悪代官の伏魔殿掲示板

ttp://adf.ly/suspendedというがサイトが勝手に表示される

昨日くらいから、数分おきに、ttp://adf.ly/suspendedというサイトが勝手に表示されます。どうすればよいでしょうか？

なおじん
2014/07/13 (Sun) 16:23:24

返信フォームへ

案内です

こんにちは、たまに出てくる回答者のイルカです。管理人の悪代官さんではありませんがご勘弁を。

解析のため、以下のログを取ってこちらに載せてください。そのうえで、対処を指示します。
http://akumaden.web.fc2.com/prepare.html

イルカ
2014/07/13 (Sun) 17:37:49

返信フォームへ

HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:27:11, on 2014/07/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Internet Download Manager\IDMan.exe
C:\CleanSecurity\CleanSecurity.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
D:\P2PQuake\P2PQ_Client.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Hidemaru\Hidemaru.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\P2PQuake\plugin\PRCP_Client.exe
D:\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Malwarebytes Anti-Malware\mbam.exe
D:\download\Programs\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Origin\Origin.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [iFunBox Price Watch] C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe /tray
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SeiichiNishimura_DelayStartup] "D:\desktopfolder\delaystartup01c\DelayStartup\execute.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe
O4 - HKCU\..\Run: [uTorrent Turbo Accelerator] "D:\programs\uTorrent Turbo Accelerator\uTorrent Turbo Accelerator.exe" -tray
O4 - HKCU\..\Run: [Amazon Cloud Player] "C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CleanSecurity] C:\CleanSecurity\CleanSecurity.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: P2P地震情報.lnk = ?
O4 - Startup: 秀丸.lnk = C:\Program Files (x86)\Hidemaru\Hidemaru.exe
O4 - Global Startup: SoftEther VPN Client Manager Startup.lnk = D:\SoftEther VPN Client\vpncmgr_x64.exe
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: すべてのリンクをIDMでダウンロード - D:\Internet Download Manager\IEGetAll.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBA2D0F8-6378-4AB8-8D56-247C24654863}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) - SoftEther VPN Project at University of Tsukuba, Japan. - D:\SoftEther VPN Client\vpnclient_x64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12541 bytes

なおじん
2014/07/13 (Sun) 18:28:28

返信フォームへ

CCログ

7-Zip 9.20 (x64 edition) Igor Pavlov 2013/12/08 4.53 MB 9.20.00.0
Accent RAR Password Recovery Passcovery Co. Ltd. 2014/04/07 11.4 MB 3.0.48.2927
Adobe AIR Adobe Systems Incorporated 2014/07/06 14.0.0.110
Adobe Digital Editions 2.0 Adobe Systems Incorporated 2013/12/31 15.3 MB 2.0.1
Adobe Flash Player 14 ActiveX Adobe Systems Incorporated 2014/07/10 6.00 MB 14.0.0.145
Adobe Flash Player 14 Plugin Adobe Systems Incorporated 2014/07/10 6.00 MB 14.0.0.145
AIMP3 AIMP DevTeam 2014/01/02 v3.55.1332, 21.12.2013
ALLConverter PRO 1.1 ALLCinema, Inc. 2014/05/31 16.9 MB
Amazon Cloud Player Amazon Services LLC 2014/03/02 2.3.0.422
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 2014/04/23 26.3 MB 8.0.916.0
Apple Application Support Apple Inc. 2014/03/09 93.2 MB 3.0.1
Apple Mobile Device Support Apple Inc. 2014/03/09 21.3 MB 7.1.1.3
Apple Software Update Apple Inc. 2013/11/23 2.38 MB 2.1.3.127
Arma: Cold War Assault Bohemia Interactive 2014/06/04
Battlefield 1942 Windows Vista/7 Compatibility Fix 2013/12/08
Battlefield 1942™ Electronic Arts 2013/11/23 1.21 GB 1.6.20.0
Battlefield™ Hardline Beta Electronic Arts 2014/06/18 6.57 GB 1.0.0.5
Battlelog Web Plugins EA Digital Illusions CE AB 2014/06/14 2.4.0
BlueStacks App Player BlueStack Systems, Inc. 2014/07/08 0.8.11.3116
BlueStacks Notification Center BlueStack Systems, Inc. 2014/07/08 166 MB 0.8.11.3116
Bonjour Apple Inc. 2013/11/23 2.00 MB 3.0.0.10
Bulk Rename Utility 2.7.1.2 TGRMN Software 2014/07/06
Call of Duty 2014/06/29
Call of Duty - United Offensive Activision 2014/06/29 892 MB 1.00.0000
Call of Duty 2 Infinity Ward 2013/12/08
Call Of Duty 4: Modern Warfare v1.7 [MULTI5] No-DVD/Fixed EXE A.M.G.ｮ Digital 2014/02/11 1.7.0.0
Call of Duty(R) 4 - Modern Warfare(TM) Activision 2014/02/11 6.19 GB 1.7
Call of Duty: Black Ops II Treyarch 2014/06/21
Call of Duty: Black Ops II - Multiplayer 2014/04/04
Call of Duty: Black Ops II - Zombies 2014/04/04
Call of Duty: Modern Warfare 3 Infinity Ward 2014/04/16
Call of Duty: Modern Warfare 3 - Multiplayer Infinity Ward 2014/04/16
Call of Duty: World at War Treyarch 2013/12/08
CCleaner Piriform 2013/12/08 4.08
Cheat Engine 6.3 Cheat Engine 2014/01/11 27.6 MB
Counter-Strike: Global Offensive Valve 2013/11/23
CPUID HWMonitor 1.24 2014/02/27 2.45 MB
CyberLink LabelPrint 2.5 CyberLink Corp. 2013/11/19 58.7 MB 2.5.5220
CyberLink Media Suite 8 CyberLink Corp. 2013/11/19 40.5 MB 8.0.2820b
CyberLink Power2Go 7 CyberLink Corp. 2013/11/19 233 MB 7.0.0.2719b
CyberLink PowerBackup 2.5 CyberLink Corp. 2013/11/23 2.5.9729
DAEMON Tools Lite Disc Soft Ltd 2014/01/19 4.48.1.0347
DesignSpark Mechanical 1.0 RS Components 2014/04/29 491 MB 8.1.2
DivXセットアップ DivX, LLC 2014/06/01 2.6.3.22
DVD Shrink 3.2 DVD Shrink 2014/03/27
DVDFab 9.1.1.9 (18/12/2013) Fengtao Software Inc. 2014/01/24 104 MB
ESET Smart Security ESET, spol s r. o. 2013/12/16 100 MB 7.0.302.31
Everything 1.2.1.371 2014/01/23
ffdshow v1.3.4530 [2014-02-09] 2014/06/12 13.2 MB 1.3.4530.0
FolderSizeScan 0.6.3 HaseSoft 2013/12/08 0.6.3
Free Audio Dub version 1.7.9.908 DVDVideoSoft Ltd. 2014/04/04 84.5 MB 1.7.9.908
Freemake Video Converter バージョン 4.1.3 Ellora Assets Corporation 2014/02/26 78.7 MB 4.1.3
Freemake Video Downloader Ellora Assets Corporation 2014/06/07 46.4 MB 3.7.0
Freemake Youtube Mp3 Converter Ellora Assets Corporation 2014/03/03 46.1 MB 3.6.3
Futuremark SystemInfo Futuremark 2013/12/14 6.77 MB 4.23.255
GameRanger GameRanger Technologies 2014/06/10 3.63 GB
GEAR driver installer 4.020 GEAR Software 2013/12/31 3.33 MB 4.020.5
GetDiz Outertech 2014/01/20 4.8
GIMP 2.8.8 The GIMP Team 2014/01/10 268 MB 2.8.8
Google Chrome Google Inc. 2013/11/23 35.0.1916.153
Google Drive Google, Inc. 2014/07/08 36.6 MB 1.16.7009.9618
Google Earth Google 2013/12/27 180 MB 7.1.2.2041
Google 日本語入力 Google Inc. 2014/01/06 83.0 MB 1.13.1641.0
Grand Theft Auto IV Rockstar North 2014/03/18
HandBrake 0.9.9.1 2014/02/26 0.9.9.1
Homefront Kaos Studios 2014/04/13
Hounds DMM 2014/03/30 1.0.0
iCloud Apple Inc. 2014/03/09 156 MB 3.1.0.40
iFunbox (v2.7.2386.747), iFunbox DevTeam 2014/02/26 44.9 MB v2.7.2386.747
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam 2014/02/26 21.0 MB v3.1.562.425
ImgBurn LIGHTNING UK! 2014/03/13 2.5.8.0
Intel(R) Management Engine Components Intel Corporation 2013/11/19 9.5.14.1724
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/11/01 2.5.0.19
Internet Download Manager Tonec Inc. 2014/06/25
iTunes Apple Inc. 2014/03/09 216 MB 11.1.5.5
Java 7 Update 51 Oracle 2013/12/27 118 MB 7.0.510
LimeChat 2 Satoshi Nakagawa 2013/12/23 2.40
Malwarebytes Anti-Malware バージョン 2.0.2.1012 Malwarebytes Corporation 2014/07/12 53.1 MB 2.0.2.1012
Medal of Honor Airborne Electronic Arts 2014/06/10 480 KB 1.0.1.0
Metro 2033 4A Games 2014/03/16
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2013/11/30 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/06/29 2.93 MB 4.5.50938
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2014/03/18 31.3 MB 3.5.95.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2014/02/02 6.03 MB 3.5.67.0
Microsoft Silverlight Microsoft Corporation 2014/03/12 100 MB 5.1.30214.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/12/20 298 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2013/11/23 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/12/24 252 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/12/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/04/13 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2013/12/08 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/11/19 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/12/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/04 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/04 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/06/14 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 2014/04/23 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2013/12/21 17.3 MB 11.0.60610.1
Microsoft マウスキーボードセンター Microsoft Corporation 2013/11/30 2.3.145.0
Mozilla Maintenance Service Mozilla 2014/06/12 337 KB 24.5.0
Mozilla Thunderbird 24.5.0 (x86 ja) Mozilla 2014/06/12 48.1 MB 24.5.0
Mp3tag v2.58 Florian Heidenreich 2014/03/09 v2.58
NVIDIA PhysX NVIDIA Corporation 2014/03/16 80.0 MB 9.10.0222
OpenAL 2014/06/05
Operation Flashpoint: Dragon Rising Codemasters Studios 2014/02/02
Operation Flashpoint: Red River Codemasters Action Studio 2014/02/02
Origin Electronic Arts, Inc. 2013/11/23 9.3.11.2762
Overlord Triumph Studios 2014/02/08
P2P地震情報 P2P地震情報 2014/07/08 2.28 MB 0.3.0.1011
Populous Electronic Arts 2014/06/09 48.6 MB 5.0.0.2
PunkBuster Even Balance, Inc. 2014/06/10 3.29 MB 1.0.0.0
PunkBuster Services Even Balance, Inc. 2014/06/14 0.993
radiko UNKNOWN 2014/04/07 3.1.5
RadioSure 2014/03/24
Realtek Ethernet Controller Driver Realtek 2013/11/19 7.69.304.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/12/10 6.0.1.7083
Reflector Squirrels 2014/04/27 22.4 MB 1.3.3.1
RPGツクール2000 ランタイムパッケージ 2013/12/24
Sniper Ghost Warrior 2 City Interactive 2014/04/22
SoftEther VPN Client SoftEther VPN Project 2014/03/22 4.06.9433
Startup Delayer v3.0 (build 359) r2 Studios 2014/02/18 3.0 (build 359)
Steam Valve Corporation 2014/06/21
Steel Storm: Burning Retribution Kot in Action Creative Artel 2014/04/03
Sumotori Dreams 2014/03/28
System Requirements Lab for Intel Husdawg, LLC 2013/11/25 1.03 MB 4.5.15.0
TweetDeck Twitter 2014/06/24 69.9 MB 3.3.7
UltraVnc uvnc bvba 2014/04/27 6.56 MB 1.1.9.6
Unity Web Player Unity Technologies ApS 2013/12/25 12.0 MB
Unlocker 1.9.2 Cedrick Collomb 2014/02/11 1.9.2
VLC media player 2.1.3 VideoLAN 2014/06/13 2.1.3
War Thunder Gaijin Entertainment 2013/12/10
War Thunder CDK 0.1 Gaijin Entertainment 2014/05/10 608 MB
Windows Driver Package - Sharp Corporation (usbser) Ports (11/16/2009 6.0.0000.00000) Sharp Corporation 2013/12/08 11/16/2009 6.0.0000.00000
Windows Live ID Sign-in Assistant Microsoft Corporation 2014/02/02 10.0 MB 6.500.3165.0
WinPcap 4.1.2 CACE Technologies 2014/06/07 4.1.0.2001
WinRAR 5.01 (64ビット) win.rar GmbH 2014/04/07 5.01.0
Wireshark 1.8.12 (64-bit) The Wireshark developer community, http://www.wireshark.org 2014/02/27 94.5 MB 1.8.12
World of Tanks Wargaming.net 2013/12/09 16.4 MB
XMedia Recode バージョン 3.1.7.9 XMedia Recode 2014/02/26 22.8 MB 3.1.7.9
Xvid Video Codec Xvid Team 2014/04/07 1.3.2
YS FLIGHT SIMULATOR 2013/12/27
スタートアップチェッカー Version 3.0.9.4 ソフト工房「空の牙」 2014/01/08 1.24 MB 3.0.9.4
バトルフィールド 3 Electronic Arts 2013/11/23 1.6.0.0
バトルフィールド 4™ Electronic Arts 2014/07/08 25.8 GB 1.3.2.3825
ブレーンライブラリー管理ソフト SHARP 2013/12/08 51.2 MB 1.0.0
秀丸エディタ (8.35) 有限会社サイトー企画 2014/07/04 8.35
簡単バックアップ eX.Backup2 2.05 Texim 2013/11/19 2.0.5.0

