悪代官の伏魔殿掲示板
申し訳ありませんが再びお世話になります
以前イルカ様にご指導頂き無事マルウェアの被害から脱した者ですが、最近再び被害が現れ始めました。

症状としては
ページを閲覧していると「お使いのjavaのバージョンは~」のウインドウが開く→閉じるとjavaのDLページに飛ばされる→不明なインストーラがDLされる(これには触れていません)

前回お世話になった際に色々とご指摘頂いたのにも関わらずでお恥ずかしい限りですがまた御助力願います。

Hijackthis ログを貼らせて頂きます。

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:29, on 2014/10/24
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\PCUser\Downloads\HijackThis.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\PCUser\Downloads\HijackThis (1).exe

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: PhishWall - {8CA7E745-EF75-4E7B-BB86-8065C0CE29CA} - C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: PhishWall - {BB62FFF4-41CB-4AFC-BB8C-2A4D4B42BBDC} - C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATLauncher] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
O4 - HKLM\..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [PowerDVD13Agent] "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Tapur] C:\Program Files (x86)\Tapur\tapmgr.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILMJ.EXE /EPT "EPLTarget\P0000000000000000" /M "EP-706A Series"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #1] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'Default user')
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: パワーセラー7で入札予約 - C:\Users\PCUser\パワーセラー7\start.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @oem33.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNService3 - Unknown owner - C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
O23 - Service: CyberLink PowerDVD 13 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: マカフィー パーソナルファイアウォール サービス (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Application Statistics Service (MfeASUM) - McAfee, Inc. - C:\Program Files\McAfee\AppStats\MfeASUM.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SecureBrain PhishWall Update - SecureBrain Corporation - C:\Program Files (x86)\SecureBrain\PhishWall\sbpwupdx.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16227 bytes

続いてCCleaner ログを貼らせて頂きます。

7-Zip 9.20 2014/07/04
Adobe Flash Player 15 Plugin Adobe Systems Incorporated 2014/09/10 6.00 MB 15.0.0.152
Adobe Photoshop Elements 11 Adobe Systems Incorporated 2013/11/16 2.60 GB 11.0
Adobe Reader XI (11.0.09) MUI Adobe Systems Incorporated 2014/09/20 634 MB 11.0.09
Apple Application Support Apple Inc. 2014/10/19 95.2 MB 3.1
Apple Mobile Device Support Apple Inc. 2014/10/19 22.2 MB 8.0.5.6
Apple Software Update Apple Inc. 2013/08/04 2.38 MB 2.1.3.127
Bonjour Apple Inc. 2013/08/04 2.04 MB 3.0.0.10
Broadcom 802.11 Network Adapter Broadcom Corporation 2013/11/16 5.93.98.4
Broadcom Wireless Utility Broadcom Corporation 2013/11/16
Canon MP640 series MP Drivers 2013/11/16
CCleaner Piriform 2014/10/24 4.18
CLIP STUDIO PAINT CELSYS 2013/08/03 1.2.3
ConvertHelper 2.2 DownloadHelper 2014/10/09
CyberLink PowerDVD 13 CyberLink Corp. 2013/08/28 365 MB 13.0.3105.58
EPSON EP-706A Series プリンター アンインストール SEIKO EPSON Corporation 2014/09/27
FFFTP Ver.1.98g2 FFFTP Project 2014/10/22
Google Chrome Google Inc. 2013/12/03 38.0.2125.104
Google Drive Google, Inc. 2014/06/17 36.7 MB 1.16.6866.4367
honestech MP3 Editor 2.0 SE honestech 2013/08/03 2.0
iCloud Apple Inc. 2014/10/19 90.3 MB 4.0.3.56
Intel Collaborative Processor Performance Control Intel Corporation 2014/10/22 1.0.0.1015
Intel(R) Management Engine Components Intel Corporation 2013/12/01 9.5.14.1724
Intel(R) Processor Graphics Intel Corporation 2013/12/01 10.18.10.3316
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2013/11/16 3.0.0.63463
Intel(R) Serial IO Intel Corporation 2014/10/22 1.1.165.1
Intel(R) Update Manager Intel Corporation 2014/09/29 22.6 MB 2.3.1338
Intel(R) Virtual Buttons Intel Corporation 2013/12/01 1.0.0.13
Intel(R) WiDi Intel Corporation 2013/06/22 85.9 MB 4.1.14.0
IObit Uninstaller IObit 2014/05/24 3.3.8.2663
iTunes Apple Inc. 2014/10/19 243 MB 12.0.1.26
Java 7 Update 13 (64-bit) Oracle 2013/06/22 128 MB 7.0.130
Java 7 Update 71 Oracle 2014/10/22 119 MB 7.0.710
Lagarith Lossless Codec (1.3.24) 2014/04/13 931 KB
Lhaplus 2014/04/22
McAfee SiteAdvisor McAfee, Inc. 2014/10/09 3.7.143
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2014/10/24 15.0.4659.1001
Microsoft SkyDrive Microsoft Corporation 2013/11/16 25.1 MB 16.4.6013.0910
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/06/24 290 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/07/04 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2013/08/28 20.0 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/08/28 630 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/08/03 590 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/12/01 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/12/01 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation 2013/11/16 20.5 MB 11.0.51106.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Corporation 2013/11/16 17.4 MB 11.0.51106.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2014/06/24 17.1 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2013/11/16 10.0.30319
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2013/11/16 10.0.30319
Mozilla Firefox 32.0.3 (x86 ja) Mozilla 2014/10/09 75.6 MB 32.0.3
Mozilla Maintenance Service Mozilla 2014/10/09 220 KB 32.0.3
Norton Online Backup Symantec Corporation 2013/06/22 9.02 MB 2.7.0.24
NXPProximityInstaller NXP Semiconductors 2013/12/01 10.6 MB 6.5.2.0
PhishWall SecureBrain Corporation 2014/02/02 3.5.6
Realtek Card Reader Realtek Semiconductor Corp. 2013/12/01 6.2.9200.30164
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/10/22 6.0.1.7135
Realtek PC Camera Realtek Semiconductor Corp. 2013/12/01 13.6 MB 6.2.9200.00224
Shared C Run-time for x64 McAfee 2013/06/22 1.38 MB 10.0.0
Sony Media Library Earth 9.1.00 Sony Corporation 2014/06/24 49.3 MB 9.1.00.15130
Synaptics Pointing Device Driver Synaptics Incorporated 2013/12/01 46.4 MB 17.0.8.5
Tapur 5.3.0.111 tapur.com 2014/04/13 9.43 MB
TeamViewer 9 TeamViewer 2014/09/18 9.0.32494
Unchecky v0.3.3 RaMMicHaeL 2014/10/22 0.3.3
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/04/01 7.58 MB 16.0.805.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/09/19 34.8 MB 15.0.1215
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/02/01 11.5 MB 15.0.1215
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2014/07/24 17.0 KB 16.0.1016.1
VAIO - Active Clip Sony Corporation 2013/06/22 1.2.0.04010
VAIO - Xperia Link Sony Corporation 2014/10/22 1.3.2.07020
VAIO - スライドショーアドイン Sony Corporation 2013/08/03 1.1.0.13140
VAIO Care Sony Corporation 2014/08/19 101 MB 8.4.1.07026
VAIO Care ハードウェア診断ツールプラグイン Sony Corporation 2014/10/22 4.11.1.11210
VAIO CPU Fan診断ツール Sony Corporation 2013/06/22 1.2.0.03050
VAIO Gesture Control Sony Corporation 2013/06/22 2.3.0.04030
VAIO Image Optimizer Sony Corporation 2014/10/22 69.6 MB 3.3.00.10220
VAIO Improvement Sony Corporation 2013/06/22 2.2.0.01240
VAIO Movie Creator Sony Corporation 2014/10/22 0.96 GB 4.3.01.11140
VAIO Sample Music Sony Corporation 2013/06/22 17.0 MB 1.0.0.03051
VAIO TV with nasne™ Sony Corporation 2013/08/03 1.1.0.03190
VAIO Update Sony Corporation 2014/06/13 7.0.1.02280
VAIO お引越サポート Sony Corporation 2013/06/22 1.9.0.11060
VAIO のリカバリー機能 Sony Corporation 2014/04/22 31.5 MB 1.1.2.13230
VAIO の製品登録 (無料) Sony Corporation 2013/06/22 7.0.0.07200
VAIO の設定 Sony Corporation 2014/02/01 6.2.12.13060
VAIO データリストアツール Sony Corporation 2013/06/22 1.11.0.13250
VAIO ホームネットワークビデオプレーヤー Sony Corporation 2014/10/22 69.1 MB 1.2.8.02200
VAIO ホームネットワークビデオプレーヤー デジタル放送プラグイン CyberLink Corp. 2014/10/22 14.4 MB 4.0
VAIO メディア サーバー設定 Sony Corporation 2013/06/22 72.1 MB 1.1.0.02220
WIDCOMM Bluetooth Software Broadcom Corporation 2014/10/22 642 MB 12.0.0.9400
x-アプリ 6.0 Sony Corporation 2014/06/24 88.5 MB 10.0
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2013/09/30 4.73 MB 2.50.6733.38
パワーセラー7 1.0.4.5 Internal Crop.,2012.All rights reserved 2014/06/23 10.1 MB 1.0.4.5
マカフィー セキュリティセンター McAfee, Inc. 2014/10/23 12.8.992

皆様お忙しいところ恐縮ですがよろしくお願いします。
  • 長間正夫
  • 2014/10/24 (Fri) 17:19:06
返信フォームへ 
とりあえず案内です
こんばんは。
管理人の悪代官です。
9月に下記のスレで作業された方ですね。
http://akudaikan-0.bbs.fc2.com/?act=reply&tid=5306355

現在見せてもらったログではまだ不審なものは見えないので、とりあえずイルカさんが来られる前にOTLのスキャンログをとってもらえますか。

先スレの手順を思い出しながらOTLを準備して、それでスキャンだけしてください。
OTL(OldTimer Listit)
ファイル直リンなので、DLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT

これでOTLのログを保存したら、そのログを返信に貼ってレスください。
なお、文字数制限にかからないようにログは複数回に分けて分割でレスをどうぞ
  • 悪代官
  • 2014/10/24 (Fri) 20:18:29
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
はい、では早速 OTL.txt から貼らせて頂きます

OTL logfile created on: 2014/10/24 20:35:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PCUser\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.90 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 28.66% Memory free
6.52 Gb Paging File | 3.10 Gb Available in Paging File | 47.60% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102.62 Gb Total Space | 18.88 Gb Free Space | 18.40% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: PCUser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/10/24 20:30:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PCUser\Downloads\OTL (1).exe
PRC - [2014/10/22 18:30:37 | 000,399,464 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
PRC - [2014/10/22 18:30:37 | 000,111,208 | ---- | M] (RaMMicHaeL) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
PRC - [2014/10/11 13:05:40 | 000,060,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2014/10/10 11:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/22 15:47:32 | 000,741,408 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/09/17 17:42:08 | 000,387,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
PRC - [2014/09/14 09:59:10 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\PCUser\Downloads\HijackThis.exe
PRC - [2014/09/13 03:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/09/13 03:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/09/13 03:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014/09/12 18:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/14 18:20:40 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2014/08/08 00:39:08 | 000,043,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2014/07/15 23:57:31 | 000,093,800 | ---- | M] (SecureBrain Corporation) -- C:\Program Files (x86)\SecureBrain\PhishWall\sbpwupdx.exe
PRC - [2014/02/06 17:23:10 | 000,108,904 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
PRC - [2013/12/09 23:35:38 | 000,187,992 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
PRC - [2013/09/26 15:29:20 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/26 15:28:48 | 000,131,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2013/09/26 15:27:20 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/08/22 11:54:00 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2013/07/12 13:17:24 | 000,327,432 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
PRC - [2013/07/12 13:17:22 | 000,077,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
PRC - [2012/11/24 00:38:00 | 000,186,832 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012/11/24 00:38:00 | 000,067,536 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/10/11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/10/10 11:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014/10/10 11:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014/10/10 11:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014/10/10 11:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014/09/25 03:10:24 | 002,436,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2014/09/11 03:44:56 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/09/04 04:09:02 | 000,603,424 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:[b]64bit:[/b] - [2014/08/20 08:16:12 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:[b]64bit:[/b] - [2014/08/16 12:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/08/16 09:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/08/16 09:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/07/24 16:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/07/02 10:13:26 | 000,059,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:[b]64bit:[/b] - [2014/06/20 10:30:38 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2014/06/20 10:23:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2014/04/25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:[b]64bit:[/b] - [2014/04/06 20:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/03/27 13:09:04 | 002,251,992 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Windows\SysNative\BtwRSupportService.exe -- (BcmBtRSupport)
SRV:[b]64bit:[/b] - [2014/03/24 11:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2014/03/24 11:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/03/14 15:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/03/10 18:30:48 | 000,976,088 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2014/03/08 14:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/03/06 16:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/02/28 17:05:06 | 001,642,544 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:[b]64bit:[/b] - [2014/02/23 00:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/02/22 18:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2014/02/22 18:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/02/22 18:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/02/22 18:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/12/17 11:40:42 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:[b]64bit:[/b] - [2013/12/10 16:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2013/11/19 10:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC)
SRV:[b]64bit:[/b] - [2013/11/19 10:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC)
SRV:[b]64bit:[/b] - [2013/09/11 19:19:12 | 000,335,216 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\AppStats\MfeASUM.exe -- (MfeASUM)
SRV:[b]64bit:[/b] - [2013/08/22 20:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2013/08/22 20:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2013/08/22 20:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2013/08/22 20:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2013/08/22 20:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2013/08/22 19:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2013/08/22 18:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 18:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2013/08/22 18:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:[b]64bit:[/b] - [2013/05/11 17:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/05/11 17:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/03/15 14:53:20 | 000,101,536 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe -- (BrcmSetSecurity)
SRV:[b]64bit:[/b] - [2013/03/14 00:47:34 | 000,481,368 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:[b]64bit:[/b] - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:[b]64bit:[/b] - [2011/12/01 10:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2014/10/22 18:30:37 | 000,111,208 | ---- | M] (RaMMicHaeL) [Auto | Running] -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe -- (Unchecky)
SRV - [2014/09/24 14:09:08 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/13 03:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/09/12 18:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/10 10:31:34 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/16 12:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/15 23:57:31 | 000,093,800 | ---- | M] (SecureBrain Corporation) [Auto | Running] -- C:\Program Files (x86)\SecureBrain\PhishWall\sbpwupdx.exe -- (SecureBrain PhishWall Update)
SRV - [2014/03/27 15:16:42 | 000,131,608 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2)
SRV - [2014/03/14 15:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/03/13 11:42:00 | 000,836,168 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0317941414142151mcinst.exe -- (0317941414142151mcinstcleanup)
SRV - [2014/03/13 10:43:32 | 000,167,208 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2014/02/28 11:32:36 | 000,174,368 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe -- (iumsvc)
SRV - [2014/02/06 17:23:10 | 000,108,904 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe -- (CLHNService3)
SRV - [2013/10/25 02:18:38 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/28 04:38:22 | 000,629,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2013/09/26 15:29:20 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/26 15:28:48 | 000,131,544 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2013/09/26 15:27:20 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/08/22 12:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 11:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/07/12 13:17:24 | 000,327,432 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service)
SRV - [2013/07/12 13:17:22 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service)
SRV - [2013/03/01 16:49:18 | 000,463,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/01/29 17:27:44 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/29 17:27:42 | 000,124,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2013/01/28 12:49:14 | 004,230,016 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2013/01/06 16:30:54 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012/11/24 00:38:00 | 000,067,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/10/22 21:25:30 | 000,044,184 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\STTub30.sys -- (STTub30)
DRV:[b]64bit:[/b] - [2014/10/22 21:25:30 | 000,023,288 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntelSensorSolutionAcpi.sys -- (IntelSensorSolutionAcpi)
DRV:[b]64bit:[/b] - [2014/08/20 08:06:14 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2014/08/20 08:05:28 | 000,445,512 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2014/08/19 05:54:08 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/07/25 00:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/07/25 00:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/07/24 20:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/06/20 10:38:22 | 000,072,128 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2014/06/20 10:31:06 | 000,348,552 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2014/06/20 10:26:02 | 000,786,296 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2014/06/20 10:23:40 | 000,523,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2014/06/20 10:21:48 | 000,313,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2014/06/20 10:20:54 | 000,181,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2014/06/20 10:09:34 | 000,070,600 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:[b]64bit:[/b] - [2014/05/01 22:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:06 | 000,150,744 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtwSerialBus.sys -- (BtwSerialBus)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:04 | 000,229,080 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:04 | 000,190,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:04 | 000,040,248 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:04 | 000,038,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2014/03/27 13:09:02 | 000,166,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:[b]64bit:[/b] - [2014/03/24 11:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2014/03/24 11:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2014/03/24 11:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/03/20 12:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2014/03/14 12:44:24 | 000,367,832 | ---- | M] (Broadcom Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmdhd63.sys -- (BCMSDH43XX)
DRV:[b]64bit:[/b] - [2014/03/14 12:44:24 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2014/03/13 21:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/03/09 05:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/02/23 01:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/02/23 00:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/02/23 00:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/02/23 00:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/02/23 00:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/02/22 21:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2013/12/05 03:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2013/11/11 11:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2013/11/01 20:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/10/30 16:14:04 | 000,263,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2013/10/26 10:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2013/10/06 01:56:02 | 000,077,992 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelPcc.sys -- (IntelHSWPcc)
DRV:[b]64bit:[/b] - [2013/10/06 00:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2013/10/03 23:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2013/10/03 09:32:28 | 000,128,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS_UART2.sys -- (iaLPSS_UART2)
DRV:[b]64bit:[/b] - [2013/10/03 09:32:28 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS_I2C.sys -- (iaLPSS_I2C)
DRV:[b]64bit:[/b] - [2013/10/03 09:32:26 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS_GPIO.sys -- (iaLPSS_GPIO)
DRV:[b]64bit:[/b] - [2013/10/02 12:12:54 | 000,029,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtualButtons.sys -- (VirtualButtons)
DRV:[b]64bit:[/b] - [2013/10/01 10:25:24 | 000,449,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2013/09/30 13:07:00 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2013/09/30 12:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013/09/30 12:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013/09/26 18:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/09/26 18:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2013/09/26 15:28:08 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2013/09/11 19:19:12 | 000,031,408 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Program Files\McAfee\AppStats\MfeASKM.sys -- (MfeASKM)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2013/08/22 20:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/21 19:15:04 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2013/08/21 19:15:02 | 000,042,736 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynRMIHID.sys -- (SynRMIHID)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/01 22:12:54 | 008,242,392 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:[b]64bit:[/b] - [2013/03/26 01:05:20 | 000,142,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS_UART.sys -- (iaLPSS_UART)
DRV:[b]64bit:[/b] - [2013/03/26 01:05:20 | 000,084,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS_SPI.sys -- (iaLPSS_SPI)
DRV:[b]64bit:[/b] - [2013/03/26 01:05:20 | 000,062,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\hswultpep.sys -- (hswultpep)
DRV:[b]64bit:[/b] - [2013/03/19 18:41:44 | 000,031,032 | ---- | M] (Pixela) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pxdmxnet.sys -- (pxdmxnet)
DRV:[b]64bit:[/b] - [2013/03/15 14:53:10 | 000,207,256 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/09/03 17:28:04 | 000,037,888 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (facap)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/10 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/07/11 21:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2012/05/26 09:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NARAx64\0403000.00E\ccSetx64.sys -- (ccSet_NARA)
DRV - [2013/07/12 11:45:44 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/08/28 21:40:52] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5})
DRV - [2013/05/21 19:33:38 | 000,083,656 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\ntk3_64.sys -- (ntk3)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sony.jp/vaio/myvaio/owner/2013b.html [binary data]
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.sony.jp/vaio/myvaio/owner/2013b.html [binary data]
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes\{31FECF46-F0E3-4A2D-A9AD-971B33396646}: "URL" = http://pt.afl.rakuten.co.jp/c/0d8850b6.ee703e96/_RTvaio10013201?v=2&s=1&sitem={searchTerms}
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes\{3489DE59-7AE8-4C5B-B5B7-25BA253EB200}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes\{45AD9E92-55ED-4F69-B389-33C6BEE1AC52}: "URL" = http://www.hmv.co.jp/search/searchresultsutf8.asp?keyword={searchTerms}&site=iesonyvaio1
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\..\SearchScopes\{47206847-4F80-476F-8540-EEAF010F88A7}: "URL" = http://www.amazon.co.jp/gp/search?ie=UTF8&keywords={searchTerms}&tag=vaiosonycojp-2013q2sb-22&index=blended&linkCode=ure&creative=6339
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2242813578-432845641-1636232554-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..browser.startup.homepage: "http://jp.hao123.com/?tn=incore_pay_hp_ex01_hao123_jp"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/10/13 11:32:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2014/10/24 14:49:42 | 000,000,000 | ---D | M]

[2014/06/07 10:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PCUser\AppData\Roaming\mozilla\Extensions
[2014/10/13 11:42:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PCUser\AppData\Roaming\mozilla\Firefox\Profiles\2rdtugv1.default\extensions
[2014/10/09 15:23:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\PCUser\AppData\Roaming\mozilla\Firefox\Profiles\2rdtugv1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/10/13 11:42:28 | 000,000,000 | ---D | M] (iCloud Bookmarks) -- C:\Users\PCUser\AppData\Roaming\mozilla\Firefox\Profiles\2rdtugv1.default\extensions\firefoxdav@icloud.com
[2014/10/09 15:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/10/09 15:22:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_1\
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_3\

