AEC7}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6648D80A-3A33-4609-9B6E-00B90F6AB448}" = protocol=6 | dir=out | app=system |
"{66C024E2-34C5-40F9-9C4C-D2826CB96259}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{67545842-4747-4661-A5EE-42BB4B4C92A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C03CB22-8729-471E-919F-79B119FDD882}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{71E72014-943D-40F9-8508-F99C738099DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
"{7721E274-084A-4F51-9D07-17516DA37B10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A2E7E9E-2FE3-47F9-966D-B73AE9BD117B}" = dir=in | name=skype |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82FAFB05-A2D3-42A0-83DF-653EAB2EE0CC}" = dir=out | name=windows_ie_ac_001 |
"{84582805-C705-41DE-A607-68141031A0D2}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{860290A7-BEAB-4129-8008-8475909A46BB}" = dir=out | name=sonicwall mobile connect |
"{8805EAB7-224E-47C9-8AF6-3CE007FAAED4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{902FC03A-9F0B-40EE-898E-8E53576A7F34}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9502CE43-1AC5-4C1C-8A09-EDAB651A25E6}" = dir=in | app=d:\program files (x86)\buffalo\airstation\airset\airset.exe |
"{990B1B1C-F6BA-4FCB-81F8-667606C2592D}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A4B1D42D-6BD5-40F7-A37D-E430052BECE0}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A862EAD8-B267-4073-AECB-5FE153DB1B09}" = protocol=17 | dir=in | app=c:\users\ryo\appdata\roaming\utorrent\utorrent.exe |
"{A97F39A4-946A-4213-99F2-BF7EAF58A71E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AB07B745-B6FA-4741-ACF1-64B0496A1897}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{ACF5F74B-D785-45C6-BA18-FAC2C6610009}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B4632DDF-A861-4897-934A-B8BCDB3F5774}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B4932E09-6774-4877-8989-8010A7E80B18}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B93F21C1-D73F-4504-B477-6973DB333434}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{BA950319-4135-404F-86EF-CE424293AF85}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{BBD93587-38C7-4FE4-A04A-441C14DE6E5D}" = dir=out | name=windows_ie_ac_001 |
"{BF3D7F7E-DC0D-4886-91F7-C0AACF48FA95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C14D9A80-C08C-4642-A265-AB0BEB283D31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C628D012-48A5-4D87-94C6-089F02C06911}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C748475B-EF62-4D9B-B4EE-5CA7B5FAA38A}" = dir=in | name=juniper networks junos pulse |
"{CBF89CB7-B03A-451F-91AA-A6D734D885A5}" = dir=out | name=@{microsoft.zunemusic_2.2.444.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D4D9E335-5974-4970-AF7E-8336CF893E34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4F06B6C-5FCD-4A50-AD14-286183F28129}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB28E058-E482-45C7-8BB3-900A55E9D587}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E45C45CC-EFCE-4A7E-A6C1-E790A5FFCB72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7AA6274-0176-4F27-AA4E-6D404CBD4974}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EAECE101-BA8C-4B1F-9D21-A3300777737E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDCE5D8B-97B8-41A9-A09B-76953D2338E4}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{EFC10EC0-93B3-4BFA-B1B5-CBAB90C86217}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F277DA12-504E-4E71-AFDA-5AC514290D2F}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{F2B5152D-1B2A-4C99-AF27-B907CB860920}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{F2CD5661-7E9F-455B-8B49-E3A9E23FDF7E}" = dir=out | name=skype |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6685615-60B5-4AED-882F-93C92088B87E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F6C37F0E-2282-47D4-BB74-D661012947A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7F63D73-8962-4B79-9618-74AE789158F2}" = dir=in | name=check point vpn |