なおじん
2014/07/13 (Sun) 18:30:22

返信フォームへ

Re: ttp://adf.ly/suspendedというがサイトが勝手に表示される

チート系アプリやP2Pソフトウェア等かなり多数お使いのようですね。
これだけ入れていれば動作が怪しくなっても無理はないです。

この手のアプリ(P2Pダウンローダー、チートアプリ等)はすべて消してください。こちらのルールでもありますし、いくら何でも度が過ぎてます。

消したら、再度同じログを載せてください。削除を確認後、次の操作を指示します。

イルカ
2014/07/13 (Sun) 22:39:08

返信フォームへ

HJTログ2

utorrent turbo acculatorという物がありますが、これはアンインストールしました。xunleiというソフトもアンインストールしました。
これでまだ削除する必要がある物があれば、どれを削除すればいいのか教えて下さい。お願いします。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:02:41, on 2014/07/14
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Internet Download Manager\IDMan.exe
C:\CleanSecurity\CleanSecurity.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Hidemaru\Hidemaru.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
D:\download\Programs\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [iFunBox Price Watch] C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe /tray
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SeiichiNishimura_DelayStartup] "D:\desktopfolder\delaystartup01c\DelayStartup\execute.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe
O4 - HKCU\..\Run: [uTorrent Turbo Accelerator] "D:\programs\uTorrent Turbo Accelerator\uTorrent turbo acculator.exe" -tray
O4 - HKCU\..\Run: [Amazon Cloud Player] "C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CleanSecurity] C:\CleanSecurity\CleanSecurity.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: 秀丸.lnk = C:\Program Files (x86)\Hidemaru\Hidemaru.exe
O4 - Global Startup: SoftEther VPN Client Manager Startup.lnk = D:\SoftEther VPN Client\vpncmgr_x64.exe
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: すべてのリンクをIDMでダウンロード - D:\Internet Download Manager\IEGetAll.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{CBA2D0F8-6378-4AB8-8D56-247C24654863}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) - SoftEther VPN Project at University of Tsukuba, Japan. - D:\SoftEther VPN Client\vpnclient_x64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12501 bytes

なおじん
2014/07/14 (Mon) 14:06:41

返信フォームへ

CCログ2

7-Zip 9.20 (x64 edition) Igor Pavlov 2013/12/08 4.53 MB 9.20.00.0
Adobe AIR Adobe Systems Incorporated 2014/07/06 14.0.0.110
Adobe Digital Editions 2.0 Adobe Systems Incorporated 2013/12/31 15.3 MB 2.0.1
Adobe Flash Player 14 ActiveX Adobe Systems Incorporated 2014/07/10 6.00 MB 14.0.0.145
Adobe Flash Player 14 Plugin Adobe Systems Incorporated 2014/07/10 6.00 MB 14.0.0.145
AIMP3 AIMP DevTeam 2014/01/02 v3.55.1332, 21.12.2013
ALLConverter PRO 1.1 ALLCinema, Inc. 2014/05/31 16.9 MB
Amazon Cloud Player Amazon Services LLC 2014/03/02 2.3.0.422
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 2014/04/23 26.3 MB 8.0.916.0
Apple Application Support Apple Inc. 2014/03/09 93.2 MB 3.0.1
Apple Mobile Device Support Apple Inc. 2014/03/09 21.3 MB 7.1.1.3
Apple Software Update Apple Inc. 2013/11/23 2.38 MB 2.1.3.127
Arma: Cold War Assault Bohemia Interactive 2014/06/04
Battlefield 1942 Windows Vista/7 Compatibility Fix 2013/12/08
Battlefield 1942™ Electronic Arts 2013/11/23 1.21 GB 1.6.20.0
Battlefield™ Hardline Beta Electronic Arts 2014/06/18 6.57 GB 1.0.0.5
Battlelog Web Plugins EA Digital Illusions CE AB 2014/06/14 2.4.0
BlueStacks App Player BlueStack Systems, Inc. 2014/07/08 0.8.11.3116
BlueStacks Notification Center BlueStack Systems, Inc. 2014/07/08 166 MB 0.8.11.3116
Bonjour Apple Inc. 2013/11/23 2.00 MB 3.0.0.10
Bulk Rename Utility 2.7.1.2 TGRMN Software 2014/07/06
Call of Duty 2014/06/29
Call of Duty - United Offensive Activision 2014/06/29 892 MB 1.00.0000
Call of Duty 2 Infinity Ward 2013/12/08
Call Of Duty 4: Modern Warfare v1.7 [MULTI5] No-DVD/Fixed EXE A.M.G.ｮ Digital 2014/02/11 1.7.0.0
Call of Duty(R) 4 - Modern Warfare(TM) Activision 2014/02/11 6.19 GB 1.7
Call of Duty: Black Ops II Treyarch 2014/06/21
Call of Duty: Black Ops II - Multiplayer 2014/04/04
Call of Duty: Black Ops II - Zombies 2014/04/04
Call of Duty: Modern Warfare 3 Infinity Ward 2014/04/16
Call of Duty: Modern Warfare 3 - Multiplayer Infinity Ward 2014/04/16
Call of Duty: World at War Treyarch 2013/12/08
CCleaner Piriform 2013/12/08 4.08
Counter-Strike: Global Offensive Valve 2013/11/23
CPUID HWMonitor 1.24 2014/02/27 2.45 MB
CyberLink LabelPrint 2.5 CyberLink Corp. 2013/11/19 58.7 MB 2.5.5220
CyberLink Media Suite 8 CyberLink Corp. 2013/11/19 40.5 MB 8.0.2820b
CyberLink Power2Go 7 CyberLink Corp. 2013/11/19 233 MB 7.0.0.2719b
CyberLink PowerBackup 2.5 CyberLink Corp. 2013/11/23 2.5.9729
DAEMON Tools Lite Disc Soft Ltd 2014/01/19 4.48.1.0347
DesignSpark Mechanical 1.0 RS Components 2014/04/29 491 MB 8.1.2
DivXセットアップ DivX, LLC 2014/06/01 2.6.3.22
DVD Shrink 3.2 DVD Shrink 2014/03/27
DVDFab 9.1.1.9 (18/12/2013) Fengtao Software Inc. 2014/01/24 104 MB
ESET Smart Security ESET, spol s r. o. 2013/12/16 100 MB 7.0.302.31
Everything 1.2.1.371 2014/01/23
ffdshow v1.3.4530 [2014-02-09] 2014/06/12 13.2 MB 1.3.4530.0
FolderSizeScan 0.6.3 HaseSoft 2013/12/08 0.6.3
Free Audio Dub version 1.7.9.908 DVDVideoSoft Ltd. 2014/04/04 84.5 MB 1.7.9.908
Freemake Video Converter バージョン 4.1.3 Ellora Assets Corporation 2014/02/26 78.7 MB 4.1.3
Freemake Video Downloader Ellora Assets Corporation 2014/06/07 46.4 MB 3.7.0
Freemake Youtube Mp3 Converter Ellora Assets Corporation 2014/03/03 46.1 MB 3.6.3
Futuremark SystemInfo Futuremark 2013/12/14 6.77 MB 4.23.255
GameRanger GameRanger Technologies 2014/06/10 3.63 GB
GEAR driver installer 4.020 GEAR Software 2013/12/31 3.33 MB 4.020.5
GetDiz Outertech 2014/01/20 4.8
GIMP 2.8.8 The GIMP Team 2014/01/10 268 MB 2.8.8
Google Chrome Google Inc. 2013/11/23 35.0.1916.153
Google Drive Google, Inc. 2014/07/08 36.6 MB 1.16.7009.9618
Google Earth Google 2013/12/27 180 MB 7.1.2.2041
Google 日本語入力 Google Inc. 2014/01/06 83.0 MB 1.13.1641.0
Grand Theft Auto IV Rockstar North 2014/03/18
HandBrake 0.9.9.1 2014/02/26 0.9.9.1
Homefront Kaos Studios 2014/04/13
Hounds DMM 2014/03/30 1.0.0
iCloud Apple Inc. 2014/03/09 156 MB 3.1.0.40
iFunbox (v2.7.2386.747), iFunbox DevTeam 2014/02/26 44.9 MB v2.7.2386.747
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam 2014/02/26 21.0 MB v3.1.562.425
ImgBurn LIGHTNING UK! 2014/03/13 2.5.8.0
Intel(R) Management Engine Components Intel Corporation 2013/11/19 9.5.14.1724
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/11/01 2.5.0.19
Internet Download Manager Tonec Inc. 2014/06/25
iTunes Apple Inc. 2014/03/09 216 MB 11.1.5.5
Java 7 Update 51 Oracle 2013/12/27 118 MB 7.0.510
Malwarebytes Anti-Malware バージョン 2.0.2.1012 Malwarebytes Corporation 2014/07/12 53.1 MB 2.0.2.1012
Medal of Honor Airborne Electronic Arts 2014/06/10 480 KB 1.0.1.0
Metro 2033 4A Games 2014/03/16
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2013/11/30 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/06/29 2.93 MB 4.5.50938
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2014/03/18 31.3 MB 3.5.95.0
Microsoft Games for Windows Marketplace Microsoft Corporation 2014/02/02 6.03 MB 3.5.67.0
Microsoft Silverlight Microsoft Corporation 2014/03/12 100 MB 5.1.30214.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/12/20 298 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2013/11/23 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/12/24 252 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/12/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/04/13 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2013/12/08 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/11/19 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/12/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/04 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/04 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/06/14 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 2014/04/23 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2013/12/21 17.3 MB 11.0.60610.1
Microsoft マウスキーボードセンター Microsoft Corporation 2013/11/30 2.3.145.0
Mozilla Maintenance Service Mozilla 2014/06/12 337 KB 24.5.0
Mozilla Thunderbird 24.5.0 (x86 ja) Mozilla 2014/06/12 48.1 MB 24.5.0
Mp3tag v2.58 Florian Heidenreich 2014/03/09 v2.58
NVIDIA PhysX NVIDIA Corporation 2014/03/16 80.0 MB 9.10.0222
OpenAL 2014/06/05
Operation Flashpoint: Dragon Rising Codemasters Studios 2014/02/02
Operation Flashpoint: Red River Codemasters Action Studio 2014/02/02
Origin Electronic Arts, Inc. 2013/11/23 9.3.11.2762
Overlord Triumph Studios 2014/02/08
Populous Electronic Arts 2014/06/09 48.6 MB 5.0.0.2
PunkBuster Even Balance, Inc. 2014/06/10 3.29 MB 1.0.0.0
PunkBuster Services Even Balance, Inc. 2014/06/14 0.993
radiko UNKNOWN 2014/04/07 3.1.5
RadioSure 2014/03/24
Realtek Ethernet Controller Driver Realtek 2013/11/19 7.69.304.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/12/10 6.0.1.7083
Reflector Squirrels 2014/04/27 22.4 MB 1.3.3.1
RPGツクール2000 ランタイムパッケージ 2013/12/24
Sniper Ghost Warrior 2 City Interactive 2014/04/22
SoftEther VPN Client SoftEther VPN Project 2014/03/22 4.06.9433
Startup Delayer v3.0 (build 359) r2 Studios 2014/02/18 3.0 (build 359)
Steam Valve Corporation 2014/06/21
Steel Storm: Burning Retribution Kot in Action Creative Artel 2014/04/03
Sumotori Dreams 2014/03/28
System Requirements Lab for Intel Husdawg, LLC 2013/11/25 1.03 MB 4.5.15.0
TweetDeck Twitter 2014/06/24 69.9 MB 3.3.7
UltraVnc uvnc bvba 2014/04/27 6.56 MB 1.1.9.6
Unity Web Player Unity Technologies ApS 2013/12/25 12.0 MB
Unlocker 1.9.2 Cedrick Collomb 2014/02/11 1.9.2
VLC media player 2.1.3 VideoLAN 2014/06/13 2.1.3
War Thunder Gaijin Entertainment 2013/12/10
War Thunder CDK 0.1 Gaijin Entertainment 2014/05/10 608 MB
Windows Driver Package - Sharp Corporation (usbser) Ports (11/16/2009 6.0.0000.00000) Sharp Corporation 2013/12/08 11/16/2009 6.0.0000.00000
Windows Live ID Sign-in Assistant Microsoft Corporation 2014/02/02 10.0 MB 6.500.3165.0
WinRAR 5.01 (64ビット) win.rar GmbH 2014/04/07 5.01.0
World of Tanks Wargaming.net 2013/12/09 16.4 MB
XMedia Recode バージョン 3.1.7.9 XMedia Recode 2014/02/26 22.8 MB 3.1.7.9
Xvid Video Codec Xvid Team 2014/04/07 1.3.2
YS FLIGHT SIMULATOR 2013/12/27
スタートアップチェッカー Version 3.0.9.4 ソフト工房「空の牙」 2014/01/08 1.24 MB 3.0.9.4
バトルフィールド 3 Electronic Arts 2013/11/23 1.6.0.0
バトルフィールド 4™ Electronic Arts 2014/07/08 25.8 GB 1.3.2.3825
ブレーンライブラリー管理ソフト SHARP 2013/12/08 51.2 MB 1.0.0
秀丸エディタ (8.35) 有限会社サイトー企画 2014/07/04 8.35
簡単バックアップ eX.Backup2 2.05 Texim 2013/11/19 2.0.5.0