O1 HOSTS File: ([2014/10/22 18:30:37 | 000,451,878 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15507 more lines...
O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (PhishWall) - {8CA7E745-EF75-4E7B-BB86-8065C0CE29CA} - C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll (SecureBrain Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PhishWall) - {BB62FFF4-41CB-4AFC-BB8C-2A4D4B42BBDC} - C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll (SecureBrain Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Bluetooth] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtsCM] C:\WINDOWS\RtsCM64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATLauncher] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1 File not found
O4 - HKLM..\Run: [ATUninstallIcon] "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1 File not found
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PowerDVD13Agent] C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2242813578-432845641-1636232554-1001..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2242813578-432845641-1636232554-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2242813578-432845641-1636232554-1001..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILMJ.EXE /EPT "EPLTarget\P0000000000000000" /M "EP-706A Series" File not found
O4 - HKU\S-1-5-21-2242813578-432845641-1636232554-1001..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2242813578-432845641-1636232554-1001..\Run: [Tapur] C:\Program Files (x86)\Tapur\tapmgr.exe (tapur.com)
O4 - Startup: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: パワーセラー7で入札予約 - C:\Users\PCUser\パワーセラー7\start.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: パワーセラー7で入札予約 - C:\Users\PCUser\パワーセラー7\start.html ()
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
  • 長間正夫
  • 2014/10/24 (Fri) 21:28:56
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
OTL.txt の残りです。
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{168F616E-283E-41A0-BAD7-182B19F7A117}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD2E04A5-D4D4-47C7-B279-8102078C4B85}: DhcpNameServer = 172.20.10.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{22c42659-260d-11e3-be85-bfb58ad76d22}\Shell - "" = AutoRun
O33 - MountPoints2\{22c42659-260d-11e3-be85-bfb58ad76d22}\Shell\AutoRun\command - "" = "E:\Startme.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/10/24 20:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\マカフィー
[2014/10/24 15:46:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/10/24 15:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/10/22 22:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/22 22:56:07 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/10/22 22:56:04 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/10/22 22:56:04 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/10/22 22:56:04 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/10/22 21:25:30 | 000,044,184 | ---- | C] (STMicroelectronics) -- C:\WINDOWS\SysNative\drivers\STTub30.sys
[2014/10/22 21:25:30 | 000,023,288 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\SysNative\drivers\IntelSensorSolutionAcpi.sys
[2014/10/22 21:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2014/10/22 20:43:17 | 002,103,040 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib64.dll
[2014/10/22 20:43:17 | 001,958,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2014/10/22 20:43:17 | 001,044,224 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\slcnt64.dll
[2014/10/22 20:43:17 | 000,947,760 | ---- | C] (Sony Corporation) -- C:\WINDOWS\SysNative\SFSS_APO.dll
[2014/10/22 20:43:17 | 000,898,816 | ---- | C] (DTS, Inc.) -- C:\WINDOWS\SysNative\sl3apo64.dll
[2014/10/22 20:43:17 | 000,723,200 | ---- | C] (DTS, Inc.) -- C:\WINDOWS\SysNative\sltech64.dll
[2014/10/22 20:43:17 | 000,244,480 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\SysNative\slprp64.dll
[2014/10/22 20:43:16 | 002,825,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2014/10/22 20:43:16 | 002,787,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2014/10/22 20:43:16 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2014/10/22 20:43:16 | 001,022,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2014/10/22 20:43:16 | 000,624,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2014/10/22 20:43:15 | 046,422,528 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2014/10/22 20:43:15 | 000,154,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2014/10/22 20:43:13 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll
[2014/10/22 20:43:09 | 014,153,984 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek64.dll
[2014/10/22 20:43:09 | 002,036,992 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ64.dll
[2014/10/22 20:43:09 | 001,922,304 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek264.dll
[2014/10/22 20:43:09 | 001,345,280 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO5064.dll
[2014/10/22 20:43:09 | 001,084,160 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO4064.dll
[2014/10/22 20:43:09 | 001,013,504 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll
[2014/10/22 20:43:09 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll
[2014/10/22 20:43:07 | 006,217,904 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPP64A.dll
[2014/10/22 20:43:07 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2014/10/22 20:43:07 | 001,938,608 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPD64A.dll
[2014/10/22 20:43:07 | 000,501,184 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll
[2014/10/22 20:43:07 | 000,487,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll
[2014/10/22 20:43:07 | 000,415,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll
[2014/10/22 20:43:07 | 000,313,520 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPO64A.dll
[2014/10/22 20:43:07 | 000,260,272 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\DDPA64.dll
[2014/10/22 20:43:07 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2014/10/22 20:43:07 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2014/10/22 20:40:39 | 002,251,992 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\BtwRSupportService.exe
[2014/10/22 20:40:39 | 000,229,080 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\btwavdt.sys
[2014/10/22 20:40:39 | 000,190,168 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\btwaudio.sys
[2014/10/22 20:40:39 | 000,166,616 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\btwampfl.sys
[2014/10/22 20:40:39 | 000,150,744 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\BtwSerialBus.sys
[2014/10/22 20:40:39 | 000,040,248 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys
[2014/10/22 20:40:39 | 000,038,616 | ---- | C] (Broadcom Corporation.) -- C:\WINDOWS\SysNative\drivers\btwrchid.sys
[2014/10/22 16:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP
[2014/10/22 16:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffftp
[2014/10/19 17:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/10/19 17:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/10/19 17:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/10/19 17:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/10/19 17:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/19 17:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/10/16 02:50:44 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/10/16 02:50:44 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/10/16 02:50:42 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/10/16 02:50:32 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/10/16 02:50:32 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/10/16 02:50:32 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/10/16 02:50:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/10/16 02:50:31 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/10/16 02:50:31 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/10/16 02:50:31 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/10/16 02:50:31 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/10/16 02:50:31 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/10/16 02:50:31 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/10/16 02:50:31 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/10/16 02:50:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/10/16 02:50:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/10/16 02:48:19 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/10/16 02:48:17 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/10/16 02:48:17 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/10/16 02:48:16 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/10/16 02:48:16 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/10/16 02:48:15 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/10/16 02:48:15 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/10/16 02:48:14 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/10/16 02:48:14 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/10/16 02:48:13 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/10/16 02:48:13 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/10/16 02:48:13 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2014/10/16 02:48:12 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/10/16 02:48:11 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/10/16 02:48:11 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/10/16 02:48:11 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/10/16 02:48:11 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2014/10/16 02:48:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/10/16 02:48:11 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/10/16 02:48:10 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014/10/16 02:48:10 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/10/16 02:48:10 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/10/16 02:48:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/10/16 02:48:09 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 02:48:09 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 02:47:42 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/10/16 02:47:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/10/16 02:46:47 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/10/16 02:46:41 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/10/16 02:46:40 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/10/16 02:46:40 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/10/16 02:46:39 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/10/16 02:46:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/10/16 02:46:38 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/10/16 02:46:38 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/10/16 02:46:38 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/10/16 02:46:38 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/10/16 02:46:38 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/10/16 02:46:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/10/16 02:46:38 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/10/16 02:46:38 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/10/16 02:46:00 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/10/16 02:45:59 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/10/16 02:45:59 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/10/16 02:45:57 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/10/16 02:45:57 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/10/16 02:45:32 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/10/16 02:45:32 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/10/16 02:45:32 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/10/15 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PCUser\AppData\Roaming\Media Player Classic
[2014/10/13 11:41:04 | 000,000,000 | ---D | C] -- C:\Users\PCUser\AppData\Local\E8B70C5E-67DB-45A8-904A-7509B4C01E11.aplzod
[2014/10/13 11:40:41 | 000,000,000 | ---D | C] -- C:\Users\PCUser\Documents\Outlook ファイル
[2014/10/09 17:26:13 | 000,000,000 | ---D | C] -- C:\Users\PCUser\AppData\Local\Apple Computer
[2014/10/09 15:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2014/10/09 15:31:06 | 000,000,000 | ---D | C] -- C:\Users\PCUser\dwhelper
[2014/10/09 15:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/10/09 15:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/29 18:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014/09/27 13:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014/09/27 13:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/09/27 13:07:26 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\SysNative\E_GCINST.DLL
[2014/09/27 13:07:25 | 000,179,712 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SysNative\E_ILMBLMJ.DLL
[2014/09/27 13:07:25 | 000,083,968 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SysNative\E_ID4BLMJ.DLL
[2014/09/13 11:13:01 | 001,110,040 | ---- | C] (Horizon Datasys, Inc.) -- C:\Users\PCUser\Setup64.exe
[2014/09/13 11:13:01 | 000,876,568 | ---- | C] (Horizon Datasys, Inc.) -- C:\Users\PCUser\Setup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/10/24 20:32:05 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\マカフィー セキュリティセンター.lnk
[2014/10/24 20:31:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/10/24 20:30:00 | 000,000,700 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/24 20:08:03 | 000,000,929 | ---- | M] () -- C:\WINDOWS\tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF}.job
[2014/10/24 19:31:21 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/24 17:14:14 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/24 16:54:49 | 000,000,734 | ---- | M] () -- C:\Users\PCUser\Desktop\powerdvd [1].lnk
[2014/10/24 16:30:23 | 000,000,696 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 15:53:45 | 000,232,134 | ---- | M] () -- C:\Users\PCUser\Desktop\無題.png
[2014/10/24 14:55:58 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/24 14:55:58 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/24 14:55:58 | 000,500,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2014/10/24 14:55:58 | 000,135,664 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2014/10/24 14:55:58 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/24 14:50:01 | 000,000,696 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92.job
[2014/10/24 14:49:43 | 3348,561,920 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/24 14:49:43 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014/10/24 10:42:39 | 000,002,681 | ---- | M] () -- C:\Users\PCUser\Desktop\single.php
[2014/10/22 22:56:02 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2014/10/22 22:56:02 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2014/10/22 22:56:02 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2014/10/22 22:56:02 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/10/22 21:25:30 | 000,044,184 | ---- | M] (STMicroelectronics) -- C:\WINDOWS\SysNative\drivers\STTub30.sys
[2014/10/22 21:25:30 | 000,023,288 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\SysNative\drivers\IntelSensorSolutionAcpi.sys
[2014/10/22 16:03:12 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\FFFTP.lnk
[2014/10/21 10:26:23 | 000,002,285 | ---- | M] () -- C:\Users\PCUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/19 17:55:59 | 000,001,795 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/10/16 12:37:46 | 000,435,760 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/10/13 11:44:00 | 000,000,004 | ---- | M] () -- C:\Users\PCUser\AppData\Roaming\appdataFr2.bin
[2014/10/10 07:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/10/09 15:22:19 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/09 07:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2014/09/30 07:45:58 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/09/30 07:45:58 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/26 07:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/09/26 07:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/09/26 07:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/10/24 15:53:45 | 000,232,134 | ---- | C] () -- C:\Users\PCUser\Desktop\無題.png
[2014/10/24 15:46:14 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/22 20:43:17 | 005,804,772 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\rtvienna.dat
[2014/10/22 20:43:16 | 000,711,425 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2014/10/22 20:40:39 | 000,016,838 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\BCM4324B3_002.004.006.0130.0132.hcd
[2014/10/22 16:03:12 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\FFFTP.lnk
[2014/10/21 10:25:39 | 000,000,696 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92.job
[2014/10/19 17:55:59 | 000,001,795 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/10/16 02:48:09 | 000,388,729 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/10/13 22:34:00 | 000,002,681 | ---- | C] () -- C:\Users\PCUser\Desktop\single.php
[2014/10/09 15:22:19 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/10/09 15:22:19 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/27 13:08:41 | 000,000,929 | ---- | C] () -- C:\WINDOWS\tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF}.job
[2014/09/15 15:02:57 | 000,000,004 | ---- | C] () -- C:\Users\PCUser\AppData\Roaming\appdataFr2.bin
[2014/09/13 11:13:01 | 000,000,599 | ---- | C] () -- C:\Users\PCUser\setup.ini
[2014/09/11 17:24:40 | 000,000,724 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/07/04 12:13:04 | 000,000,174 | ---- | C] () -- C:\WINDOWS\Lhaca.ini
[2014/05/18 07:48:23 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/05/04 08:55:03 | 000,000,045 | ---- | C] () -- C:\Users\PCUser\AppData\Roaming\WB.CFG
[2014/04/13 12:40:16 | 000,714,526 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/04/13 12:40:16 | 000,120,320 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/04/13 12:40:16 | 000,001,987 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2014/03/19 02:11:45 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/12/01 14:25:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/16 19:57:24 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 12:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/22 10:12:16 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dll
[2013/06/22 10:05:40 | 005,411,840 | ---- | C] () -- C:\WINDOWS\SysWow64\iSonyVideoProcessor.dll
[2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2013/11/16 19:14:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 13:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 12:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 18:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 11:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 18:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2014/10/24 20:31:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/10/24 20:08:03 | 000,000,929 | ---- | M] () -- C:\WINDOWS\tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF}.job
[2014/10/24 16:30:23 | 000,000,696 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/24 14:50:01 | 000,000,696 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92.job
[2014/10/24 20:30:00 | 000,000,700 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/13 10:29:28 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: SAMSUNG MZNTD128HAGM-00000
Partitions: 6
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 260.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.00GB
Starting Offset: 273678336
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1819279360
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 103.00GB
Starting Offset: 2226126848
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 420.00MB
Starting Offset: 112413638656
Hidden sectors: 0


DeviceID: Disk #0, Partition #5
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 14.00GB
Starting Offset: 112854040576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/02/22 21:02:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/08/29 10:58:52 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2013/08/22 18:53:13 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2013/08/22 19:19:14 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/04/30 13:14:19 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2013/08/22 11:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013/08/22 18:40:30 | 000,468,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2013/08/22 11:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/07/24 18:21:23 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/08/22 19:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/02/22 18:38:56 | 000,753,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/04/30 13:23:54 | 000,353,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/04/30 12:46:07 | 000,285,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/03/04 16:13:06 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2013/08/22 18:44:18 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2013/08/22 20:34:06 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2013/08/22 13:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2013/09/14 18:11:03 | 000,433,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2013/08/22 18:35:27 | 000,403,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/03/27 12:15:43 | 000,718,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:27 | 000,070,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2013/08/22 18:05:22 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2013/08/22 18:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/08/22 18:35:48 | 000,387,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2013/08/22 22:25:35 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/03/06 18:19:44 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/07/24 17:18:34 | 000,795,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2013/08/22 20:22:30 | 000,101,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/01/29 09:18:11 | 000,534,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/02/22 18:38:56 | 000,753,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2013/08/22 20:32:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2013/08/22 22:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/04/09 12:33:54 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/07/24 18:03:18 | 000,324,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2013/08/22 18:24:27 | 000,629,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2013/08/22 11:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/08/02 09:18:31 | 001,212,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2013/08/22 19:55:30 | 000,306,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2013/08/22 12:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2013/08/22 19:00:18 | 000,050,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/07/24 18:02:28 | 000,220,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/03/27 12:10:11 | 001,436,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/04/06 20:01:37 | 000,834,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/04/06 20:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2014/03/24 11:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/08/22 18:44:27 | 001,669,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2013/08/22 18:23:55 | 000,878,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2013/08/22 19:39:20 | 000,634,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2013/08/22 20:23:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2013/08/22 12:56:51 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2013/08/22 18:48:04 | 000,220,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2014/09/08 09:05:25 | 003,448,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2013/08/22 19:30:45 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/07/24 17:32:47 | 001,532,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2013/08/22 18:54:22 | 000,284,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 220 bytes -> C:\Users\PCUser\SkyDrive:ms-properties