"{F8F4F699-000F-4838-8CE8-5F7EEA77DD7E}" = protocol=17 | dir=in | app=c:\steamlibrary\steamapps\common\skyrim\skyrimlauncher.exe |
"{FE1836DB-EF37-4B7C-8E38-9A2070E6FC97}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"TCP Query User{072793E8-FBCB-459F-B04E-C96B751352C8}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"TCP Query User{EEF4C185-9686-4472-A56F-8E8AC8E73281}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{611AC45A-AB16-4583-96F0-CAF6434DD339}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"UDP Query User{66F26AD9-1927-4432-8820-7187D3867A74}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client
"{47B91331-7E8B-4D0D-BA58-B269BAE8ECDE}" = ESET NOD32 Antivirus
"{511B3949-C1F7-4B96-AE10-9DFD759F3FE6}" = Smart Technology Programming Software 7.0.27.13
"{54E8F0F3-1827-4E6E-86C0-F6946E9CBE83}" = Classic Shell
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5EB368A4-562A-41B6-A5B3-06054A27F5A6}" = Intel(R) Rapid Storage Technology
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{72EF03F5-0507-4861-9A44-D99FD4C41418}" = Paint.NET v3.5.11
"{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}" = Smart Technology Volume Tracker 7.0.23.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B4ED896A-2F5F-4FF4-B403-9DF832E1F21F}" = Intel(R) Network Connections 18.2.63.0
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"CCleaner" = CCleaner
"PROSetDX" = Intel(R) Network Connections 18.2.63.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 51
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype(TM) 6.11
"{5A4A8D56-8E63-488B-AB00-934731A363B1}" = True Image 2013
"{5A4A8D56-8E63-488B-AB00-934731A363B1}Visible" = True Image 2013
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto ファームウェア アップデート
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7DB71278-9AD7-4480-AB08-8649C5010B17}" = Update for Japanese Microsoft IME Standard Dictionary
"{83661BA0-9CAD-48C4-AF53-E420C729ACC0}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{86D4B991-AE3B-46A7-BD53-D650A6B2F4CE}" = BOSS Userlist Manager
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink Medi@Show 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1041-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Japanese
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer 5.5
"{BA498C26-5210-4F14-BE9C-63041FCD306E}" = OpenOffice 4.0.1
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = ザ･シムズ３
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Booster_is1" = Driver Booster
"FenrirSleipnirV3_is1" = Sleipnir Version 4.3.2
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite 10
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer 5.5
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObit_StartMenu8_is1" = Start Menu 8
"IObitUninstall" = IObit Uninstaller
"Jane Style_is1" = Jane Style Version 3.74
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"MediaCoder" = MediaCoder 0.8.28.5588
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"Smart Defrag 3_is1" = Smart Defrag 3
"SMPlayer" = SMPlayer 0.8.6.5949
"Steam" = Steam
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 233720" = Surgeon Simulator 2013
"Steam App 440" = Team Fortress 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"UN900501" = BUFFALO AirStation設定ツール
"Wrye Bash" = Wrye Bash