なおじん
2014/07/14 (Mon) 14:07:51

返信フォームへ

それでは開始です

気になるソフトがないではないですが、大半はアンインストールされたようですね。とりあえず先に進めましょう。

見たところ、今回の原因は通常の迷惑ソフトではなく、より悪質なマルウェアの可能性が高いですので、手動確認の前に先にウイルススキャンをかけます。

■AdwCleanerでの処置
邪魔になりうる迷惑ソフトを先に駆除しておきます。

AdwCleanerの使い方
http://www59.atwiki.jp/malware_laboratory/pages/4.html

を参考に、「Adwcleanerのダウンロード」～「駆除ログの出力」までを行い、結果出てきたログをお知らせください。

■Malwarebytes Anti-Malwareによる処置
ウイルススキャンです。

以下のURLの手順を参考に、スキャンを行い、結果をお知らせください。

MBAMの使い方
http://www59.atwiki.jp/malware_laboratory/pages/7.html

■OTLによる解析
OTLと呼ばれる、高機能解析ツールを使って調べます。

1. 以下にある(直リンクです)解析ツール「OTL」(OldTimer Listit)をダウンロードし、デスクトップに置いてください。
ウイルス対策ソフトやブラウザから危険判定されるかもしれませんが、誤検知ですので気にしないで進めてください。
http://oldtimer.geekstogo.com/OTL.exe

2. 実行後、次の設定を変更してください。
・ウィンドウの上の方にある「Scan All Users」にチェックを入れる
・「Scan 64bit Files」があった場合には、それにもチェックを入れる
・「Extra Registry」を「Use SafeList」に設定する
・「File Scans」の「File Age」を「60 Days」に設定する

3. 以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
C:\CleanSecurity\CleanSecurity.exe /md5
C:\CleanSecurity\*.* /md5
D:\Internet Download Manager\*.exe /md5
CREATERESTOREPOINT

3. 左上の「Run Scan」を押してください。数分すると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に出来ます。

これらのファイルの内容を、分割した上で本文に貼り付けてください。特にOTL.txtは結構長いので、途中で分割しないと切れてしまいます。
最大文字数を超えた場合、貼り付けることはできても、投稿すると切れてしまいますので。
途中の「[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]」あたりで分割してみてください。

イルカ
2014/07/14 (Mon) 22:05:32

返信フォームへ

Adwcleanerログ

# AdwCleaner v3.215 - レポート作成日 15/07/2014 時間 13:56:37
# 更新日 09/07/2014 更新元 Xplode
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (64 bits)
# ユーザー名 : fukao - FUKAO-PC
# プログラムの実行場所 : D:\desktopfolder\adwcleaner_3.215.exe
# オプション : スキャン

***** [ サービス ] *****

***** [ ファイル / フォルダ ] *****

ファイル検出 : C:\END
ファイル検出 : C:\Windows\SysWOW64\installd.exe
フォルダ検出 : C:\Program Files (x86)\Babylon
フォルダ検出 : C:\Program Files (x86)\eSupport.com
フォルダ検出 : C:\Program Files\Babylon
フォルダ検出 : C:\Users\fukao\AppData\Local\41
フォルダ検出 : C:\Users\fukao\AppData\Local\eSupport.com
フォルダ検出 : C:\Users\fukao\AppData\Local\Temp\hotspot shield
フォルダ検出 : C:\Users\fukao\AppData\Roaming\baidu
フォルダ検出 : C:\Users\fukao\AppData\Roaming\IObit\Driver Booster

***** [ ショートカット ] *****

***** [ レジストリ ] *****

キー検出 : HKCU\Software\anchorfree
キー検出 : HKCU\Software\Conduit
キー検出 : [x64] HKCU\Software\anchorfree
キー検出 : [x64] HKCU\Software\Conduit
キー検出 : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
キー検出 : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
キー検出 : HKLM\SOFTWARE\Classes\Updater.AmiUpd
キー検出 : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
キー検出 : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
キー検出 : HKLM\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{928FE5E7-D557-46B7-8AF6-17ACCE1FB4ED}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
キー検出 : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
値検出 : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]

***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Google Chrome v35.0.1916.153

[ ファイル : C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\preferences ]

検出 [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
検出 [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh

*************************

AdwCleaner[R0].txt - [2783 octets] - [15/07/2014 13:56:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2843 octets] ##########

なおじん
2014/07/15 (Tue) 14:00:10

返信フォームへ

MBAMログ

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014/07/15
Scan Time: 14:00:28
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.14.03
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: fukao

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 298062
Time Elapsed: 3 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

よろしくお願いします。

なおじん
2014/07/15 (Tue) 14:04:57

返信フォームへ

otl.txt その1

OTL logfile created on: 2014/07/15 14:07:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\desktopfolder
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 4.82 Gb Available Physical Memory | 60.66% Memory free
7.94 Gb Paging File | 4.48 Gb Available in Paging File | 56.44% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 34.16 Gb Free Space | 28.67% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 633.83 Gb Free Space | 68.04% Space Free | Partition Type: NTFS
Drive F: | 593.36 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FUKAO-PC | User Name: fukao | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/07/14 15:03:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\desktopfolder\OTL.exe
PRC - [2014/06/27 14:20:02 | 024,477,056 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/06/24 19:02:17 | 003,595,608 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2014/06/23 15:14:05 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/23 11:37:54 | 000,774,928 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2014/06/23 11:36:50 | 000,832,272 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2014/06/23 11:35:32 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/06/23 11:34:52 | 000,406,288 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe
PRC - [2014/06/23 11:34:48 | 000,367,888 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
PRC - [2014/06/23 11:34:38 | 000,261,904 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
PRC - [2014/06/23 11:34:34 | 000,379,152 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe
PRC - [2014/06/14 10:42:20 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/06/05 22:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/22 10:20:46 | 000,108,032 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2014/05/22 10:20:44 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/01 09:40:42 | 002,270,240 | ---- | M] (有限会社サイトー企画) -- C:\Program Files (x86)\Hidemaru\Hidemaru.exe
PRC - [2014/01/27 20:03:26 | 000,873,984 | ---- | M] () -- C:\CleanSecurity\CleanSecurity.exe
PRC - [2014/01/15 04:46:38 | 003,140,608 | ---- | M] () -- C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2014/01/10 14:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/12/18 01:56:20 | 054,253,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2013/12/18 01:56:16 | 001,334,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/11/26 22:52:14 | 007,748,096 | ---- | M] (i-Funbox.com) -- C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe
PRC - [2013/11/22 10:25:38 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2013/11/20 15:43:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/11/20 15:43:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013/08/27 11:02:16 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/08/27 11:01:34 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/07/15 13:58:40 | 001,175,040 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._core_.pyd
MOD - [2014/07/15 13:58:40 | 001,160,704 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_ssl.pyd
MOD - [2014/07/15 13:58:40 | 001,062,400 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._controls_.pyd
MOD - [2014/07/15 13:58:40 | 000,811,008 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._windows_.pyd
MOD - [2014/07/15 13:58:40 | 000,805,888 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._gdi_.pyd
MOD - [2014/07/15 13:58:40 | 000,735,232 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._misc_.pyd
MOD - [2014/07/15 13:58:40 | 000,713,216 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_hashlib.pyd
MOD - [2014/07/15 13:58:40 | 000,686,080 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\unicodedata.pyd
MOD - [2014/07/15 13:58:40 | 000,557,056 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\pysqlite2._sqlite.pyd
MOD - [2014/07/15 13:58:40 | 000,525,640 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\windows._lib_cacheinvalidation.pyd
MOD - [2014/07/15 13:58:40 | 000,364,544 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\pythoncom27.dll
MOD - [2014/07/15 13:58:40 | 000,320,512 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32com.shell.shell.pyd
MOD - [2014/07/15 13:58:40 | 000,167,936 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32gui.pyd
MOD - [2014/07/15 13:58:40 | 000,128,512 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_elementtree.pyd
MOD - [2014/07/15 13:58:40 | 000,127,488 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\pyexpat.pyd
MOD - [2014/07/15 13:58:40 | 000,122,368 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._wizard.pyd
MOD - [2014/07/15 13:58:40 | 000,119,808 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32file.pyd
MOD - [2014/07/15 13:58:40 | 000,110,080 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\pywintypes27.dll
MOD - [2014/07/15 13:58:40 | 000,108,544 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32security.pyd
MOD - [2014/07/15 13:58:40 | 000,098,816 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32api.pyd
MOD - [2014/07/15 13:58:40 | 000,087,552 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_ctypes.pyd
MOD - [2014/07/15 13:58:40 | 000,078,336 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._animate.pyd
MOD - [2014/07/15 13:58:40 | 000,070,656 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\wx._html2.pyd
MOD - [2014/07/15 13:58:40 | 000,045,568 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_socket.pyd
MOD - [2014/07/15 13:58:40 | 000,038,912 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32inet.pyd
MOD - [2014/07/15 13:58:40 | 000,035,840 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32process.pyd
MOD - [2014/07/15 13:58:40 | 000,027,136 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\_multiprocessing.pyd
MOD - [2014/07/15 13:58:40 | 000,025,600 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32pdh.pyd
MOD - [2014/07/15 13:58:40 | 000,024,064 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32pipe.pyd
MOD - [2014/07/15 13:58:40 | 000,022,528 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32ts.pyd
MOD - [2014/07/15 13:58:40 | 000,018,432 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32event.pyd
MOD - [2014/07/15 13:58:40 | 000,017,408 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32profile.pyd
MOD - [2014/07/15 13:58:40 | 000,011,264 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\win32crypt.pyd
MOD - [2014/07/15 13:58:40 | 000,010,240 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\select.pyd
MOD - [2014/07/15 13:58:40 | 000,007,168 | ---- | M] () -- C:\Users\fukao\AppData\Local\Temp\_MEI22922\hashobjs_ext.pyd
MOD - [2014/07/08 19:28:25 | 001,419,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\ee42342bf7a17558da077d12cdac75c6\HD-Agent.ni.exe
MOD - [2014/07/08 19:28:20 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\c868980c4f6c6f9bfa44269f471dd7ec\JSON.ni.dll
MOD - [2014/06/24 19:02:16 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
MOD - [2014/06/24 19:02:14 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
MOD - [2014/06/24 19:02:14 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
MOD - [2014/06/24 19:02:14 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
MOD - [2014/06/24 19:02:14 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
MOD - [2014/06/24 19:02:14 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
MOD - [2014/06/24 19:02:14 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
MOD - [2014/06/24 19:02:14 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
MOD - [2014/06/05 22:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 22:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 22:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 22:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 22:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/05/17 15:22:20 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/02/14 16:01:42 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/14 16:01:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/14 16:01:36 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/14 16:01:34 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/14 16:01:26 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/14 16:01:24 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/02/06 00:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 00:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/06 00:52:32 | 000,237,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2014/01/27 20:03:26 | 000,873,984 | ---- | M] () -- C:\CleanSecurity\CleanSecurity.exe
MOD - [2014/01/15 04:46:38 | 003,140,608 | ---- | M] () -- C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2014/01/10 14:28:18 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2014/01/10 14:26:44 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013/11/22 10:25:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\hydrajan.dll
MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2012/12/20 21:04:09 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ja_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/21 16:13:30 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_ja_b77a5c561934e089\System.resources.dll
MOD - [2009/07/17 16:32:38 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\Hidemaru\HIDEMSUB.DLL