< End of report >
  • 長間正夫
  • 2014/10/24 (Fri) 21:32:18
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
続いて Extras.txt 貼らせて頂きます
OTL Extras logfile created on: 2014/10/24 20:35:04 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PCUser\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.90 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 28.66% Memory free
6.52 Gb Paging File | 3.10 Gb Available in Paging File | 47.60% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102.62 Gb Total Space | 18.88 Gb Free Space | 18.40% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: PCUser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Windows\SysWow64\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3C3ABCAE-10C3-41C5-A6D5-1599EC70DC7A}" = lport=9999 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{6721626F-C4B7-4A84-A323-70584AB677AD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{762A0823-D171-4C39-A430-5833ED691F8E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{86146072-1BBD-4508-BE51-98FA6EA2D377}" = lport=9996 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystemtray.exe |
"{8B3EF020-8E8C-4493-A45F-AFF9DE4489BC}" = lport=9998 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcadmin.exe |
"{EDD80E4E-F04A-40B9-AA51-7E417640400B}" = lport=9997 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaioshell.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02BAC5FE-FE38-4090-90BD-ACE6FB435195}" = dir=out | name=@{microsoft.zunevideo_2.6.344.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{041EC3B6-9ACB-4A92-AF8F-2D65B2870B3E}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{05B8AADA-7503-45BF-89DB-DC629D060A03}" = dir=out | name=@{bd9b8345.albumbysony_2.2.1.10080_x86__05bme2bjq6sag?ms-resource://bd9b8345.albumbysony/resources/sz_appname} |
"{08BDDD58-7DE9-4053-AA89-1280ADAB763F}" = dir=in | name=f5 vpn |
"{08E16D35-23F2-4D3E-9777-CE368AB3FF6F}" = dir=out | name=@{14c78905.trendmicromalwaremap_6.5.0.1048_x86__y1xsffnhj35f6?ms-resource://14c78905.trendmicromalwaremap/resources/productname} |
"{0BB05283-F183-48A7-B57A-505D05ECFF6C}" = dir=out | name=@{microsoft.zunemusic_1.5.214.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{0E17DB27-D031-4AFF-92BA-396C0E164425}" = dir=out | name=シュフーチラシアプリ recommended by vaio |
"{0E605696-5011-49C7-9798-B7169367F483}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{0E886BA0-B081-4481-8917-CF4852B4B35D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dms\clmsserverpdvd13.exe |
"{11A4DD84-A117-4654-B135-6B5983B68CB7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13agent.exe |
"{15CA6C0F-76A4-4533-88D0-E67087E08597}" = dir=out | name=@{microsoft.bingsports_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{1833724C-28B1-4C90-AFB5-901801AC4DCD}" = dir=in | name=@{bd9b8345.musicbysony_1.2.0.14240_x86__05bme2bjq6sag?ms-resource://bd9b8345.musicbysony/resources/q_m_browse_001} |
"{1CDCA823-C13F-419E-BD3B-985D34F5D6C4}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{1E7A8F1E-F039-4A20-BB68-2F4869C0084A}" = dir=out | name=sony select |
"{1EC95E95-46CA-4D01-B7F1-79FA41440534}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\kernel\dmr\powerdvd13dmrengine.exe |
"{22972CA1-369F-4097-A569-86F01022772E}" = dir=out | name=sonicwall mobile connect |
"{24A6CEF3-9FD3-44D7-A9A4-2954EB392861}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2587FD36-6438-472C-8E90-42766283777C}" = dir=in | name=juniper networks junos pulse |
"{2756D382-358E-42DE-BA89-C762811A7EA1}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2C0D0EFF-CB42-41A8-9936-21110360A21E}" = dir=out | name=twitter |
"{2E2672EF-BDEE-4B87-A323-6F71E8B178B8}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{35211700-B35E-44BE-BCC0-57CAA29B0437}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{37B9F88C-041C-4426-8A4D-9CD4FB39020D}" = dir=out | name=ヤフオク! (v) |
"{38512E12-4E70-442A-A1E7-D52A84C73187}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{390AB1EC-9873-48EC-9D90-97581F23B270}" = dir=out | name=@{bd9b8345.musicbysony_1.2.0.14240_x86__05bme2bjq6sag?ms-resource://bd9b8345.musicbysony/resources/q_m_browse_001} |
"{3EDF290D-9A39-4525-A068-AD963B3BDCA5}" = dir=in | name=skype |
"{3F307D99-1695-43A3-A7F3-24E748967245}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{41F6918E-6CCA-469C-8558-D5156F2AB4E2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{567EE777-34EB-4599-9D5F-C7D2FE197D6B}" = dir=out | name=windows_ie_ac_001 |
"{5B7B6951-7CE5-4541-8E46-7BE951895D34}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5DD40C35-7354-4D59-BA74-418BFF98F74E}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{64BD848F-8F83-4829-9FC2-373FF0D30E30}" = dir=out | name=@{microsoft.zunemusic_2.6.343.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6565B04D-7151-48D1-8883-90EA619DA8C8}" = dir=out | name=juniper networks junos pulse |
"{667BDE4F-3783-4044-9768-46C9C735ADDA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13.exe |
"{689B78B0-732C-40CD-A869-BA2B864E71F4}" = dir=in | name=vaio care |
"{695EBFA9-214C-49CB-84D2-12355ABC02F9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\powerdvd13ml.exe |
"{6D42F820-53F2-420C-9899-24F3F283871E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{75080B0D-9385-4030-83ED-3C5408980C88}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{77490EA2-933E-4886-AA8D-FB0FE6BDA40D}" = dir=out | name=dropbox |
"{785656C3-F539-4D14-B746-9AE3E733C309}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{786548D7-6BB4-480A-BBEE-3658FBF2342B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{852DC8C1-E83C-402F-92DF-43602987DA13}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{865B6D29-E058-49C0-9F86-33B0F0E14C62}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{86CA31BD-EBBF-47E5-A728-FADC616DC8AB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8A921B4C-5B78-4483-AD1D-621E0180104B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{8A9F7739-2AAD-495A-B84F-0D4EB185C295}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{8E7C46F4-6962-4CD2-B302-A2599A9CF24E}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{91E10076-AF3F-41AC-B8D5-E815FDDD8318}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{9345F4B6-90CA-4558-9757-4A99B632866E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{97F59715-0CE6-4295-8A9F-44C2D7011DE9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{9DC5FBE0-6D09-499C-B660-79C62BDAE173}" = dir=in | name=@{bd9b8345.albumbysony_2.2.1.10080_x86__05bme2bjq6sag?ms-resource://bd9b8345.albumbysony/resources/sz_appname} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A245CED4-BE52-49A6-A600-77F94DC34EEA}" = dir=out | name=@{microsoft.zunevideo_1.5.214.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{A2E9870B-B2B7-4E2B-97D2-8973C4F3AB70}" = dir=out | name=@{intsiginformationco.ltd.23716b36488e7_1.1.2.11_x86__rkqbgp4m5yz8p?ms-resource://intsiginformationco.ltd.23716b36488e7/resources/_storename} |
"{A3B8F27E-DD8B-4843-9F06-191EF98E133A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A444518A-0163-4E8A-B5A8-2788AAAEDF2E}" = dir=out | name=vaio care |
"{A6483206-99A3-4C0E-AA9D-8645F4E7998D}" = dir=in | name=@{14c78905.trendmicromalwaremap_6.5.0.1048_x86__y1xsffnhj35f6?ms-resource://14c78905.trendmicromalwaremap/resources/productname} |
"{A80E1132-AA73-4B2D-A698-1A16DA0981BB}" = dir=in | name=sonicwall mobile connect |
"{A9C58C95-DA2E-4D6C-99B7-AD2B91C71B57}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B45E4EF1-2333-4DCB-8CCC-AEA1B50E1469}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{B9C33DEE-5F54-44D9-9D26-78B0E2EAA22E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BBD93587-38C7-4FE4-A04A-441C14DE6E5D}" = dir=out | name=windows_ie_ac_001 |
"{BE426C87-CA70-4EE4-ABAB-82516206FF09}" = dir=out | name=nissen smart catalog |
"{C085BDED-3E31-452D-BDE7-BAC172CF66DF}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C767458A-1643-4B41-92C2-359439A8E2B4}" = dir=out | name=@{bd9b8345.socialife_2.4.1.7220_x64__05bme2bjq6sag?ms-resource://bd9b8345.socialife/resources/android_app_label} |
"{CEC0F5E1-86C6-48A8-82BB-181D9ACE6B2F}" = dir=out | name=アニラジ |
"{CEC9AF7A-8BF6-462E-A0D8-9995A35A9A4D}" = dir=in | name=check point vpn |
"{CF146097-7EAE-4974-AC82-D827C37EB7ED}" = dir=in | app=c:\users\pcuser\appdata\local\microsoft\skydrive\skydrive.exe |
"{D178F7BF-8D42-43D7-9962-947A76728515}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D17A9354-116F-4621-ACC5-588B9763257A}" = dir=out | name=f5 vpn |
"{D4EBBB5F-D72C-465E-BF17-894FB325A4B7}" = dir=out | name=note anytime for vaio |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D92148E6-6EB8-487A-B43B-ABDE39038CFE}" = dir=out | name=check point vpn |
"{D970FE99-3D80-47C5-9AF3-7D278633C8AA}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E405FA7A-F533-4539-A507-4384247F1354}" = dir=out | name=skype |
"{E41AEE64-784D-42A9-A5F2-292447998901}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{E4D51640-5F8A-49A4-9FCB-BC931705A881}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{E5D4379E-CC17-48EF-8EBA-86D1C51DDCE5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E904AD78-DDC8-4F86-BC51-5B2F006D2BDA}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F07F5B4C-7809-430A-BB5D-9FD3B1D61494}" = dir=out | name=@{microsoft.bingweather_3.0.4.214_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6EF6DD5-6F23-45A0-B0F0-4D1A8D0EA076}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd13\movie\powerdvd cinema\powerdvdcinema13.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD5444DD-780A-4486-9EEB-C557242306F5}" = dir=out | name=doodle god free (v) |
"{FD7CD6B3-5637-4B17-BDB8-B1505D58CC76}" = dir=out | name=mora ~walkman®公式ミュージックストア~ |
"{FDB0DD89-7654-44CC-8D0B-0C9570E9BA13}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"TCP Query User{4A5C7E63-3559-4B75-8340-A7AD71684BD1}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"TCP Query User{A8311F37-F32D-4A4A-8A45-847C36962495}C:\program files (x86)\tapur\tapur.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tapur\tapur.exe |
"UDP Query User{0E532D95-2314-48C9-9E72-943076C4C6F6}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"UDP Query User{3777C6C5-C2F6-49AD-9C2F-A1D665ACBC74}C:\program files (x86)\tapur\tapur.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tapur\tapur.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{15B9204E-BA09-485E-8F2C-094AC0077664}" = VAIO のリカバリー機能
"{1C22618A-FEFA-4F20-B67D-F1311E6804AC}" = VAIO Care
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FBFC270-A5AF-4CF1-8FFA-2E363E0AD4E8}" = VSCx64
"{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}" = VCCx64
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{28B4FCD3-1E17-411F-B56A-769DCF9169E0}" = Intel(R) WiDi
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{2F59B31F-1652-3973-B55F-1A2D1AB42C80}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{456173F7-9DC8-4B3C-A93D-7331A3EAE05E}" = VCCx64
"{4BC363E0-C229-4F9E-8CE1-7F37FD35FB06}" = Intel(R) Serial IO
"{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}" = Broadcom Wireless Utility
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{5A1CD0BB-7E65-45DC-9A9A-682CE8B62AA4}" = Update for Japanese Microsoft IME Standard Dictionary
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO メディア サーバー設定
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{8E59415B-ECAC-43F7-B496-7BCD636C63E1}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}" = Intel(R) Serial IO
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}" = Networkx64
"{B939BFEB-824F-4456-A4EE-2B86ED04033D}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = WIDCOMM Bluetooth Software
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{FB483FA3-A91A-42C2-B3A6-6F6B504A4C5B}" = VAIO ホームネットワークビデオプレーヤー
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"EPSON EP-706A Series" = EPSON EP-706A Series プリンター アンインストール
"HomeBusinessRetail - ja-jp" = Microsoft Office Home and Business 2013 - ja-jp
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0020D0B8-93D5-4E3F-8676-1EEB2184ED52}" = honestech MP3 Editor 2.0 SE
"{03E41E20-0AA7-4E54-B803-7CC660ADBB23}" = VAIO - スライドショーアドイン
"{0DCD0704-E2AB-4e97-96A7-90F146BD8243}" = コンテンツ管理アシスタント for PlayStation(R)
"{0F21B716-62F2-49BF-A35A-F63F630021AC}" = VAIO TV with nasne™
"{121C874E-5797-40B2-86CE-CE6624F2711A}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}" = Intel(R) Update Manager
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{223469C7-3B3F-4D18-AB4A-4F4B298D0DB2}" = x-APPLICATION Components
"{261D72B1-85F3-4593-BD0F-646761761D67}" = honestech MP3 Editor 2.0 SE
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"{3F1A81BF-154E-40EE-987B-159E81D25BF7}" = VAIO の製品登録 (無料)
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4167F869-F973-4812-944B-840F1E1E9953}" = VSCx86
"{4538488B-08D4-4ED7-B285-07C7CACC041B}" = VNT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0AD476-DE95-4293-B437-BE2511DE74B6}" = CLIP STUDIO PAINT
"{4DDAA131-7245-42F7-ADC2-DEF2C0815825}" = VAIO Gesture Control
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO データリストアツール
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}" = VAIO BIOS Data Transfer Utility
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO お引越サポート
"{62CD7F1B-7673-4D5A-BB5B-C9673BCB996F}" = mazecinstall
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74BD2F4C-0AC1-495E-9906-454229211562}" = Sony Media Library Earth 9.1.00
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7DB71278-9AD7-4480-AB08-8649C5010B17}" = Update for Japanese Microsoft IME Standard Dictionary
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{8C0B0C9E-60E6-48CD-8080-615A6D271C0F}" = PhishWall
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO の設定
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0411-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
"{98D1C004-0614-4A16-AC42-13E96B003956}" = VSTG_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}" = ESDL
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9556859-D269-424A-BF4A-549C90352FB4}" = VAIO ホームネットワークビデオプレーヤー デジタル放送プラグイン
"{A99BEDCE-B4B6-4AFB-942B-27F9A4A28183}" = VCCx86
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) MUI
"{AEF18835-17DB-44BA-94FB-A15C68B717C5}" = x-アプリ
"{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}" = VCCx86
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO CPU Fan診断ツール
"{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}" = VAIO Movie Creator
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer
"{D5DFB462-F7B2-4782-8EDB-0B08F23D12A6}" = VAIO - Active Clip
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D9F75285-4864-461D-83DA-8D056BAC44D1}" = Google Drive
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Realtek PC Camera
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EC153498-00E1-4C9C-89BE-81527C6750BE}" = VAIO Care ハードウェア診断ツールプラグイン
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}" = XperiaLinkx86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.24)
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FBEE3D44-0933-4B84-BB6A-49957F89187F}" = VAIO Sample Music
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"0E7DAF70-FB54-4B91-B192-7E771C25AEEB" = Intel Collaborative Processor Performance Control
"1992736F-C90A-481C-B21B-EE34CAD07387" = Intel(R) Virtual Buttons
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11
"FFFTP" = FFFTP Ver.1.98g2
"Google Chrome" = Google Chrome
"InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{74BD2F4C-0AC1-495E-9906-454229211562}" = Sony Media Library Earth 9.1.00
"InstallShield_{A9556859-D269-424A-BF4A-549C90352FB4}" = VAIO ホームネットワークビデオプレーヤー デジタル放送プラグイン
"InstallShield_{AEF18835-17DB-44BA-94FB-A15C68B717C5}" = x-アプリ 6.0
"InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}" = VAIO Movie Creator
"IObitUninstall" = IObit Uninstaller
"Lhaplus" = Lhaplus
"Mozilla Firefox 32.0.3 (x86 ja)" = Mozilla Firefox 32.0.3 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = マカフィー セキュリティセンター
"NARA" = Norton Online Backup ARA
"NXPProximityInstaller" = NXPProximityInstaller
"Tapur_is1" = Tapur 5.3.0.111
"TeamViewer 9" = TeamViewer 9
"Unchecky" = Unchecky v0.3.3
"パワーセラー7" = パワーセラー7 1.0.4.5

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014/05/30 5:41:48 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: PMBBrowser.exe、バージョン: 7.0.2.14060、タイム スタンプ: 0x5111683a
障害が発生しているモジュール名:
PMBBrowser.exe、バージョン: 7.0.2.14060、タイム スタンプ: 0x5111683a 例外コード: 0xc0000005 障害オフセット:
0x002ba2ec 障害が発生しているプロセス ID: 0xcec 障害が発生しているアプリケーションの開始時刻: 0x01cf7beb5721a9fa 障害が発生しているアプリケーション
パス: C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe 障害が発生しているモジュール
パス: C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe レポート ID: 9e3b142b-e7de-11e3-beb7-240a6425eee6
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2014/05/30 11:14:31 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = プログラム wwahost.exe バージョン 6.3.9600.17031 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 247c 開始時刻: 01cf7c0cbd633364 終了時刻: 4294967295

アプリケーション
パス: C:\WINDOWS\system32\wwahost.exe レポート ID: 258bdc4e-e80b-11e3-beb7-240a6425eee6

障害が発生しているパッケージのフル
ネーム: BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag 障害が発生しているパッケージに関連するアプリケーション
ID: SonyCorporation.VAIOMessageCenter

Error - 2014/05/30 17:44:28 | Computer Name = VAIO | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 2014/05/31 15:01:49 | Computer Name = VAIO | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 2014/05/31 15:02:12 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名:
McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae 例外コード: 0x40000015 障害オフセット: 0x0000000000023799
障害が発生しているプロセス
ID: 0x31ac 障害が発生しているアプリケーションの開始時刻: 0x01cf7d02cb9e23c6 障害が発生しているアプリケーション パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 障害が発生しているモジュール パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe レポート ID: 11e4eec9-e8f6-11e3-beb7-240a6425eee6
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2014/05/31 15:03:26 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名:
McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae 例外コード: 0x40000015 障害オフセット: 0x0000000000023799
障害が発生しているプロセス
ID: 0x1030 障害が発生しているアプリケーションの開始時刻: 0x01cf7d02dd88ea51 障害が発生しているアプリケーション パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 障害が発生しているモジュール パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe レポート ID: 3e69ade0-e8f6-11e3-beb7-240a6425eee6
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2014/05/31 15:04:37 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名:
McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae 例外コード: 0x40000015 障害オフセット: 0x0000000000023799
障害が発生しているプロセス
ID: 0xdd8 障害が発生しているアプリケーションの開始時刻: 0x01cf7d0308fc0de7 障害が発生しているアプリケーション パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 障害が発生しているモジュール パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe レポート ID: 684f0ba9-e8f6-11e3-beb7-240a6425eee6
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2014/06/01 9:08:01 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名:
McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae 例外コード: 0x40000015 障害オフセット: 0x0000000000023799
障害が発生しているプロセス
ID: 0x27c0 障害が発生しているアプリケーションの開始時刻: 0x01cf7d9a7c45c1b3 障害が発生しているアプリケーション パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 障害が発生しているモジュール パス: C:\Program
Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe レポート ID: c1ff5ab9-e98d-11e3-beb7-240a6425eee6
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2014/06/03 17:50:58 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: mcupdmgr.exe、バージョン: 12.8.957.0、タイム スタンプ: 0x535ae03b
障害が発生しているモジュール名:
combase.dll、バージョン: 6.3.9600.17031、タイム スタンプ: 0x53087867 例外コード: 0xc0000005 障害オフセット:
0x0000000000016847 障害が発生しているプロセス ID: 0x7fc 障害が発生しているアプリケーションの開始時刻: 0x01cf7d3ba39ff943
障害が発生しているアプリケーション
パス: c:\PROGRA~1\mcafee\msc\mcupdmgr.exe 障害が発生しているモジュール パス: C:\WINDOWS\SYSTEM32\combase.dll
レポート
ID: 24a841d8-eb69-11e3-beb7-240a6425eee6 障害が発生しているパッケージの完全な名前: 障害が発生しているパッケージに関連するアプリケーション
ID:

Error - 2014/06/04 6:03:24 | Computer Name = VAIO | Source = Application Hang | ID = 1002
Description = プログラム wwahost.exe バージョン 6.3.9600.17031 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 4618 開始時刻: 01cf7f2ea90e3ebb 終了時刻: 4294967295

アプリケーション
パス: C:\WINDOWS\system32\wwahost.exe レポート ID: ced26b40-ebce-11e3-beb7-240a6425eee6

障害が発生しているパッケージのフル
ネーム: BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag 障害が発生しているパッケージに関連するアプリケーション
ID: SonyCorporation.VAIOMessageCenter

[ ESRV_SVC Events ]
Error - 2014/09/09 3:19:44 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/10 1:17:07 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/11 6:11:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/12 21:09:30 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/12 23:07:29 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/14 8:35:16 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/09/21 23:24:34 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/10/05 3:13:58 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/10/12 22:35:26 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

Error - 2014/10/19 5:12:19 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =

[ System Events ]
Error - 2014/10/24 1:58:24 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee Home Network サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error - 2014/10/24 1:58:24 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee VirusScan Announcer サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error - 2014/10/24 4:15:15 | Computer Name = VAIO | Source = DCOM | ID = 10000
Description =

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee Home Network サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = マカフィー パーソナルファイアウォール サービス サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee VirusScan Announcer サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee Platform Services サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee Proxy Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 5:16:06 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = McAfee Anti-Spam Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 4 回目です。

Error - 2014/10/24 7:29:59 | Computer Name = VAIO | Source = DCOM | ID = 10000
Description =

[ USER_ESRV_SVC Events ]
Error - 2014/04/22 5:17:51 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 2014/04/22 5:17:51 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =

Error - 2014/04/22 5:17:51 | Computer Name = VAIO | Source = USER_ESRV_SVC | ID = 2
Description =


< End of report >

以上です、よろしくお願いします。
  • 長間正夫
  • 2014/10/24 (Fri) 21:34:41
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
こんばんは、たまに出てくる回答者のイルカです。またお会いしましたね。


OTL/HijackThis/CCleanerのログいずれを見ても、直接的に原因となりそうなエントリは見当たりません。
ただ、いくつか気になる点はあるので、そちらを確認しましょう。

1.
次のソフトに見覚えはありますか?
mazecinstall

2.
勝手に開くJavaのダウンロードページのURLはどこでしょうか?
また、勝手にウィンドウが開くのは、特定のページだけでしょうか、それともどのページでも関係なく開きますか?

3.
OTLで1点だけFixを。

■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。
最初の「:OTL」を抜かさないように。

実行するとプロセスがすべて強制終了されますので、アプリはできるだけ終了しておいてください。
また、ごみ箱が空になりますので、必要なファイルがある場合は先に救出してください。
なお、OTLがフリーズしてしまって先に進まない場合は、セーフモードでコンピュータを起動したうえで実行してください。

セーフモードへの入り方:
http://www59.atwiki.jp/malware_laboratory/pages/8.html

完了後、再起動を要求されますので、「OK」で再起動してください。再起動後、ログが出ますので、そちらを載せてください。なお、今回のログに関しては、そのまま貼り付けで構いません。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:OTL
FF - prefs.js..browser.startup.homepage: "http://jp.hao123.com/?tn=incore_pay_hp_ex01_hao123_jp"
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:Commands
[purity]
[emptytemp]
[createrestorepoint]
[reboot]

---ここまで

4.
以下のツールでスキャンを行ってみましょう。

■Junkware Removal Tool
以下のURLからJunkware Removal Toolをダウンロードしてください。
http://thisisudax.org/downloads/JRT.exe
サーバーが重いので、上手くいかないときは少し時間をおいてお試しください。

ダウンロード後、実行ファイルを右クリックし「管理者として実行」してください。
実行すると自動的にスキャン&駆除が開始されます。完了後、ログが開きますので、その内容をお知らせください。
  • イルカ
  • 2014/10/25 (Sat) 02:47:17
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
イルカ様お久しぶりです、またお世話になります。

>次のソフトに見覚えはありますか?
>mazecinstall
全くありません。PC内でファイル検索をかけてもヒットしないのですが、隠れているファイルでしょうか?

>2.
>勝手に開くJavaのダウンロードページのURLはどこでしょうか?
>また、勝手にウィンドウが開くのは、特定のページだけでしょうか、それともどのページでも関係なく開きますか?
開くURLはこちらです → http://s8.andngy.com/5449e778962dbs1414129528?geo=JP&lp_domain=andngy.com&aid=129
発生するページは様々ですが「Yahoo知恵袋」や「おしえてgoo」などで多いように思えます、ですが同ページでも発生しないときもあります。
(たまに思い出したように発生します)

OTLのログ貼らせて頂きます。

All processes killed
========== OTL ==========
Prefs.js: "http://jp.hao123.com/?tn=incore_pay_hp_ex01_hao123_jp" removed from browser.startup.homepage
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM\RTCOMDLL.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM\RtDataProc.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM\RtkCfg.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM\RtkXInterface.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM\RTLCPAPI.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64\RTCOM folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\SysWOW64 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\43241b4rtecdc.bin deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\bcmdhd63.sys deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\btwampfl.sys deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\BtwSerialBus.sys deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\RTAIODAT.DAT deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\RTKVHD64.sys deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS\rtvienna.dat deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS folder deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\AERTAC64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\bcmihvsrv64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\bcmihvui64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\BtwRSupportService.exe deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\CONEQMSAPOGUILibrary.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DDPA64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DDPD64A.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DDPO64A.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DDPP64A.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DTSU2PGFX64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DTSU2PLFX64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\DTSU2PREC64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\FMAPO64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioAPO30.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioAPO4064.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioAPO5064.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioAPOShell64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioEQ64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioRealtek264.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxAudioRealtek64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\MaxxVolumeSDAPO.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RCoInstII64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RCoRes64.dat deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RTCOM64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RtDataProc64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RtkApi64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RtkAPO64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RtPgEx64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\RTSnMg64.cpl deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\SFSS_APO.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\sl3apo64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\slcnt64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\slprp64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\sltech64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32\WavesGUILib64.dll deleted successfully.
C:\WINDOWS\LastGood.Tmp\system32 folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Guest

User: PCUser
->Temp folder emptied: 28346661 bytes
->Temporary Internet Files folder emptied: 161605526 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40305712 bytes
->Google Chrome cache emptied: 317905705 bytes
->Flash cache emptied: 924 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30340282 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 552.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 10252014_084317

Files\Folders moved on Reboot...
C:\Users\PCUser\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(20141024150720ECC).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20141024150720ECC).log not found!
C:\WINDOWS\temp\VAIO-20141024-1507a.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

続いて Junkware Removal Tool のログです

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by PCUser on 2014/10/25 at 8:55:21.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\HAO123.1.0.0.1111.EXE-DB314530.pf
Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\PCUser\AppData\Roaming\mozilla\firefox\profiles\2rdtugv1.default\prefs.js

user_pref("extensions.TNh.url", "hxxp://discountgetdirect.ru/sync2/?q=hfZ9oeV9CGhEAen0rihTB6lKDzt4okPntNtVh7n0rjnEpjwErdY9rTr9tMFHhd9Fqda4rjnFrTnFrHwMDMlGojUMAe4UojwHpjaGqjY9p
Emptied folder: C:\Users\PCUser\AppData\Roaming\mozilla\firefox\profiles\2rdtugv1.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014/10/25 at 8:59:36.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 長間正夫
  • 2014/10/25 (Sat) 09:08:03
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
OTLの処理は大丈夫そうです。

URLとソフトの件は了解です。ソフトが表示されていないとなると、ちょっと手が出しにくいところですね。
とりあえずこちらは後回しにしましょう。

JRTでもいくつかファイルが削除されたようですが、念のためこちらの2ツールも。
処理後、広告の出方に変化があったかどうかお知らせください。


■AdwCleanerでの処置
AdwCleanerの使い方
http://www59.atwiki.jp/malware_laboratory/pages/4.html

を参考に、「Adwcleanerのダウンロード」~「駆除ログの出力」までを行い、結果出てきたログをお知らせください。



■Malwarebytes Anti-Malwareによる処置
以下のURLの手順を参考に、スキャンを行い、結果をお知らせください。

MBAMの使い方
http://www59.atwiki.jp/malware_laboratory/pages/7.html
  • イルカ
  • 2014/10/25 (Sat) 20:40:08
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
mazecinstallは後回し、承知しました。

AdwCleanerのログ、貼らせて頂きます。

# AdwCleaner v4.001 - レポート作成日 26/10/2014 時間 21:02:09
# DB v2014-10-26.1
# 更新日 20/10/2014 更新元 Xplode
# オペレーティングシステム : Windows 8.1 (64 bits)
# ユーザー名 : PCUser - VAIO
# プログラムの実行場所 : C:\Users\PCUser\Downloads\adwcleaner_4.001.exe
# オプション : 除去