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-559467554-1030456127-2478430627-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014/02/03 6:54:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3028
Description =

Error - 2014/02/03 6:54:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3058
Description =

Error - 2014/02/03 6:54:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 7010
Description =

Error - 2014/02/03 6:55:39 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3028
Description =

Error - 2014/02/03 6:55:39 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3058
Description =

Error - 2014/02/03 6:55:39 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 7010
Description =

Error - 2014/02/03 6:55:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3028
Description =

Error - 2014/02/03 6:55:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 3058
Description =

Error - 2014/02/03 6:55:41 | Computer Name = the8x6equal42 | Source = Windows Search Service | ID = 7010
Description =

Error - 2014/02/03 6:55:48 | Computer Name = the8x6equal42 | Source = Microsoft-Windows-Defrag | ID = 257
Description =

[ System Events ]
Error - 2014/02/06 6:20:24 | Computer Name = the8x6equal42 | Source = DCOM | ID = 10005
Description =

Error - 2014/02/06 6:20:24 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7009
Description = Windows Search サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2014/02/06 6:20:24 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7000
Description = Windows Search サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2014/02/06 6:20:24 | Computer Name = the8x6equal42 | Source = DCOM | ID = 10005
Description =

Error - 2014/02/06 6:20:25 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7009
Description = Windows Search サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2014/02/06 6:20:25 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7000
Description = Windows Search サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2014/02/06 6:20:25 | Computer Name = the8x6equal42 | Source = DCOM | ID = 10005
Description =

Error - 2014/02/06 6:20:34 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7009
Description = Windows Search サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2014/02/06 6:20:34 | Computer Name = the8x6equal42 | Source = Service Control Manager | ID = 7000
Description = Windows Search サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2014/02/06 6:20:34 | Computer Name = the8x6equal42 | Source = DCOM | ID = 10005
Description =


< End of report >

ログを見ましたが、newnext.me以外はほとんどいないようですね。
まずはこれを駆除してみましょう。


■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。
最初の「:OTL」を抜かさないように。

実行するとプロセスがすべて強制終了されますので、アプリはできるだけ終了しておいてください。
また、ごみ箱が空になりますので、必要なファイルがある場合は先に救出してください。
なお、OTLがフリーズしてしまって先に進まない場合は、セーフモードでコンピュータを起動したうえで実行してください。

完了後、再起動を要求されますので、「OK」で再起動してください。再起動後、ログが出ますので、そちらを載せてください。なお、今回のログに関しては、そのまま貼り付けで構いません。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:OTL
IE - HKU\S-1-5-21-559467554-1030456127-2478430627-1002\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx?ctid=CT3323897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP99A834CF-7922-4C36-BBD0-9915AAAAAE03&q={searchTerms}&SSPV=
O4 - HKU\S-1-5-21-559467554-1030456127-2478430627-1002..\Run: [NextLive] C:\Users\Ryo\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\newnext.me
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- D:\Users\Ryo\Documents\Mobogenie
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Local\genienext
[2014/02/02 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Local\cache
[2014/02/02 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\Systweak
[2014/01/19 01:43:09 | 000,000,000 | ---D | C] -- C:\Users\Ryo\AppData\Roaming\ProgSense
[5 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
@Alternate Data Stream - 199 bytes -> C:\Users\Ryo\SkyDrive:ms-properties

:Commands
[purity]
[emptytemp]
[reboot]

---ここまで



ついでに、別なツールでの確認も。


■Malwarebytes Anti-Malwareによる検査
以下のURLから、Malwarebytes Anti-Malwareをダウンロードしてください。
ページを開けて数秒で、ダウンロードが始まるはずです。迷惑ソフトへリンクしていますので、「ダウンロード」とかのボタンは押さないでください。
http://download.cnet.com/Malwarebytes-Anti-Malware/3001-8022_4-10804572.html?spi=bf35d12b0e6385b003099cb173de4a7d&part=dl-10804572

インストール・使い方に関しては、こちらを参考にしてください。
http://fine.tok2.com/home/heto2/0700SecurityApp/Malwarebytes/0001.htm

インストール時に表示をよく見ると、「Pro版を使用する」というチェックがあります。これを外しておけば、無料版としてインストールされます。

定義ファイルをアップデートしたら、「Perform full scan」でフルスキャンを実行してください。
その後、表示される結果をこちらにコピー＆ペーストで貼り付けてください。

返信が遅くなって申し訳ありません。
OTLのログを貼らせていただきます。


All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-559467554-1030456127-2478430627-1002\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
Registry value HKEY_USERS\S-1-5-21-559467554-1030456127-2478430627-1002\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive deleted successfully.
File move failed. C:\Users\Ryo\AppData\Roaming\newnext.me\nengine.dll scheduled to be moved on reboot.
C:\Users\Ryo\AppData\Roaming\newnext.me\cache folder moved successfully.
Folder move failed. C:\Users\Ryo\AppData\Roaming\newnext.me scheduled to be moved on reboot.
D:\Users\Ryo\Documents\Mobogenie folder moved successfully.
C:\Users\Ryo\AppData\Local\genienext folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\prepared folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\f folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\e folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\d folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\c folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\b folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\a folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\9 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\8 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\7 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\6 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\5 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\4 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\3 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\2 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\1 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7\0 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache\data7 folder moved successfully.
C:\Users\Ryo\AppData\Local\cache folder moved successfully.
C:\Users\Ryo\AppData\Roaming\Systweak\ssd folder moved successfully.
C:\Users\Ryo\AppData\Roaming\Systweak\BeforeUninstall folder moved successfully.
C:\Users\Ryo\AppData\Roaming\Systweak folder moved successfully.
C:\Users\Ryo\AppData\Roaming\ProgSense folder moved successfully.
File delete failed. C:\WINDOWS\SysNative\SET4891.tmp scheduled to be deleted on reboot.
C:\WINDOWS\SysNative\SET5475.tmp deleted successfully.
C:\WINDOWS\SysNative\SET7129.tmp deleted successfully.
C:\WINDOWS\SysNative\SET7F10.tmp deleted successfully.
C:\WINDOWS\SysNative\SET8106.tmp deleted successfully.
C:\WINDOWS\SysWow64\SET8224.tmp deleted successfully.
C:\WINDOWS\SysWow64\SET8A58.tmp deleted successfully.
C:\WINDOWS\SysWow64\SET94A0.tmp deleted successfully.
Unable to delete ADS C:\Users\Ryo\SkyDrive:ms-properties .
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes

User: Default.migrated

User: Public

User: Ryo
->Temp folder emptied: 79 bytes
->Java cache emptied: 22756 bytes
->Flash cache emptied: 698 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1636680 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02082014_151459

Files\Folders moved on Reboot...
C:\Users\Ryo\AppData\Roaming\newnext.me\nengine.dll moved successfully.
C:\Users\Ryo\AppData\Roaming\newnext.me folder moved successfully.
File move failed. C:\WINDOWS\SysNative\SET4891.tmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Malwarebytes Anti-Malwareですが貼り付けるのはログで大丈夫でしょうか？
一応メイン画面のプリントスクリーンも貼っておきます。


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2014.02.08.03

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Ryo :: THE8X6EQUAL42 [管理者]

2014/02/08 15:20:11
MBAM-log-2014-02-08 (15-55-17).txt

スキャンタイプ： フルスキャン (C:\|D:\|)
有効なスキャン領域： メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM）
無効なスキャン領域: ピア・ツー・ピアプログラム（P2P）
スキャンしたアイテム数: 559549
経過時間： 34 分, 39 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 3
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> 何の措置も取られませんでした。
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> 何の措置も取られませんでした。
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> 何の措置も取られませんでした。

レジストリ値の検出: 1
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> データ: 1 -> 何の措置も取られませんでした。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 3
D:\Users\Ryo\Downloads\Setup.exe (PUP.Optional.BundleInstaller.A) -> 何の措置も取られませんでした。
D:\_OTL\MovedFiles\02082014_151459\C_Users\Ryo\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> 何の措置も取られませんでした。
D:\_OTL\MovedFiles\02082014_151459\C_Users\Ryo\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> 何の措置も取られませんでした。

(終)

OTLの処理は正常ですね。MBAMで見つかっているのも、レジストリ上の残骸がほとんどです。
もし今でもウィンドウを開けていたら、MBAMで検知されたアイテムの左のチェックボックスに全てチェックを入れ、「選択されたアイテムを隔離」を押してください。

パソコンの動作はどうなりましたか？

イルカ様ありがとうございました。
残念ながらエクスプローラは変わらず調子が悪いです。
タイミングが被っていただけでおそらく別の原因があるようです。

まだ治りませんか。それでは別な切り口から見てみましょう。

IOBit系のソフトを多数お使いのようですが、これら環境拡張ソフトは組み合わせによっては不具合のもととなる場合があります。
一度これらをアンインストールして、状況に変化があるか見てみましょう。
該当するのは以下のアプリです。

・Driver Booster
・Advanced System Care
・IOBit Malware Fighter
・Smart Defrag 3
・IOBit Uninstaller
・Surfing Protection

返信が遅くなってしまい申し訳ありません。
ソフトのほうアンインストールしてみました。
少し良くなった気がするのですが
残念ながらあまり大きな変化はありませんでした。

まだ直らないようですね。これまで見たログの限りではあまり問題は見えていないのですが、何かマルウェアでもいるのかもしれません。

お使いのウイルス対策ソフトはESETのようですので、こちらの定義ファイルを更新した上で、スキャンをかけてみてください。
また、念のため、重要なデータのバックアップをお願いします。

追加で、こちらのツールも実行してみてください。


■aswMBRによるログの取得
以下のファイルをダウンロードし、デスクトップ等に置いてください。
http://public.avast.com/~gmerek/aswMBR.exe

ダウンロード後、実行すると、英語で「定義ファイルをダウンロードしますか？」と聞いてきます。数分～10分程度かかりますが、「はい」でダウンロードしてください。
起動したら、「Scan」を押し、数分待つとスキャンが完了します。完了したら、「Save Log」をクリックし、ログをデスクトップへ保存してください。
その後、ログをこちらに投稿してください。

ESETは更新してスキャンしてみましたが特に問題はないようでした。
参考になるかわからないのですが、一昨日からMalwarebytesの有料版を試用して
リアルタイム保護を有効にしてみたのですが何度か悪意のあるウェブサイトへのブロックをしていました。

aswMBRのログになります。

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-13 20:34:54
-----------------------------
20:34:54.786 OS Version: Windows x64 6.2.9200
20:34:54.786 Number of processors: 8 586 0x3C03
20:34:54.786 ComputerName: THE8X6EQUAL42 UserName: Ryo
20:34:54.983 Initialize success
20:35:03.839 The log file has been saved successfully to "C:\Users\Ryo\SkyDrive\ドキュメント\aswMBR.txt"
20:35:07.874 AVAST engine defs: 14021300
20:35:21.412 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002d
20:35:21.414 Disk 0 Vendor: TOSHIBA_THNSNH128GCST HTRAN101 Size: 122104MB BusType: 11
20:35:21.417 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000002e
20:35:21.419 Disk 1 Vendor: TOSHIBA_DT01ACA200 MX4OABB0 Size: 1907729MB BusType: 11
20:35:21.427 Disk 0 MBR read successfully
20:35:21.429 Disk 0 MBR scan
20:35:21.434 Disk 0 Windows 7 default MBR code
20:35:21.436 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
20:35:21.441 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 121752 MB offset 718848
20:35:21.452 Disk 0 scanning C:\WINDOWS\system32\drivers
20:35:28.043 Service scanning
20:35:42.361 Modules scanning
20:35:42.389 Disk 0 trace - called modules:
20:35:42.412 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
20:35:42.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0000145f060]
20:35:42.429 3 CLASSPNP.SYS[fffff80000b0babb] -> nt!IofCallDriver -> [0xffffe000011bdac0]
20:35:42.436 5 ACPI.sys[fffff8000043a5f1] -> nt!IofCallDriver -> [0xffffe000011c4490]
20:35:42.445 7 ACPI.sys[fffff8000043a5f1] -> nt!IofCallDriver -> \Device\0000002d[0xffffe000011c0060]
20:35:42.568 AVAST engine scan C:\WINDOWS
20:35:43.309 AVAST engine scan C:\WINDOWS\system32
20:37:42.845 AVAST engine scan C:\WINDOWS\system32\drivers
20:37:46.958 AVAST engine scan C:\Users\Ryo
20:38:15.670 AVAST engine scan C:\ProgramData
20:38:19.576 Scan finished successfully
20:52:17.754 Disk 0 MBR has been saved successfully to "C:\Users\Ryo\SkyDrive\ドキュメント\MBR.dat"
20:52:17.761 The log file has been saved successfully to "C:\Users\Ryo\SkyDrive\ドキュメント\aswMBR.txt"
20:52:25.871 Disk 0 MBR has been saved successfully to "C:\Users\Ryo\SkyDrive\ドキュメント\MBR.dat"
20:52:25.876 The log file has been saved successfully to "C:\Users\Ryo\SkyDrive\ドキュメント\aswMBR1.txt"

> リアルタイム保護を有効にしてみたのですが何度か悪意のあるウェブサイトへのブロックをしていました。

宛先や接続元がどこか分かりますか？


avast! / ESET / Malwarebytes で何も出ない、OTLでも変なエントリは無い、MBRも正常というと、ウイルスとは思えないのですが…。

各種ソフトでいじくられた設定を直す必要があるのかもしれませんが、そうだとすると全部手動で直すのは難しいです。


遅いというのは、具体的にはどういう状態でしょうか？

とりあえず記録できたIPアドレスは222.186.19.16でした。
他にも何種類かありましたが、記録を取ろうとしてからは出てきていません。

エクスプローラが遅いというのは
①ファイルが表示されるまで異常に時間がかる
②ファイルを読み込んでも更新するとまた読み込みに同じだけ時間がかかる
③ファイルの名前を変更しても更新するまで変更したように見えない
④ファイルのサムネイルや写真が表示されない
ということです。

どれもRegcleanを入れる前後まで現れなかった症状です。

①と④の画像を貼らせていただきます。
まずは①から。

④の画像です。
比較のため前後で画像を外部のアップローダに貼らせていただきます。
DLパスはどちらもサソリです。
サムネイルが表示されていない画像が
http://www1.axfc.net/uploader/so/3172092
サムネイルが表示されている本来あるべき画像が
http://www1.axfc.net/uploader/so/3172093
です。

とりあえず、コンピュータの型番とメモリーの容量を調べてみてください。
メーカーのホームページに行き、増設できるメモリーの容量を確認します。
最大容量がもし2GBまでのパソコンなら、似た症状は出ています。
(まぁ、何をするにももたつくと言う現象ですが(笑))

タスクマネージャーで空きメモリーの所が2000(4桁)クラスとかではなく
30～40(2桁)クラスならソフト類が重すぎて処理不能になっています。
最大容量がもし2GBまでのパソコンならば限度オーバーしている可能性が
あります。

後、このソフトはクラシックスタイルに変更するソフトのようですが、
一旦使用を止めて軽くなるのであればソフトとの相性とかが絡んでいる
かもしれません。
>Classic Shell IvoSoft
また、RPGツクールVX Ace RTP Enterbrainで作成されるものが、
重すぎていてメモリーを使いすぎている事も考えられます。
(終了後、上手く開放されていない等)

下記の要領でまず自分のパソコンの積んでいるメモリーを確認します。

Windows7と仮定して。
コントロールパネル→デスクトップのカスタマイズ→個人設定→デスクトップのアイコンの変更
を押すことにより、画像のアイコンが出るようにします。

アイコンを出すことが出来たら、「コンピュータ」を右クリックしてプロパティを押します。
メモリーの実装容量を確認してみてください。

さそりさんはWindows 8.1をお使いのようですね。

よく見るとIEのバージョンがバグっている(OTLログでなぜかIE9と申告されている)ようなので、この辺が原因かもしれません、
Windows 8から、インストールしたアプリを残しつつWindows設定のみ修復する「リフレッシュ」の機能が追加されましたので、これを試してみましょう。

使い方については、以下のMicrosoftのページをご覧ください。8向けですが、8.1でも同じです。
http://windows.microsoft.com/ja-jp/windows-8/restore-refresh-reset-pc


＠三毛猫さん
さそりさんのPCはWindows 8.1に16GBのメモリが積んであるPCです。
スペック不足とは違うかと・・・。