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/06/19 09:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/04/16 10:29:18 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014/02/18 17:56:57 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:[b]64bit:[/b] - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/05/11 17:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/05/11 17:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/07/10 21:13:07 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/23 11:37:54 | 000,774,928 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/06/23 11:35:32 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/06/23 11:34:52 | 000,406,288 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/06/14 10:42:20 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/06/11 19:33:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/22 10:20:46 | 000,108,032 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/05/22 10:20:44 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/03/22 09:31:16 | 004,321,848 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) [Auto | Running] -- D:\SoftEther VPN Client\vpnclient_x64.exe -- (SEVPNCLIENT)
SRV - [2014/02/08 12:18:42 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/11/21 17:03:10 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/27 11:02:16 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/08/27 11:01:34 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe -- (asComSvc)
SRV - [2009/06/11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/07/15 13:58:57 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2014/07/14 19:19:57 | 000,091,352 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:[b]64bit:[/b] - [2014/06/09 17:41:00 | 000,180,136 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2014/05/17 09:42:38 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2014/04/16 11:37:30 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014/04/16 10:07:04 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014/01/19 13:18:02 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/01/06 10:56:10 | 000,028,768 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Neo_0056.sys -- (Neo_VPN)
DRV:[b]64bit:[/b] - [2013/12/20 01:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2013/11/25 16:09:03 | 000,872,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2013/10/02 11:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/09/17 14:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2013/09/17 14:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2013/09/17 14:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2013/09/17 14:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2013/09/17 14:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2013/09/04 17:55:42 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2013/08/27 11:01:34 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/04/26 10:24:58 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2013/04/26 10:24:56 | 000,786,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2013/04/26 10:24:56 | 000,368,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/07/02 02:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008/12/11 14:10:40 | 000,018,456 | ---- | M] (Texim Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TxDevCmd.sys -- (TxDevCmd)
DRV - [2014/06/23 11:35:14 | 000,123,152 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://shop.tsukumo.co.jp
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jp.hao123.com/?tn=incore_pay_hp_01_hao123_jp
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: D:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/npaplayer: C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll File not found
FF - HKLM\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\fukao\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/12/16 15:22:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2014/06/07 20:39:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2014/06/07 20:39:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: D:\programs\mozilla\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: D:\programs\mozilla\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/12/16 15:22:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\fukao\AppData\Roaming\IDM\idmmzcc5 [2014/06/25 18:40:34 | 000,000,000 | ---D | M]

[2014/03/16 09:18:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fukao\AppData\Roaming\mozilla\Extensions
[2014/07/08 19:08:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fukao\AppData\Roaming\mozilla\Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Angry Birds = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Adblock Plus = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Tampermonkey = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.7.48_0\
CHR - Extension: Tampermonkey = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8_0\
CHR - Extension: DMM繝ｩ繝ｳ繝√Ε繝ｼPlugin = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbnpbfjkgbkilkjokfccjdbhjmkpgnnk\1.2.0.0_0\
CHR - Extension: Stealthy = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0\
CHR - Extension: Better Battlelog (BBLog) = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma\4.3.0_0\
CHR - Extension: Auto HD For YouTube邃｢ = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.3.2_0\
CHR - Extension: Linkclump = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj\2.7.3_0\
CHR - Extension: Extension Defender = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm\1.0.2_0\
CHR - Extension: 繧ｽ繝ｼ繧ｷ繝｣繝ｫ繧ｲ繝ｼ繝繝薙Η繝ｼ繧｢ = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnanlcjfkbilccmendadfgljdnpdgcpf\0.14_0\
CHR - Extension: Currency Converter = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndokegkpdlafochibjpgjglkcamdpip\1.0.4_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Unblock Youku = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk\2.7.3.1_0\
CHR - Extension: Unblock Youku = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk\2.7.4.1_0\
CHR - Extension: Unblock Youku = C:\Users\fukao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk\2.7.4.2_0\

O1 HOSTS File: ([2014/03/24 12:10:15 | 000,000,880 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (no name) - {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SoftEther VPN Client UI Helper] D:\SoftEther VPN Client\vpnclient_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
O4:[b]64bit:[/b] - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 Studios)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep" File not found
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [Amazon Cloud Player] C:\Users\fukao\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [CleanSecurity] C:\CleanSecurity\CleanSecurity.exe ()
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [iFunBox Price Watch] C:\Program Files (x86)\iFunbox 2014\iFunBox2014.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [SeiichiNishimura_DelayStartup] "D:\desktopfolder\delaystartup01c\DelayStartup\execute.exe" File not found
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" File not found
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\秀丸.lnk = C:\Program Files (x86)\Hidemaru\Hidemaru.exe (有限会社サイトー企画)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: すべてのリンクをIDMでダウンロード - D:\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm File not found
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm File not found
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm File not found
O8 - Extra context menu item: Download with IDM - D:\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: すべてのリンクをIDMでダウンロード - D:\Internet Download Manager\IEGetAll.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBA2D0F8-6378-4AB8-8D56-247C24654863}: NameServer = 8.8.8.8,8.8.4.4
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 03:41:17 | 000,000,145 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{bc2393cf-80b9-11e3-a9a7-00aceb2cf65c}\Shell - "" = AutoRun
O33 - MountPoints2\{bc2393cf-80b9-11e3-a9a7-00aceb2cf65c}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2004/08/04 05:29:57 | 000,057,344 | R--- | M] ()
O33 - MountPoints2\{bc2393cf-80b9-11e3-a9a7-00aceb2cf65c}\Shell\dinstall\command - "" = F:\DirectX\dxsetup.exe -- [2004/07/09 20:08:36 | 000,472,576 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