***** [ サービス ] *****


***** [ ファイル / フォルダ ] *****


***** [ タスク ] *****


***** [ ショートカット ] *****


***** [ レジストリ ] *****


***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 ja)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [801 octets] - [26/10/2014 20:30:08]
AdwCleaner[S0].txt - [707 octets] - [26/10/2014 21:02:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [766 octets] ##########

続きましてMBAMのログを

Malwarebytes Anti-Malware
www.malwarebytes.org

スキャン日付: 2014/10/26
スキャン時刻: 21:09:33
ログファイル: MBAMlog.txt
管理者: はい

バージョン: 2.00.3.1025
マルウェアデータベース: v2014.10.26.02
ルートキットデータベース: v2014.10.22.01
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効

OS: Windows 8.1
CPU: x64
ファイルシステム: NTFS
ユーザー: PCUser

スキャン形式: 脅威スキャン
結果: 完了しました
スキャンされたオブジェクト数: 369635
経過時間: 8 分, 2 秒

メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 無効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効

プロセス: 0
(なし悪意のある項目を検出)

モジュール: 0
(なし悪意のある項目を検出)

レジストリキー: 0
(なし悪意のある項目を検出)

レジストリ値: 0
(なし悪意のある項目を検出)

レジストリデータ: 0
(なし悪意のある項目を検出)

フォルダー: 0
(なし悪意のある項目を検出)

ファイル: 3
PUP.Optional.OptimunInstaller, C:\Users\PCUser\Downloads\setup (1).exe, , [103adc3d67151620854d84c59c643ac6],
PUP.Optional.OptimunInstaller, C:\Users\PCUser\Downloads\setup (2).exe, , [75d57e9b48342511775bfa4fc93703fd],
PUP.Optional.OptimunInstaller, C:\Users\PCUser\Downloads\setup.exe, , [84c6f7224933f145b61c71d8d0309d63],

物理セクタ: 0
(なし悪意のある項目を検出)


(end)

こちらの3つのファイルは飛ばされた「javaのアップデート云々」で自動的にダウンロードされたものだと思います。


ご指示の通り上の2ツールを利用した後、google chromeの履歴から飛ばされる直前に閲覧していたページを5つほど追ってみましたが飛ばされることはありませんでした。
発生しやすかったYahoo知恵袋やおしえてgooでも発生しませんでした。

ですが新たに別の症状を発見しました。
先ほど所用で楽天銀行のページを開いた際に初めて発見したのですが、私が気づいていなかっただけで以前からそうだったのかもしれません。

利用している楽天銀行のページからログインしようとすると本来別ウインドウでIDとパスワードを入力するページが開くのですが
DMMの広告ページが開き、チカチカと切り替わり最後は「Windows8リペアツール」というページが開くようになっていました。

履歴を見ると以下のようにページが切り替わっていくみたいです。

http://stylene.net/z/?f=rjs7vTC6vTY8vTgGfHw9rjnHrTkErjY%3D&eid=1047&hid=11590840634980153479&pid=1&rf=http%3A%2F%2Fwww.rakuten-bank.co.jp%2Fcampaign%2Frakuten%2Fic%2Fopen-3_times.html%3Fl-id%3Dtt_20121001-20121031_3-DF&s=px.pluginh&r=0.24799008900299668
http://go.turboloves.net/?g=Azm9CdOLv7lKh7VKhi49CMJIBMJHvMqLBi0IAe4RvMlKh7VKhj0NDeVUoetUgHC7qMn9vjY6qdCJqdn7hc8ZgTaHvjaEhTkFhTr7hTgGgGhsgftUByVKAH89CNlVtNmPBek0rchXCMhMofb5vNbIDeDPBMY%3D
http://www.dmm.com/lp/game/kansenshoujo/index007_html/=/navi=none/?utm_source=site&utm_medium=display&utm_campaign=pc
http://stylene.net/z/?f=rjs7vTC6vTY8vTgGfHw9rjnHrTkErjY%3D&eid=1047&hid=11590840634980153479&pid=1&rf=http%3A%2F%2Fgo.turboloves.net%2F%3Fg%3DAzm9CdOLv7lKh7VKhi49CMJIBMJHvMqLBi0IAe4RvMlKh7VKhj0NDeVUoetUgHC7qMn9vjY6qdCJqdn7hc8ZgTaHvjaEhTkFhTr7hTgGgGhsgftUByVKAH89CNlVtNmPBek0rchXCMhMofb5vNbIDeDPBMY%253D&s=px.pluginh&r=0.3302056298125535
http://go.turboloves.net/?g=Azm9CdOLv7qUBS4ZhzqGDM8VhyVZvM4VDc0ZhzqGDM8VhyVZv6qTCMVEDzrLhyVGheq9v7mPCMlTDc4ODy8Io7w0qjaGrdwEqjnMC7V3hj9Frds9WdC7pchTAj9FtNqVCNhVCMmLBexPBT8ZhzrKgemHCNhJhemPgi4KhfnMg70KDyl5Dd8TqdU4rdw6rdgMf6tMhT8EWc4EBzlNAe4O
http://cdn.adsrvmedia.net/adsrvmedia/scripts/direct/direct.html?a=50201054&size=1024x768&ci=1&serverdomain=ads.adsrvmedia.net&context=c49901706&_rff=px.pluginh
http://ads.adsrvmedia.net/imp5250?a=50201054&size=1024x768&ci=1&context=c49901706&_rff=px.pluginh&r=http%3A%2F%2Fgo.turboloves.net%2F%3Fg%3DAzm9CdOLv7qUBS4ZhzqGDM8VhyVZvM4VDc0ZhzqGDM8VhyVZv6qTCMVEDzrLhyVGheq9v7mPCMlTDc4ODy8Io7w0qjaGrdwEqjnMC7V3hj9Frds9WdC7pchTAj9FtNqVCNhVCMmLBexPBT8ZhzrKgemHCNhJhemPgi4KhfnMg70KDyl5Dd8TqdU4rdw6rdgMf6tMhT8EWc4EBzlNAe4O&u=http%3A%2F%2Fgo.turboloves.net%2F%3Fg%3DAzm9CdOLv7qUBS4ZhzqGDM8VhyVZvM4VDc0ZhzqGDM8VhyVZv6qTCMVEDzrLhyVGheq9v7mPCMlTDc4ODy8Io7w0qjaGrdwEqjnMC7V3hj9Frds9WdC7pchTAj9FtNqVCNhVCMmLBexPBT8ZhzrKgemHCNhJhemPgi4KhfnMg70KDyl5Dd8TqdU4rdw6rdgMf6tMhT8EWc4EBzlNAe4O
http://www.tuneuppro.com/mplys/?utm_source=mplys&vurlid=50201054&ccode=jp&context=kaaQeErbRiSQpUUK-cBrccYRAGhiW8p3My3OG9zKIhQimvZSpWIKpkzGDlecUr_qx7jl4F8VEL3jFd8qDXqNxwNaWFvhfr5qzYvtYS3n6-Alv5Dwp9SUA8qPWzGtXJQGqDhjRaIzFsyLpazkR4Je5HV4A5AN35u2DvrZQLu8SeEGci5CbdEf-j1K6AtCjPMrVhk_d9Jlj9ZJbdAgdH0_8sSqq5O1j4bUDR4PJEMChrZlukF5lo1l9xyj8zXH42GOSv5pFJkAJHmNmReQIStPtDcxkfdK4qvAbN1FYACFUiywEVJYjlVEGTpeiWXX5-bsDUg28LIOezbLv2c154MU69rBIwqyAgw_zBKFjgjWUQextPdtP2em3zrPz0N6PWexLstODLU17yEX9Q5jsjgy09bgQC-qlt9FQU3K04UCOBibD93nbMa4

このウインドウを閉じてもう一度ログインしようとすると問題なく入力ページに入ることが出来ます。

突然新たな相談をしてしまい、ご迷惑をおかけします。

  • 長間正夫
  • 2014/10/26 (Sun) 21:58:48
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
これまでのログでは、特にこれといった原因は見えないのですが・・・。

銀行サイトの件は、Google Chrome以外でも発生しますか?

あまり使いたいツールではないのですが、これを使ってみましょうか。


■herdProtectによるスキャン
以下のURLから、herdProtect Portable版をダウンロードしてセットアップします。
http://www.herdprotect.com/installers/herdProtectScan_Portable.exe

上手くダウンロードできない場合は、
http://www.herdprotect.com/downloads.aspx
から「Download (Portable)」を選択してください。

起動後、簡単なセットアップが終わると、「Scan」のボタンのついた画面が出ます。
これを押し、結果が出るまでお待ちください。

結果が出たら、「Save result」からデータを書き出し、こちらに投稿してください。長くなる場合は適当なところで分割して下さい。

使い方参考:
http://www.gigafree.net/security/antivirus/herdProtect.html
  • イルカ
  • 2014/10/27 (Mon) 00:27:01
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
そうなのですか、お手数おかけいたします・・・。

ページ閲覧中にいきなり別ページに飛ばされる症状は今のところ発生しません。

銀行サイトの件についてはIEとFireFoxで試してみましたがどちらも発生しません。Google Chromeのみのようです。

それでは herdProtect のログ貼らせて頂きます。

Saved date: 2014/10/27 10:32:46
Files detected: 68
Files scanned: 10,517
Processes scanned: 105
Modules scanned: 859
ASEPs scanned: 531
Downloads scanned: 18
Deep analysis: 138/21
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files (x86)\unchecky\bin\unchecky_svc.exe
Publisher: RaMMicHaeL
Signer: Michael Maltsev
MD5: cff6e2aff3c5983145718fc1a2b1250f
SHA-1: bdea98f5dd8620f269456a1c5731de17ca4be959
Created: 2014/09/13 10:18:31
Detections: 1
Determination: Inconclusive
- VIPRE Antivirus as Opencandy (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\mcafee.com\agent\mcagent.exe
Publisher: McAfee, Inc.
Signer: McAfee, Inc.
MD5: 04679e0dc30077ec1164be82f2a2adc9
SHA-1: b2663ac43504ffb1ae3fcac6c6d59a795898bb76
Created: 2014/09/09 18:56:16
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.SGeneric (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\downloads\adwcleaner_4.001.exe
Publisher:
MD5: eb40dc01ef0d0d91f13aaba0fe1fc0ca
SHA-1: 6455b475d80717af59a0f4adc2d97ae15f104a2a
Created: 2014/10/26 20:28:26
Detections: 2
Determination: Ignore detections (false positive)
- AegisLab AV Signature as Troj.MSIL.Disfa (Undefined)
- Jiangmin as TrojanDropper.FrauDrop.uic (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\downloads\otl.exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2014/09/15 9:51:10
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\appdata\local\temp\jrt\nircmd.dat
Publisher: NirSoft
MD5: 466a42aea0abdf4c6b610f0f5e61cfa2
SHA-1: 7e7998642babcb567ff7845cfaf4f3636ce209f7
Created: 2014/10/25 8:54:55
Detections: 1
Determination: Ignore detections (false positive)
- ViRobot as RiskTool.Nircmd.43520

---------------------------------------------------------------------------------

File path: c:\users\pcuser\downloads\otl (1).exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2014/10/24 20:30:55
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\downloads\iobituninstallerportable\app\uninstaller\uninstallexplorer32.dll
Publisher: IObit
Signer: IObit Information Technology
MD5: 100c1eeb3eb296ddc9c55393330b5baf
SHA-1: b75d587b96d646a6bfb1d53b4c16f95c01c12943
Created: 2014/05/25 4:58:04
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Packed.Win32.Obfuscated.10!O

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\aviutl\aviutl\aviutl.exe
Publisher:
MD5: de77065ce0fde0f0f8231cfe47a49c66
SHA-1: b83bd94f594a5b2ac585aba86931a8083415f36e
Created: 2013/04/01 0:07:32
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Part.a (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\aviutl_plus_20120619\aviutl.exe
Publisher:
MD5: 0dcd7787046aaaf2b2a8215cc96e5429
SHA-1: f3530f8da99f0cb49787663c3e28ea39d3efb1a3
Created: 2012/06/17 23:17:00
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Part.a (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\jt153c\nova.dll
Publisher:
MD5: f237e03a082c00995f6170c34c117f54
SHA-1: b1fe8254a83a02a6037cc950f348dff825fa67eb
Created: 2014/07/08 15:47:36
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Win32.Packer.BorlandDelphi-14

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\keyword_discovery_plus\icuin49.dll
Publisher:
MD5: ff62e089bd1aeeca8e0f593c307a04e0
SHA-1: 6292d0346373ffc872dde180da70b850e3130125
Created: 2014/10/26 20:54:42
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\keyword_discovery_plus\icuuc49.dll
Publisher:
MD5: f0f313b040abf0f9fa72543df34a23fa
SHA-1: f7c06b465f6a5ae07831b03be7b5969e1d2728ac
Created: 2014/10/26 20:54:42
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\keyword_discovery_plus\qt5multimediawidgets.dll
Publisher: Digia Plc and/or its subsidiary(-ies)
MD5: 7c51b3f994891cf01b180d1f8036ed1a
SHA-1: 77a122cf847f0c038fc007f8e7bfb3ecbe7ae75d
Created: 2014/10/26 20:54:44
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Win32.Ramnit.L (Malware)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\reboot restore rx\x86\shield.efi
Publisher:
MD5: f530fe4f917d71218085fdcdfd9a11fe
SHA-1: 3774e37a84f7decc319d184f0e6c688f78d9be14
Created: 2014/09/13 11:47:13
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Trojan.Win32.Tiny!O (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\rollbackrx_server\x86\shield.efi
Publisher:
MD5: 21e3bda11ec5fdd70be383f8cd6fa8f6
SHA-1: 90195e55b4944d7513a4e623020e1d95c2db22b6
Created: 2014/09/13 10:55:03
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Trojan.Win32.Tiny!O (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\アフィリエイト塾\井上塾\商材\mobile_cash_system_-alound_side_back-\ipアドレス変更方法その1\vipcnfg.exe
Publisher: Val-soft
MD5: bce5c4cd2ab32f4d326e1bd6b21b5ce6
SHA-1: bdb166c2a6a4083590826047843df46d47860fd2
Created: 2014/09/19 22:42:28
Detections: 1
Determination: Ignore detections (false positive)
- Comodo Security as TrojWare.Win32.TrojanDownloader.Dadobra.~JN13 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\アフィリエイト塾\2学期特典\【p.i.t】新型インフォマーケティングツール7つ\linkmaker(pit仕様)\linkmaker.exe
Publisher:
MD5: b21f6a33441d54ddc30ecc9656fcdd69
SHA-1: 09813f65322a62ada45bbdf85811180de60d8042
Created: 2014/08/16 14:27:49
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\アフィリエイト塾\2学期特典\【p.i.t】新型インフォマーケティングツール7つ\rssmakermobile(pit仕様)\rssmakermobile.exe
Publisher:
MD5: fe5481a9de0e80fc12511522d9024a3c
SHA-1: 443551e8128f9b71c5745d033ada86cc74ed07c6
Created: 2014/08/16 14:28:07
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\アフィリエイト塾\2学期特典\【p.i.t】新型インフォマーケティングツール7つ\きじぶろc(pit版)\きじぶろc.exe
Publisher:
MD5: 501a2380809a88c88199bcae095766b9
SHA-1: 3d71a61eac1370b324e197bb22b1432cdac51d6a
Created: 2014/08/16 14:28:15
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\desktop\アフィリエイト塾\2学期特典\【p.i.t】新型インフォマーケティングツール7つ\きじぶろd(pit仕様)\きじぶろd.exe
Publisher:
MD5: 508cb0777a1932d279ecaf1b624dd9cf
SHA-1: f32d3198d5c91aa13e344f6f3980449590a01dd8
Created: 2014/08/16 14:28:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher: Microsoft Corporation
MD5: 6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1: c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created: 2013/08/22 13:14:14
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Backdoor/Bifrose.fxu (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\kbdcherp.dll
Publisher: Microsoft Corporation
MD5: f992fe1d923f59f806442449f3ea557b
SHA-1: d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created: 2013/08/22 13:15:06
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.ahcy (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\10142\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\10495\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\10895\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\11951\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\1273\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\16992\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\19191\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\25389\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\25571\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\25640\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\2656\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\28307\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\29889\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\6008\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\6091\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\8346\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\8608\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\8836\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\894\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\10142\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\10495\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\10895\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\11951\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\1273\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\16992\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\19191\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\25389\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\25571\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\25640\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\2656\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\28307\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\29889\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\6008\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\6091\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\8346\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\8608\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\8836\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\894\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\users\pcuser\appdata\local\apps\2.0\jb6v4nwq.crc\y4o5rjqe.ay9\clic...exe_4fe91ede9f9bdca3_0001.0003_none_81523f7b64d98436\googleupdatesetup.exe
Publisher: Google Inc.
Signer: Google Inc
MD5: a6f8d4fbc12177a75ab4c06d059229b6
SHA-1: 3403381c7fef04c040a96f0d19c6311b4826ad75
Created: 2013/12/03 20:32:17
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Generic (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\appdata\local\apps\2.0\jb6v4nwq.crc\y4o5rjqe.ay9\google.app_4fe91ede9f9bdca3_0001.0003_2f0acada37d86389\googleupdatesetup.exe
Publisher: Google Inc.
Signer: Google Inc
MD5: a6f8d4fbc12177a75ab4c06d059229b6
SHA-1: 3403381c7fef04c040a96f0d19c6311b4826ad75
Created: 2013/12/03 20:32:17
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Generic (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\pcuser\appdata\local\google\chrome\user data\default\file system\001\t\00\00000000
Publisher: Company limited
Signer: Maxiget Limited
MD5: 229076ba4936ab4cd5be1d0c2db3e049
SHA-1: de48ce8f35266129226467444760c73844b5251d
Created: 2014/06/28 23:57:49
Detections: 24
Determination: Adware
- Reason Heuristics as PUP.MaxigetLimited.I (Adware)
- Dr.Web as Adware.Downware.1751 (Adware)
- ESET NOD32 as Win32/4Shared.W potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4150696 (Undefined)
- McAfee as PUP-FNX (Undefined)
- Malwarebytes as PUP.Optional.4Shared (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- Agnitum Outpost as PUA.4Shared (Adware)
- F-Prot as W32/A-22cc26dc (Undefined)
- Clam AntiVirus as Win.Trojan.4shared-10 (Undefined)
- NANO AntiVirus as Trojan.Win32.Autoruner1.dcjmyy (Undefined)
- Sophos as 4Share Downloader (Undefined)
- Comodo Security as Application.Win32.4Shared.K (Adware)
- McAfee Web Gateway as BehavesLike.Win32.Downloader.gh (Undefined)
- Avira AntiVirus as APPL/Downloader.Gen (Adware)
- G Data as Win32.Application.4shared (Undefined)
- Vba32 AntiVirus as Downloader.GetFaster (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- AVG as Generic (Undefined)
- Baidu Antivirus as PUA.Win32.4Shared (Adware)
- IKARUS anti.virus as PUA.4Shared (Adware)
- Kingsoft AntiVirus as Win32.Troj.DownGetFaste.j.(kcloud) (Undefined)
- avast! as Win32:Malware-gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\mcafee\msc\compatibilitytester.exe
Publisher: McAfee, Inc.
Signer: McAfee, Inc.
MD5: f3ed4740058c6eaa215c925491820b5c
SHA-1: 34062adff2c997044d1288486292e03887faa21f
Created: 2013/10/14 10:38:55
Detections: 1
Determination: Ignore detections (false positive)
- Comodo Security as Heur.Suspicious

---------------------------------------------------------------------------------

File path: c:\program files\sony\vaio care\iolo\sqlite3.dll
Publisher:
MD5: b637c198fa977e3fb44be8b6563fa57d
SHA-1: 07fe04b3990ef759551ac4fe5996ea1c7b9b122f
Created: 2013/11/19 10:21:08
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\sony\vaio care recovery\libraries\system.data.sqlite.dll
Publisher:
MD5: 80725a732aba27911402f9ca09fede23
SHA-1: 1051744f654a6d20590970f9335e1ef246f0fa67
Created: 2014/03/14 16:28:10
Detections: 1
Determination: Inconclusive
- VIPRE Antivirus as Adware.Linkury (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\a6b6c712.arcsoftcameraforvaio_1.0.1.553_x86__8nendnk8nsz8e\picbest.dll
Publisher: ArcSoft
MD5: 38a26f359ea71942dead73e127b49d12
SHA-1: db6eee880356509b1c91182cf721944df2a4f1b4
Created: 2013/10/25 12:37:50
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\windowsapps\bd9b8345.musicbysony_1.2.0.14240_x86__05bme2bjq6sag\sqlite3.dll
Publisher: SQLite Development Team
MD5: 639c2be2de1e484ec75f3c27e8e77039
SHA-1: 0c7b4207641f962c70d91cdc919dd64cbcc8cf10
Created: 2014/02/24 15:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Suspicious-BAY.K
以上です、よろしくお願いします。
  • 長間正夫
  • 2014/10/27 (Mon) 10:35:31
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
先ほどまた以前の症状

[「javaのダウンロード云々」のポップアップ → javaダウンロードページに飛ばされる → 「setup.exe」を自動的にDL ]が

発生しましたので追記させて頂きました。

こちらはYahoo知恵袋などではない個人のページで発生しました。

なにかもう一度作業が必要でしょうか?
  • 長間正夫
  • 2014/10/27 (Mon) 15:18:00
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
これでしょうかね…
パス的には何か違う気もしますが…。

File path: c:\users\pcuser\appdata\local\google\chrome\user data\default\file system\001\t\00\00000000
Publisher: Company limited
Signer: Maxiget Limited
MD5: 229076ba4936ab4cd5be1d0c2db3e049
SHA-1: de48ce8f35266129226467444760c73844b5251d
Created: 2014/06/28 23:57:49
Detections: 24
Determination: Adware


症状的にもChrome限定のようなので、Chromeを軸に調べましょう。
とりあえずまずは、Chromeの拡張機能から必要最小限のもののみを残して、あとはすべて無効なり削除なりして止めてください。
特に、Maxigetや4shared、GetFasterといったものがあれば、それを止めてください。
  • イルカ
  • 2014/10/28 (Tue) 08:24:17
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
症状が確認される現在、拡張機能は「SiteAdvisor」しか導入していないのですがこれを削除したほうがよろしいでしょうか?

もし隠れてインストールされている拡張機能があるならば、それを確認できる操作があるならば教えて頂けると助かります。
  • 長間正夫
  • 2014/10/28 (Tue) 08:57:17
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
なかなか解決できなくてすみません。

このJava関連で少し調べてみたのですが、いろいろ報告はあれど、原因は特定されていないようです。
場合によっては動的埋め込み広告にスクリプトでも入っている(=長間さんのPCのせいではない)のかなと感じているのですが、どうも厄介ですね…。


症状が出るサイトでは、毎回広告は出るのでしょうか?それとも1回だけですか?


とりあえず問題のファイルをOTLで潰します。その後、新しいツールを投入することにします。
このツールは今回が初投入の新顔です。危険なものではありませんが、初投入ゆえ、少々手探りな部分があることご了承ください。


■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。

実行するとプロセスがすべて強制終了されますので、アプリはできるだけ終了しておいてください。
また、ごみ箱が空になりますので、必要なファイルがある場合は先に救出してください。
なお、OTLがフリーズしてしまって先に進まない場合は、セーフモードでコンピュータを起動したうえで実行してください。

セーフモードへの入り方:
http://www59.atwiki.jp/malware_laboratory/pages/8.html

完了後、再起動を要求されますので、「OK」で再起動してください。再起動後、ログが出ますので、そちらを載せてください。なお、今回のログに関しては、そのまま貼り付けで構いません。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:Files
%userprofile%\appdata\local\google\chrome\user data\default\file system\001\t\00\00000000
C:\ProgramData\toPbuiyer
%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Extensions\feemkpkoandibpfjlhafbdnjchegpebc
ipconfig /flushdns /c
dir %userprofile%\AppData\Local\Google\Chrome\User Data\Default\Extensions\ /c
dir %userprofile%\AppData\Local\Google\Chrome\User Data\Default\Extensions\ /a:h /c
dir C:\ProgramData\ /c
dir C:\ProgramData\ /a:h /c

:Commands
[emptytemp]
[resethosts]

---ここまで



■Farber Recovery Scan Toolによるスキャン
以下のURLからFarber Recovery Scan Toolをダウンロードしてください。
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
リンク先の画面から、「Download Now 64-Bit Version」をクリックすればOKです。

ダウンロード後、実行ファイルを右クリックし「管理者として実行」してください。

FRST起動後、「Optional Scan」の「Shortcut.txt」にチェックを入れ、「Scan」を押してください。
スキャン完了後、同じ場所にできます「FRST.txt」「Addition.txt」「Shortcut.txt」の3つの内容をこちらに貼り付けてください。
  • イルカ
  • 2014/10/28 (Tue) 23:22:31
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
いえいえ、こちらの事情にお手間とお時間をとって頂き大変感謝しております。
私一人では何一つ有効な手段を取れなかったでしょうから。

症状が出るサイトに偏りは無いように思えます。
個人系のブログでも掲示板やNeverまとめのようなサイトでも発生するときはしますし、
少し時間をおいて再び開くと発生しなかったりとハッキリしません。

発生の流れとしては以下のようです。

ページを開くとポップアップが出る → 閉じると別ページに飛ばされる → ブラウザバックで戻ると「発生したページ」に戻り再度ポップアップが出現
→ 閉じるとやはり別ページに飛ばされる → ブラウザバックで戻ると「発生ページより一つ前のページ」に戻る → それ以降は発生したページを開いても発生しない

何かヒントになるかは不明ですが情報として提示させて頂きました。

それではOTLのログを貼らせて頂きます。

All processes killed
========== FILES ==========
C:\Users\PCUser\appdata\local\google\chrome\user data\default\file system\001\t\00\00000000 moved successfully.
File\Folder C:\ProgramData\toPbuiyer not found.
File/Folder C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\feemkpkoandibpfjlhafbdnjchegpebc not found.
[color=#A23BEC]< ipconfig /flushdns /c >[/color]
Windows IP 構成
DNS リゾルバー キャッシュは正常にフラッシュされました。
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir %userprofile%\AppData\Local\Google\Chrome\User Data\Default\Extensions\ /c >[/color]
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir %userprofile%\AppData\Local\Google\Chrome\User Data\Default\Extensions\ /a:h /c >[/color]
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir C:\ProgramData\ /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData のディレクトリ
2014/10/19 17:55 <DIR> 34BE82C4-E596-4e99-A191-52C6199EBF69
2013/11/23 10:44 <DIR> Adobe
2014/10/19 17:51 <DIR> Apple
2013/08/04 22:04 <DIR> Apple Computer
2013/08/03 09:20 <DIR> boost_interprocess
2013/08/03 09:13 <DIR> CELSYS
2014/09/09 17:31 <DIR> CyberLink
2014/10/19 17:55 <DIR> E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014/09/10 17:51 <DIR> e2150575d4beed0c
2014/10/19 17:08 <DIR> EPSON
2013/09/01 09:41 <DIR> install_clap
2013/07/02 20:09 <DIR> Intel
2013/06/22 10:16 <DIR> Intel(R) Update Manager
2013/07/02 20:07 <DIR> iolo
2014/09/10 10:54 <DIR> Malwarebytes
2014/09/09 17:29 <DIR> McAfee
2014/06/29 22:36 <DIR> McAfee Security Scan
2013/07/04 11:30 <DIR> Microsoft SkyDrive
2014/06/07 10:22 <DIR> Mozilla
2013/07/27 15:32 <DIR> Norton
2013/06/22 10:05 <DIR> NortonInstaller
2014/10/22 22:56 <DIR> Oracle
2014/06/24 10:40 <DIR> Package Cache
2013/08/28 21:40 <DIR> PDVD
2013/11/16 19:13 <DIR> PRICache
2014/09/13 10:26 <DIR> ProductData
2013/11/16 19:13 <DIR> regid.1986-12.com.adobe
2014/10/24 15:07 <DIR> regid.1991-06.com.microsoft
2014/09/13 10:59 <DIR> Sony Corporation
2014/09/14 21:32 <DIR> Spybot - Search & Destroy
2013/06/22 09:53 <DIR> Sun
2013/06/22 10:05 <DIR> Symantec
2014/06/30 08:39 <DIR> Temp
2013/07/27 15:36 <DIR> Trend Micro
2014/10/22 22:55 <DIR> Unchecky
0 個のファイル 0 バイト
35 個のディレクトリ 16,475,148,288 バイトの空き領域
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir C:\ProgramData\ /a:h /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData のディレクトリ
2014/10/19 17:55 <DIR> .
2014/10/19 17:55 <DIR> ..
2013/08/22 23:45 <JUNCTION> Application Data [C:\ProgramData]
2013/07/02 20:07 <DIR> CanonBJ
2013/08/22 23:45 <JUNCTION> Desktop [C:\Users\Public\Desktop]
2013/08/22 23:45 <JUNCTION> Documents [C:\Users\Public\Documents]
2013/12/01 14:25 0 DP45977C.lfl
2013/11/16 19:57 242 ntuser.pol
2013/08/22 23:45 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2013/08/22 23:45 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
2013/07/02 19:48 <JUNCTION> スタート メニュー [C:\ProgramData\Microsoft\Windows\Start Menu]
2013/07/02 19:48 <JUNCTION> デスクトップ [C:\Users\Public\Desktop]
2 個のファイル 242 バイト
10 個のディレクトリ 16,475,148,288 バイトの空き領域
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Guest

User: PCUser
->Temp folder emptied: 26322697 bytes
->Temporary Internet Files folder emptied: 84421460 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6663913 bytes
->Google Chrome cache emptied: 257234735 bytes
->Flash cache emptied: 826 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1994318 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 359.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 10292014_083818

Files\Folders moved on Reboot...
C:\Users\PCUser\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(201410262122016B0).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(201410262122016B0).log not found!
C:\WINDOWS\temp\VAIO-20141026-2122.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 長間正夫
  • 2014/10/29 (Wed) 08:58:37
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
続きまして FRST ログを

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by PCUser (administrator) on VAIO on 29-10-2014 08:54:30
Running from C:\Users\PCUser\Downloads
Loaded Profile: PCUser (Available profiles: PCUser)
Platform: Windows 8.1 (X64) OS Language: 日本語 (日本)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(SecureBrain Corporation) C:\Program Files (x86)\SecureBrain\PhishWall\sbpwupdx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILMJ.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\IME\SHARED\ImeBroker.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [142040 2013-07-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-27] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [529112 2014-03-10] (Broadcom Corporation.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [ATUninstallIcon] => "C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe" /createuninstallentry:1
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\Run: [Tapur] => C:\Program Files (x86)\Tapur\tapmgr.exe [171520 2010-08-16] (tapur.com)
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILMJ.EXE [297024 2013-08-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\MountPoints2: {22c42659-260d-11e3-be85-bfb58ad76d22} - "E:\Startme.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-03-09] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\コンテンツ管理アシスタント for PlayStation(R).lnk
ShortcutTarget: コンテンツ管理アシスタント for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk
ShortcutTarget: OneNote に送る.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.sony.jp/vaio/myvaio/owner/2013b.html
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sony.jp/vaio/myvaio/owner/2013b.html
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKCU - DefaultScope {3489DE59-7AE8-4C5B-B5B7-25BA253EB200} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
SearchScopes: HKCU - {31FECF46-F0E3-4A2D-A9AD-971B33396646} URL = http://pt.afl.rakuten.co.jp/c/0d8850b6.ee703e96/_RTvaio10013201?v=2&s=1&sitem={searchTerms}
SearchScopes: HKCU - {3489DE59-7AE8-4C5B-B5B7-25BA253EB200} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
SearchScopes: HKCU - {45AD9E92-55ED-4F69-B389-33C6BEE1AC52} URL = http://www.hmv.co.jp/search/searchresultsutf8.asp?keyword={searchTerms}&site=iesonyvaio1
SearchScopes: HKCU - {47206847-4F80-476F-8540-EEAF010F88A7} URL = http://www.amazon.co.jp/gp/search?ie=UTF8&keywords={searchTerms}&tag=vaiosonycojp-2013q2sb-22&index=blended&linkCode=ure&creative=6339
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: PhishWall -> {8CA7E745-EF75-4E7B-BB86-8065C0CE29CA} -> C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll (SecureBrain Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - PhishWall - {BB62FFF4-41CB-4AFC-BB8C-2A4D4B42BBDC} - C:\Program Files (x86)\SecureBrain\PhishWall\sbpw32.dll (SecureBrain Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1

FireFox:
========
FF ProfilePath: C:\Users\PCUser\AppData\Roaming\Mozilla\Firefox\Profiles\2rdtugv1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-jp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google-jp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\oshiete-goo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\rakuten.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\twitter-ja.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-jp-auctions.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-jp.xml
FF Extension: iCloud Bookmarks - C:\Users\PCUser\AppData\Roaming\Mozilla\Firefox\Profiles\2rdtugv1.default\Extensions\firefoxdav@icloud.com [2014-10-13]
FF Extension: DownloadHelper - C:\Users\PCUser\AppData\Roaming\Mozilla\Firefox\Profiles\2rdtugv1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-27]

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google ドライブ) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-03]
CHR Extension: (YouTube) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-03]
CHR Extension: (Google 検索) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-03]
CHR Extension: (SiteAdvisor) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-12-03]
  • 長間正夫
  • 2014/10/29 (Wed) 09:00:05
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
途中で切れてしまいました

CHR Extension: (Google ウォレット) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-03]
CHR Extension: (Gmail) - C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-03-27] (Broadcom Corporation.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-03-15] (Intel)
R2 CLHNService3; C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe [108904 2014-02-06] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-12] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-12] (CyberLink)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-26] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-26] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-11] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe [167208 2014-03-13] (Sony Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2013-12-17] (Realtek Semiconductor)
R2 SecureBrain PhishWall Update; C:\Program Files (x86)\SecureBrain\PhishWall\sbpwupdx.exe [93800 2014-07-15] (SecureBrain Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 SonicStage Back-End Service2; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe [131608 2014-03-27] (Sony Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-10-22] (RaMMicHaeL)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 0032461414384268mcinstcleanup; C:\WINDOWS\TEMP\003246~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [367832 2014-03-14] (Broadcom Corp)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [31744 2013-08-22] (Microsoft Corporation)
R3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2014-03-27] (Broadcom Corporation.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2013-03-26] (Intel Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [84472 2013-03-26] (Intel Corporation)
S3 iaLPSS_UART; C:\Windows\System32\drivers\iaLPSS_UART.sys [142840 2013-03-26] (Intel Corporation)
R3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [128504 2013-10-03] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2013-10-06] (Intel Corporation)
R3 IntelSensorSolutionAcpi; C:\Windows\System32\drivers\IntelSensorSolutionAcpi.sys [23288 2014-10-22] (Intel® Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-09-26] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed]
R2 ntk3; C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\ntk3_64.sys [83656 2013-05-21] (Cyberlink Corp.)
R2 pxdmxnet; C:\Windows\system32\DRIVERS\pxdmxnet.sys [31032 2013-03-19] (Pixela)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8242392 2013-07-01] (Realtek Semiconductor Corp.)
S3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-08-19] ()
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 STTub30; C:\Windows\System32\Drivers\STTub30.sys [44184 2014-10-22] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\System32\drivers\SynRMIHID.sys [42736 2013-08-21] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207256 2013-03-15] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [29952 2013-10-02] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-12] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 08:54 - 2014-10-29 08:54 - 00097911 _____ () C:\Users\PCUser\Downloads\FRST.txt
2014-10-29 08:53 - 2014-10-29 08:54 - 00000000 ___DC () C:\FRST
2014-10-29 08:53 - 2014-10-29 08:53 - 02113024 _____ (Farbar) C:\Users\PCUser\Downloads\FRST64.exe
2014-10-29 08:50 - 2014-10-29 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\マカフィー
2014-10-28 23:00 - 2014-10-28 23:00 - 00005533 _____ () C:\Users\PCUser\Desktop\TSSチャットログ抜粋.txt
2014-10-28 21:27 - 2014-10-28 21:27 - 00072048 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup (1).exe
2014-10-27 22:23 - 2014-10-27 22:23 - 01998336 _____ () C:\Users\PCUser\Downloads\adwcleaner_4.002.exe
2014-10-27 15:24 - 2014-10-27 15:24 - 01714166 _____ () C:\Users\PCUser\Downloads\wordpress-23-related-posts-plugin.3.3.3.zip
2014-10-27 15:13 - 2014-10-27 15:13 - 00071024 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup.exe
2014-10-27 14:51 - 2014-10-27 14:51 - 00000053 _____ () C:\Users\PCUser\Downloads\googled0be26314976bcb4.html
2014-10-27 14:41 - 2014-10-27 14:41 - 00595614 _____ () C:\Users\PCUser\Downloads\google-sitemap-generator.3.2.9.zip
2014-10-27 09:00 - 2014-10-27 09:00 - 00000000 ____D () C:\Program Files\Reason
2014-10-27 08:59 - 2014-10-27 09:00 - 02469552 _____ (Reason Company Software Inc.) C:\Users\PCUser\Downloads\herdProtectScan_Portable.exe
2014-10-26 21:10 - 2014-10-26 21:10 - 00000845 _____ () C:\Users\PCUser\Desktop\AdwCleaner[S0].txt
2014-10-26 21:06 - 2014-10-26 21:07 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 21:06 - 2014-10-26 21:06 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-26 21:06 - 2014-10-26 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-26 21:06 - 2014-10-26 21:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-26 21:06 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-26 21:06 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-26 21:06 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-26 21:00 - 2014-10-26 21:00 - 00086014 _____ () C:\Users\PCUser\Downloads\KDPlicence.zip
2014-10-26 21:00 - 2014-10-26 21:00 - 00000000 ____D () C:\Users\PCUser\Desktop\KDPlicence
2014-10-26 20:56 - 2014-10-26 20:56 - 00002067 _____ () C:\Users\PCUser\Desktop\KeywordDiscovery.lnk
2014-10-26 20:56 - 2014-10-26 20:56 - 00000000 ____D () C:\Users\PCUser\Desktop\b-team-online-seminar-
2014-10-26 20:56 - 2014-10-26 20:56 - 00000000 ____D () C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeywordDiscovery
2014-10-26 20:55 - 2014-10-26 20:56 - 00000000 ____D () C:\Program Files (x86)\KeywordDiscovery
2014-10-26 20:54 - 2014-10-26 20:54 - 00000000 ____D () C:\Users\PCUser\Desktop\keyword_Discovery_plus
2014-10-26 20:48 - 2014-10-26 20:51 - 200594628 _____ () C:\Users\PCUser\Downloads\s-team-online-seminar-.zip
2014-10-26 20:47 - 2014-10-26 20:50 - 137231981 _____ () C:\Users\PCUser\Downloads\a-team-online-seminar-.zip
2014-10-26 20:46 - 2014-10-26 20:50 - 175666983 _____ () C:\Users\PCUser\Downloads\b-team-online-seminar-.zip
2014-10-26 20:41 - 2014-10-26 20:43 - 43026369 _____ () C:\Users\PCUser\Downloads\KeywordDiscoverySetup.exe
2014-10-26 20:40 - 2014-10-26 20:43 - 54731392 _____ () C:\Users\PCUser\Downloads\keyword_Discovery_plus.zip
2014-10-26 20:29 - 2014-10-27 22:26 - 00000000 ___DC () C:\AdwCleaner
2014-10-26 20:29 - 2014-10-26 20:37 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\PCUser\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-25 08:59 - 2014-10-25 08:59 - 00001261 _____ () C:\Users\PCUser\Desktop\JRT.txt
2014-10-25 08:55 - 2014-10-25 08:55 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-25 08:54 - 2014-10-25 08:54 - 01706144 _____ (Thisisu) C:\Users\PCUser\Downloads\JRT.exe
2014-10-25 08:41 - 2014-10-29 08:52 - 00006916 _____ () C:\Users\PCUser\Desktop\新しいテキスト ドキュメント.txt
2014-10-24 22:04 - 2014-10-24 22:04 - 00000000 ____D () C:\Users\PCUser\Desktop\ps-auto-sitemap
2014-10-24 22:03 - 2014-10-24 22:04 - 00069375 _____ () C:\Users\PCUser\Downloads\ps-auto-sitemap.1.1.8.zip
2014-10-24 20:30 - 2014-10-24 20:30 - 00602112 _____ (OldTimer Tools) C:\Users\PCUser\Downloads\OTL (1).exe
2014-10-24 17:13 - 2014-10-24 17:14 - 04965896 _____ (Piriform Ltd) C:\Users\PCUser\Downloads\ccsetup418.exe
2014-10-24 16:59 - 2014-10-24 17:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\PCUser\Downloads\HijackThis (1).exe
2014-10-24 15:46 - 2014-10-24 17:14 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-24 15:46 - 2014-10-24 17:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-24 15:46 - 2014-10-24 15:46 - 00002774 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-10-24 15:46 - 2014-10-24 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-22 22:56 - 2014-10-22 22:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-10-22 22:56 - 2014-10-22 22:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-10-22 22:56 - 2014-10-22 22:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-10-22 22:56 - 2014-10-22 22:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 22:48 - 2014-10-22 22:48 - 16475577 _____ () C:\Users\PCUser\Downloads\seminar002.mp4
2014-10-22 21:25 - 2014-10-22 21:25 - 00044184 _____ (STMicroelectronics) C:\WINDOWS\system32\Drivers\STTub30.sys
2014-10-22 21:25 - 2014-10-22 21:25 - 00023288 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntelSensorSolutionAcpi.sys
2014-10-22 21:25 - 2014-10-22 21:25 - 00000000 ____D () C:\Program Files (x86)\Intel Corporation
2014-10-22 20:43 - 2014-01-07 22:57 - 03811800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-10-22 20:43 - 2014-01-07 18:54 - 46422528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-10-22 20:43 - 2014-01-07 17:30 - 02787032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2014-10-22 20:43 - 2014-01-07 17:05 - 00711425 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-10-22 20:43 - 2014-01-03 16:02 - 01022680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-10-22 20:43 - 2013-12-31 11:16 - 02825432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-10-22 20:43 - 2013-12-27 16:47 - 00154840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-10-22 20:43 - 2013-12-27 14:58 - 00624344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-10-22 20:43 - 2013-12-24 17:22 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-10-22 20:43 - 2013-12-17 00:40 - 01044224 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2014-10-22 20:43 - 2013-12-17 00:40 - 00898816 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2014-10-22 20:43 - 2013-12-17 00:40 - 00723200 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2014-10-22 20:43 - 2013-12-17 00:40 - 00244480 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2014-10-22 20:43 - 2013-12-04 16:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-10-22 20:43 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-10-22 20:43 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-10-22 20:43 - 2013-11-13 18:41 - 14153984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-10-22 20:43 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-10-22 20:43 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-10-22 20:43 - 2013-11-13 17:52 - 01922304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-10-22 20:43 - 2013-11-13 17:52 - 01345280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2014-10-22 20:43 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-10-22 20:43 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-10-22 20:43 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-10-22 20:43 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2014-10-22 20:43 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2014-10-22 20:43 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2014-10-22 20:43 - 2013-10-01 17:12 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-10-22 20:43 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-10-22 20:43 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-10-22 20:43 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-10-22 20:43 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-10-22 20:43 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-10-22 20:43 - 2013-08-14 16:35 - 01084160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2014-10-22 20:43 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-10-22 20:40 - 2014-03-27 13:09 - 02251992 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2014-10-22 20:40 - 2014-03-27 13:09 - 00229080 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwavdt.sys
2014-10-22 20:40 - 2014-03-27 13:09 - 00190168 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwaudio.sys
2014-10-22 20:40 - 2014-03-27 13:09 - 00166616 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2014-10-22 20:40 - 2014-03-27 13:09 - 00150744 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\BtwSerialBus.sys
2014-10-22 20:40 - 2014-03-27 13:09 - 00040248 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwl2cap.sys
2014-10-22 20:40 - 2014-03-27 13:09 - 00038616 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwrchid.sys
2014-10-22 20:40 - 2014-03-27 13:08 - 00016838 _____ () C:\WINDOWS\system32\Drivers\BCM4324B3_002.004.006.0130.0132.hcd
2014-10-22 16:03 - 2014-10-22 16:03 - 00000975 _____ () C:\Users\Public\Desktop\FFFTP.lnk
2014-10-22 16:03 - 2014-10-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP
2014-10-22 16:03 - 2014-10-22 16:03 - 00000000 ____D () C:\Program Files (x86)\ffftp
2014-10-22 16:02 - 2014-10-22 16:02 - 02219995 _____ () C:\Users\PCUser\Downloads\ffftp-1.98g2.exe
2014-10-22 16:02 - 2014-10-22 16:02 - 02219995 _____ () C:\Users\PCUser\Downloads\ffftp-1.98g2 (1).exe
2014-10-21 10:25 - 2014-10-29 08:46 - 00000696 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92.job
2014-10-21 10:25 - 2014-10-21 10:25 - 00880272 _____ (Google Inc.) C:\Users\PCUser\Downloads\ChromeSetup.exe
2014-10-21 10:25 - 2014-10-21 10:25 - 00003436 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92
2014-10-19 17:55 - 2014-10-19 17:55 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-19 17:55 - 2014-10-19 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-19 17:55 - 2014-10-19 17:55 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-19 17:55 - 2014-10-19 17:55 - 00000000 ____D () C:\Program Files\iTunes
2014-10-19 17:55 - 2014-10-19 17:55 - 00000000 ____D () C:\Program Files\iPod
2014-10-19 17:55 - 2014-10-19 17:55 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-19 17:52 - 2014-10-19 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-16 02:51 - 2014-09-28 07:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 02:50 - 2014-09-08 12:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-16 02:50 - 2014-09-08 10:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-16 02:50 - 2014-09-08 10:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-16 02:50 - 2014-09-08 09:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-16 02:50 - 2014-09-08 09:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-16 02:50 - 2014-09-08 09:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-16 02:50 - 2014-09-08 09:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-16 02:50 - 2014-09-08 09:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-16 02:50 - 2014-09-08 09:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-16 02:50 - 2014-09-08 09:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-16 02:50 - 2014-09-08 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-16 02:50 - 2014-09-08 08:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-16 02:50 - 2014-09-08 08:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-16 02:50 - 2014-09-08 08:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-16 02:50 - 2014-09-04 09:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-16 02:50 - 2014-09-04 08:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-16 02:50 - 2014-09-04 08:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-16 02:48 - 2014-08-16 13:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-16 02:48 - 2014-08-16 13:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-16 02:48 - 2014-08-16 13:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 02:48 - 2014-08-16 12:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-16 02:48 - 2014-08-16 12:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-16 02:48 - 2014-08-16 12:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-16 02:48 - 2014-08-16 12:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-16 02:48 - 2014-08-16 12:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-16 02:48 - 2014-08-16 12:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 02:48 - 2014-08-16 10:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-16 02:48 - 2014-08-16 10:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-16 02:48 - 2014-08-16 09:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-16 02:48 - 2014-08-16 09:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-16 02:48 - 2014-08-16 09:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-16 02:48 - 2014-08-16 09:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-16 02:48 - 2014-08-16 09:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-16 02:48 - 2014-08-16 09:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-16 02:48 - 2014-08-16 09:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-16 02:48 - 2014-08-16 09:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-16 02:48 - 2014-08-16 09:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 02:48 - 2014-08-16 09:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-16 02:48 - 2014-08-16 09:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-16 02:48 - 2014-08-16 09:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-16 02:48 - 2014-08-16 09:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 02:48 - 2014-08-16 09:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-16 02:48 - 2014-08-16 09:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-16 02:48 - 2014-08-16 09:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-16 02:48 - 2014-08-16 09:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 02:48 - 2014-08-16 09:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-16 02:48 - 2014-08-16 09:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-16 02:48 - 2014-08-16 09:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-16 02:48 - 2014-08-16 09:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-16 02:48 - 2014-08-16 09:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 02:48 - 2014-08-16 09:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-16 02:48 - 2014-08-01 08:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-16 02:47 - 2014-09-13 15:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 02:47 - 2014-09-13 14:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 02:46 - 2014-10-09 07:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-16 02:46 - 2014-09-26 07:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 02:46 - 2014-09-26 07:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 02:46 - 2014-09-26 07:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 02:46 - 2014-09-26 07:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 02:46 - 2014-09-26 07:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 02:46 - 2014-09-26 07:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 02:46 - 2014-09-19 11:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 02:46 - 2014-09-19 10:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 02:46 - 2014-09-19 10:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 02:46 - 2014-09-19 10:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-16 02:46 - 2014-09-19 10:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-16 02:46 - 2014-09-19 10:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 02:46 - 2014-09-19 10:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 02:46 - 2014-09-19 10:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-16 02:46 - 2014-09-19 10:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-16 02:46 - 2014-09-19 10:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 02:46 - 2014-09-19 09:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-16 02:46 - 2014-09-19 09:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 02:46 - 2014-09-19 09:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 02:46 - 2014-09-19 09:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 02:46 - 2014-09-19 09:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 02:46 - 2014-09-19 09:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 02:46 - 2014-09-19 09:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 02:46 - 2014-09-19 09:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 02:46 - 2014-09-19 09:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 02:46 - 2014-09-19 09:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 02:46 - 2014-09-19 08:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 02:46 - 2014-09-19 08:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-16 02:46 - 2014-09-19 08:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 02:46 - 2014-09-19 08:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-16 02:45 - 2014-10-10 07:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-16 02:45 - 2014-09-19 10:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-16 02:45 - 2014-09-13 15:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 02:45 - 2014-09-13 14:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 02:45 - 2014-09-04 09:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 02:45 - 2014-09-04 09:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 02:45 - 2014-08-29 10:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-16 02:45 - 2014-08-29 08:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 02:45 - 2014-08-29 08:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 18:02 - 2014-10-15 18:02 - 00000000 ____D () C:\Users\PCUser\AppData\Roaming\Media Player Classic
2014-10-15 17:58 - 2014-10-15 17:58 - 06909232 _____ ( ) C:\Users\PCUser\Downloads\Real_Alternative_202.exe
2014-10-13 11:41 - 2014-10-19 20:09 - 00000000 ____D () C:\Users\PCUser\AppData\Local\E8B70C5E-67DB-45A8-904A-7509B4C01E11.aplzod
2014-10-13 11:40 - 2014-10-13 11:41 - 00000000 ____D () C:\Users\PCUser\Documents\Outlook ファイル
2014-10-13 11:26 - 2014-10-13 11:26 - 70638408 _____ (Apple Inc.) C:\Users\PCUser\Downloads\iCloudSetup.exe
2014-10-11 13:22 - 2014-10-11 13:22 - 00537308 _____ () C:\Users\PCUser\Downloads\keni62_wp_corp_141011.zip
2014-10-11 13:19 - 2014-10-11 13:19 - 00374140 _____ () C:\Users\PCUser\Downloads\keni62_html_corp_141011.zip
2014-10-09 17:26 - 2014-10-13 11:38 - 00000000 ____D () C:\Users\PCUser\AppData\Local\Apple Computer
2014-10-09 15:33 - 2014-10-09 15:33 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-10-09 15:32 - 2014-10-09 15:33 - 03782822 _____ (DownloadHelper ) C:\Users\PCUser\Downloads\ConvertHelperSetup.exe
2014-10-09 15:31 - 2014-10-09 15:31 - 00000000 ____D () C:\Users\PCUser\dwhelper
  • 長間正夫
  • 2014/10/29 (Wed) 09:03:30
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
また切れてしまいました…見難くてすみません