なおじん
2014/07/15 (Tue) 14:13:49

返信フォームへ

otl.txt その2

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2014/07/15 13:56:46 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/14 15:03:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\desktopfolder\OTL.exe
[2014/07/14 13:57:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/13 20:00:15 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/07/12 21:03:10 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/12 21:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/12 21:03:02 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/12 21:03:02 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/12 21:03:02 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/12 21:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/12 14:47:46 | 000,000,000 | ---D | C] -- C:\CleanSecurity
[2014/07/09 19:00:07 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/09 19:00:07 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/09 19:00:07 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/09 19:00:07 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/09 19:00:07 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/09 19:00:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/09 19:00:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/09 19:00:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/09 19:00:07 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/07/09 19:00:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/09 19:00:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/09 19:00:07 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/07/09 19:00:06 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/09 19:00:06 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/09 19:00:06 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/09 19:00:06 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/07/09 19:00:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/09 19:00:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/09 19:00:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/09 19:00:05 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/09 19:00:05 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/07/09 19:00:05 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/09 19:00:05 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/09 19:00:05 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/09 19:00:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/09 19:00:04 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/09 19:00:04 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/07/09 19:00:04 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/09 19:00:04 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/07/09 19:00:04 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/09 19:00:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/09 19:00:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/09 19:00:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/09 19:00:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/07/09 19:00:03 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/07/09 19:00:03 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/09 19:00:03 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/07/09 19:00:03 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/09 19:00:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/07/09 18:56:30 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/08 19:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/07/08 19:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/07/08 19:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/07/08 19:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2014/07/08 19:26:59 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\Bluestacks
[2014/07/06 15:11:40 | 001,688,304 | ---- | C] (www.flyvpn.com) -- D:\desktopfolder\FlyClient_3.0.1.8.exe
[2014/07/06 15:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
[2014/07/06 15:10:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bulk Rename Utility
[2014/07/05 18:55:19 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\Adobe
[2014/07/05 16:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\FlyVPN
[2014/07/04 19:16:48 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\Hidemaruo
[2014/07/04 19:16:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hidemaru
[2014/07/03 19:16:05 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\11588
[2014/06/29 20:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty - United Offensive
[2014/06/29 20:31:54 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
[2014/06/29 20:31:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty
[2014/06/29 20:29:55 | 000,000,000 | ---D | C] -- D:\desktopfolder\download
[2014/06/29 16:50:01 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/06/29 16:48:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/06/29 16:48:00 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/06/29 16:48:00 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/06/29 16:47:59 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/06/29 16:47:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/06/29 16:47:49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/06/29 16:47:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/06/29 16:47:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/06/29 16:47:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/06/29 16:47:49 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/06/29 16:47:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/06/29 16:47:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/06/29 16:47:48 | 006,578,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/06/29 16:47:48 | 005,698,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/06/29 16:47:48 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/06/29 16:47:48 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/06/29 16:47:48 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/06/29 16:47:48 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/06/29 16:47:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/06/29 16:47:48 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/06/29 16:47:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/06/29 16:47:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/06/29 16:47:09 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/06/29 16:47:09 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/06/29 16:47:09 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/06/29 16:47:09 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/06/29 16:47:09 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/06/29 16:47:09 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/06/29 16:47:09 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/06/29 16:47:08 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/06/29 16:47:08 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/06/29 16:47:08 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/06/29 16:47:08 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/06/29 16:47:08 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/06/29 16:47:08 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/06/29 16:47:08 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/06/29 16:47:08 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/06/29 16:47:08 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/06/29 16:47:08 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/06/29 16:47:08 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/06/29 16:47:08 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/06/29 16:47:07 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/06/29 16:47:07 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/06/29 16:47:06 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/06/29 16:47:06 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/06/29 16:47:06 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/06/29 16:47:06 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/06/29 16:47:05 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/06/29 16:47:05 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/06/29 16:47:05 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/06/29 16:47:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/06/29 16:47:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/06/29 16:47:04 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/06/29 16:47:04 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/06/29 16:47:04 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/06/29 16:47:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014/06/29 16:47:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014/06/29 16:47:04 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/06/29 16:47:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014/06/29 16:47:00 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/29 16:47:00 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/28 21:16:20 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\675
[2014/06/27 20:26:24 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\pangu
[2014/06/24 20:30:21 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck
[2014/06/24 19:26:02 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\twitter
[2014/06/24 19:20:55 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\Jane
[2014/06/18 18:44:46 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\Vidalia
[2014/06/18 17:47:57 | 000,180,136 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2014/06/17 15:02:55 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\tor
[2014/06/17 15:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bridge Bundle
[2014/06/17 15:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bridge Bundle
[2014/06/15 20:01:47 | 000,000,000 | ---D | C] -- D:\desktopfolder\diskinfo642.9.10
[2014/06/15 20:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DiskAnalyzer
[2014/06/14 17:41:02 | 000,000,000 | ---D | C] -- C:\Users\fukao\Documents\BFH.Beta
[2014/06/14 10:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta
[2014/06/12 16:16:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2014/06/11 18:53:36 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/11 18:53:35 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/11 18:53:35 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/06/11 18:53:35 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/11 18:53:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/06/11 18:53:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/11 18:53:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/11 18:53:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/11 18:53:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/10 21:12:59 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\GameRanger
[2014/06/10 19:11:35 | 000,000,000 | ---D | C] -- C:\Users\fukao\Documents\EA Games
[2014/06/10 18:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Even Balance, Inc
[2014/06/10 18:45:56 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
[2014/06/07 20:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Direct Video Downloader
[2014/06/05 20:09:10 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014/06/05 20:09:10 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014/06/05 20:09:10 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2014/06/05 20:09:10 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2014/06/05 20:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2014/06/05 08:05:15 | 000,000,000 | ---D | C] -- C:\Users\fukao\Documents\Battlestations-Pacific
[2014/06/01 15:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thunder Network
[2014/06/01 14:59:20 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr90.dll
[2014/06/01 14:59:20 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp90.dll
[2014/06/01 14:59:19 | 000,159,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\atl90.dll
[2014/06/01 14:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ﾑｸﾀﾗﾈ晴
[2014/06/01 14:58:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thunder Network
[2014/06/01 14:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Thunder Network
[2014/06/01 14:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thunder Network
[2014/06/01 11:44:07 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\DivX
[2014/06/01 11:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2014/06/01 11:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2014/06/01 11:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2014/06/01 11:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2014/06/01 11:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/05/31 13:54:34 | 000,276,992 | ---- | C] (IntelleSoft) -- C:\Windows\SysWow64\BugTrap.dll
[2014/05/31 13:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TopApp soft
[2014/05/31 13:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO
[2014/05/31 13:51:39 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\ALLConverter
[2014/05/31 13:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConverter PRO
[2014/05/31 13:51:34 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\ALLPlayer
[2014/05/31 13:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2014/05/31 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\fukao\Documents\GomPlayer
[2014/05/31 13:42:27 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\vlc
[2014/05/31 13:35:10 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\BatchSubtitlesConverter
[2014/05/28 18:23:26 | 000,000,000 | ---D | C] -- C:\Users\fukao\Documents\Battlefield 1942
[2014/05/21 19:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
[2014/05/21 19:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War Thunder
[2014/05/17 09:42:38 | 000,042,184 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2014/05/16 20:52:16 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/16 20:52:16 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/16 20:52:16 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/16 20:52:16 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/16 20:52:16 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/16 20:52:16 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/16 20:52:16 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/16 20:52:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/16 20:52:16 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/16 20:52:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/16 20:52:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/16 20:52:16 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/16 20:52:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/16 20:52:16 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/16 20:52:16 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/16 20:52:16 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/16 20:52:16 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/16 20:52:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/16 20:52:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/16 20:52:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/16 20:52:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/16 20:52:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[43 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2014/07/15 14:06:03 | 000,021,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 14:06:03 | 000,021,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/15 14:04:38 | 001,311,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/15 14:04:38 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/15 14:04:38 | 000,410,838 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2014/07/15 14:04:38 | 000,121,884 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2014/07/15 14:04:38 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/15 13:58:57 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/15 13:58:42 | 000,000,684 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/15 13:58:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/14 19:19:57 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/14 19:19:21 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8eaa59627fd2.job
[2014/07/14 18:13:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/14 15:03:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\desktopfolder\OTL.exe
[2014/07/13 20:00:15 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/07/12 21:03:04 | 000,000,613 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/11 15:28:03 | 000,000,787 | ---- | M] () -- C:\Windows\CoDUO.INI
[2014/07/10 21:13:06 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/10 21:13:06 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/10 18:54:33 | 000,277,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/09 19:36:09 | 000,001,188 | ---- | M] () -- D:\desktopfolder\Battlefield 3.lnk
[2014/07/09 19:35:02 | 000,000,585 | ---- | M] () -- D:\desktopfolder\COD1 SP.lnk
[2014/07/08 19:28:15 | 000,001,818 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/08 19:28:13 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/06 15:11:40 | 001,688,304 | ---- | M] (www.flyvpn.com) -- D:\desktopfolder\FlyClient_3.0.1.8.exe
[2014/07/05 16:20:03 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/07/05 16:20:03 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/04 21:05:07 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/07/04 19:16:32 | 000,001,049 | ---- | M] () -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\秀丸.lnk
[2014/07/04 19:16:32 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\秀丸.lnk
[2014/06/29 20:36:50 | 000,000,495 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - United Offensive Single Player.lnk
[2014/06/29 20:31:54 | 000,000,717 | ---- | M] () -- C:\Windows\CoD.INI
[2014/06/29 16:47:37 | 001,290,686 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/29 16:12:19 | 000,097,792 | ---- | M] () -- D:\desktopfolder\TSRH.exe
[2014/06/21 17:03:55 | 000,000,202 | ---- | M] () -- D:\desktopfolder\Call of Duty Black Ops II.url
[2014/06/21 17:01:32 | 000,000,512 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/06/19 10:06:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/06/19 09:42:57 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/19 09:42:49 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/19 09:41:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/06/19 09:41:16 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/06/19 09:31:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/19 09:26:41 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/19 09:24:30 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/19 09:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/06/19 09:23:53 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/06/19 09:14:28 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/19 09:09:47 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/19 08:59:04 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/19 08:53:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/19 08:51:38 | 005,721,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/19 08:50:47 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/19 08:48:44 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/19 08:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/19 08:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/19 08:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/06/19 08:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/06/19 08:33:07 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/19 08:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/19 08:27:45 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/06/19 08:27:07 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/19 08:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/19 08:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/19 08:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/06/19 08:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/19 08:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/19 07:59:37 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/19 07:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/06/19 07:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/19 07:15:24 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/06/19 07:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/06/18 11:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/06/18 10:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/06/14 10:42:49 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield Hardline Beta.lnk
[2014/06/14 10:42:20 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/06/14 10:40:27 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/13 16:27:25 | 000,000,605 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/12 16:31:40 | 000,000,784 | ---- | M] () -- C:\Users\fukao\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/06/09 18:53:57 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Populous.lnk
[2014/06/09 17:41:00 | 000,180,136 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2014/06/08 18:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 18:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/07 20:39:20 | 000,001,332 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk
[2014/06/06 19:10:34 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/06/06 18:44:17 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/06/05 23:45:15 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/06/05 20:09:10 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014/06/05 20:09:10 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014/06/05 20:09:10 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2014/06/05 20:09:10 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2014/06/04 16:48:01 | 000,000,221 | ---- | M] () -- D:\desktopfolder\Arma Cold War Assault.url
[2014/06/01 14:59:45 | 000,000,020 | ---- | M] () -- C:\Windows\SysWow64\pub_store.dat
[2014/06/01 14:59:07 | 000,159,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl90.dll
[2014/06/01 14:58:41 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr90.dll
[2014/06/01 14:58:41 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp90.dll
[2014/05/31 13:55:56 | 000,276,992 | ---- | M] (IntelleSoft) -- C:\Windows\SysWow64\BugTrap.dll
[2014/05/31 13:51:39 | 000,001,122 | ---- | M] () -- C:\Users\fukao\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2014/05/27 19:31:22 | 005,575,008 | ---- | M] () -- D:\desktopfolder\空高く.mp3
[2014/05/17 09:42:38 | 000,042,184 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[43 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/07/12 21:03:04 | 000,000,613 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014/07/09 19:36:09 | 000,001,188 | ---- | C] () -- D:\desktopfolder\Battlefield 3.lnk
[2014/07/09 19:35:02 | 000,000,585 | ---- | C] () -- D:\desktopfolder\COD1 SP.lnk
[2014/07/08 19:28:15 | 000,001,818 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2014/07/08 19:28:13 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2014/07/04 19:16:32 | 000,001,049 | ---- | C] () -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\秀丸.lnk
[2014/07/04 19:16:32 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\秀丸.lnk
[2014/07/04 19:16:32 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\秀丸.lnk
[2014/06/29 20:36:50 | 000,000,495 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - United Offensive Single Player.lnk
[2014/06/29 20:34:51 | 000,000,787 | ---- | C] () -- C:\Windows\CoDUO.INI
[2014/06/29 20:30:23 | 000,000,717 | ---- | C] () -- C:\Windows\CoD.INI
[2014/06/29 16:12:20 | 000,097,792 | ---- | C] () -- D:\desktopfolder\TSRH.exe
[2014/06/23 15:14:11 | 000,000,690 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8eaa59627fd2.job
[2014/06/17 20:28:38 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/06/14 10:42:49 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield Hardline Beta.lnk
[2014/06/13 16:27:25 | 000,000,605 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/06/12 16:16:20 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/06/10 21:13:02 | 000,001,056 | ---- | C] () -- C:\Users\fukao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
[2014/06/09 18:53:57 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Populous.lnk
[2014/06/07 20:39:20 | 000,001,332 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk
[2014/06/04 16:48:01 | 000,000,221 | ---- | C] () -- D:\desktopfolder\Arma Cold War Assault.url
[2014/06/01 14:59:45 | 000,000,020 | ---- | C] () -- C:\Windows\SysWow64\pub_store.dat
[2014/05/31 13:51:39 | 000,001,122 | ---- | C] () -- C:\Users\fukao\Application Data\Microsoft\Internet Explorer\Quick Launch\ALLConverter PRO.lnk
[2014/05/27 19:27:33 | 005,575,008 | ---- | C] () -- D:\desktopfolder\空高く.mp3
[2014/04/15 22:28:56 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/04/07 12:52:25 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2014/02/11 11:37:39 | 000,000,281 | ---- | C] () -- C:\Windows\game.ini
[2014/02/04 17:54:18 | 000,028,049 | ---- | C] () -- C:\Users\fukao\AppData\Roaming\OFMissionEditorConfig.xml
[2014/01/19 15:24:56 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2014/01/11 14:22:33 | 000,003,338 | ---- | C] () -- C:\Users\fukao\AppData\Local\recently-used.xbel
[2014/01/08 13:36:20 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\_111881690A7D.sys
[2013/12/25 13:18:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/12/14 11:31:20 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013/12/08 21:30:09 | 000,115,244 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/11/23 15:05:45 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/11/23 15:05:45 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/11/19 14:08:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/11/19 14:07:32 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/19 14:03:24 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/11/19 14:03:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/11/19 14:02:04 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/11/19 14:02:04 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/11/19 14:02:04 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/11/19 14:02:04 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/11/19 14:02:04 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/11/19 14:00:51 | 001,290,686 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/11 17:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 11:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 11:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2014/07/14 18:13:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/15 13:58:42 | 000,000,684 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/14 19:19:21 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8eaa59627fd2.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA THNSNH128GCST ATA Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10EZRX-00L4HB0 ATA Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119.00GB
Starting Offset: 105906176
Hidden sectors: 0

DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 932.00GB
Starting Offset: 1048576
Hidden sectors: 0

[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/04/12 11:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/07/09 14:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 13:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2012/10/04 02:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2014/04/12 11:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/04/12 11:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2012/05/01 14:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2012/06/03 07:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< C:\CleanSecurity\CleanSecurity.exe /md5 >[/color]
[2014/01/27 20:03:26 | 000,873,984 | ---- | M] () MD5=E15EFCDD53765EF490688A747275D854 -- C:\CleanSecurity\CleanSecurity.exe

[color=#A23BEC]< C:\CleanSecurity\*.* /md5 >[/color]
[2014/01/27 20:03:26 | 000,873,984 | ---- | M] () MD5=E15EFCDD53765EF490688A747275D854 -- C:\CleanSecurity\CleanSecurity.exe
[2014/01/31 21:34:04 | 000,003,902 | ---- | M] () MD5=C3256E644643F0C5E9F9295F53A7C3D1 -- C:\CleanSecurity\DPKI

[color=#A23BEC]< D:\Internet Download Manager\*.exe /md5 >[/color]
[2014/06/25 18:40:02 | 003,837,520 | R--- | M] (Tonec Inc.) MD5=817D70DD672B05DB6BA15BCEC4362DCC -- D:\Internet Download Manager\IDMan.exe
[2013/11/07 20:18:12 | 000,069,144 | ---- | M] (Internet Download Manager, Tonec Inc.) MD5=090A189F4EEB3C0B76E97ACDB1A71C92 -- D:\Internet Download Manager\idmBroker.exe
[2013/11/07 20:17:46 | 000,513,048 | ---- | M] (Tonec Inc.) MD5=12F5582EEEF2464F90F37D288FE8A159 -- D:\Internet Download Manager\IDMGrHlp.exe
[2013/11/07 20:17:38 | 000,083,992 | ---- | M] (Internet Download Manager, Tonec Inc.) MD5=07A5F2043BAB61711F1C955F61DF70D6 -- D:\Internet Download Manager\IDMIntegrator64.exe
[2013/11/07 20:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) MD5=BD95E822E7A958BBCA842D078426A151 -- D:\Internet Download Manager\IEMonitor.exe
[2013/11/07 20:16:00 | 000,016,920 | ---- | M] (Internet Download Manager, Tonec Inc.) MD5=50542C90567698CB0C0C02F71EEBEA60 -- D:\Internet Download Manager\MediumILStart.exe
[2013/11/22 03:26:16 | 000,179,736 | ---- | M] (Tonec Inc.) MD5=6649E522FFB939AAD03D70F4B5E2964D -- D:\Internet Download Manager\Uninstall.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:8C35AEA7

< End of report >

なおじん
2014/07/15 (Tue) 14:15:39

返信フォームへ

extra.txt

OTL Extras logfile created on: 2014/07/15 14:07:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\desktopfolder
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 4.82 Gb Available Physical Memory | 60.66% Memory free
7.94 Gb Paging File | 4.48 Gb Available in Paging File | 56.44% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 34.16 Gb Free Space | 28.67% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 633.83 Gb Free Space | 68.04% Space Free | Partition Type: NTFS
Drive F: | 593.36 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: FUKAO-PC | User Name: fukao | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = hidemaru.txt] -- C:\Program Files (x86)\Hidemaru\Hidemaru.exe (有限会社サイトー企画)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.txt [@ = hidemaru.txt] -- C:\Program Files (x86)\Hidemaru\Hidemaru.exe (有限会社サイトー企画)