2014-10-09 15:22 - 2014-10-09 15:22 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-09 15:21 - 2014-10-09 15:21 - 00244312 _____ () C:\Users\PCUser\Downloads\Firefox Setup Stub 32.0.3.exe
2014-10-09 15:06 - 2014-10-09 15:07 - 39428559 _____ () C:\Users\PCUser\Downloads\Neo-Trend-Affiliate.zip
2014-10-09 14:38 - 2014-10-09 14:38 - 00033280 _____ () C:\Users\PCUser\Downloads\report_130506-131119.xls
2014-10-09 14:13 - 2014-10-09 14:13 - 02483200 _____ () C:\Users\PCUser\Downloads\welcome_to_TSS.ppt
2014-10-09 14:09 - 2014-10-09 14:12 - 175443218 _____ () C:\Users\PCUser\Downloads\b-team-online-seminar-1.zip
2014-10-08 20:56 - 2014-10-08 20:58 - 02314752 _____ () C:\Users\PCUser\Downloads\privilege_58713_272208_2.ppt
2014-09-29 18:58 - 2014-09-30 20:29 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-09-29 18:58 - 2014-09-29 18:58 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-09-29 18:58 - 2014-09-29 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 08:53 - 2013-11-16 19:18 - 01570487 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-29 08:51 - 2013-11-16 19:17 - 01496524 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 08:51 - 2013-09-30 12:56 - 00500892 _____ () C:\WINDOWS\system32\perfh011.dat
2014-10-29 08:51 - 2013-09-30 12:56 - 00135664 _____ () C:\WINDOWS\system32\perfc011.dat
2014-10-29 08:50 - 2013-07-27 15:59 - 00001860 _____ () C:\Users\Public\Desktop\マカフィー セキュリティセンター.lnk
2014-10-29 08:46 - 2013-12-03 20:32 - 00000696 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 08:46 - 2013-11-16 19:27 - 00000000 ___DO () C:\Users\PCUser\SkyDrive
2014-10-29 08:45 - 2013-09-29 21:01 - 00218442 _____ () C:\WINDOWS\PFRO.log
2014-10-29 08:45 - 2013-08-22 23:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-29 08:45 - 2013-08-22 22:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-29 08:31 - 2014-06-07 10:25 - 00000626 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-29 08:30 - 2013-12-03 20:32 - 00000700 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 08:08 - 2014-09-27 13:08 - 00000929 _____ () C:\WINDOWS\Tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF}.job
2014-10-29 07:09 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-29 06:32 - 2014-09-13 12:05 - 00000000 ____D () C:\Users\PCUser\AppData\Local\Adobe
2014-10-29 06:32 - 2013-11-17 10:58 - 00003884 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BA737637-AC98-40CA-89C2-478568557591}
2014-10-28 22:03 - 2013-07-02 20:10 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2242813578-432845641-1636232554-1001
2014-10-28 20:40 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-27 22:17 - 2013-07-02 20:04 - 00000000 ____D () C:\Users\PCUser\AppData\Local\Packages
2014-10-27 17:36 - 2013-08-22 23:46 - 00312946 _____ () C:\WINDOWS\setupact.log
2014-10-25 14:53 - 2012-07-26 17:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-10-25 12:26 - 2014-08-05 05:42 - 00000000 ____D () C:\Users\PCUser\Desktop\アフィリエイト塾
2014-10-24 20:58 - 2014-09-15 10:19 - 00082492 _____ () C:\Users\PCUser\Downloads\Extras.Txt
2014-10-24 20:57 - 2014-09-15 10:16 - 00207828 _____ () C:\Users\PCUser\Downloads\OTL.Txt
2014-10-24 17:15 - 2014-09-14 11:10 - 00013530 _____ () C:\Users\PCUser\Desktop\install.txt
2014-10-24 17:02 - 2014-09-14 09:59 - 00016302 _____ () C:\Users\PCUser\Downloads\hijackthis.log
2014-10-24 16:54 - 2013-08-28 21:31 - 00000734 _____ () C:\Users\PCUser\Desktop\powerdvd [1].lnk
2014-10-24 16:01 - 2013-08-06 06:30 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-24 15:55 - 2013-07-03 15:04 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-24 15:07 - 2013-07-04 11:27 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-23 15:34 - 2013-06-22 10:05 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-10-22 22:56 - 2013-11-04 08:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-22 22:55 - 2014-09-13 10:18 - 00000000 ____D () C:\ProgramData\Unchecky
2014-10-22 22:51 - 2013-08-22 22:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-22 21:25 - 2013-06-22 09:47 - 00324294 _____ () C:\WINDOWS\DPINST.LOG
2014-10-22 21:19 - 2013-07-04 11:56 - 00000000 ____D () C:\Update
2014-10-22 20:44 - 2013-06-22 09:47 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-10-22 20:44 - 2013-06-22 09:47 - 00000000 ____D () C:\Program Files\Intel
2014-10-22 20:43 - 2013-11-16 19:10 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-22 20:42 - 2013-06-22 09:57 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-10-22 20:39 - 2013-06-22 09:53 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2014-10-22 20:39 - 2013-06-22 09:53 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-10-22 20:39 - 2013-06-22 09:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 10:25 - 2013-12-03 20:32 - 00003672 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-21 10:25 - 2013-12-03 20:32 - 00003436 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 17:55 - 2013-10-20 10:39 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-19 17:55 - 2013-08-04 22:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-19 17:51 - 2013-08-04 22:03 - 00000000 ____D () C:\ProgramData\Apple
2014-10-19 17:08 - 2014-09-27 13:07 - 00000000 ____D () C:\ProgramData\EPSON
2014-10-16 13:28 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-16 12:37 - 2013-08-22 23:44 - 00435760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-16 12:36 - 2014-07-10 07:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-16 12:36 - 2013-08-23 00:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-16 12:36 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-16 12:36 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-16 12:36 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-16 12:36 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-16 04:11 - 2012-07-26 16:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-13 11:44 - 2014-09-15 15:02 - 00000004 _____ () C:\Users\PCUser\AppData\Roaming\appdataFr2.bin
2014-10-13 11:44 - 2013-08-04 22:04 - 00000000 ____D () C:\Users\PCUser\AppData\Roaming\Apple Computer
2014-10-13 11:42 - 2014-09-13 15:27 - 00000000 ____D () C:\Users\PCUser\AppData\Local\Apple
2014-09-30 07:45 - 2014-08-17 06:54 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-30 07:45 - 2014-08-17 06:54 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\Users\PCUser\Setup.exe
C:\Users\PCUser\Setup64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 22:04

==================== End Of Log ============================
  • 長間正夫
  • 2014/10/29 (Wed) 09:06:04
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
続いて Addition.txt 貼らせて頂きます。

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by PCUser at 2014-10-29 08:55:04
Running from C:\Users\PCUser\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: マカフィー アンチウイルスとアンチスパイウェア (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: マカフィー アンチウイルスとアンチスパイウェア (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: マカフィー ファイアウォール (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.93.98.4 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: - Broadcom Corporation)
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CLIP STUDIO PAINT (HKLM-x32\...\{4B0AD476-DE95-4293-B437-BE2511DE74B6}) (Version: 1.2.3 - CELSYS)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
EPSON EP-706A Series プリンター アンインストール (HKLM\...\EPSON EP-706A Series) (Version: - SEIKO EPSON Corporation)
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FFFTP Ver.1.98g2 (HKLM-x32\...\FFFTP) (Version: - FFFTP Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
honestech MP3 Editor 2.0 SE (HKLM-x32\...\{0020D0B8-93D5-4E3F-8676-1EEB2184ED52}) (Version: 2.0 - honestech)
honestech MP3 Editor 2.0 SE (x32 Version: 2.0 - Honest Technology) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel(R) Serial IO (Version: 1.1.165.1 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.13 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{28B4FCD3-1E17-411F-B56A-769DCF9169E0}) (Version: 4.1.14.0 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
KeywordDiscovery (HKLM-x32\...\KeywordDiscovery) (Version: - )
Lagarith Lossless Codec (1.3.24) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Lhaplus (HKLM-x32\...\Lhaplus) (Version: - )
Malwarebytes Anti-Malware バージョン 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
mazecinstall (x32 Version: 1.0.2.212 - MetaMoJi Corp) Hidden
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
Microsoft Office Home and Business 2013 - ja-jp (HKLM\...\HomeBusinessRetail - ja-jp) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 ja) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 ja)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.2.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
PhishWall (HKLM-x32\...\{8C0B0C9E-60E6-48CD-8080-615A6D271C0F}) (Version: 3.5.6 - SecureBrain Corporation)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.00224 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sony Media Library Earth 9.1.00 (HKLM-x32\...\InstallShield_{74BD2F4C-0AC1-495E-9906-454229211562}) (Version: 9.1.00.15130 - Sony Corporation)
Sony Media Library Earth 9.1.00 (x32 Version: 9.1.00.15130 - Sony Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.5 - Synaptics Incorporated)
Tapur 5.3.0.111 (HKLM-x32\...\Tapur_is1) (Version: - tapur.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Unchecky v0.3.3 (HKLM-x32\...\Unchecky) (Version: 0.3.3 - RaMMicHaeL)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{8E59415B-ECAC-43F7-B496-7BCD636C63E1}) (Version: 16.0.805.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{121C874E-5797-40B2-86CE-CE6624F2711A}) (Version: 15.0.1376 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM\...\{5A1CD0BB-7E65-45DC-9A9A-682CE8B62AA4}) (Version: 16.0.1065.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{B939BFEB-824F-4456-A4EE-2B86ED04033D}) (Version: 16.0.1016.1 - Microsoft Corporation)
VAIO - Active Clip (HKLM-x32\...\{D5DFB462-F7B2-4782-8EDB-0B08F23D12A6}) (Version: 1.2.0.04010 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO - スライドショーアドイン (HKLM-x32\...\{03E41E20-0AA7-4E54-B803-7CC660ADBB23}) (Version: 1.1.0.13140 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{1C22618A-FEFA-4F20-B67D-F1311E6804AC}) (Version: 8.4.1.07026 - Sony Corporation)
VAIO Care ハードウェア診断ツールプラグイン (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)
VAIO CPU Fan診断ツール (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.3.0.04030 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.3.0.04030 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO TV with nasne™ (HKLM-x32\...\{0F21B716-62F2-49BF-A35A-F63F630021AC}) (Version: 1.1.0.03190 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO お引越サポート (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO データリストアツール (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO のリカバリー機能 (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO の製品登録 (無料) (HKLM-x32\...\{3F1A81BF-154E-40EE-987B-159E81D25BF7}) (Version: 7.0.0.07200 - Sony Corporation)
VAIO の設定 (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO ホームネットワークビデオプレーヤー (HKLM\...\{FB483FA3-A91A-42C2-B3A6-6F6B504A4C5B}) (Version: 1.2.8.02200 - Sony Corporation)
VAIO ホームネットワークビデオプレーヤー デジタル放送プラグイン (HKLM-x32\...\InstallShield_{A9556859-D269-424A-BF4A-549C90352FB4}) (Version: 4.0 - CyberLink Corp.)
VAIO ホームネットワークビデオプレーヤー デジタル放送プラグイン (x32 Version: 4.0 - CyberLink Corp.) Hidden
VAIO メディア サーバー設定 (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VNT (x32 Version: 1.0.0.23200 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSTG_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9400 - Broadcom Corporation)
x-APPLICATION Components (x32 Version: 1.12.26190 - Sony Corporation) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
x-アプリ (x32 Version: 10.0 - Sony Corporation) Hidden
x-アプリ 6.0 (HKLM-x32\...\InstallShield_{AEF18835-17DB-44BA-94FB-A15C68B717C5}) (Version: 10.0 - Sony Corporation)
コンテンツ管理アシスタント for PlayStation(R) (HKLM-x32\...\{0DCD0704-E2AB-4e97-96A7-90F146BD8243}) (Version: 2.50.6733.38 - Sony Computer Entertainment Inc.)
パワーセラー7 1.0.4.5 (HKLM-x32\...\パワーセラー7) (Version: 1.0.4.5 - Internal Crop.,2012.All rights reserved)
マカフィー セキュリティセンター (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2242813578-432845641-1636232554-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\PCUser\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2242813578-432845641-1636232554-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\PCUser\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2242813578-432845641-1636232554-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\PCUser\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2242813578-432845641-1636232554-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\PCUser\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-10-2014 20:38:42 Windows Update
22-10-2014 11:39:05 インストール済み Xperia Link
22-10-2014 11:40:44 Broadcom BTW Restore Point
22-10-2014 11:44:08 IIF_MSI
22-10-2014 13:55:34 Installed Java 7 Update 71
24-10-2014 06:03:53 IObit Uninstaller restore point
24-10-2014 11:40:02 OTL Restore Point - 2014/10/24 20:40:02
24-10-2014 23:46:15 OTL Restore Point - 2014/10/25 8:46:14

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 22:25 - 2014-10-29 08:45 - 00001267 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
???档???来???桔???敬?敷敲愠????桴??档????牧??????潴??正愠??楴楳??景?牡?潭畤敬?《????????映?映???散???????慴??????浯??《?????正??灯?慣???????潺慮獷?浯????‰???灯?慣????《??????数据???浯????‰牴?楫??数据???浯????‰??灯?慣????《?????慴??戮?整??慴???浯????‰?瑳?敬??敬畢?潤???《????????????畯晤??渮?????‰?潮戮?癲?浯????‰??戮?癲?浯????‰???敬???灯?浯????‰????慥瑳慣档??《?????朮?慴瑳?此??《???????楫浮???浯????‰???瑳?楯畢?敬??浯????‰???瑳?汰?牢????《????????晴????獵????‰??潭????浯????‰????????《???????扣?畫???《?????????慯???《??????捩慥整????獵????‰????潰慴潴??《?????献汯浩慢?浯????‰??畴潴????《??????灰???楢?《?????戮??????浯????‰??楢????《?????戮?癲?浯????‰???????《????????慯???????浯????‰???潤????浯????‰???畳?敢?????据?正役??

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {040408CE-73E3-4737-BF97-264053961891} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E6B448E-F9DE-4581-9525-610BCCA10F4C} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {1A616851-D244-49B0-8347-3396CD1275AC} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {1FDA5982-E4FA-40B2-AF81-D66AAEC6ADAE} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {2051FA81-1C0D-4F71-8310-59ADEFDE2266} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {230E316E-1C00-4060-9E18-AE5EC81D0C1A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-willlabno1@yahoo.co.jp => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {27B8146C-32F3-40C0-87AF-50699F8727B9} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {29DF7587-049C-4E93-9060-FDCC380648D4} - System32\Tasks\Sony Corporation\Active Clip\Excute Note Anytime => C:\Program Files (x86)\Sony\Active Clip\LaunchSettingTool.exe [2013-03-05] (Sony Corporation)
Task: {2A4E7E65-3697-4D64-8B2B-B2B966F6E6A0} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => C:\Program Files (x86)\Common Files\Microsoft Shared\IME15\IMESharePointDictionary.exe [2013-10-17] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {38B59179-0162-42BA-A2AB-FF1430F7C7B9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-21] (Synaptics Incorporated)
Task: {3A8C7901-3FD0-4D44-9F5E-6F3C74B8C950} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D0FE88B-13FA-4978-86E9-9BF2E9A4605E} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {458D9FCC-E2B6-4E46-BFEE-F09F3C1DB19C} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {465503F9-BAC9-48B4-8FD8-3E49EA924D82} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4E79B6CD-E623-4D39-90E4-7EC53963499A} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {4EC03653-4317-47F8-85A2-F98EE75D74B2} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {5548AC47-EEB9-40BB-82A9-A5ECDDB23A59} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {558C75C6-2E9C-494D-9185-44A44B8A1060} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {569117EA-14C5-4F6A-B9F9-6042BBFC3E8F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5D5C87C7-A334-4568-A668-2F2E8344A958} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-04-04] (Sony Corporation)
Task: {61B4A645-40D3-46D2-8CC5-76209797CBD5} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-11] (Sony Corporation)
Task: {64E77071-B0F4-4D5F-BFD2-05B719DA1CF4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {651FD85C-3F0F-4B54-8931-A78966A1A2A5} - System32\Tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLMJ.EXE [2013-08-09] (SEIKO EPSON CORPORATION)
Task: {67351E55-1908-4EFE-B3CA-09A1779F9916} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B048709-F28C-4648-B4A0-C30609C5C6A0} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {6D624CB7-7FFD-406B-A30D-93651B9D7314} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {756CFC8E-EC1F-45CD-BFBA-9BBD87CD6134} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A4ED5C0-6B45-4F74-A98B-D923553592C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {7DA51B27-50D2-473C-80B8-C1DF8D2CD7B4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {7EC72868-7ACB-45B3-AFE2-003786D83A41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {81C34AFE-2F94-424D-9284-804B7BCA734A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8B75307F-D2D2-4795-9075-3B6795D3CD86} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {8C2A3E9A-FA4A-465F-8AE2-CDB556B6662D} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D5F607C-E981-41EB-A956-8AFF8CB127D0} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {8F3C9CC5-A3FD-4DF8-A80F-FD9EF050CDD3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A067983B-72F5-4EF4-BB20-0D871D571C69} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-24] (Microsoft Corporation)
Task: {A1B4EF2F-8504-4FA9-A7EC-7057C3338408} - System32\Tasks\Sony Corporation\VAIO Registration Client\Half One hour => C:\Program Files (x86)\Sony\VAIO Registration Client\FloatingUI.exe [2012-07-20] (Sony Corporation)
Task: {AAF09CCF-FFD9-4880-A5D4-57105E91A2F0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {ABBA5CF0-BFB9-4B20-BC87-2C1356C8CB86} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {B50FBD08-38EF-4288-A637-8F58AEB74F59} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {BB388550-B95A-4064-B1CB-D6D625972A28} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-11] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D53C9762-CDAE-4E3E-BA36-FD31911AA3C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9280C0D-37B4-43BE-9386-5D7434135B0D} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DAC79E72-4FD7-4AFA-A945-EAA889E2FDB0} - System32\Tasks\AdobeAAMUpdater-1.0-VAIO-PCUser => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {E65B7569-0E60-4DB7-8EE3-D01A346F73B6} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {E6C5B190-7159-485A-8C1E-480F79E51F26} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EBACEA7C-46EF-4009-8EF3-BC4836346665} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EE4CEE8A-13CF-4039-8AD4-78CD2FEAAB36} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Users\PCUser\Downloads\IObitUninstallerPortable\App\uninstaller\IObitUninstaler.exe [2014-05-25] (IObit)
Task: {F74A33CA-6227-4B2F-8977-6DC0D2984428} - System32\Tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {FAF45954-4998-44E4-A7DF-23B4E567FBAB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {FC4B06B8-C290-44F1-BB00-FF7C32855FB2} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FE55A78A-E8F2-44B2-ADEB-E4D42DC79BD9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON EP-706A Series Update {22A88B29-EC81-47F0-9B07-170F00642AAF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLMJ.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfeccdec5c5d92.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Users\PCUser\Downloads\IObitUninstallerPortable\App\uninstaller\IObitUninstaler.exe

==================== Loaded Modules (whitelisted) =============

2014-03-10 18:30 - 2014-03-10 18:30 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-03-21 06:09 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-26 03:44 - 2014-09-26 03:44 - 00028160 _____ () C:\Program Files\CCleaner\lang\lang-1041.dll
2014-02-06 17:23 - 2014-02-06 17:23 - 00108904 ____N () C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-21 10:26 - 2014-10-10 11:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-21 10:26 - 2014-10-10 11:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-21 10:26 - 2014-10-10 11:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-21 10:26 - 2014-10-10 11:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-21 10:26 - 2014-10-10 11:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
2013-12-01 23:50 - 2013-09-26 15:29 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-07-10 07:35 - 2014-07-10 07:35 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2014-09-26 06:23 - 2014-09-26 06:23 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\PCUser\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "コンテンツ管理アシスタント for PlayStation(R).lnk"
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKCU\...\StartupApproved\StartupFolder: => "OneNote に送る.lnk"
HKCU\...\StartupApproved\Run: => "Tapur"
HKCU\...\StartupApproved\Run: => "ApplePhotoStreams"

========================= Accounts: ==========================

Administrator (S-1-5-21-2242813578-432845641-1636232554-500 - Administrator - Disabled)
Guest (S-1-5-21-2242813578-432845641-1636232554-501 - Limited - Disabled)
PCUser (S-1-5-21-2242813578-432845641-1636232554-1001 - Administrator - Enabled) => C:\Users\PCUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2014 08:54:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
例外コード: 0x40000015
障害オフセット: 0x0000000000023799
障害が発生しているプロセス ID: 0x298
障害が発生しているアプリケーションの開始時刻: 0xMcSvHost.exe0
障害が発生しているアプリケーション パス: McSvHost.exe1
障害が発生しているモジュール パス: McSvHost.exe2
レポート ID: McSvHost.exe3
障害が発生しているパッケージの完全な名前: McSvHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: McSvHost.exe5

Error: (10/29/2014 08:51:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
例外コード: 0x40000015
障害オフセット: 0x0000000000023799
障害が発生しているプロセス ID: 0x119c
障害が発生しているアプリケーションの開始時刻: 0xMcSvHost.exe0
障害が発生しているアプリケーション パス: McSvHost.exe1
障害が発生しているモジュール パス: McSvHost.exe2
レポート ID: McSvHost.exe3
障害が発生しているパッケージの完全な名前: McSvHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: McSvHost.exe5

Error: (10/29/2014 08:51:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: VCSystemTray.exe、バージョン: 8.4.1.6110、タイム スタンプ: 0x53aa90ab
障害が発生しているモジュール名: KERNELBASE.dll、バージョン: 6.3.9600.17278、タイム スタンプ: 0x53eebf2e
例外コード: 0xe0434352
障害オフセット: 0x000000000000606c
障害が発生しているプロセス ID: 0x1388
障害が発生しているアプリケーションの開始時刻: 0xVCSystemTray.exe0
障害が発生しているアプリケーション パス: VCSystemTray.exe1
障害が発生しているモジュール パス: VCSystemTray.exe2
レポート ID: VCSystemTray.exe3
障害が発生しているパッケージの完全な名前: VCSystemTray.exe4
障害が発生しているパッケージに関連するアプリケーション ID: VCSystemTray.exe5

Error: (10/29/2014 08:51:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: アプリケーション:VCSystemTray.exe
フレームワークのバージョン:v4.0.30319
説明: ハンドルされない例外のため、プロセスが中止されました。
例外情報:System.ComponentModel.Composition.ImportCardinalityMismatchException
スタック:
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
場所 VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
場所 System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.TimerQueueTimer.CallCallback()
場所 System.Threading.TimerQueueTimer.Fire()
場所 System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
場所 System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (10/29/2014 08:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
例外コード: 0x40000015
障害オフセット: 0x0000000000023799
障害が発生しているプロセス ID: 0x1008
障害が発生しているアプリケーションの開始時刻: 0xMcSvHost.exe0
障害が発生しているアプリケーション パス: McSvHost.exe1
障害が発生しているモジュール パス: McSvHost.exe2
レポート ID: McSvHost.exe3
障害が発生しているパッケージの完全な名前: McSvHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: McSvHost.exe5

Error: (10/29/2014 08:47:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
例外コード: 0x40000015
障害オフセット: 0x0000000000023799
障害が発生しているプロセス ID: 0x1418
障害が発生しているアプリケーションの開始時刻: 0xMcSvHost.exe0
障害が発生しているアプリケーション パス: McSvHost.exe1
障害が発生しているモジュール パス: McSvHost.exe2
レポート ID: McSvHost.exe3
障害が発生しているパッケージの完全な名前: McSvHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: McSvHost.exe5

Error: (10/29/2014 08:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
障害が発生しているモジュール名: McSvHost.exe、バージョン: 3.8.703.0、タイム スタンプ: 0x51f7deae
例外コード: 0x40000015
障害オフセット: 0x0000000000023799
障害が発生しているプロセス ID: 0xae8
障害が発生しているアプリケーションの開始時刻: 0xMcSvHost.exe0
障害が発生しているアプリケーション パス: McSvHost.exe1
障害が発生しているモジュール パス: McSvHost.exe2
レポート ID: McSvHost.exe3
障害が発生しているパッケージの完全な名前: McSvHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: McSvHost.exe5

Error: (10/29/2014 07:29:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム wwahost.exe バージョン 6.3.9600.17031 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。

プロセス ID: 20ac

開始時刻: 01cff2b8bbbef7e8

終了時刻: 4294967295

アプリケーション パス: C:\WINDOWS\system32\wwahost.exe

レポート ID: d6ab4cc2-5ef1-11e4-beed-240a6425eee6

障害が発生しているパッケージのフル ネーム: BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag

障害が発生しているパッケージに関連するアプリケーション ID: SonyCorporation.VAIOMessageCenter

Error: (10/29/2014 06:32:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: VCSystemTray.exe、バージョン: 8.4.1.6110、タイム スタンプ: 0x53aa90ab
障害が発生しているモジュール名: KERNELBASE.dll、バージョン: 6.3.9600.17278、タイム スタンプ: 0x53eebf2e
例外コード: 0xe0434352
障害オフセット: 0x000000000000606c
障害が発生しているプロセス ID: 0x2a28
障害が発生しているアプリケーションの開始時刻: 0xVCSystemTray.exe0
障害が発生しているアプリケーション パス: VCSystemTray.exe1
障害が発生しているモジュール パス: VCSystemTray.exe2
レポート ID: VCSystemTray.exe3
障害が発生しているパッケージの完全な名前: VCSystemTray.exe4
障害が発生しているパッケージに関連するアプリケーション ID: VCSystemTray.exe5

Error: (10/29/2014 06:32:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: アプリケーション:VCSystemTray.exe
フレームワークのバージョン:v4.0.30319
説明: ハンドルされない例外のため、プロセスが中止されました。
例外情報:System.ComponentModel.Composition.ImportCardinalityMismatchException
スタック:
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
場所 VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
場所 System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.TimerQueueTimer.CallCallback()
場所 System.Threading.TimerQueueTimer.Fire()
場所 System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
場所 System.Threading.ThreadPoolWorkQueue.Dispatch()


System errors:
=============
Error: (10/29/2014 08:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: McAfee VirusScan Announcer サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error: (10/29/2014 08:54:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: McAfee Home Network サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error: (10/29/2014 08:51:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: McAfee Platform Services サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error: (10/29/2014 08:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: McAfee VirusScan Announcer サービスは予期せぬ原因により終了しました。このサービスの終了は 2 回目です。次の修正操作が 60000 ミリ秒以内に実行されます: サービスの再開。

Error: (10/29/2014 08:51:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: McAfee Home Network サービスは予期せぬ原因により終了しました。このサービスの終了は 2 回目です。次の修正操作が 60000 ミリ秒以内に実行されます: サービスの再開。

Error: (10/29/2014 08:49:29 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: サービス コントロール マネージャーで、McAfee Platform Services サービスの予期せぬ終了後に修正操作 (サービスの再開) を実行しようとしましたが、この処置は次のエラーで失敗しました:
%%1056

Error: (10/29/2014 08:48:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: McAfee Anti-Spam Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error: (10/29/2014 08:48:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: McAfee Proxy Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 3 回目です。

Error: (10/29/2014 08:48:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: McAfee Platform Services サービスは予期せぬ原因により終了しました。このサービスの終了は 2 回目です。次の修正操作が 60000 ミリ秒以内に実行されます: サービスの再開。

Error: (10/29/2014 08:48:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: McAfee VirusScan Announcer サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が 60000 ミリ秒以内に実行されます: サービスの再開。


Microsoft Office Sessions:
=========================
Error: (10/29/2014 08:54:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae40000015000000000002379929801cff30a3ba82a34C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exec0fe9896-5efd-11e4-beee-240a6425eee6

Error: (10/29/2014 08:51:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799119c01cff309b0ae679bC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe55799518-5efd-11e4-beee-240a6425eee6

Error: (10/29/2014 08:51:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCSystemTray.exe8.4.1.611053aa90abKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c138801cff30a0e448985C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\WINDOWS\system32\KERNELBASE.dll5029609c-5efd-11e4-beee-240a6425eee6

Error: (10/29/2014 08:51:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: アプリケーション:VCSystemTray.exe
フレームワークのバージョン:v4.0.30319
説明: ハンドルされない例外のため、プロセスが中止されました。
例外情報:System.ComponentModel.Composition.ImportCardinalityMismatchException
スタック:
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
場所 VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
場所 System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.TimerQueueTimer.CallCallback()
場所 System.Threading.TimerQueueTimer.Fire()
場所 System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
場所 System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (10/29/2014 08:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799100801cff30998392ab6C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exee4e75267-5efc-11e4-beee-240a6425eee6

Error: (10/29/2014 08:47:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799141801cff3097c6de0e6C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exebd345894-5efc-11e4-beee-240a6425eee6

Error: (10/29/2014 08:45:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799ae801cff309504131d7C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe9113c54b-5efc-11e4-beee-240a6425eee6

Error: (10/29/2014 07:29:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703120ac01cff2b8bbbef7e84294967295C:\WINDOWS\system32\wwahost.exed6ab4cc2-5ef1-11e4-beed-240a6425eee6BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sagSonyCorporation.VAIOMessageCenter

Error: (10/29/2014 06:32:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCSystemTray.exe8.4.1.611053aa90abKERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c2a2801cff2f6ba16f205C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\WINDOWS\system32\KERNELBASE.dllfa748451-5ee9-11e4-beed-240a6425eee6

Error: (10/29/2014 06:32:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: アプリケーション:VCSystemTray.exe
フレームワークのバージョン:v4.0.30319
説明: ハンドルされない例外のため、プロセスが中止されました。
例外情報:System.ComponentModel.Composition.ImportCardinalityMismatchException
スタック:
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExports(System.ComponentModel.Composition.Primitives.ImportDefinition, System.ComponentModel.Composition.Hosting.AtomicComposition)
場所 System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
場所 VCSystemTray.ViewModel.MainWindowViewModel.CollectRSOCData(System.Object)
場所 System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
場所 System.Threading.TimerQueueTimer.CallCallback()
場所 System.Threading.TimerQueueTimer.Fire()
場所 System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
場所 System.Threading.ThreadPoolWorkQueue.Dispatch()


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 59%
Total physical RAM: 3991.8 MB
Available physical RAM: 1616.83 MB
Total Pagefile: 6551.8 MB
Available Pagefile: 3548.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:102.62 GB) (Free:15.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: D4F361D6)

Partition: GPT Partition Type.

==================== End Of Log ============================
  • 長間正夫
  • 2014/10/29 (Wed) 09:07:29
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
残りの Shortcut.txt についてですが全部貼ろうとすると禁止ワードに引っかかってしまうので少しずつ投稿させて頂きます。

Users shortcut scan result (x64) Version: 27-10-2014 01
Ran by PCUser at 2014-10-29 08:55:32
Running from C:\Users\PCUser\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk -> C:\Program Files (x86)\Adobe\Elements 11 Organizer\Photoshop Elements 11.0.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk -> C:\Program Files\Sony\SonyEntertainmentNetwork\Music Unlimited.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk -> C:\Program Files\Sony\VAIO Care\VAIOCare.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk -> C:\Program Files (x86)\Sony\VAIO Data Restore Tool\Restore.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Creator.lnk -> C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Creator\VMCreator.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk -> C:\Program Files (x86)\Sony\VAIO Transfer Support\VAIOTransfer.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO TV with nasne(TM).lnk -> C:\Program Files (x86)\Sony\VAIO TV with nasne\Vnt.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk -> C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO の製品登録 (無料).lnk -> C:\Program Files (x86)\Sony\VAIO Registration Client\VWRLaunch.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO ホームネットワークビデオプレーヤー.lnk -> C:\Program Files (x86)\Sony\VAIO Home Network Video Player\HNVPlayer.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xperia Link.lnk -> C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\コンテンツ管理アシスタント for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\パワーセラー7\Uninstall.lnk -> C:\Users\PCUser\パワーセラー7\uninst.exe (Internal Crop.,2012.All rights reserved)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\パワーセラー7\Website.lnk -> C:\Users\PCUser\パワーセラー7\パワーセラー7.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\パワーセラー7\パワーセラー7.lnk -> C:\Users\PCUser\パワーセラー7\PowerSeller7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x-アプリ\x-アプリ バックアップツール.lnk -> C:\Program Files (x86)\Sony\x-APPLICATION\SSBackup.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x-アプリ\x-アプリ ヘルプ.lnk -> C:\Program Files (x86)\Sony\x-APPLICATION\ssv.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x-アプリ\x-アプリ.lnk -> C:\Program Files (x86)\Sony\x-APPLICATION\x-APPLICATION.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care\VAIO Care (Desktop).lnk -> C:\Program Files\Sony\VAIO Care\VAIOCare.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Unchecky.lnk -> C:\Program Files (x86)\Unchecky\Unchecky.exe (RaMMicHaeL)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky\Uninstall.lnk -> C:\Program Files (x86)\Unchecky\uninstall.exe (RaMMicHaeL)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\Tapur on the Web.lnk -> C:\Program Files (x86)\Tapur\Tapur.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\Tapur をアンインストールする.lnk -> C:\Program Files (x86)\Tapur\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\Tapur.lnk -> C:\Program Files (x86)\Tapur\tapmgr.exe (tapur.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\Tapurの使い方.lnk -> C:\Program Files (x86)\Tapur\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\インストールについて.lnk -> C:\Program Files (x86)\Tapur\install.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tapur\ライセンスについて.lnk -> C:\Program Files (x86)\Tapur\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\コンテンツ管理アシスタント for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NXPProximityInstaller\Uninstall NXPProximityInstaller.lnk -> C:\Program Files\NXPProximityInstaller\uninstall.exe (NXP Semiconductors)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013 に送る.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 ツール\Office 2013 アップロード センター.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msouc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 ツール\Office 2013 言語設定.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaMoJi Corp\mazec-T for Windows のインストール.lnk -> C:\Program Files (x86)\MetaMoJi Corp\mazecsetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware をアンインストールする.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lhaplus\Lhaplus ヘルプ.lnk -> C:\Program Files (x86)\Lhaplus\Lhaplus.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lhaplus\Lhaplus.lnk -> C:\Program Files (x86)\Lhaplus\Lhaplus.exe (HoeHoe.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\バージョン情報.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\ja.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel(R) WiDi\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud フォト.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech MP3 Editor 2.0 SE\honestech MP3 Editor 2.0 SE User Guide.lnk -> C:\Program Files (x86)\honestech MP3 Editor 2.0 SE\AudioRecorderUserGuide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech MP3 Editor 2.0 SE\honestech MP3 Editor 2.0 SE.lnk -> C:\Program Files (x86)\honestech MP3 Editor 2.0 SE\MP3Editor.exe (Honest Technology)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP\FFFTP.lnk -> C:\Program Files (x86)\ffftp\FFFTP.exe (Sota, FFFTP Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP\FFFTPについて.lnk -> C:\Program Files (x86)\ffftp\FFFTP.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP\FFFTPのヘルプ.lnk -> C:\Program Files (x86)\ffftp\FFFTP.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFFTP\FFFTPの改版履歴.lnk -> C:\Program Files (x86)\ffftp\history.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13\CyberLink PowerDVD 13.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD13\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\CLIP STUDIO.lnk -> D:\CELSYS\CLIP STUDIO\CLIP STUDIO\CLIPStudio.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO\素材アンインストール.lnk -> D:\CELSYS\CLIP STUDIO\CLIP STUDIO\MaterialUninstaller.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATOK\ATOK 2013のインストール.lnk -> C:\Program Files (x86)\JustSystems_Setup\ATOK2013\AUTOPLAY.EXE (株式会社ジャストシステム)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATOK\はじめにお読みください.lnk -> C:\Program Files (x86)\JustSystems_Setup\ATOK2013\README.HTML ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files (x86)\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files (x86)\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\PCUser\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\PCUser\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track13.lnk -> C:\Users\PCUser\Music\Brain Learning\Track13.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track14.lnk -> C:\Users\PCUser\Music\Brain Learning\Track14.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track15.lnk -> C:\Users\PCUser\Music\Brain Learning\Track15.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track16.lnk -> C:\Users\PCUser\Music\Brain Learning\Track16.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track17.lnk -> C:\Users\PCUser\Music\Brain Learning\Track17.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track18.lnk -> C:\Users\PCUser\Music\Brain Learning\Track18.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track19.lnk -> C:\Users\PCUser\Music\Brain Learning\Track19.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track20.lnk -> C:\Users\PCUser\Music\Brain Learning\Track20.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track21.lnk -> C:\Users\PCUser\Music\Brain Learning\Track21.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track22.lnk -> C:\Users\PCUser\Music\Brain Learning\Track22.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track23.lnk -> C:\Users\PCUser\Music\Brain Learning\Track23.cda (No File)
Shortcut: C:\Users\PCUser\Music\Brain Learning\ブレインスピーキング\Track24.lnk -> C:\Users\PCUser\Music\Brain Learning\Track24.cda (No File)
Shortcut: C:\Users\PCUser\Links\Desktop.lnk -> C:\Users\PCUser\Desktop ()
Shortcut: C:\Users\PCUser\Links\Downloads.lnk -> C:\Users\PCUser\Downloads ()
Shortcut: C:\Users\PCUser\Links\SkyDrive.lnk -> C:\Users\PCUser\SkyDrive ()
Shortcut: C:\Users\PCUser\Downloads\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\PCUser\Desktop\KeywordDiscovery.lnk -> C:\Program Files (x86)\KeywordDiscovery\keyword_Discovery_plus.exe ()
Shortcut: C:\Users\PCUser\Desktop\Lhaplus.lnk -> C:\Program Files (x86)\Lhaplus\Lhaplus.exe (HoeHoe.com)
Shortcut: C:\Users\PCUser\Desktop\powerdvd [1].lnk -> C:\Users\PCUser\Downloads\powerdvd [1].exe (CyberLink)
Shortcut: C:\Users\PCUser\Desktop\パワーセラー7.lnk -> C:\Users\PCUser\パワーセラー7\PowerSeller7.exe ()
Shortcut: C:\Users\PCUser\Desktop\ebay\パワーセラー7.lnk -> C:\Users\PCUser\パワーセラー7\PowerSeller7.exe ()
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeywordDiscovery\KeywordDiscovery.lnk -> C:\Program Files (x86)\KeywordDiscovery\keyword_Discovery_plus.exe ()
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ATF Cleaner.lnk -> C:\Users\PCUser\Downloads\ATF-Cleaner.exe (Atribune.org)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FFFTP.lnk -> C:\Program Files (x86)\ffftp\FFFTP.exe (Sota, FFFTP Project)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Unchecky.lnk -> C:\Program Files (x86)\Unchecky\Unchecky.exe (RaMMicHaeL)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Uninstall Programs.lnk -> C:\Users\PCUser\Desktop\iobituninstaller-3-3-8-2663\iobituninstaller.exe (IObit)
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\フォローマティックX_ver1.4.8.lnk -> C:\Users\PCUser\Desktop\アフィリエイト塾\twitterアフィリエイト\フォローマティック\fmx\fmx\フォローマティックX_ver1.4.8.exe ()
Shortcut: C:\Users\PCUser\AppData\Roaming\Microsoft\Excel\索敵値計算器%201.03303908092967056604\索敵値計算器%201.03.xls.lnk -> C:\Users\PCUser\Downloads\索敵値計算器 1.03.xls (No File)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk -> C:\Program Files (x86)\Adobe\Elements 11 Organizer\Photoshop Elements 11.0.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\ATOK 2013のインストール.lnk -> C:\Program Files (x86)\JustSystems_Setup\ATOK2013\AUTOPLAY.EXE (株式会社ジャストシステム)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\CyberLink PowerDVD 13.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD13\PDVDLP.exe (CyberLink Corp.)
Shortcut: C:\Users\Public\Desktop\FFFTP.lnk -> C:\Program Files (x86)\ffftp\FFFTP.exe (Sota, FFFTP Project)
Shortcut: C:\Users\Public\Desktop\honestech MP3 Editor 2.0 SE User Guide.lnk -> C:\Program Files (x86)\honestech MP3 Editor 2.0 SE\AudioRecorderUserGuide.pdf ()
Shortcut: C:\Users\Public\Desktop\honestech MP3 Editor 2.0 SE.lnk -> C:\Program Files (x86)\honestech MP3 Editor 2.0 SE\MP3Editor.exe (Honest Technology)
Shortcut: C:\Users\Public\Desktop\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Tapur.lnk -> C:\Program Files (x86)\Tapur\tapmgr.exe (tapur.com)
Shortcut: C:\Users\Public\Desktop\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\Users\Public\Desktop\Unchecky.lnk -> C:\Program Files (x86)\Unchecky\Unchecky.exe (RaMMicHaeL)
Shortcut: C:\Users\Public\Desktop\VAIO TV with nasne(TM).lnk -> C:\Program Files (x86)\Sony\VAIO TV with nasne\Vnt.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\VAIO Update.lnk -> C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\x-アプリ.lnk -> C:\Program Files (x86)\Sony\x-APPLICATION\x-APPLICATION.exe (Sony Corporation)