[HKEY_USERS\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C5BE99-2AB5-42E3-A999-BDEEAF2795C9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{104203D9-05F8-4F8F-96FD-9D8FB10CC6A0}" = rport=137 | protocol=17 | dir=out | app=system |
"{2074AA5B-0B0C-40B3-B7CF-E12D712CEC39}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{29F8B42F-4F59-420E-B9BF-2A6075E9071D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CDF52FA-3A16-4113-B77B-1EA6E534A7F8}" = rport=139 | protocol=6 | dir=out | app=system |
"{33AC693A-8069-4B38-B1D0-9F4A1B027183}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D03F5F9-9A90-415E-AA39-283E10343A16}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F81209E-8660-4701-ABD5-480EB165612C}" = lport=137 | protocol=17 | dir=in | app=system |
"{40D99F72-6B9E-4CD8-A9EB-5C83782BCE24}" = lport=445 | protocol=6 | dir=in | app=system |
"{43F02584-7923-44AB-B93D-82BD5A5F09FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{463538D1-09BC-4CC3-92FC-F203B23500F8}" = lport=139 | protocol=6 | dir=in | app=system |
"{6814F6DA-AD89-4BFF-ADAE-2A6C8A7F1EDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6DC5945D-0A23-4B5F-866C-105AF3BCE00C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84C387AB-1078-438F-A3B6-2B1D63F487F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{91B59D62-3C7F-4179-9BA6-A21873CFB666}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC93C7C8-2141-449A-915A-9DB769F225F2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD79BBED-985E-45D1-8456-715867057945}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D9EF36C6-4544-4021-B4B1-3F8954F888B2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E583E662-131C-4A6A-A747-73BC93AAF8A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E66018CF-63E8-404B-B599-4E26CF625BB3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFEA9D63-DAF1-4AD2-A5B1-1B27B4F9BAED}" = lport=138 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01972B0E-B180-43FD-8ACA-1494D1618587}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{019CEDF3-7C2C-4C5E-93BE-E3775ABFD3CE}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{031EBF48-6FA1-4090-A398-6F0D772F6D76}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{041BB86D-43FE-441F-BB23-C08CB3097811}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe |
"{043F0273-351D-4742-B963-EA4D5C2D0F0D}" = protocol=6 | dir=in | app=d:\desktopfolder\utorrent (1).exe |
"{055A7FDF-73AD-4555-9CCD-D4E7E392EB2A}" = protocol=17 | dir=in | app=d:\cracked steam\steam.exe |
"{05F28DDC-0EFB-4DF6-969A-CECA0617931F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0A1F1990-9C87-42A5-B003-67330DB303AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0AA9458A-0C4D-4BD9-8D39-81DEC791A7D7}" = protocol=6 | dir=in | app=d:\vuze\azureus.exe |
"{0BABA0AD-9466-4C41-A4AC-121D7E15B569}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0BC530CE-0534-40FE-806F-7BC7AB0E9D1C}" = protocol=17 | dir=in | app=d:\vnc\winvnc.exe |
"{0C89C054-3537-411D-B312-AD2D6820A9FC}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{0D29F603-DDD4-427A-A0E2-7EB8695E07F2}" = protocol=17 | dir=in | app=d:\desktopfolder\utorrent (1).exe |
"{0D909352-9541-4E51-AEE6-E0AADC97B112}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0E2FEB04-8F0C-466E-87B8-3011D3350C3B}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{10C15242-9A5E-49E3-A6E2-9933574ABDB8}" = dir=in | app=d:\softether vpn client\vpncmgr.exe |
"{10D3471C-1A5E-4C8D-AC9C-D6F54980CB17}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{125095CA-BA3B-454B-9693-400CC7DAB692}" = protocol=17 | dir=in | app=d:\xunlei\program\xlrcsreport.exe |
"{14A6AF08-2095-4FA8-BBA8-794B48D5B735}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\steelstorm-dedicated.exe |
"{1FB1BA49-764B-4355-B81F-B008F13D7D2F}" = protocol=6 | dir=in | app=d:\origingame2\bfh beta\bfh.exe |
"{1FE62638-BE2B-4DF1-A613-EC642C9F6C95}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21030433-1257-46C6-AEBB-B2E03D40F3AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{213C2E80-AA22-489D-9F81-EC9CDB9CA8E4}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{23F51DFE-FC77-4543-B81A-436370B50CD3}" = protocol=6 | dir=in | app=c:\program files (x86)\even balance, inc\punkbuster\pb\pnkbstra.exe |
"{24FEADE1-07E0-46EE-A31F-4F2F40798713}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\sniperghostwarrior2demo\bin32\sniperghostwarrior2.exe |
"{27561ED2-D18D-4630-ADF3-C21911A2673C}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\homefront\binaries\homefront.exe |
"{28617276-B7ED-46EB-82E7-DE7BEDD1DED7}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{2919234A-93AB-4EC0-96CA-6ABAE8EFDDB1}" = protocol=17 | dir=in | app=c:\program files (x86)\even balance, inc\punkbuster\pb\pnkbstra.exe |
"{2A39BC5F-DC91-4DC7-B81D-EEC10D38E689}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{2EA37BF0-AEBA-4992-B13F-FB7182BCAB5E}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{2F0EA168-D6F5-4193-9F63-FA67D090D4B5}" = protocol=17 | dir=in | app=d:\vuze\azureus.exe |
"{3068C672-AB44-406C-880A-3060FFAA38D4}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty 2\cod2sp_s.exe |
"{31268FCB-2BB9-4BE0-B9AA-9FDF4F47712B}" = protocol=6 | dir=in | app=d:\xmp\program\xmp.exe |
"{32C1D649-7858-4C6E-820B-68A3577B86A6}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{33A84E24-84DF-413D-9D10-3B992AAA99C5}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\sniperghostwarrior2demo\bin32\sniperghostwarrior2.exe |
"{3448D24A-F4F5-4B96-ABEC-8023E80D971E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34ED3036-1A29-40B8-B955-F5444F090705}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{35E7BDF8-8C5E-4C71-8FDD-87CB7ED90DF7}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6mp.exe |
"{3B242C6D-0205-460A-868C-6A25F3BF5F06}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3E520EA2-146F-48FB-821E-85C0874A32E7}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{411BE1D1-E920-4ED5-A73A-428ABD82A89A}" = protocol=6 | dir=in | app=d:\xunlei\program\xlrcsreport.exe |
"{430E0F2B-78C3-4860-A6AD-11B97438EA85}" = protocol=17 | dir=in | app=d:\origingame2\medal of honor airborne\unrealengine3\binaries\moha.exe |
"{460FE8E8-931C-4955-A970-471418BDC5BF}" = protocol=17 | dir=in | app=d:\xmp\program\xmp.exe |
"{496D5202-5798-4DC0-A8C6-9AEDA1CD9CF3}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\homefront\binaries\homefront.exe |
"{499B0F5D-F9F3-470E-A397-0979F7515513}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\operation flashpoint red river\redriverlauncher.exe |
"{4A583892-B422-4DBB-BECC-571DAB11F337}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5074B60F-A086-4FFA-9E9D-DFB046BE5D34}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{507AFD20-D3B3-40A2-9C14-0B74C98D7CC6}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\steelstorm-dedicated.exe |
"{5360056A-D794-4946-9201-DEEDD52FD736}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5735462F-C955-4A11-A0FE-897EB655ABF3}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{5851E6CE-8D26-4032-BDBD-87280622EF07}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{58DB23C3-0AB0-4980-8ED2-05245CA4DD11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5AB6A2EF-E349-4D42-9594-E7AC63E679E2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{5C938814-7A49-45D5-B1C9-503A4DBA1B45}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{5D0A7CD5-7D56-447E-8623-51AF9AB06C06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E6A3FB9-58A7-417B-869A-3C8D76892DC0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5EDFC05F-EA25-40BE-AD3A-60536838E08D}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty 2\cod2sp_s.exe |
"{5F4C5E5F-7A21-44A9-9577-FC1457BE973F}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{634488DD-A698-4E27-9D0B-5654D35ACDBC}" = dir=in | app=d:\softether vpn client\vpncmgr_x64.exe |
"{635677CF-FA46-46C7-BE50-0587B3236871}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty 2\cod2mp_s.exe |
"{648BDC8E-31A6-4305-A5BD-9E6D29FA8CBD}" = dir=in | app=d:\janetter2\bin\janettersrv.exe |
"{66041365-EA33-4462-8F2F-036EA17CE61C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{66782140-FBE1-4504-A660-50ADE4C5484A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{667FE522-B45A-42A5-8117-70D86B79C52D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{673CBA86-6D0D-4FFF-861F-2F8E4099443F}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\steelstorm.exe |
"{6758B6DC-790C-447A-962A-C0CB09BFE5AC}" = protocol=6 | dir=in | app=d:\origingame2\populous\game\game\dosbox\dosbox.exe |
"{6863E9F7-D1A2-4E86-BB31-FA3830AF713F}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe |
"{699D1C73-E2E9-4FE7-A17B-0B6AC227C9E4}" = dir=in | app=d:\softether vpn client\vpncmd_x64.exe |
"{6A07BEA4-091F-49F5-831F-64FFF075DE3D}" = protocol=6 | dir=in | app=c:\users\public\thunder network\xmp4\core\program\xmp.exe |
"{73ACD60E-E17C-4A40-BE4C-47442129BCBE}" = protocol=17 | dir=in | app=c:\users\fukao\appdata\roaming\utorrent\utorrent.exe |
"{77C2D5B5-7F57-4BA7-9743-9B74191A2E61}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty 2\cod2mp_s.exe |
"{78D18C7E-F8A8-47A4-99E7-FF160DB99B80}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{7C1CB060-3AEF-492C-A5AD-F803C2466A0A}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty world at war\codwaw.exe |
"{7E03167F-2ECE-4A9B-A64B-784617ABDD69}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\arma cold war assault\coldwarassault.exe |
"{7EAA3864-A2A8-493C-8138-B2645E6D7B66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{81BFBE8F-3557-42B5-9AB0-72144DE0EE53}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\overlord\overlord.exe |
"{84AF652C-0A1A-4E3F-9FAD-7FF31C89E488}" = protocol=17 | dir=in | app=d:\games\call of duty modern warfare\iw3mp.exe |
"{85E9F474-5E98-4AD6-A066-BCFA289D6770}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{88229B0A-BF1A-43A1-80F6-FDDD90822024}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{887B0CDF-4261-4E77-A964-788BDDF4E59C}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{88C4243F-CC2D-49CD-954B-CE065F57D8E1}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{89F7FEFD-8571-4DD1-BD2A-F3D14743E2C1}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\overlord\config.exe |
"{90E6B15E-CB1A-4177-999D-C6C09E2753F3}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{90E82EC5-F76E-4AC3-98CE-6D6DECFE73A5}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6mp.exe |
"{9105EE69-65A0-4034-9DC6-46490C99E1AF}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{911191CB-B19B-4A38-AC58-391F4D64DDAC}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\operation flashpoint red river\redriverlauncher.exe |
"{91D31B0C-5138-4EEE-BF40-9EF61AA3779A}" = protocol=6 | dir=in | app=d:\origingame2\medal of honor airborne\unrealengine3\binaries\moha.exe |
"{91E0F56F-60B0-4365-809D-1680A87D9728}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{942F6DD3-D0C2-458F-BB3F-E9B0170B4392}" = protocol=6 | dir=in | app=d:\vnc\winvnc.exe |
"{94C42907-521F-4E39-B92A-F9C84F22AEAF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{94C4A6DA-8F32-4340-9023-1C60AEEBE541}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty world at war\codwaw.exe |
"{952A89DE-EC8F-4370-B449-3AF5123C54B3}" = protocol=6 | dir=in | app=d:\games\call of duty modern warfare\iw3mp.exe |
"{96CEDE5C-28B5-4B5E-A3AB-6D1B028C986F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{987128A2-5500-4483-96E7-5E6ABA86CB50}" = protocol=6 | dir=in | app=d:\games\cod4mw\iw3mp.exe |
"{98F42490-BB96-4C15-9272-BA95058B2A4E}" = protocol=17 | dir=in | app=d:\games\cod4mw\iw3mp.exe |
"{994BB026-24FF-4C21-9DC8-CEC9EB9BF1AB}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6sp.exe |
"{9ABBB1F7-A6DA-43AB-9468-12A56E5D20BA}" = protocol=6 | dir=in | app=d:\vnc\vncviewer.exe |
"{A1042414-7E98-4A25-8D5A-C004B0AD02CA}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{A2183F42-2935-45DD-A89C-C783D84AFF50}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6zm.exe |
"{A27F7286-A4D0-403E-B80D-915EA2D1341B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{A2F759B7-8CF7-487D-9025-E531443EB097}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A466787F-84E9-4A94-BDC5-9EF77DB9CDC2}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{A5B0A55D-65F8-4951-B773-3DCFEEF1D671}" = protocol=6 | dir=out | app=system |
"{A9A95F2B-56EA-420A-A661-D4F28D3C70D5}" = protocol=17 | dir=in | app=d:\vnc\vncviewer.exe |
"{AA4D892C-B03C-4BC0-8B22-9172A9A3C59C}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{ACD5184B-A58C-4B1F-850B-B444532D82C9}" = protocol=6 | dir=in | app=d:\cracked steam\steam.exe |
"{AD402CDF-F57D-4799-876A-9F16E4224246}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\arma cold war assault\coldwarassault.exe |
"{AE75550B-7C6E-4018-AE7B-D1D7A8A7E8FE}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{AFF4A206-63A6-4242-BC96-FFB0E3E34B85}" = dir=in | app=d:\softether vpn client\vpncmd.exe |
"{B06F7D6F-AD72-4CBA-B305-590FBBA3D364}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{B23AA7E6-BF9B-47D0-81FF-88764AB310FB}" = dir=in | app=d:\softether vpn client\vpnclient_x64.exe |
"{B2D57FC2-3DA6-4C7C-9793-05133112010A}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty world at war\codwawmp.exe |
"{B2E19CAA-4B32-42DF-BEF2-155B69B13785}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\3dmark\bin\x86\3dmark.exe |
"{B2EA6353-E47A-472C-8BB7-79C0D67CB3D1}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{B368CA28-C6A4-49BB-8D7F-E1CEB4C4BECF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{B482478F-630D-4F2C-89EE-D0E7AB4E42FF}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\operation flashpoint dragon rising\ofdr.exe |
"{B521DEF5-00F9-4478-809F-DD52F6962DA9}" = protocol=6 | dir=in | app=c:\users\fukao\appdata\roaming\utorrent\utorrent.exe |
"{B6B23770-D269-45F7-B1C2-04703E5BACDC}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty world at war\codwawmp.exe |
"{B6E31DE1-A23F-4BDB-A8AB-1A430521BD79}" = protocol=17 | dir=in | app=d:\origingame2\bfh beta\bfh.exe |
"{BA798CD2-1F9E-45AD-9270-3BD09D2CC84B}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\call of duty black ops ii\t6sp.exe |
"{C069597F-2205-45F9-B36B-4CBBCC12DDAF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C3DD6342-A44D-422E-B198-4778DDD1C105}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\metro 2033\metro2033.exe |
"{CC8663AC-5365-4EF6-AEBA-D2EC0CE7ECC4}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{CDE1F042-A6B5-499A-BB89-B124960ED0DF}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{CE2DCA1C-2838-4737-A671-F8AF1B562B47}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CF6C5C11-6BBB-4E07-8F3B-FA4C2CF1EF37}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF7AE218-D45F-4DA0-8323-1FAEE2A73724}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe |
"{D09AF5C1-B9EE-4630-8A27-564DAF607F80}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\operation flashpoint dragon rising\ofdr.exe |
"{D2E514D1-B5A7-4631-A6D4-1E3713A24E66}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\steelstorm\steelstorm.exe |
"{D3C881E1-E50D-4238-B90A-FFB19FFB3D51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D67389BC-0FE2-447E-BCAC-3DBBE9D58600}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D819D678-394F-47DB-A1A1-7391C4F9DDA2}" = protocol=17 | dir=in | app=c:\users\public\thunder network\xmp4\core\program\xmp.exe |
"{D9DA0D17-7EC8-48F6-A871-DB8D58EE07BC}" = protocol=17 | dir=in | app=d:\origingame2\populous\game\game\dosbox\dosbox.exe |
"{DB3E0FAA-7A15-46CF-AA20-D82BD1944E11}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\overlord\overlord.exe |
"{DB784777-8207-4BAB-BAA2-B54E320321C8}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\3dmark\bin\x64\3dmark.exe |
"{DC4AD1B5-B25C-476D-B407-51C379603231}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"{ECC6B235-A27A-4212-831F-0BAD31EEF0A4}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{EDBB5294-9372-484B-A3E7-0831CFC15D7A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE5F2C7E-2FFA-41BE-B5A1-D59C2C25C932}" = dir=in | app=d:\softether vpn client\vpnclient.exe |
"{F072822E-BD94-4465-B829-99B63AFA39EA}" = protocol=17 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{F1843854-D827-4D23-A281-FCC8906DD594}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{F45DCBC8-2A48-4A96-95F3-18D1501856AC}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe |
"{F4B32524-AD3F-43EC-91B1-A76AC99F92A1}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{F5A96A24-9788-4A81-BB04-47E7284A5E86}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F60469F9-CDAE-486B-B519-6A2F3FE13A88}" = protocol=6 | dir=in | app=d:\steamlibrary\steamapps\common\overlord\config.exe |
"{F8AD6DC5-5A4D-40FC-A366-A106E43ABBE9}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{FCF5A804-6814-42EB-9646-A25066A6DC47}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{E76F59DC-B074-423E-BCD2-A6C8386265DC}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"TCP Query User{F843D31B-3E62-4AD2-8493-32C7B3B6BD5C}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"UDP Query User{D67F8220-1B1D-4E53-8B92-004786DB059C}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"UDP Query User{E87DBABF-551E-4D30-AD96-B2BA6D496C26}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09EB6FF8-DB2E-9C4D-3DF1-D28F7C0E54D0}" = AMD Wireless Display v3.0
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22C3E129-F4AA-631C-7EDB-F0C7267A3E7E}" = AMD Wireless Display v3.0
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft マウスキーボードセンター
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{39FD51D4-F006-76A1-9F59-76EA44FC06D0}" = AMD Wireless Display v3.0
"{3A62DD76-55AE-F39D-7FB4-7A802D46871D}" = AMD Drag and Drop Transcoding
"{3C4513C1-8A04-3381-0AED-FC1A59B5B255}" = AMD Wireless Display v3.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{634345DF-42AC-4967-83CD-09DF2A81FABA}" = ESET Smart Security
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{724120B5-FF8C-4337-A7EF-3C1E0FB6B92F}" = DesignSpark Mechanical 1.0
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{77342B24-A2A9-4420-8C9C-C109EE201CBC}" = Reflector
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{99720953-c1d6-4b90-8012-b7c3337f4efe}.sdb" = Battlefield 1942 Windows Vista/7 Compatibility Fix
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A85C16DF-94E2-4EB6-3D38-87A6596F7EEB}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{B98B0D8F-F4DC-1F77-BF90-55DB27FFF0AF}" = AMD Wireless Display v3.0
"{BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}" = AMD Media Foundation Decoders
"{D6D77D65-2E2D-1BB8-FEA2-71BAE1481849}" = AMD Accelerated Video Transcoding
"{ED273D26-E354-1A5B-A0D0-CB5258D43BD2}" = AMD Wireless Display v3.0
"{F5B2C61F-1C10-FD9B-C29C-D8B88C9849CF}" = AMD Catalyst Install Manager
"8771CACD3232C66D51366A8CC7B4C438FB3DB33D" = Windows Driver Package - Sharp Corporation (usbser) Ports (11/16/2009 6.0.0000.00000)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"GIMP-2_is1" = GIMP 2.8.8
"Microsoft Mouse and Keyboard Center" = Microsoft マウスキーボードセンター
"softether_sevpnclient" = SoftEther VPN Client
"Ultravnc2_is1" = UltraVnc
"Unlocker" = Unlocker 1.9.2
"WinRAR archiver" = WinRAR 5.01 (64ビット)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013A0902-F4B4-EE6B-B0F6-02AE257C32C6}" = CCC Help Czech
"{03126094-4A82-39DE-8B11-E3EA5A8780A5}" = CCC Help Greek
"{0D31AFB6-7BF0-F0B3-2616-F736F1F8977E}" = CCC Help Polish
"{14DBCC4D-217D-217B-492F-6F09052C2273}" = Catalyst Control Center InstallProxy
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812SEA}_is1" = World of Tanks
"{1F1121B3-D0D4-0203-9032-95861682A300}" = CCC Help Spanish
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 8
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{253E7D96-27F5-666D-8BE4-685EB3ED395F}" = CCC Help Hungarian
"{25CFE65E-F9CB-7BCF-9D12-70DCEE99E378}" = CCC Help Chinese Standard
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{2B4FEF3B-B683-45BE-A685-32DE48D5A754}" = 簡単バックアップ eX.Backup2 2.05
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3362063A-DBFA-5A33-8853-507420402FA5}" = HydraVision
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3A346455-CAAA-B154-0CF1-AE725045266B}" = CCC Help Thai
"{3B870F22-4C3C-5F2E-68E6-8BBAA417560D}" = CCC Help Korean
"{3CCC5A1C-3DDF-4126-B9DC-EDFC6A0E16A0}" = Hounds
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
"{45798180-2C0A-8AF0-B101-0C9D7CED030E}" = Catalyst Control Center Graphics Previews Common
"{476CD9DE-C45F-4443-BFA7-E51C58B7E455}" = Populous
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{599276A7-F45D-40B1-A0B6-CF132A1CAD49}" = Battlefield™ Hardline Beta
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6716DDF8-442E-D185-5E0C-E07E32D4EC54}" = CCC Help Danish
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{731DD2DE-ED90-26EF-97CC-BE32F5B94C91}" = CCC Help Japanese
"{733E9FF5-7EC2-D417-670A-7B79EA4C4EA0}" = radiko
"{75939021-3B68-419D-8DC1-E9823BFF9658}" = Google Drive
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = バトルフィールド 3
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80194F84-21CE-44CF-A46E-38D8CE448856}" = BlueStacks Notification Center
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850618B7-0F54-6515-E47F-9C9A4BDDC138}" = CCC Help Turkish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8CC53E56-4E66-5A01-DABB-A86B1D87451D}" = Catalyst Control Center Localization All
"{91907B8E-82DD-D216-9860-6AE9722D8306}" = CCC Help Finnish
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{983CFCAC-5C96-4018-8BEC-D6581644C654}" = GEAR driver installer 4.020
"{991C8DEA-3C01-45B8-A62B-1BB69BDC277D}" = Futuremark SystemInfo
"{9960F779-7332-1F9A-CC24-B06654D7C2FD}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = バトルフィールド 4™
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup 2.5
"{B6420DEA-1E15-4406-B6C6-F53B6BD07E10}" = CCC Help French
"{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC}" = Battlestations: Pacific
"{C4ADB67B-C908-4D94-B85E-585D2F3F9118}" = TweetDeck
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{CA225778-2E66-6ACC-BA3B-0900B07D7E5F}" = CCC Help Italian
"{CAA57405-EF42-CE6C-4D85-D324A4A991E3}" = CCC Help Chinese Traditional
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{D3080A9F-0B3D-8668-C472-E1DA1DAFADE0}" = CCC Help German
"{D9C1491F-F4B2-75C6-8082-941F58273F19}" = CCC Help Russian
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode バージョン 3.1.7.9
"{E388A484-5191-720A-D5EF-D276F4D2951F}" = AMD Catalyst Control Center
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E48469CC-635E-4FD5-A122-1497C286D217}_is1" = Call Of Duty 4: Modern Warfare v1.7 [MULTI5] No-DVD/Fixed EXE
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E803E46E-D0CC-184A-9DDB-8889FD905B84}" = CCC Help English
"{ed8deea4-29fe-1932-9612-e2122d8a62d9}}_is1" = War Thunder CDK 0.1
"{EFF1798F-4286-406E-B48D-BF7F6102E644}" = PunkBuster
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7FCAE15-2097-3EB8-936D-DB4D73142BE7}" = CCC Help Norwegian
"{FB5A8D39-5093-C601-C0AF-C8AD4127AA03}" = CCC Help Swedish
"{FD8C5295-2E81-61C9-B8C2-91C8DD7C7A8C}" = CCC Help Dutch
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE6361E2-A909-4F32-9403-3111F81DA443}" = ブレーンライブラリー管理ソフト
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"AIMP3" = AIMP3
"Battlelog Web Plugins" = Battlelog Web Plugins
"BlueStacks App Player" = BlueStacks App Player
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"Call of Duty" = Call of Duty
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivXセットアップ
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 9_is1" = DVDFab 9.1.1.9 (18/12/2013)
"Everything" = Everything 1.2.1.371
"ffdshow_is1" = ffdshow v1.3.4530 [2014-02-09]
"FolderSizeScan" = FolderSizeScan 0.6.3
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Freemake Video Converter_is1" = Freemake Video Converter バージョン 4.1.3
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Freemake Youtube Mp3 Converter_is1" = Freemake Youtube Mp3 Converter
"GetDiz" = GetDiz
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.9.1
"Hidemaru" = 秀丸エディタ (8.35)
"iFunBox 2014_is1" = iFunBox 2014 (v3.1.562.425), iFunbox DevTeam
"iFunbox_is1" = iFunbox (v2.7.2386.747), iFunbox DevTeam
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Internet Download Manager" = Internet Download Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 2.0.2.1012
"Mozilla Thunderbird 24.5.0 (x86 ja)" = Mozilla Thunderbird 24.5.0 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.58
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"radiko.E15AB29BA16B0C2F99EA2884EB6DCAF797A2EC58.1" = radiko
"Startup Delayer" = Startup Delayer v3.0 (build 359)
"Steam" = Steam
"Steam App 10090" = Call of Duty: World at War
"Steam App 11450" = Overlord
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12830" = Operation Flashpoint: Dragon Rising
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 236390" = War Thunder
"Steam App 2630" = Call of Duty 2
"Steam App 34870" = Sniper Ghost Warrior 2
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 43110" = Metro 2033
"Steam App 44340" = Operation Flashpoint: Red River
"Steam App 55100" = Homefront
"Steam App 65790" = Arma: Cold War Assault
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 96200" = Steel Storm: Burning Retribution
"Sumotori Dreams" = Sumotori Dreams
"VLC media player" = VLC media player 2.1.3
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"YS FLIGHT SIMULATOR" = YS FLIGHT SIMULATOR
"スタートアップチェッカー_is1" = スタートアップチェッカー Version 3.0.9.4

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Cloud Player" = Amazon Cloud Player
"GameRanger" = GameRanger
"RadioSure" = RadioSure
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014/07/05 5:53:31 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/05 7:36:48 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/06 2:10:08 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/06 2:42:01 | Computer Name = fukao-PC | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: hsswd.exe、バージョン: 0.0.0.0、タイムスタンプ: 0x51087583 障害が発生しているモジュール名:
ntdll.dll、バージョン: 6.1.7601.18247、タイムスタンプ: 0x521ea8e7 例外コード: 0xc0000005 障害オフセット: 0x00032f24
障害が発生しているプロセス
ID: 0x1218 障害が発生しているアプリケーションの開始時刻: 0x01cf98e52cb7a6bd 障害が発生しているアプリケーションパス: C:\Program
Files (x86)\Hotspot Shield\bin\hsswd.exe 障害が発生しているモジュールパス: C:\Windows\SysWOW64\ntdll.dll
レポート
ID: a2451eab-04d8-11e4-88b2-00aceb2cf65c

Error - 2014/07/06 6:46:14 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/07 5:51:46 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/08 6:05:27 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/08 6:48:44 | Computer Name = fukao-PC | Source = PerfNet | ID = 2005
Description =

Error - 2014/07/08 6:50:36 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/07/09 5:51:35 | Computer Name = fukao-PC | Source = PerfNet | ID = 2005
Description =

Error - 2014/07/09 5:53:27 | Computer Name = fukao-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2014/04/13 2:39:51 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/14 3:06:18 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/15 4:03:24 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/16 2:06:50 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/17 2:24:51 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/17 5:00:11 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/18 2:27:21 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/18 3:40:49 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/18 20:50:26 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

Error - 2014/04/19 3:20:40 | Computer Name = fukao-PC | Source = volmgr | ID = 262190
Description = クラッシュダンプを初期化できませんでした。

< End of report >

なおじん
2014/07/15 (Tue) 14:16:55

返信フォームへ

駆除します

だいぶいろいろ出てきました。MBAMでは不思議と何も出ていませんが、OTLで見つかった分と合わせ、駆除してしまいましょう。

■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。
最初の「:OTL」を抜かさないように。

実行するとプロセスがすべて強制終了されますので、アプリはできるだけ終了しておいてください。
また、ごみ箱が空になりますので、必要なファイルがある場合は先に救出してください。
なお、OTLがフリーズしてしまって先に進まない場合は、セーフモードでコンピュータを起動したうえで

実行してください。

セーフモードへの入り方：
http://www59.atwiki.jp/malware_laboratory/pages/8.html

完了後、再起動を要求されますので、「OK」で再起動してください。再起動後、ログが出ますので、そ

ちらを載せてください。なお、今回のログに関しては、そのまま貼り付けで構いません。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字

ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:OTL
PRC - [2014/01/27 20:03:26 | 000,873,984 | ---- | M] () -- C:\CleanSecurity\CleanSecurity.exe
MOD - [2014/01/27 20:03:26 | 000,873,984 | ---- | M] () -- C:\CleanSecurity\CleanSecurity.exe
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://jp.hao123.com/?tn=incore_pay_hp_01_hao123_jp
IE - HKU\S-1-5-21-213454360-2447172651-1425716406-1001\..\SearchScopes,DefaultScope =
FF - HKLM\Software\MozillaPlugins\@xunlei.com/npaplayer: C:\Users\Public\Thunder Network\APlayer\codecs\npaplayer.dll File not found
FF - HKLM\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found
FF - HKCU\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-213454360-2447172651-1425716406-1001..\Run: [CleanSecurity] C:\CleanSecurity\CleanSecurity.exe ()
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm File not found
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ - D:\xunlei\BHO\OfflineDownload.htm File not found
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ - D:\xunlei\BHO\geturl.htm File not found
O8 - Extra context menu item: &ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ - D:\xunlei\BHO\GetAllUrl.htm File not found
[2014/07/12 14:47:46 | 000,000,000 | ---D | C] -- C:\CleanSecurity
[2014/06/28 21:16:20 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Roaming\675
[2014/06/27 20:26:24 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\pangu
[2014/07/03 19:16:05 | 000,000,000 | ---D | C] -- C:\Users\fukao\AppData\Local\11588
[2014/06/01 14:58:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thunder Network
[2014/06/01 14:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Thunder Network
[2014/06/01 14:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thunder Network
[2014/01/08 13:36:20 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\_111881690A7D.sys
[43 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:8C35AEA7

:Files
C:\CleanSecurity
C:\Program Files (x86)\Common Files\Thunder Network
C:\Program Files (x86)\Thunder Network

:Commands
[purity]
[emptytemp]
[resethosts]
[createrestorepoint]
[reboot]

---ここまで

■Adwcleanerによる駆除
Adwcleanerを起動し、「スキャン」を押した後、「除去」で検出されたエントリを除去してください。

イルカ
2014/07/16 (Wed) 00:43:38

返信フォームへ

OTL FIX後ログ

All processes killed
========== OTL ==========
No active process named CleanSecurity.exe was found!
HKU\S-1-5-21-213454360-2447172651-1425716406-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-213454360-2447172651-1425716406-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@xunlei.com/npaplayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@xunlei.com/npxluser\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@xunlei.com/npxluser\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-213454360-2447172651-1425716406-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CleanSecurity deleted successfully.
C:\CleanSecurity\CleanSecurity.exe moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&ﾊｹﾓﾃ&ﾑｸﾀﾗﾀ・ﾟﾏﾂﾔﾘ\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘ\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&ﾊｹﾓﾃ&ﾑｸﾀﾗﾏﾂﾔﾘﾈｫｲｿﾁｴｽﾓ\ deleted successfully.
C:\CleanSecurity folder moved successfully.
C:\Users\fukao\AppData\Roaming\675 folder moved successfully.
C:\Users\fukao\AppData\Local\pangu folder moved successfully.
C:\Users\fukao\AppData\Local\11588 folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\xldqvideo folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\UserAgent folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\TP\Ver1 folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\TP folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\ServiceLoadModule folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\ServiceDlls folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Pusher\XLUE folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Pusher folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network\Kankan folder moved successfully.
C:\Program Files (x86)\Common Files\Thunder Network folder moved successfully.
C:\ProgramData\Thunder Network\XLLiveUD folder moved successfully.
C:\ProgramData\Thunder Network\XAP\kkv folder moved successfully.
C:\ProgramData\Thunder Network\XAP folder moved successfully.
C:\ProgramData\Thunder Network\DownloadLib folder moved successfully.
C:\ProgramData\Thunder Network folder moved successfully.
C:\Program Files (x86)\Thunder Network folder moved successfully.
C:\Windows\SysWOW64\_111881690A7D.sys moved successfully.
C:\awhAEA5.tmp deleted successfully.
C:\awhAEA6.tmp deleted successfully.
C:\awhAEB5.tmp deleted successfully.
C:\awhAEB6.tmp deleted successfully.
C:\awhAEB7.tmp deleted successfully.
C:\awhAEB8.tmp deleted successfully.
C:\awhAED4.tmp deleted successfully.
C:\awhAEE4.tmp deleted successfully.
C:\awhAEF3.tmp deleted successfully.
C:\awhAF22.tmp deleted successfully.
C:\awhAF32.tmp deleted successfully.
C:\awhAF33.tmp deleted successfully.
C:\awhAF34.tmp deleted successfully.
C:\awhAF41.tmp deleted successfully.
C:\awhAF61.tmp deleted successfully.
C:\awhAF70.tmp deleted successfully.
C:\awhAF71.tmp deleted successfully.
C:\awhAF80.tmp deleted successfully.
C:\awhAF81.tmp deleted successfully.
C:\awhAF8F.tmp deleted successfully.
C:\awhAF90.tmp deleted successfully.
C:\awhAFAF.tmp deleted successfully.
C:\awhAFBE.tmp deleted successfully.
C:\awhAFCE.tmp deleted successfully.
C:\awhAFDD.tmp deleted successfully.
C:\awhAFED.tmp deleted successfully.
C:\awhAFEE.tmp deleted successfully.
C:\awhB00C.tmp deleted successfully.
C:\awhB00D.tmp deleted successfully.
C:\awhB01C.tmp deleted successfully.
C:\awhB02B.tmp deleted successfully.
C:\awhB079.tmp deleted successfully.
C:\awhB099.tmp deleted successfully.
C:\awhB0C7.tmp deleted successfully.
C:\awhB154.tmp deleted successfully.
C:\awhB163.tmp deleted successfully.
C:\awhB164.tmp deleted successfully.
C:\awhB192.tmp deleted successfully.
C:\awhB1E0.tmp deleted successfully.
C:\awhB3B4.tmp deleted successfully.
C:\awhB450.tmp deleted successfully.
C:\awhBBFE.tmp deleted successfully.
C:\awhC496.tmp deleted successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP folder deleted successfully.
ADS C:\ProgramData\Temp:8C35AEA7 deleted successfully.
========== FILES ==========
File\Folder C:\CleanSecurity not found.
File\Folder C:\Program Files (x86)\Common Files\Thunder Network not found.
File\Folder C:\Program Files (x86)\Thunder Network not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: fukao
->Temp folder emptied: 2222125743 bytes
->Temporary Internet Files folder emptied: 76961902 bytes
->Java cache emptied: 21449 bytes
->Google Chrome cache emptied: 347043831 bytes
->Flash cache emptied: 57981 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14067572 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43256918 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,578.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07162014_135426

Files\Folders moved on Reboot...
C:\Users\fukao\AppData\Local\Temp\VPN_38F5\B7091C83.dll moved successfully.
C:\Users\fukao\AppData\Local\Temp\VPN_38F5\VPN_Lock.dat moved successfully.
C:\Users\fukao\AppData\Local\Temp\VPN_373F\B7091C83.dll moved successfully.
C:\Users\fukao\AppData\Local\Temp\VPN_373F\VPN_Lock.dat moved successfully.
C:\Users\fukao\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\fukao\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\Windows\temp\VPN_3E31\VPN_Lock.dat not found!
C:\Windows\temp\VPN_048C\B7091C83.dll moved successfully.
C:\Windows\temp\VPN_048C\VPN_Lock.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

なおじん
2014/07/16 (Wed) 13:58:49

返信フォームへ

治ったと思います

治ったと思います。ありがとうございました！

なおじん
2014/07/16 (Wed) 18:54:26

返信フォームへ

しばらく様子を見ましょう

とりあえず症状は治まったようですね。数日間様子を見て、再発やほかの問題がないか確認してください。
問題が無いようであれば、簡単ですが後片付けの案内をします。

イルカ
2014/07/17 (Thu) 03:14:17

返信フォームへ

問題ないです

再発やほかの問題ないがないので、後片付けの方法を教えていただけないでしょうか。よろしくお願いします。

なおじん
2014/07/20 (Sun) 13:28:54

返信フォームへ

後片付けです

大丈夫そうですね、では簡単ですが後片付けを。

■後片付け
使ったツールを削除します。

・HijackThis
・CCleaner
コントロールパネルから、アンインストールしてください。
ポータブル版をダウンロードされた場合などはコントロールパネルに出てきませんが、その場合は実行ファイルをそのまま削除可能です。

・OTL
OTLを起動後、上側にある「Clean Up」ボタンを押してください。
OTL自身も自動的に削除されます。

・AdwCleaner
起動後、画面右下にある「アンインストール」を押してください。
本当に削除するかと聞かれるので、「はい」を押すとウィンドウが閉じ、ログなどの関連ファイルがまとめて削除されます。

以上です。作業お疲れ様でした。今後はお気をつけて。

イルカ
2014/07/20 (Sun) 16:00:40

返信フォームへ

返信フォーム

Template by マシマロック