  • 長間正夫
  • 2014/10/29 (Wed) 10:01:14
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
続けていきます。





ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active Clip.lnk -> C:\Program Files (x86)\Sony\Active Clip\LaunchSettingTool.exe (Sony Corporation) -> /Setting
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk -> C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Control Center.exe (Sony Corporation) -> /VCC
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk -> C:\Program Files\Sony\VAIO Care\VAIOCare.exe (Sony Corporation) -> -vaiomanual
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO ジェスチャーコントロール.lnk -> C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe (Sony Corporation) -> -Setting
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\マカフィー\マカフィー セキュリティセンター.lnk -> C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) -> /desktopicon /platui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup\Norton Online Backup.lnk -> C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) -> OPEN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Update Manager\Intel(R) Update Manager.lnk -> C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe () -> --showui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iPhone を探す.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\アドレスデータ.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\カレンダー.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\メモ.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\メール.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\リマインダー.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech MP3 Editor 2.0 SE\Uninstall honestech MP3 Editor 2.0 SE.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{0020D0B8-93D5-4E3F-8676-1EEB2184ED52}\setup.exe (Acresso Software Inc. ) -> -runfromtemp -l0x0011 -uninst
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP640 series\MPドライバーアンインストーラー.lnk -> C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv64.exe (CANON INC.) -> /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\PCUser\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\PCUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VAIO Control Center.lnk -> C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Control Center.exe (Sony Corporation) -> /VCC
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\PCUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\Users\Public\Desktop\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\Users\Public\Desktop\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\Users\Public\Desktop\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\Users\Public\Desktop\Norton Online Backup.lnk -> C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) -> OPEN
ShortcutWithArgument: C:\Users\Public\Desktop\VAIO Manual.lnk -> C:\Program Files\Sony\VAIO Care\VAIOCare.exe (Sony Corporation) -> -vaiomanual
ShortcutWithArgument: C:\Users\Public\Desktop\マカフィー セキュリティセンター.lnk -> C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) -> /desktopicon /platui
  • 長間正夫
  • 2014/10/29 (Wed) 10:03:03
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
どうもここから引っかかるワードが複数あるようなのでjpegファイルにて投稿させて頂きます。
複数あるので見難いでしょうがよろしくお願いします。
  • 長間正夫
  • 2014/10/29 (Wed) 10:34:06
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
jpegファイル2つ目です。
  • 長間正夫
  • 2014/10/29 (Wed) 10:35:11
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
3つ目、これでラストです。
どうかよろしくお願いします。
  • 長間正夫
  • 2014/10/29 (Wed) 10:36:11
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
ログありがとうございます。Shortcut.txtが想定以上に巨大で驚きました。
調べましたところ、一部気になる点はありますが、やはり明確なアドウェアは見当たりませんね…。

症状の詳細を読んでも、やはり悪質なウェブサイト埋め込み広告(Chrome限定?)のような気がします…。

とりあえず見えた範囲で気になったものを駆除します。


■Farber Recovery Scan Tool (FRST)での駆除
メモ帳を開き、以下のスクリプトをコピー&ペーストしてください。
その後、この内容をFRST.exeのあるフォルダ(今回ですと「ダウンロード」の中でしょうか)に「fixlist.txt」というファイル名で保存してください。

---ここから

2014-10-16 02:48 - 2014-08-01 08:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\PCUser\Setup.exe
C:\Users\PCUser\Setup64.exe
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
C:\ProgramData\e2150575d4beed0c
C:\ProgramData\boost_interprocess
C:\ProgramData\Temp\*.*
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\MountPoints2: {22c42659-260d-11e3-be85-bfb58ad76d22} - "E:\Startme.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
2014-10-28 21:27 - 2014-10-28 21:27 - 00072048 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup (1).exe
2014-10-27 15:13 - 2014-10-27 15:13 - 00071024 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup.exe
EmptyTemp:
CMD: dir "C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /c
CMD: dir "C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /a:h /c

---ここまで

保存後、起動中のアプリケーションをできる限り終了してください。
次に、FRSTを起動し、「Fix」を押してください。
駆除作業に伴い、コンピュータが自動的に再起動されます。再起動後に表示されるログの内容をお知らせください。
  • イルカ
  • 2014/10/30 (Thu) 00:41:40
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
すいません、指示された作業をして再起動したら画面が真っ暗になってしまいました。

一番最初にログのウインドウは開いていたのですが他は真っ黒で
更に再起動かけてもPCログイン画面までは見れるのですがそれ以降はマウスポインタ以外
見えない状態です。

現在所有のタブレットから投稿しているのですがどうしたらいいでしょうか?
  • 長間正夫
  • 2014/10/30 (Thu) 10:51:43
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
システム復元かけてなんとか復活しました、現在PCからの投稿です。

FRSTのログはこちらであってますでしょうか、ファイル名を控えずに再起動かけてしまったもので…。

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014
Ran by PCUser at 2014-10-30 09:50:39 Run:1
Running from C:\Users\PCUser\Downloads
Loaded Profile: PCUser (Available profiles: PCUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-10-16 02:48 - 2014-08-01 08:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\PCUser\Setup.exe
C:\Users\PCUser\Setup64.exe
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
C:\ProgramData\e2150575d4beed0c
C:\ProgramData\boost_interprocess
C:\ProgramData\Temp\*.*
HKU\S-1-5-21-2242813578-432845641-1636232554-1001\...\MountPoints2: {22c42659-260d-11e3-be85-bfb58ad76d22} - "E:\Startme.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
2014-10-28 21:27 - 2014-10-28 21:27 - 00072048 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup (1).exe
2014-10-27 15:13 - 2014-10-27 15:13 - 00071024 _____ (Premium Installer ) C:\Users\PCUser\Downloads\setup.exe
EmptyTemp:
CMD: dir "C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /c
CMD: dir "C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /a:h /c
*****************

Could not move "C:\WINDOWS\system32\ApnDatabase.xml" => Scheduled to move on reboot.
C:\Users\PCUser\Setup.exe => Moved successfully.
C:\Users\PCUser\Setup64.exe => Moved successfully.
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 => Moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => Moved successfully.
C:\ProgramData\e2150575d4beed0c => Moved successfully.
C:\ProgramData\boost_interprocess => Moved successfully.

"C:\ProgramData\Temp\*.*" directory move:

Could not move "C:\ProgramData\Temp\*.*" directory. => Scheduled to move on reboot.

"HKU\S-1-5-21-2242813578-432845641-1636232554-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{22c42659-260d-11e3-be85-bfb58ad76d22}" => Key deleted successfully.
"HKCR\CLSID\{22c42659-260d-11e3-be85-bfb58ad76d22}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
Chrome DefaultSuggestURL not detected.
"C:\Users\PCUser\Downloads\setup (1).exe" => File/Directory not found.
"C:\Users\PCUser\Downloads\setup.exe" => File/Directory not found.

この後もログは続くのですが何度試しても投稿に反映されないのでこれ以降は例によってjpegファイルにて投稿させて頂きます。

システム復元で10/25にOTLを利用した時点まで戻ったのですが、それ以降の作業をもう一度行った方が良いでしょうか?
  • 長間正夫
  • 2014/10/30 (Thu) 15:43:48
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
トラブルを起こしてしまったようですみません。
これだけしつこいからにはと「疑わしき物を罰す」方針で駆除対象を広げたのですが、広げすぎたかもしれません…。

とりあえず、FRSTでの処理は中止します。駆除対象の中身を、もう少し詳しく調べてからにしましょう。
OTLで問題のフォルダの中身を確認します。


■Fixスクリプトによる処置
OTLを起動後、以下のスクリプトを「Custom Scan/Fixes」に貼り付け、「Run Fix」を押してください。


今回は再起動されません。ログが出ますので、そちらを載せてください。
なお、ログを閉じてしまった場合は、C:\_OTL\MovedFiles フォルダ内にログ(日付と時刻からなる数字ファイル名のファイル)がありますので、そちらの内容をお知らせください。

---ここから

:Files
dir C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 /c
dir C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 /c
dir C:\ProgramData\e2150575d4beed0c /c
dir C:\ProgramData\boost_interprocess /c

---ここまで


また、もう一度AdwcleanerとJunkware Removal Toolを実行してみましょう。
両者は一度削除の上、再度ダウンロードしなおしてください。


■AdwCleanerでの処置
AdwCleanerの使い方
http://www59.atwiki.jp/malware_laboratory/pages/4.html

を参考に、「Adwcleanerのダウンロード」~「駆除ログの出力」までを行い、結果出てきたログをお知らせください。


■Junkware Removal Tool
以下のURLからJunkware Removal Toolをダウンロードしてください。
http://thisisudax.org/downloads/JRT.exe
サーバーが重いので、上手くいかないときは少し時間をおいてお試しください。

ダウンロード後、実行ファイルを右クリックし「管理者として実行」してください。
実行すると自動的にスキャン&駆除が開始されます。完了後、ログが開きますので、その内容をお知らせください。


  • イルカ
  • 2014/10/30 (Thu) 23:59:09
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
いえいえ、こちらの都合につき合わさせてしまって申し訳ありません。
無事復帰できたので大丈夫です。

ではOTLログ貼らせて頂きます。

========== FILES ==========
[color=#A23BEC]< dir C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData のディレクトリ
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 のディレクトリ
2014/10/30 11:43 <DIR> .
2014/10/30 11:43 <DIR> ..
2012/10/08 16:19 1,977,816 GEARDIFx.exe
2014/10/30 11:43 <DIR> x64
1 個のファイル 1,977,816 バイト
3 個のディレクトリ 18,086,187,008 バイトの空き領域
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir C:\ProgramData\e2150575d4beed0c /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData\e2150575d4beed0c のディレクトリ
2014/10/30 11:43 <DIR> .
2014/10/30 11:43 <DIR> ..
2014/09/09 22:13 338 0f29801820a37114a0daf0258827b887.ini
2014/09/10 14:35 348 1878c1afe37a6843a0daf0258827b887.ini
2014/09/10 17:51 510 242c2fd4536773faa0daf0258827b887.ini
2014/09/10 17:51 352 3ed03cfb56800283a0daf0258827b887.ini
2014/09/10 13:25 360 5175a0130ed5b449a0daf0258827b887.ini
2014/08/04 12:30 506 659310361e8c6f3ca0daf0258827b887.ini
2014/09/09 22:13 500 8667b30c8487a893a0daf0258827b887.ini
2014/09/10 14:35 524 88ca0666a8bc42bca0daf0258827b887.ini
2014/08/04 12:29 346 949eb5250aa63df0a0daf0258827b887.ini
2014/09/09 22:13 357 a220577b68ed26b8a0daf0258827b887.ini
2014/08/04 12:29 357 b895ebcf88104095a0daf0258827b887.ini
2014/07/12 08:38 345 bd95dd966694472da0daf0258827b887.ini
2014/06/13 21:29 362 c6fe71eb0df19321a0daf0258827b887.ini
2014/09/10 17:51 356 e7a261f5c12d8405a0daf0258827b887.ini
14 個のファイル 5,561 バイト
2 個のディレクトリ 18,086,182,912 バイトの空き領域
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.
[color=#A23BEC]< dir C:\ProgramData\boost_interprocess /c >[/color]
ドライブ C のボリューム ラベルがありません。
ボリューム シリアル番号は 5EA5-2D34 です
C:\ProgramData のディレクトリ
C:\Users\PCUser\Downloads\cmd.bat deleted successfully.
C:\Users\PCUser\Downloads\cmd.txt deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10312014_093359

Adwcleanerログ貼らせて頂きます。

# AdwCleaner v4.001 - レポート作成日 26/10/2014 時間 21:02:09
# DB v2014-10-26.1
# 更新日 20/10/2014 更新元 Xplode
# オペレーティングシステム : Windows 8.1 (64 bits)
# ユーザー名 : PCUser - VAIO
# プログラムの実行場所 : C:\Users\PCUser\Downloads\adwcleaner_4.001.exe
# オプション : 除去

***** [ サービス ] *****


***** [ ファイル / フォルダ ] *****


***** [ タスク ] *****


***** [ ショートカット ] *****


***** [ レジストリ ] *****


***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 ja)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [801 octets] - [26/10/2014 20:30:08]
AdwCleaner[S0].txt - [707 octets] - [26/10/2014 21:02:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [766 octets] ##########
# AdwCleaner v3.311 - レポート作成日 31/10/2014 時間 09:50:14
# 更新日 30/09/2014 更新元 Xplode
# オペレーティングシステム : Windows 8.1 (64 bits)
# ユーザー名 : PCUser - VAIO
# プログラムの実行場所 : C:\Users\PCUser\Downloads\adwcleaner_3.311.exe
# オプション : 除去

***** [ サービス ] *****


***** [ ファイル / フォルダ ] *****


***** [ タスク ] *****


***** [ ショートカット ] *****


***** [ レジストリ ] *****


***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 ja)

[ ファイル : C:\Users\PCUser\AppData\Roaming\Mozilla\Firefox\Profiles\2rdtugv1.default\prefs.js ]


-\\ Google Chrome v38.0.2125.104

[ ファイル : C:\Users\PCUser\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1885 octets] - [26/10/2014 20:30:08]
AdwCleaner[R1].txt - [1028 octets] - [27/10/2014 22:24:51]
AdwCleaner[S0].txt - [1786 octets] - [26/10/2014 21:02:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1846 octets] ##########

JRTログ貼らせて頂きます。

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by PCUser on 2014/10/31 at 10:03:25.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\PCUser\AppData\Roaming\mozilla\firefox\profiles\2rdtugv1.default\prefs.js

user_pref("extensions.TNh.url", "hxxp://discountgetdirect.ru/sync2/?q=hfZ9oeV9CGhEAen0rihTB6lKDzt4okPntNtVh7n0rjnEpjwErdY9rTr9tMFHhd9Fqda4rjnFrTnFrHwMDMlGojUMAe4UojwHpjaGqjY9p



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014/10/31 at 10:07:10.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 長間正夫
  • 2014/10/31 (Fri) 10:29:21
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
こちらでChromeをインストールして、しばらくまとめサイトを巡回してみましたが、Javaの広告にはお目にかかれませんでした。
OTLのログを見ても調べた4フォルダはいずれも関係なさそうですので、いよいよ手詰まり感が…。

一度Chromeをリセットしましょう。
ブックマークをエクスポートしてバックアップしたうえで、以下のサイトの手順に従い、最初は設定リセット、それでも出るようであればプロファイルごと削除しましょう。
なお、その際にGoogleのアカウントには繋がないようにしてください。Googleアカウント経由で拡張機能等が復元されてしまい、修復になりませんので。

また、広告が出た元ページのURLがありましたら、差支えなければ教えてもらえますか?


ブラウザの設定をリセットする
https://support.google.com/chrome/answer/3296214?hl=ja

google chrome(グーグルクローム)の初期化について
http://detail.chiebukuro.yahoo.co.jp/qa/question_detail/q1354461048
  • イルカ
  • 2014/11/01 (Sat) 14:40:59
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
お手数おかけします…。

まずはgoogleアカウントからログアウトしてブラウザの設定をリセットをしたところ
今まで発生したページを数件開いても発生しなくなりました。
その後ログインし直しても発生しないままです。

広告が出た元ページですが前日(リセット作業前)の履歴から貼らせて頂きます。
http://jp.reuters.com/article/topNews/idJPTYE93304D20130404
http://goethe.nikkei.co.jp/hbeauty/130528/
http://xn--zck9awe6dw94syhf317eyv4a.com/archive/32.html
http://www.logsoku.com/r/mnewsplus/1366236923/
http://inazumanews2.com/archives/39115314.html
http://mensathletecare.hamazo.tv/c603296_3.html

Naverまとめ、Yahoo知恵袋についてはほぼ全てのページ(3ページ開くたびに2回程の頻度)
で発生し数が膨大になってしまうので省かせて下さい。
これらのページを開いても現在発生しません。

あと関係あるか不明ですが、こちらのページや2ch、Wikipediaで発生したことはありませんでした。


これで解決したとみて大丈夫でしょうか?


  • 長間正夫
  • 2014/11/02 (Sun) 11:03:24
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
とりあえずリセットで症状が治まったようですね。
どこかに隠れていた本体がリセットで停止されたものと思われます。

数日間、再発がないか様子を見てください。もし問題が無いようであれば、長らくかかりましたが解決となります。


後片付けを案内しておきますね。


■後片付け
使ったツールを削除します。

・HijackThis
・CCleaner
・herdProtect
・Junware Removal Tool
コントロールパネルから、アンインストールしてください。
ポータブル版をダウンロードされた場合などはコントロールパネルに出てきませんが、その場合は実行ファイルをそのまま削除可能です。

・OTL
OTLを起動後、上側にある「Clean Up」ボタンを押してください。
OTL自身も自動的に削除されます。

・AdwCleaner
起動後、画面右下にある「アンインストール」を押してください。
本当に削除するかと聞かれるので、「はい」を押すとウィンドウが閉じ、ログなどの関連ファイルがまとめて削除されます。

・Farber Recovery Scan Tool
ダウンロードしたファイルをそのまま削除してください。
  • イルカ
  • 2014/11/02 (Sun) 17:47:44
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
ありがとうございます、これから3日ほど様子を見てみたいと思います。

お世話になりました!
  • 長間正夫
  • 2014/11/03 (Mon) 08:58:49
返信フォームへ 
Re: 申し訳ありませんが再びお世話になります
しばらく様子を見ましたがここまで一切症状は発生しません。

お世話になりました、ありがとうございました!
  • 長間正夫
  • 2014/11/11 (Tue) 22:13:10
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック