悪代官の伏魔殿掲示板
広告が多くて困ってます
何か月か前にご相談させていただいてたのですが、作業に手間取っているうちに投稿が見つからなくなってしまったので、再度CCとHJTを貼りますので、アドバイスお願いします。

CCより。

Acer Backup Manager NTI Corporation 2011/04/21 336 MB 3.0.0.85
Acer Crystal Eye Webcam CyberLink Corp. 2011/05/06 33.7 MB 1.0.1510
Acer ePower Management Acer Incorporated 2011/05/06 6.00.3006
Acer eRecovery Management Acer Incorporated 2011/04/21 5.00.3002
Acer ScreenSaver Acer Incorporated 2011/05/06 1.1.1130.2010
Acrobat.com Adobe Systems Incorporated 2011/04/21 1.60 MB 1.6.65
Adobe Flash Player 15 ActiveX Adobe Systems Incorporated 2014/10/23 6.00 MB 15.0.0.189
Adobe Photoshop Elements 9 Adobe Systems Incorporated 2011/08/04 2.60 GB 9.0
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/14 203 MB 11.0.10
Apple Application Support(32 ビット) Apple Inc. 2015/02/16 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/02/16 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/02/16 27.9 MB 8.1.0.18
Apple Software Update Apple Inc. 2014/10/26 2.38 MB 2.1.3.127
Autodesk Backburner 2012.0.0 Autodesk, Inc. 2011/08/02 12.9 MB 2012.0.0
Autodesk DirectConnect 2012 32-bit Autodesk 2011/08/02 6.0.432.0
Autodesk MatchMover 2012 32-bit Autodesk 2011/08/02 114 MB 14.00.0000
Autodesk SketchBook Copic Edition Autodesk 2012/05/15 50.8 MB 1.00.0000
Bonjour Apple Inc. 2015/02/16 2.04 MB 3.0.0.10
Broadcom Card Reader Driver Installer Broadcom Corporation 2011/04/21 2.76 MB 14.6.1.2
Broadcom Gigabit NetLink Controller Broadcom Corporation 2011/04/21 496 KB 14.6.1.2
BUFFALO エアステーション設定ツール BUFFALO INC. 2011/07/01 2.84 MB 2.0.5
BUFFALO クライアントマネージャV BUFFALO INC. 2011/07/01
CCleaner Piriform 2015/02/09 5.02
clear.fi CyberLink Corp. 2011/05/06 127 MB 1.0.1422.00
clear.fi Client Acer Incorporated 2011/05/06 1.00.3008
COMICART CG illust 4.06 Plus DEMO SE Inc. 2012/01/10 2.99 MB 04.06.0003
ComicStudioEX 4.0 CELSYS 2012/01/11 104 MB 4.6.00
Composite 2012 Autodesk 2011/08/02 332 MB 7.0.0
CoreAAC 2013/03/15
File Scavenger 3.2 (Japanese) QueTek Consulting Corporation 2011/11/03 2.08 MB 3.2.21.0
GIMP 2.6.11 The GIMP Team 2012/06/21 107 MB 2.6.11
Google Chrome Google Inc. 2014/07/30 41.0.2272.118
Google Toolbar for Internet Explorer Google Inc. 2015/03/11 7.5.6227.252
Intel(R) Control Center Intel Corporation 2011/05/06 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/11/05 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 2012/11/05 8.15.10.2342
Intel(R) Rapid Storage Technology Intel Corporation 2012/11/05 10.0.0.1046
iTunes Apple Inc. 2015/02/16 234 MB 12.1.0.71
Java 7 Update 25 Oracle 2013/06/23 129 MB 7.0.250
Java 7 Update 9 (64-bit) Oracle 2012/12/15 127 MB 7.0.90
JWord(日本語キーワード) 2012/10/19
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/27 2.93 MB 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/02/09 38.8 MB 4.5.51209
Microsoft Office 2010 Microsoft Corporation 2013/12/14 14.0.7015.1000
Microsoft Office ナビ 2010 Microsoft Corporation 2013/12/14 16.9 MB 14.0.7015.1000
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/12/14 398 MB 5.1.31211.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/04/21 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2011/06/30 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/06/27 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/01 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2011/04/21 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/08/02 222 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/30 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/04/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/06/03 17.3 MB 11.0.61030.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
MyWinLocker Suite Egis Technology Inc. 2011/04/21 2.59 MB 4.0.14.11
NTI Media Maker 9 NTI Corporation 2011/05/06 1.60 GB 9.0.2.8942
NVIDIA PhysX Plug-in for Autodesk Maya 2012 32 bit NVIDIA Corporation 2011/08/02 147 MB 2.60.0216.1828
NW-E050 WALKMAN Guide Sony Corporation 2011/12/19 388 KB 2.1.0.17210
RadioLine Free Coderium 2012/10/17
Revo Uninstaller Pro 3.1.2 VS Revo Group, Ltd. 2015/02/10 35.5 MB 3.1.2
RPGツクールVX Ace RTP Enterbrain 2013/05/30 194 MB 1.00
shopperz 2.0.0.456 shopperz 2015/02/09 7.28 MB 2.0.0.456
Skype Click to Call Skype Technologies S.A. 2013/09/20 22.5 MB 6.9.12585
Sony Media Library Earth 8.0.00 Sony Corporation 2013/05/30 46.3 MB 8.0.00.10191
Synaptics Pointing Device Driver Synaptics Incorporated 2011/05/06 46.4 MB 15.1.6.0
Welcome Center Acer Incorporated 2011/05/06 1.02.3102
Windows Live Essentials Microsoft Corporation 2011/04/21 15.4.3508.1109
x-アプリ 5.0.01 Sony Corporation 2013/05/30 87.8 MB 9.0.01
Yahoo!ツールバー Yahoo! JAPAN. 2011/11/08 7.3.0.12
♪超録 - パソコン長時間録音機 フリーウェア版 2014/09/09
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.0 インテル 2011/05/06 27.5 MB 2.0.82.0
ペイントツールSAI Ver.1 2013/05/19
  • 2015/04/05 (Sun) 16:23:54
返信フォームへ 
Re: 広告が多くて困ってます
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:33:49, on 2015/04/05
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)


Boot mode: Normal

Running processes:
C:\Program Files\shopperz\wrex.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\ProgramData\{dfad0aa7-78db-5eb2-dfad-d0aa778d2a9d}\optimizerpro.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\mina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5RHFKJTV\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\mina\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [DigitalSites] wscript /E:vbscript /B "C:\Users\mina\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat"
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del869162066] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del955569553] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del1041969225] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del32416742] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del118921387] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del205230609] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del291622403] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del379863370] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del464419952] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: optimizerpro.lnk = C:\ProgramData\{dfad0aa7-78db-5eb2-dfad-d0aa778d2a9d}\optimizerpro.exe
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: &WoopieVideoDeskTopで動画高速再生 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl1.htm
O8 - Extra context menu item: &WoopieVideoDeskTopのダウンロードリストに追加 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl2.htm
O8 - Extra context menu item: &WoopieVideoハンターで動画リンクを一括発見 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm
O8 - Extra context menu item: Microsoft Excel にエクスポート(&X) - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: OneNote に送る(&N) - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [!CNS] JWord(日本語キーワード)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {7BD15D9F-7684-48AE-888E-46AF1CAEDB2E} (MILU Download Class) - http://www.milu.jp/MILU.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (file missing)
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - Unknown owner - C:\Program Files (x86)\XTab\ProtectService.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: rcores - Unknown owner - C:\Windows\rcore.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: JO Service component (serverjo) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\JOSrv.exe (file missing)
O23 - Service: shopperz Updater - Unknown owner - C:\Program Files\shopperz\nseven.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Mobile Phone Align (xiwujebi) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\nsb3154.tmpfs (file missing)

--
End of file - 14079 bytes
  • 2015/04/05 (Sun) 16:34:39
返信フォームへ 
やり直しですね
こんにちは、以前も回答したIVNOです。
前回のものは以下ですね。
http://akudaikan-0.bbs.fc2.com/?act=reply&tid=6187800#12825177
いずれにせよやり直しとなりますので、こちらで進めていきましょう。
先にご案内いたします。
ここで行うすべての作業中で指示内容と異なるもの、実際には存在しないもの、正常に処置できないものは
すべて飛ばして次の工程へ進め、一通りの作業を終わらせることを最優先で行ってください。

ではご案内からやり直しますね。
それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。
「ATF-Cleaner」(通称:ATF)
説明↓
http://freesoft.tvbok.com/freesoft/pc_system/atf-cleaner.html
ダウンロード↓
http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=1
中央の赤い文字がダウンロードリンクです。
片付けるときはファイルを直接削除してください。
説明ページではWindowsXpと2000対応と書かれてますが、Win7やVistaにも対応です。

GeekUninstaller(通称:Geek)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGeekなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンクです。アクセスしてファイルを分かりやすい場所に保存しておいてください。
ソフトウェアを一度起動させることにより自動的にアップデートが始まります。
アップデートが完了しましたら今は何もせずに終了させてください。
本ソフトウェアの削除指示があった際は起動後に「アンインストール」ボタンを押せば自動で削除されます。

準備できたら作業を開始しましょう。

まずは、Javaをご利用の方は以下URLの「Javaアンインストール・ツール」と言う文字をクリックし、
最新バージョンの確認と旧バージョンの削除を行われてください。
https://java.com/ja/download/faq/remove_olderversions.xml
Javaアンインストール・ツールを押すとJavaの調査が入りますので、
数十秒間ほど、調査が完了するまで今しばらくお待ちください。
調査完了後に更新や削除のご案内が表示されるはずですので、
指示に従って対応なされてください。

Javaの処置が完了した方、Javaを導入されていない方は以下から作業をお願いいたします。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Windows 8または8.1の方は以下を参考になされてください。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\Windows\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\mina\AppData\Local\Akamai\netsession_win.exe"
O4 - Startup: optimizerpro.lnk = C:\ProgramData\{dfad0aa7-78db-5eb2-dfad-d0aa778d2a9d}\optimizerpro.exe
O8 - Extra context menu item: &WoopieVideoDeskTopで動画高速再生 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl1.htm
O8 - Extra context menu item: &WoopieVideoDeskTopのダウンロードリストに追加 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl2.htm
O8 - Extra context menu item: &WoopieVideoハンターで動画リンクを一括発見 - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O11 - Options group: [!CNS] JWord(日本語キーワード)
O23 - Service: IHProtect Service - Unknown owner - C:\Program Files (x86)\XTab\ProtectService.exe (file missing)
O23 - Service: JO Service component (serverjo) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\JOSrv.exe (file missing)
O23 - Service: shopperz Updater - Unknown owner - C:\Program Files\shopperz\nseven.exe
O23 - Service: Mobile Phone Align (xiwujebi) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\nsb3154.tmpfs (file missing)

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、Geek起動させ、以下を削除してください。

Adobe Flash Player 15 ActiveX Adobe Systems Incorporated 2014/10/23 6.00 MB 15.0.0.189
GIMP 2.6.11 The GIMP Team 2012/06/21 107 MB 2.6.11
Java 7 Update 25 Oracle 2013/06/23 129 MB 7.0.250
Java 7 Update 9 (64-bit) Oracle 2012/12/15 127 MB 7.0.90
JWord(日本語キーワード) 2012/10/19
shopperz 2.0.0.456 shopperz 2015/02/09 7.28 MB 2.0.0.456

ダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
Geekでのアンインストールが完了しましたらGeekを終了させ、ATFで掃除を行ってください。
Select Allにチェックを入れ、Empty Selectedをクリックします。
ATFでの掃除が完了しましたら、ACを使用してマルウェアの掃除を行いましょう。
ACを起動させ、Scanまたはスキャンをクリックします。
スキャンが終了しましたら、Cleaningまたは除去をクリックして掃除を行います。
掃除が完了すると再起動を求められますので、指示に従って通常モードで再起動を行ってください。
これでセーフモードから通常モードに移行します。
再起動前後いずれかにACのログが表示さますので、分かりやすい場所に保存しておいてください。

その後、CCを起動させてください。
起動したら、「ツール」→「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できますので、
デスクトップ等、分かりやすい場所に最新のログのみ保存しておきましょう。
続いて「InternetExplorer」タブのログ、導入されておられるのであれば「Firefox」タブ、
同じく導入されておられるのであれば「Google Chrome」タブ、そして「スケジュールされたタスク」タブのログを取得してください。
ただし、「コンテキストメニュー」のログは取得していただく必要がございません。
CCの各ログを取得されましたら、CCは終了させて問題ありません。
ACとCCのログを返信欄に貼り付けていただき、ご報告をお願いいたします。
上記ログを確認後、次の作業内容をご案内いたします。
  • IVNO
  • MAIL
  • 2015/04/05 (Sun) 17:30:22
返信フォームへ 
遅くなりましたが
作業の中で、Geekで Java 7 update25 oracle、Java 7 update 9がなかったこと、JWord、shopperz2,0,0,456 shopperzの削除ができなかった、以外は無事に進められました。

ACのタグより貼っていきます。

# AdwCleaner v4.110 - Logfile created 09/04/2015 at 21:59:20
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : mina - ASPIRE5750
# Running from : C:\Users\mina\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : cherimoya

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mipony
Folder Deleted : C:\Program Files (x86)\baidu
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\baidu
[!] Folder Deleted : C:\Program Files\shopperz
Folder Deleted : C:\Users\mina\AppData\Roaming\baidu
Folder Deleted : C:\Users\mina\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\mina\AppData\Roaming\1H1Q1V1N1N1O1R
File Deleted : C:\Windows\System32\drivers\cherimoya.sys

***** [ Scheduled tasks ] *****

Task Deleted : Digital Sites
Task Deleted : DSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Baidu
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Baidu
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
Key Deleted : [x64] HKLM\SOFTWARE\Baidu
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\jp.hao123.com

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Google Chrome v41.0.2272.118

[C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://jp.hao123.com/?tn=incore_pay_hp_ex01_hao123_jp

*************************

AdwCleaner[R0].txt - [20308 bytes] - [11/03/2015 00:29:37]
AdwCleaner[R1].txt - [2534 bytes] - [09/04/2015 21:57:54]
AdwCleaner[S0].txt - [18505 bytes] - [11/03/2015 00:32:38]
AdwCleaner[S1].txt - [2474 bytes] - [09/04/2015 21:59:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2533 bytes] ##########
  • 2015/04/09 (Thu) 22:10:39
返信フォームへ 
Re: 広告が多くて困ってます
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run ArcadeMovieService CyberLink Corp. "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run EgisTecPMMUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
有効 HKLM:Run EgisUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
有効 HKLM:Run gmsd_jp_150
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IME14 JPN Setup Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run shopperz Jabuticaba Ltd C:\Program Files\shopperz\wrex.exe
有効 HKLM:Run shopperz64 Jabuticaba Ltd C:\Program Files\shopperz\wrex64.exe
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
  • 2015/04/09 (Thu) 22:11:14
返信フォームへ 
Re: 広告が多くて困ってます
有効 Extension JWord(日本語キーワード) http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton
有効 Extension OneNote に送る Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
有効 Extension OneNote に送る Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
有効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
有効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
有効 Extension Skype Click to Call Skype Technologies S.A. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
有効 Extension Skype Click to Call Skype Technologies S.A. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
有効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
  • 2015/04/09 (Thu) 22:11:47
返信フォームへ 
Re: 広告が多くて困ってます
有効 App Gmail 7 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
有効 App Google ドライブ 6.4 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0
有効 App Google 検索 0.0.0.20 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
有効 App YouTube 4.2.7 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
無効 Extension Browse2save 3.8 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnejdcmlieofbealmjohgicnldcanbai\3.8_0
有効 Extension Google ドキュメント 0.9 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
有効 Extension Scroll Bar 1 Blue 209 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\affmlfjaccgajlhglnhfhfaiohelbmec\209
無効 Extension Skype Click to Call 7.3.16540.9015 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.1.5 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.1.5_0
  • 2015/04/09 (Thu) 22:12:58
返信フォームへ 
Re: 広告が多くて困ってます
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task AdobeAAMUpdater-1.0-Aspire5750-mina Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} Baidu C:\Program Files (x86)\baidu\update\baidujp_update.exe -Update
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PC SpeedScan Pro@Logon Ascentive LLC C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m
有効 Task PC SpeedScan Pro_Aspire5750@mina Ascentive LLC C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
有効 Task RealUpgradeLogonTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
有効 Task RealUpgradeScheduledTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
有効 Task WeatherTool_start_schedule_task Baidu Online Network Technology (Beijing)Co., Ltd C:\Program Files (x86)\WeatherTool\1.1.1.13\InstallHelper.exe -start
有効 Task {1420EB0C-42D4-4CD2-911F-5BBE3F7BEC6D} Microsoft Corporation "c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.115/ja/go/help.faq.installer?LastError=1618
有効 Task {E133FC02-608C-4985-9C10-FC19F41CF866} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\install.log"
  • 2015/04/09 (Thu) 22:13:28
返信フォームへ 
ACは削除しMBAMでスキャンを
ACの結果は良好です。
ACは必要ありませんので、ACを起動させてアンインストールボタンを押して削除なされてください。

以下のソフトウェアをご用意ください。

Malwarebytes Anti-Malware(通称:MBAM)
旧バージョンダウンロード↓(ファイル直リンクです。表示して数秒後にダウンロード開始の表示が出ます)
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
最新バージョンには動作しなくなるなどの不具合があるため、ここでは旧バージョンを利用します。
インストールの最後に出てくるMalwarebytes Anti-Malware Pro版の無料試用を開始する。のチェックを外します。
このソフトウェアは日本語対応ではありますが、初回起動時は文字化けしておりますので、以下の手順で日本語化を行ってください。
MBAMを起動させてください。
MBAMを起動時に自動アップデートが始まります。
最新バージョンをダウンロードしたと表示されたら、必ずキャンセルを押してください。
次にウイルス定義ファイルのアップデートが始まりますので、アップデート終了までお待ちください。
ウイルス定義ファイルのバージョンアップが完了すると、再度最新バージョンをダウンロードしたと出ますので、
再びキャンセルを押してアップデートを中止してください。
MBAMが起動したら設定タブを開き、Languageの項目の部分をJapaneseに再度変更することで日本語化が可能です。
この段階ではスキャンは行いませんので、設定が完了したらMBAMを終了させておいてください。
最新バージョンと旧バージョンは操作方法が大幅に異なりますので、
万一バージョン2.0以降を導入されてしまった場合はご連絡ください。
片付け時はセーフモードからGeekを利用してアンインストールしてください。

ここで使うのはFree(無償版)です。

準備が完了しましたら作業を開始いたします。
CCを起動させ、ツール→スタートアップの各項目を開き、
該当するものを無効→エントリの削除の順番でクリックしてください。

Windows
有効 HKLM:Run gmsd_jp_150
有効 HKLM:Run shopperz Jabuticaba Ltd C:\Program Files\shopperz\wrex.exe
有効 HKLM:Run shopperz64 Jabuticaba Ltd C:\Program Files\shopperz\wrex64.exe

Internet Explorer
有効 Extension JWord(日本語キーワード) http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton

Google Chrome
無効 Extension Browse2save 3.8 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnejdcmlieofbealmjohgicnldcanbai\3.8_0

スケジュールされたタスク
有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} Baidu C:\Program Files (x86)\baidu\update\baidujp_update.exe -Update
有効 Task PC SpeedScan Pro@Logon Ascentive LLC C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m
有効 Task PC SpeedScan Pro_Aspire5750@mina Ascentive LLC C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe

無効にできないもの、既に無効になっているものはそのままエントリの削除を、
エントリが存在しない場合は放置で先に進みましょう。
またGoogle Chrome等で削除ができない場合も放置で先に進みましょう。
CCでの作業が完了しましたら、PCをセーフモードで起動してください。
MBAMを起動させます。
フルスキャンを選択し、スキャン開始をクリックします。
スキャン終了まで30分~1時間半程度お待ちください。
スキャンが完了したら、詳細を表示をクリックします。
検出されたものの一覧が出ますので、検出されたものすべてを駆除するため、
検出されたものの左側にあるチェックボックスすべてにチェックを入れます。
すべての箇所にチェックを入れたら選択されたアイテムを隔離ボタンを押します。
処置の設定が完了するとPCの再起動を促されますので、指示に従って通常モードで再起動してください。
再起動前後にログが出ますので、取得されたログを貼り付け、ご報告をお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/10 (Fri) 14:57:27
返信フォームへ 
MBAMログです
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS (セーフモード)
Internet Explorer 11.0.9600.17691
mina :: ASPIRE5750 [管理者]

2015/04/10 21:48:18
mbam-log-2015-04-10 (21-48-18).txt

スキャンタイプ: フルスキャン (C:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 538964
経過時間: 1 時間, 23 分, 56 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 11
HKCR\CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\TypeLib\{AAB6BCE3-1DF6-4930-9B14-9CA79DC8C267} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\Interface\{DF692509-D9EF-48A0-9CD0-3AA5B81F6F68} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CnsMin (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH.1 (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\3721 (PUP.BitSpirit) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\3721 (PUP.BitSpirit) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS (Adware.CnsMin) -> 正常に隔離され削除されました。

レジストリ値の検出: 2
HKCU\Software\Microsoft\Internet Explorer\Main|CNSReset (Adware.CnsMin) -> データ: 3973824615 -> 正常に隔離され削除されました。
HKCU\Software\Microsoft\Internet Explorer\Main|CNSHint (Adware.CnsMin) -> データ: 1 -> 正常に隔離され削除されました。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 0
(悪意のあるアイテムは検出されていません。)

ファイルの検出: 5
C:\Windows\Downloaded Program Files\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Program Files\JWord_pino\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Users\mina\Desktop\CPRMDecrypter\cprmgetkey.exe (HackTool.Agent) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\CPRMDecrypter_set.zip (HackTool.Agent) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\PDFCreatorSetup.exe (PUP.Adware.InstallCore) -> 正常に隔離され削除されました。

(終)
  • 2015/04/11 (Sat) 01:14:21
返信フォームへ 
今一度MBAMで作業を
ログを確認させていただきました。
MBAMの定義ファイルの更新ができていない模様です。
定義バージョン: v2013.04.04.07
2013年4月4日の定義ファイルのままとなっております。
今一度定義ファイルを更新の上、再度MBAMによる駆除を実行なされてください。
その結果をまた貼り付けてご連絡ください。
  • IVNO
  • MAIL
  • 2015/04/11 (Sat) 21:47:59
返信フォームへ 
MBAMrogudesu
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2015.04.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
mina :: ASPIRE5750 [管理者]

2015/04/12 0:00:21
mbam-log-2015-04-12 (00-00-21).txt

スキャンタイプ: フルスキャン (C:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 643269
経過時間: 1 時間, 50 分, 12 秒

メモリプロセスの検出: 4
C:\Program Files\shopperz\csrcc.exe (PUP.Optional.Shopperz.A) -> 2112 -> 何の措置も取られませんでした。
C:\Program Files\shopperz\grunt.exe (PUP.Optional.Shopperz.A) -> 1488 -> 何の措置も取られませんでした。
C:\Program Files\shopperz\wrex.exe (PUP.Optional.Shopperz.A) -> 1652 -> 何の措置も取られませんでした。
C:\Program Files\shopperz\wrex64.exe (PUP.Optional.Shopperz.A) -> 1964 -> 何の措置も取られませんでした。

メモリモジュールの検出: 4
C:\Program Files\shopperz\kasumi32.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\krios.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\liara.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\tsoni.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。

レジストリキーの検出: 22
HKCR\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\Extension.jshep.1 (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\Extension.jshep (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> 何の措置も取られませんでした。
HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKLM\SOFTWARE\QuickRef_1.10.0.8 (PUP.Optional.QuickRef.A) -> 何の措置も取られませんでした。
HKLM\SOFTWARE\Wow6432Node\shopperz (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\cherimoya (PUP.Optional.cherimoya.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service (PUP.Optional.IHProtect.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\qrnfd_1_10_0_8 (PUP.Optional.QuickRef.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\shopperz Updater (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\{feff35ba-2139-454f-bd8e-bc1ab8b3774d}Gw64 (PUP.Optional.Sanbreel.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCORES (PUP.Optional.Score.A) -> 何の措置も取られませんでした。
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERJO (PUP.Optional.JOSrv.A) -> 何の措置も取られませんでした。
HKLM\Software\shopperz (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKLM\System\CurrentControlSet\Services\70F4EEDB-1367-4b4f-8247-3133551A7415 (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
HKCR\Interface\{D1661A59-E9D3-4603-8822-2FBEADA5E097} (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。

レジストリ値の検出: 4
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> データ: C:\Program Files\shopperz\Firefox -> 何の措置も取られませんでした。
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{5081D2D4-1637-404c-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> データ: -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\rcores|ImagePath (PUP.Optional.Score.A) -> データ: C:\Windows\rcore.exe -> 何の措置も取られませんでした。
HKLM\SYSTEM\CurrentControlSet\Services\serverjo|ImagePath (PUP.Optional.JOSrv.A) -> データ: C:\Users\mina\AppData\Roaming\VOPackage\JOSrv.exe -> 何の措置も取られませんでした。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 13
C:\Program Files\shopperz (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\content (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\content\libraries (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\content\resources (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\locale (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\locale\en-US (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\chrome\skin (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\defaults (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\Firefox\defaults\preferences (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar (PUP.Optional.MagnoPlayer.A) -> 何の措置も取られませんでした。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10 (PUP.Optional.MagnoPlayer.A) -> 何の措置も取られませんでした。

ファイルの検出: 48
C:\Program Files\shopperz\mseff32.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SALaesCheaCker\Cx5qcgV4mXoZCM.dll.vir (PUP.Optional.Multiplug.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SALaesCheaCker\Cx5qcgV4mXoZCM.x64.dll.vir (PUP.Optional.Multiplug) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir (PUP.Optional.BrowserWatch) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir (PUP.Optional.BrowserWatch) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir (PUP.Optional.SearchProtect) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir (PUP.Optional.ELEX) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir (PUP.Optional.XTab.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir (PUP.Optional.WindowsProtectManger.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Users\mina\AppData\Local\Bundled software uninstaller\biclient.exe.vir (PUP.Optional.Somoto.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Users\mina\AppData\Roaming\OpenCandy\67C5FE061E024EBBA7490BF0021ED2B4\DeltaTB.exe.vir (PUP.Optional.Babylon.A) -> 何の措置も取られませんでした。
C:\Program Files (x86)\coolsoft\coolsoft.dll (PUP.Optional.Multiplug) -> 何の措置も取られませんでした。
C:\ProgramData\{5607b239-cde7-2171-5607-7b239cdec8e7}\optimizerpro.exe (PUP.Optional.OptimizerPro) -> 何の措置も取られませんでした。
C:\ProgramData\{dfad0aa7-78db-5eb2-dfad-d0aa778d2a9d}\optimizerpro.exe (PUP.Optional.OptimizerPro) -> 何の措置も取られませんでした。
C:\Users\mina\Desktop\新しいフォルダー\ともちん動画ラジオ\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe (PUP.Optional.Softonic) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\DownloadManagerSetup.exe (PUP.Optional.Bundler) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\Fanjofey-Ah Font.exe (PUP.Optional.InstallRex) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\Fanjofey-Leoda-Ah Font.exe (PUP.Optional.InstallRex) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\FileOpenerSetup.exe (PUP.Optional.AdlSoft) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\FLVPlayerSetup-7Wk1XME.exe (PUP.Optional.Somoto) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\SoftonicDownloader_for_radika.exe (PUP.Optional.Softonic) -> 何の措置も取られませんでした。
C:\Users\mina\Downloads\Tolkien Font.exe (PUP.Optional.InstallRex) -> 何の措置も取られませんでした。
C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage (PUP.Optional.Tikotin.A) -> 何の措置も取られませんでした。
C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage-journal (PUP.Optional.Tikotin.A) -> 何の措置も取られませんでした。
C:\Windows\Tasks\Digital Sites.job (PUP.Optional.DigitalSites.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\nseven.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\csrcc.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\garrus.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\grunt.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\kasumi32.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\kasumi64.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\krios.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\krios64.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\liara.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\liara64.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\nfregdrv64.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\prc64.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\prexec.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\spdata.dat (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\tree.js (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\tsoni.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\tsoni64.dll (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\unins000.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\wrex.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Program Files\shopperz\wrex64.exe (PUP.Optional.Shopperz.A) -> 何の措置も取られませんでした。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10\user.config (PUP.Optional.MagnoPlayer.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Windows\rcore.exe.vir (Trojan.Agent) -> 正常に隔離され削除されました。

(終)
  • 2015/04/12 (Sun) 08:51:00
返信フォームへ 
MBAMでの駆除ができていません
ログを確認いたしました。
検出はできていますが、駆除にチェックが入っていなかったためほとんど駆除されていません。
MBAMの設定を行い、再度スキャン→駆除を行ってください。
MBAMを開き、設定タブを開いてください。
スキャン設定のタブを開き、不審なプログラム(PUP)への処置の項目、
不審な変更(PUM)への処置の項目、ピアツーピアプログラム(P2P)への項目の3項目すべてを
詳細リストに表示して「除去」にチェックへと変更してください。
その後再度フルスキャン→駆除を行ってください。
これで全部消えるはずですので、駆除後のログをご提示ください。
  • IVNO
  • MAIL
  • 2015/04/13 (Mon) 21:30:55
返信フォームへ 
度々すみません。
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2015.04.11.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17691
mina :: ASPIRE5750 [管理者]

2015/04/13 23:01:53
mbam-log-2015-04-13 (23-01-53).txt

スキャンタイプ: フルスキャン (C:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM) | ピア・ツー・ピアプログラム(P2P)
無効なスキャン領域:
スキャンしたアイテム数: 645296
経過時間: 1 時間, 47 分, 45 秒

メモリプロセスの検出: 4
C:\Program Files\shopperz\csrcc.exe (PUP.Optional.Shopperz.A) -> 424 -> 再起動後に削除されます。
C:\Program Files\shopperz\grunt.exe (PUP.Optional.Shopperz.A) -> 1644 -> 再起動後に削除されます。
C:\Program Files\shopperz\wrex.exe (PUP.Optional.Shopperz.A) -> 1788 -> 再起動後に削除されます。
C:\Program Files\shopperz\wrex64.exe (PUP.Optional.Shopperz.A) -> 1912 -> 再起動後に削除されます。

メモリモジュールの検出: 4
C:\Program Files\shopperz\kasumi32.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\krios.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\liara.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\tsoni.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。

レジストリキーの検出: 22
HKCR\CLSID\{5081D2D4-1637-404c-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCR\Extension.jshep.1 (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCR\Extension.jshep (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> 正常に隔離され削除されました。
HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09} (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
HKLM\SOFTWARE\QuickRef_1.10.0.8 (PUP.Optional.QuickRef.A) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Wow6432Node\shopperz (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
HKLM\SYSTEM\CurrentControlSet\Services\cherimoya (PUP.Optional.cherimoya.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service (PUP.Optional.IHProtect.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\qrnfd_1_10_0_8 (PUP.Optional.QuickRef.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\shopperz Updater (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\{feff35ba-2139-454f-bd8e-bc1ab8b3774d}Gw64 (PUP.Optional.Sanbreel.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCORES (PUP.Optional.Score.A) -> 正常に隔離され削除されました。
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVERJO (PUP.Optional.JOSrv.A) -> 正常に隔離され削除されました。
HKLM\Software\shopperz (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
HKLM\System\CurrentControlSet\Services\70F4EEDB-1367-4b4f-8247-3133551A7415 (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
HKCR\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCR\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCR\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
HKCR\Interface\{D1661A59-E9D3-4603-8822-2FBEADA5E097} (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。

レジストリ値の検出: 4
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{5081D2D4-1637-404C-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> データ: C:\Program Files\shopperz\Firefox -> 正常に隔離され削除されました。
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{5081D2D4-1637-404c-B74F-50526718257D} (PUP.Optional.Shopperz.A) -> データ: -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\rcores|ImagePath (PUP.Optional.Score.A) -> データ: C:\Windows\rcore.exe -> 正常に隔離され削除されました。
HKLM\SYSTEM\CurrentControlSet\Services\serverjo|ImagePath (PUP.Optional.JOSrv.A) -> データ: C:\Users\mina\AppData\Roaming\VOPackage\JOSrv.exe -> 正常に隔離され削除されました。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 13
C:\Program Files\shopperz (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\Firefox (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\content (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\content\libraries (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\content\resources (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\locale (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\locale\en-US (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\chrome\skin (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\defaults (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\Firefox\defaults\preferences (PUP.Optional.Shopperz.A) -> 正常に隔離され削除されました。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar (PUP.Optional.MagnoPlayer.A) -> 正常に隔離され削除されました。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10 (PUP.Optional.MagnoPlayer.A) -> 正常に隔離され削除されました。

ファイルの検出: 47
C:\Program Files\shopperz\mseff32.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SALaesCheaCker\Cx5qcgV4mXoZCM.dll.vir (PUP.Optional.Multiplug.A) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SALaesCheaCker\Cx5qcgV4mXoZCM.x64.dll.vir (PUP.Optional.Multiplug) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir (PUP.Optional.BrowserWatch) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir (PUP.Optional.BrowserWatch) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir (PUP.Optional.SearchProtect) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir (PUP.Optional.ELEX) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir (PUP.Optional.XTab.A) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir (PUP.Optional.WindowsProtectManger.A) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Users\mina\AppData\Local\Bundled software uninstaller\biclient.exe.vir (PUP.Optional.Somoto.A) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Users\mina\AppData\Roaming\OpenCandy\67C5FE061E024EBBA7490BF0021ED2B4\DeltaTB.exe.vir (PUP.Optional.Babylon.A) -> 正常に隔離され削除されました。
C:\Program Files (x86)\coolsoft\coolsoft.dll (PUP.Optional.Multiplug) -> 正常に隔離され削除されました。
C:\ProgramData\{5607b239-cde7-2171-5607-7b239cdec8e7}\optimizerpro.exe (PUP.Optional.OptimizerPro) -> 正常に隔離され削除されました。
C:\ProgramData\{dfad0aa7-78db-5eb2-dfad-d0aa778d2a9d}\optimizerpro.exe (PUP.Optional.OptimizerPro) -> 正常に隔離され削除されました。
C:\Users\mina\Desktop\新しいフォルダー\ともちん動画ラジオ\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe (PUP.Optional.Softonic) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\DownloadManagerSetup.exe (PUP.Optional.Bundler) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\Fanjofey-Ah Font.exe (PUP.Optional.InstallRex) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\Fanjofey-Leoda-Ah Font.exe (PUP.Optional.InstallRex) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\FileOpenerSetup.exe (PUP.Optional.AdlSoft) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\FLVPlayerSetup-7Wk1XME.exe (PUP.Optional.Somoto) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\SoftonicDownloader_for_radika.exe (PUP.Optional.Softonic) -> 正常に隔離され削除されました。
C:\Users\mina\Downloads\Tolkien Font.exe (PUP.Optional.InstallRex) -> 正常に隔離され削除されました。
C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage (PUP.Optional.Tikotin.A) -> 正常に隔離され削除されました。
C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_tikotin.com_0.localstorage-journal (PUP.Optional.Tikotin.A) -> 正常に隔離され削除されました。
C:\Windows\Tasks\Digital Sites.job (PUP.Optional.DigitalSites.A) -> 正常に隔離され削除されました。
C:\Program Files\shopperz\nseven.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\csrcc.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\garrus.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\grunt.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\kasumi32.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\kasumi64.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\krios.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\krios64.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\liara.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\liara64.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\nfregdrv64.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\prc64.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\prexec.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\spdata.dat (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\tree.js (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\tsoni.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\tsoni64.dll (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\unins000.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\wrex.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Program Files\shopperz\wrex64.exe (PUP.Optional.Shopperz.A) -> 再起動後に削除されます。
C:\Users\mina\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10\user.config (PUP.Optional.MagnoPlayer.A) -> 正常に隔離され削除されました。

(終)
  • 2015/04/14 (Tue) 00:54:36
返信フォームへ 
MBAMは削除しHPとOTLでスキャンを
遅くなりました。
MBAMの結果は良好です。
MBAMは必要ありませんので、導入時の指示に従って削除なされてください。

以下のソフトウェアをご用意ください。

HerdProtect(通称:HP)
http://www.herdprotect.com/downloads.aspx
インストール版でもポータブル版でも構いません。
インストール版の場合、アンインストールの際は、セーフモードでGeekを利用してアンインストールされてください。
また、トレンドマイクロのウイルスバスターとの相性が悪いとの報告も受けております。
相性の問題でスキャンが正常にできないときは、その旨をご報告ください。
さらに、本ソフトウェアにより検出されたものすべてがマルウェアと言うわけではありません。
HPは駆除機能もありますが、まずは駆除は行わず、検出のみに使用いたします。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

準備ができましたら、まずゲームのインストーラーなど、極端に重たいファイルがある場合は、
そちらの不要ファイルを事前にPC内から手動削除し、ごみ箱からも消しておいてください。
これらをHPが不審プログラムとして拾うと、1日や2日は平気でスキャンにかかってしまいます。
PCが通常モードで起動していることを確認し、HerdProtectを起動させます。
ソフトウェアの特性として、ファイルのスキャンにインターネット回線を利用します。
インターネット回線がご利用できないセーフモード時では正常に動作しませんので、
セーフモードで起動中の場合は通常モードに切り替えてください。
Scanボタンがありますので、こちらを押してスキャンを行ってください。
スキャンに必要な情報を収集したり、発見された不審なソフトウェアを
各種セキュリティソフトで調査している間は、スキャン作業が停止します。
スキャンが進行しないからと言ってフリーズしたわけではありませんので、
スキャンが完了するまで今しばらくお待ちください。
スキャンが完了しましたらスキャン結果が表示されますので、
画面右上にあるSave resultsという文字をクリックしてログを出力してください。
ログは任意のお名前をつけて、分かりやすいところに保存してください。

以下をメモ帳にコピペしてください。

------コピペこの下より------
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、任意のお名前をつけて分かりやすい場所に保存されてください。
保存が完了しましたら、PCをセーフモードで起動させてください。
OTLを起動させ、表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に先ほど保存したメモ帳の内容を貼り付けてください。
コピペが完了しましたらメモ帳を終了させ、[Run Scan]をクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、こちら2つと先に保存したHPのログを貼り付けてご連絡ください。
なお、OTLもHPもその特性上、非常に長文となりがちです。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、ローマ字換算で約6万文字です。
(より正確には件名を含めてJIS換算65,535バイトまで。全角文字・全角記号2バイト、
半角文字・半角記号1バイト、絵文字等特殊文字3バイト)
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • MAIL
  • 2015/04/15 (Wed) 04:05:00
返信フォームへ 
HPログ
Saved date: 2015/04/16 23:16:07
Files detected: 108
Files scanned: 10,253
Processes scanned: 76
Modules scanned: 696
ASEPs scanned: 466
Downloads scanned: 0
Deep analysis: 3/0
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\krios.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: 45066c71674d7bbe856a87c96dd1455e
SHA-1: 6051713d313ff606fd60f5d69fdd243c4c85de08
Created: 2015/02/09 1:44:06
Detections: 7
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- ESET NOD32 as Win32/Toolbar.Perion.K potentially unwanted application (Adware)
- K7 Gateway Antivirus as DoS-Trojan (Undefined)
- IKARUS anti.virus as PUA.Toolbar.BitCocktail (Adware)
- VIPRE Antivirus as Threat.4729122 (Undefined)
- Avira AntiVirus as TR/Trash.Gen (Undefined)
- Kaspersky as Packed.Win32.Krap

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\liara.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: 0c9ece4541cec1ac2968e81db085ace1
SHA-1: ec764ea6375a5f31aa632e52869aaefc6597fc60
Created: 2015/02/09 1:44:05
Detections: 7
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- IKARUS anti.virus as PUA.Toolbar.BitCocktail (Adware)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- ESET NOD32 as Win32/Toolbar.BitCocktail.C potentially unwanted application (Adware)
- Dr.Web as Adware.Shopper.821 (Adware)
- avast! as Win32:Malware-gen (Undefined)
- NANO AntiVirus as Riskware.Win32.Shopper.dkkcao (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\kasumi32.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: 55470099dbf411c2b932f8bb5467ac89
SHA-1: 37d5d19cb4c4030db0cfad2d2ce8adc9375c4315
Created: 2015/02/09 1:44:05
Detections: 5
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- ESET NOD32 as Win32/Toolbar.BitCocktail.C potentially unwanted application (Adware)
- Baidu Antivirus as PUA.Win32.BitCocktail (Adware)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- AVG as Jabuticaba (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\tsoni.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: f6b80e1b45ef28241e092dd0a3eac6af
SHA-1: bdb28beb1af6916efd0302b23a8a998d8aa0df54
Created: 2015/02/09 1:44:06
Detections: 10
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- Emsisoft Anti-Malware as Adware.Shopperz (Adware)
- VIPRE Antivirus as Threat.4729122 (Undefined)
- Lavasoft Ad-Aware as Adware.Shopperz.A (Adware)
- F-Secure as Adware.Shopperz.A (Adware)
- Kaspersky as Packed.Win32.Krap
- nProtect as Adware.Shopperz.A (Adware)
- Bitdefender as Adware.Shopperz.A (Adware)
- Avira AntiVirus as TR/Trash.Gen (Undefined)
- G Data as Adware.Shopperz (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\acer\acer updater\updaterservice.exe
Publisher: Acer Incorporated
Signer: Acer Incorporated
MD5: 6bcee9c766815bfff89de7d81af34ce1
SHA-1: 8943d374422de5badb00ad090eb0046aa6791cb6
Created: 2011/04/21 22:10:01
Detections: 1
Determination: Ignore detections (false positive)
- NANO AntiVirus as Trojan.Win32.IframeExec.bsjqwz (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\csrcc.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 5249c31c38279039d49b77102a3cce59
SHA-1: 10465bbe845b72452bf9f2666033b4389534170f
Created: 2015/02/09 1:38:33
Detections: 2
Determination: Adware
- Qihoo 360 Security as HEUR/QVM10.1.Malware.Gen (Undefined)
- Reason Heuristics as PUP.Service.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\krios64.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: f99e5f75146241a197e7d2a6ec79aa40
SHA-1: 288e09d0335790ccb608d0d1408bd2c6283b4acb
Created: 2015/02/09 1:44:06
Detections: 4
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- Avira AntiVirus as TR/Dropper.Gen (Undefined)
- ESET NOD32 as Win32/Toolbar.Perion.K potentially unwanted application (Adware)
- Dr.Web as Adware.Shopper.821 (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\wrex.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 9006980fd6e313b9afffcd2132694023
SHA-1: 38ebe22958f0c838404fbc9a333a4f80ff1c7307
Created: 2015/02/09 1:44:05
Detections: 10
Determination: Adware
- MicroWorld eScan as Gen:Variant.Graftor.160428 (Undefined)
- Bitdefender as Gen:Variant.Graftor.160428 (Undefined)
- Agnitum Outpost as Trojan.Graftor (Undefined)
- Lavasoft Ad-Aware as Gen:Variant.Graftor.160428 (Undefined)
- Emsisoft Anti-Malware as Gen:Variant.Graftor.160428 (Undefined)
- F-Secure as Gen:Variant.Graftor.160428 (Undefined)
- G Data as Gen:Variant.Graftor.160428 (Undefined)
- IKARUS anti.virus as Win32.SuspectCrc (Undefined)
- Qihoo 360 Security as HEUR/QVM10.1.Malware.Gen (Undefined)
- Reason Heuristics as PUP.Startup.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\grunt.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 9393faecb8e15b38ebca27d1e90f7f69
SHA-1: adc70f7a4fbfaab0bf8ab8de015af30060ef1368
Created: 2015/02/09 1:44:06
Detections: 2
Determination: Adware
- Qihoo 360 Security as HEUR/QVM10.1.Malware.Gen (Undefined)
- Reason Heuristics as PUP.Service.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ascentive\pc speedscan pro\pcspeedscan.exe
Publisher: Ascentive LLC
Signer: Ascentive LLC
MD5: ecedc69e06f653be3b308d66ffbb43d6
SHA-1: 42da12c42ef73ea972e4043b9f6f8d7cc5034b16
Created: 2014/07/22 18:37:58
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Ascentive.L (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ascentive\pc speedscan pro\ssres.dll
Publisher: Ascentive LLC
MD5: 8b881b6cd061d179eb3d2d8a66cc1367
SHA-1: fec7533c0a4e23d6df93b7b9d89c1c39f8fde8b3
Created: 2014/07/22 18:38:02
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Ascentive.F (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\liara64.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: 1d8a54fb65e33a11832dce45411946db
SHA-1: 99cfdb9f0e0f07e62b11a834dd990dac0839ca32
Created: 2015/02/09 1:44:06
Detections: 4
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- ESET NOD32 as Win64/Toolbar.Perion.B potentially unwanted application (Adware)
- Dr.Web as Adware.Shopper.821 (Adware)
- avast! as Win64:Malware-gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\kasumi64.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: f3934ce23587ca3a7c9fa1fbf64feb99
SHA-1: 4585449655f27c5455365f33029c63d265807f91
Created: 2015/02/09 1:44:05
Detections: 10
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- ESET NOD32 as Win64/Toolbar.Perion.B potentially unwanted application (Adware)
- F-Secure as Adware.Shopperz.A (Adware)
- Dr.Web as Adware.Shopper.863 (Adware)
- Lavasoft Ad-Aware as Adware.Shopperz.A (Adware)
- Emsisoft Anti-Malware as Adware.Shopperz (Adware)
- MicroWorld eScan as Adware.Shopperz.A (Adware)
- nProtect as Adware.Shopperz.A (Adware)
- Bitdefender as Adware.Shopperz.A (Adware)
- G Data as Adware.Shopperz (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\tsoni64.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: fa3aaa985f868438311ee6cbde44cc92
SHA-1: 613e5c863bb3bdce399e4b957f3de9af4b4aada4
Created: 2015/02/09 1:44:06
Detections: 9
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)
- Dr.Web as Adware.Shopper.863 (Adware)
- F-Secure as Adware.Shopperz.A (Adware)
- Lavasoft Ad-Aware as Adware.Shopperz.A (Adware)
- Emsisoft Anti-Malware as Adware.Shopperz (Adware)
- MicroWorld eScan as Adware.Shopperz.A (Adware)
- nProtect as Adware.Shopperz.A (Adware)
- Bitdefender as Adware.Shopperz.A (Adware)
- G Data as Adware.Shopperz (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\wrex64.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 9acbf6a54714908ae4b70e6f26a5c7a3
SHA-1: f148f587b4d6b787f8b790a04569588d35b5f673
Created: 2015/02/09 1:44:05
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Startup.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\affmlfjaccgajlhglnhfhfaiohelbmec\209\manifest.json
Publisher:
MD5: 61d76e102433f4ba8734959ac66f9322
SHA-1: ccdd3788619fea0a42556d1d235d3bbb3d95fe27
Created: 2015/03/02 1:23:52
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\manifest.json
Publisher:
MD5: 0bbe417460075bdd8b42b3e04e936a02
SHA-1: 93b022ad36611ffb7ff14a37b91aa45a8cebee0a
Created: 2015/02/05 22:18:14
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\manifest.json
Publisher:
MD5: 93e34b017b195ac98aba32e64eede9f2
SHA-1: bfa2f63a3c2189cdb8696422f2fd9d4be2f2dbe5
Created: 2015/02/05 22:18:16
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\eablgejicbklomgaiclcolfilbkckngf\1.1.5_0\manifest.json
Publisher:
MD5: afac11680ffc86b177751a654584133d
SHA-1: 45c17621623e7f440f95896d25fc4b6b29144e34
Created: 2014/07/30 22:55:38
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Chrome.Extension.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\manifest.json
Publisher:
MD5: 811270357e66e5cd5b32f1a3edfdddef
SHA-1: bec0edc282d5d83108711499285be87a825b0a5d
Created: 2014/07/30 22:29:36
Detections: 1
Determination: Adware
- Reason as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\manifest.json
Publisher:
MD5: 2d922aa30def0a058f85601f8acb5ce5
SHA-1: 62f069a274a987013c2c75ad46a4487355b0dea2
Created: 2014/07/30 22:20:14
Detections: 1
Determination: Adware
- Reason as PUP.Chrome.Extension (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\temp\quarantine.exe
Publisher:
MD5: 25d7fa2fb41b98bc2f1e5ae69b6a68c1
SHA-1: db045d8c9d2f61d9e569a9343f66840848b202c2
Created: 2014/11/08 17:33:34
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Backdoor.Win32.DarkKomet.b!1075356506 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\temp\is765589038\049ae7e3_stp\sqlite3.dll
Publisher:
MD5: 2db34c7d07707168429b0b2633ff75c0
SHA-1: 0b29505703900208db71e8d8ae0e675fac2c4d57
Created: 2014/12/02 16:09:00
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\temp\yontoolayers\manifest.json
Publisher:
MD5: cc20c74e78136f35fcc5bdceccc5b060
SHA-1: 09633fc57bc67ac36523aa8da16b1fa868c65d36
Created: 2011/12/22 6:00:33
Detections: 1
Determination: Adware
- Reason Heuristics as Adware.Yontoo.ChromePlugin.M (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\adwcleaner.exe
Publisher:
MD5: cc198634bcaef99c50277cc81b14ab27
SHA-1: 68b8752571fa1af4c3624712314325ab607a7473
Created: 2013/07/13 22:19:17
Detections: 4
Determination: Ignore detections (false positive)
- CMC Antivirus as Trojan.Win32.Generic!O (Undefined)
- F-Prot as W32/Undefined.Threat
- Kingsoft AntiVirus as Win32.Troj.Undef.(kcloud) (Undefined)
- Rising Antivirus as AU3SCRIPT:Dropper.Insrun!1.9E21 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\chorokuf128a.exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: ab8132bb986a626a7aba2cf08d611c56
SHA-1: 2d1ee43f2758cf9b7933c34bdd58c63081eded43
Created: 2014/09/09 1:31:37
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\fileopenersetup (1).exe
Publisher: Internet
Signer: Moca Service (New Media Holdings Ltd.)
MD5: 76721845b501de8925878c99e12b5b85
SHA-1: d490cdb21ec638d17f33823a9029802d68ce448e
Created: 2015/04/07 22:02:16
Detections: 9
Determination: Adware
- Reason Heuristics as PUP.Installer.NewMedia.Installer (Adware)
- Dr.Web as Trojan.InstallCore.271 (Adware)
- ESET NOD32 as Win32/InstallCore.YV potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- Comodo Security as Application.Win32.InstallCore.DQT (Adware)
- AVG as InstallCore (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\fileopenersetup (2).exe
Publisher: Internet
Signer: Moca Service (New Media Holdings Ltd.)
MD5: d884cd4e27388cb273e7de01d885fded
SHA-1: cd79edbb4b775de3f47d98b3d4b852d40e85b324
Created: 2015/04/07 22:08:18
Detections: 10
Determination: Adware
- Reason Heuristics as PUP.Installer.NewMedia.Installer (Adware)
- Dr.Web as Trojan.InstallCore.271 (Adware)
- ESET NOD32 as Win32/InstallCore.YV potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- Comodo Security as Application.Win32.InstallCore.DQT (Adware)
- Avira AntiVirus as PUA/InstallCore.BC.107 (Adware)
- AVG as InstallCore (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\fileopenersetup (3).exe
Publisher: App Program
Signer: Moca Service (New Media Holdings Ltd.)
MD5: b81a1385d37866de7b6b6971c832e60b
SHA-1: 597f79e0c00a2a85adbd5898e6d18ee53f10992a
Created: 2015/04/10 21:40:41
Detections: 8
Determination: Adware
- Reason Heuristics as PUP.Installer.NewMedia.Installer (Adware)
- ESET NOD32 as Win32/InstallCore.YV potentially unwanted application (Adware)
- Dr.Web as Trojan.InstallCore.271 (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- AVG as InstallCore (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\file_extractor_4.exe
Publisher:
Signer: Fried Cookie Ltd
MD5: dc4344aa71db7e709fcf4ef4e407c5fd
SHA-1: fabd77dce443d70b167190c8df7b39ebc40d5c25
Created: 2013/09/12 3:29:57
Detections: 10
Determination: Adware
- F-Prot as W32/InstallCore.N.gen (Adware)
- Norman as FakeNSIS.A (Undefined)
- Avira AntiVirus as Adware/Install.DF.2 (Adware)
- Antiy Labs AVL as Trojan/Win32.SGeneric (Undefined)
- ESET NOD32 as Win32/InstallCore.BA (variant) (Adware)
- Rising Antivirus as PE:Malware.XPACK-LNR/Heur!1.5594 (Undefined)
- Reason Heuristics as PUP.FriedCookie.CC (Adware)
- VIPRE Antivirus as InstallCore (Adware)
- Vba32 AntiVirus as Adware.InstallCore.gen (Adware)
- Fortinet FortiGate as Riskware/InstallCore (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\gomencodersetup_jpn.exe
Publisher: Gretech Corp.
Signer: GRETECH
MD5: 7984be162afae43878c0cee581556f10
SHA-1: 8d19ced30a2e340976904b0169e6d9eaeb415dc6
Created: 2013/03/15 2:24:12
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Installer.T (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\gomplayerjpsetup.exe
Publisher: Gretech Corporation
Signer: GRETECH
MD5: 90ccf193a08f63033e267429407e7d7b
SHA-1: c1b59aac3c0ec4b78298e6aa08336642ba0f8978
Created: 2013/03/15 2:19:31
Detections: 2
Determination: Adware
- Reason Heuristics as Threat.Installer.GRETECH (Undefined)
- ESET NOD32 as Win32/Bundled.Toolbar.Google (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\imageresizersetup.exe
Publisher: App Program
Signer: Moca Service (New Media Holdings Ltd.)
MD5: 56e856d2faa3d40174787f4ea8c6c7be
SHA-1: 11d96307408aed6bf2aba9e266736b5c5e8db6a5
Created: 2015/04/10 21:12:15
Detections: 8
Determination: Adware
- Reason Heuristics as PUP.Installer.NewMedia.Installer (Adware)
- Dr.Web as Trojan.InstallCore.271 (Adware)
- ESET NOD32 as Win32/InstallCore.YV potentially unwanted application (Adware)
- VIPRE Antivirus as Threat.4786018 (Undefined)
- Bkav FE as W32.HfsAdware (Adware)
- K7 Gateway Antivirus as Unwanted-Program (Adware)
- K7 AntiVirus as Unwanted-Program (Adware)
- AVG as InstallCore (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\lpls159.exe
Publisher:
MD5: c32d41f732157a8802c9215789623551
SHA-1: e7a3240a750fd0e7f1f174bf1743e21ceca81c36
Created: 2015/01/09 16:54:00
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.StartPage.7 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\rpadic403f.exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: 5960fc72a2c2ca28ddb594a4503a94e6
SHA-1: 206d194bfa283557f9d7abffce287b959ca48651
Created: 2012/10/19 22:31:19
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\setupdvddecrypter_3.5.4.0.exe
Publisher:
MD5: 78d806097da8e8b8d595827cccddf6d9
SHA-1: 4cd617d8bdad9b2175b1cf688780945ec5f2335d
Created: 2015/01/09 16:51:09
Detections: 1
Determination: Ignore detections (false positive)
- XVirus List as Win.Detected (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\woopie_video_desktop_3.6.3.exe
Publisher:
Signer: Beijing AJ Technology Co., Ltd
MD5: 89c26c1aa35888b4be680303c922d3a5
SHA-1: 9a6f1c1e8d70766e853522357a1bfb6ac7cca89b
Created: 2011/11/08 12:00:27
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.Downloader.gen.h (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\a-downloader701\a-downloader701.exe
Publisher: Area61.NET
MD5: 239e5be3f8bd6f79983ee284c793ebb5
SHA-1: 17e20d90cb25caa4b1498244d43d3300750a14f3
Created: 2011/12/21 12:28:40
Detections: 2
Determination: Inconclusive
- Dr.Web as Trojan.DownLoader2.5941 (Undefined)
- AVG as Dropper.Generic3 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\desktopcap_trial\desktopcap_trial\desktopcap_trial.exe
Publisher:
MD5: 357bb47b1634b777d23591aaddc11651
SHA-1: 0aca6d01d4e664626cc5c3a5059751d945d4c8fb
Created: 2014/03/24 19:58:04
Detections: 2
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)
- Vba32 AntiVirus as suspected of Trojan.StartPage.7 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\desktopcap_trial\desktopcap_trial\セットアップ.exe
Publisher:
MD5: 5c5b98dea1e4a3bcac43b1285a30dc3a
SHA-1: fc393733eb4cfd3ed76b393eba540bcfae8621a9
Created: 2014/03/25 12:19:34
Detections: 1
Determination: Inconclusive
- AhnLab V3 Security as Trojan/Win32.Batist (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\nicoliverec_trial (1)\nicoliverec_trial\nicoliverec_trial.exe
Publisher:
MD5: 24dcf4df8184cd94afac4b38a72919dc
SHA-1: 1f46231b8b1914a48bc2f54a572ca75001db5658
Created: 2014/03/07 12:05:02
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.StartPage.7 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\nicoliverec_trial (2)\nicoliverec_trial\nicoliverec_trial.exe
Publisher:
MD5: 24dcf4df8184cd94afac4b38a72919dc
SHA-1: 1f46231b8b1914a48bc2f54a572ca75001db5658
Created: 2014/03/07 12:05:02
Detections: 1
Determination: Ignore detections (false positive)
- Vba32 AntiVirus as suspected of Trojan.StartPage.7 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\zero_sencoda\cdda_ex.dll
Publisher:
MD5: 65f10a8708226828907cccc432557395
SHA-1: 87ed6204d92e88ea8f213452dae551d4a95b6b43
Created: 2012/05/14 22:55:05
Detections: 1
Determination: Ignore detections (false positive)
- Comodo Security as Heur.Packed.Unknown

---------------------------------------------------------------------------------

File path: c:\users\mina\downloads\zero_sencoda\writedialog.exe
Publisher:
MD5: de174b28b8c7be18308a3ce32630e3e4
SHA-1: b8e458a179f85703aa7c0eb14a08b41e12d7d4ab
Created: 2012/05/14 22:55:09
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Pedka (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\herdprotectscan_portable.exe
Publisher: Reason Company Software Inc.
Signer: Reason Software Company Inc.
MD5: e8cd7d40ac25ab4e28df71ccb55b0579
SHA-1: ec3e8de5acaa62fc56f2f062847c00342116466d
Created: 2015/04/16 21:06:07
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Malware.ArcadeWeb!6.727 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\hijackthis.exe
Publisher: Trend Micro Inc.
MD5: 47811d50390a86a17102d7496e6eabb9
SHA-1: 2623749cdb27887f6746acdee7e8065475f8b541
Created: 2015/04/09 21:36:50
Detections: 2
Determination: Ignore detections (false positive)
- Kingsoft AntiVirus as Win32.HeurC.KVM099.a.(kcloud) (Undefined)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\otl.exe
Publisher: OldTimer Tools
MD5: 4adcfee16ee9978f06157634669d36fb
SHA-1: 30b37076552e49276836d02dd73d038c27dbbee9
Created: 2015/04/16 21:08:21
Detections: 2
Determination: Ignore detections (false positive)
- Agnitum Outpost as Packed/PECompact
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\cprmdecrypter\c2dec.exe
Publisher:
MD5: ab002bbd977d8a8c37510e18e06b7ea0
SHA-1: 7e51208af79e579e74fdcf2060459d5858c1696d
Created: 2007/08/31 23:43:00
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Win32.Generic.12C95A81!315185793 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\cprmdecrypter\cprmdecrypter.exe
Publisher:
MD5: 0a9a2f9b52696476de1b06aaa4bd430c
SHA-1: 7289e3294e9949c02e4c49463245c28cc79b70c4
Created: 2008/03/02 18:54:12
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Win32.Generic.12C990BE!315199678 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\cprmdecrypter\ifocopy.exe
Publisher:
MD5: 31729b0636a243bcc7025836041bfcbe
SHA-1: ebb1720ed9a95bad471f7b45dc9aacd52200f8b8
Created: 2009/03/02 21:48:30
Detections: 2
Determination: Ignore detections (false positive)
- ViRobot as BAT.A.Qhost.16384 (Undefined)
- Rising Antivirus as PE:Trojan.Win32.Generic.12C96F14!315191060 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\cprmdecrypter\lernel32.dll
Publisher:
MD5: 09cbc8da01df309cd7f1d388e724be8a
SHA-1: 2d08a8d5ac56cb3a6a5f5468168d1b5d2d16a091
Created: 2007/08/13 16:55:12
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Win32.Generic.12C95E6C!315186796 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\cprmdecrypter\ren4splitmpg.exe
Publisher:
MD5: 7bd7153dcc191f9ded8d22dcc0411390
SHA-1: 48501c4d2fb9d555701868576319403ec1713403
Created: 2007/10/07 0:31:32
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Win32.Generic.12C95ADD!315185885 (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\documents\hanakumo_r\hanakumo.exe
Publisher:
MD5: 6e2b4a202aed73e29d765287303eb403
SHA-1: 523010331f1d7ad763fd5e7bae0332f78afa24a8
Created: 2014/03/05 3:27:14
Detections: 5
Determination: Adware
- The Hacker as Adware/BadJoke.Soup.b (Adware)
- Norman as Agent.AUAC (Undefined)
- Clam AntiVirus as Win.Trojan.Agent-52741 (Undefined)
- Agnitum Outpost as Trojan.HSP.A (Undefined)
- Comodo Security as UnclassifiedMalware (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\documents\nicopodder1_2_3_x86\ionic.zip.dll
Publisher: Microsoft
MD5: 2e6a5bb08f4d2b04c0857b8f506af198
SHA-1: db608225fc47c757223705792514220a46e8a294
Created: 2011/06/30 14:07:51
Detections: 1
Determination: Ignore detections (false positive)
- eSafe as Undefined

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\documents\vocalreducer121\basswma.dll
Publisher: Un4seen Developments
MD5: 5cccd784b856e47d2890bbe0d83562a5
SHA-1: 8dbe380b41c18bca2b0a580544cbaa79e4e0eb6c
Created: 2007/08/28 23:11:02
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\documents\vocalreducer121\wmafile.dll
Publisher:
MD5: 1f35f668e31a40285f961abc51f01a62
SHA-1: 7338a8432ea3053a62e9037564d646e8f93fb2de
Created: 2007/11/06 9:40:52
Detections: 1
Determination: Ignore detections (false positive)
- SUPERAntiSpyware as Trojan.Agent/Gen-Qhost (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\ともちん動画ラジオ\heroe\vidplayasetup_v2.exe
Publisher: Playswell, Inc.
Signer: Playswell, Inc.
MD5: 0d5f3e3ff517f1df693ca90659287dc9
SHA-1: 08116ed0d69abafce96e411b9308bddef011f991
Created: 2015/01/23 2:13:07
Detections: 2
Determination: Inconclusive
- Dr.Web as Adware.OpenCandy.4 (Adware)
- ESET NOD32 as Win32/OpenCandy (variant) (Adware)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\abrinst\abreceiver.exe
Publisher: BUFFALO INC.
MD5: a29078680743dd72376ac8a372dd15a4
SHA-1: f2bd0fc231ff4dc541dae6cc90c76a88b7603493
Created: 2011/06/30 14:19:02
Detections: 2
Determination: Ignore detections (false positive)
- Comodo Security as Heur.Suspicious
- VIPRE Antivirus as BehavesLike.Win32.Malware.rwx (mx-v) (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\abrinst\setup.exe
Publisher: BUFFALO INC.
MD5: 0e4f7c3e45fa0d12581202565b08c916
SHA-1: a4068f409ab3a5de82f61134de4db2d6e296e62f
Created: 2011/06/30 14:19:02
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Trojan.L

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\acdinst\setup.exe
Publisher: BUFFALO INC.
MD5: 0e4f7c3e45fa0d12581202565b08c916
SHA-1: a4068f409ab3a5de82f61134de4db2d6e296e62f
Created: 2011/06/30 14:19:02
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Trojan.L

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\airset\airset.exe
Publisher: BUFFALO INC.
Signer: BUFFALO INC.
MD5: 608b41b10d19fced3ce7d6554b1cacc8
SHA-1: 66ec9f57b0c7c7f73f0ed9cd276a746ea3c2f0bf
Created: 2011/06/30 14:19:03
Detections: 1
Determination: Ignore detections (false positive)
- Sunbelt AntiMalware as Porn-Dialer.Win32.CapreDeam.N (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\airset\bufadptn.sys
Publisher: BUFFALO INC.
MD5: 621a8e4e01897a168df37407959826db
SHA-1: b04567078cab8c90f2252e2e5dfe934e4c9bb67f
Created: 2011/06/30 14:19:03
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\airset\confproc.exe
Publisher: BUFFALO INC.
MD5: 1b795f233334bfeacc0d12b702e2ff7d
SHA-1: 5fa53c08e63f8a58da007219b7475d1f00954e97
Created: 2011/06/30 14:19:03
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\clientmgr3\confproc.exe
Publisher: BUFFALO INC.
MD5: 1b795f233334bfeacc0d12b702e2ff7d
SHA-1: 5fa53c08e63f8a58da007219b7475d1f00954e97
Created: 2011/06/30 14:19:05
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\clientmgr3\bwsvc\bufadptn.sys
Publisher: BUFFALO INC.
MD5: 621a8e4e01897a168df37407959826db
SHA-1: b04567078cab8c90f2252e2e5dfe934e4c9bb67f
Created: 2011/06/30 14:19:08
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\clientmgrv\bin\airmonv.exe
Publisher: BUFFALO INC.
MD5: cde7f0e90b48f244c03e253917131783
SHA-1: aef6003ada3ada4573336cbac31edc40ea3f6916
Created: 2011/06/30 14:19:11
Detections: 1
Determination: Ignore detections (false positive)
- Sunbelt AntiMalware as Trojan-PSW.Win32.OnLineGames.X (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\ecset\bufadptn.sys
Publisher: BUFFALO INC.
MD5: 621a8e4e01897a168df37407959826db
SHA-1: b04567078cab8c90f2252e2e5dfe934e4c9bb67f
Created: 2011/06/30 14:19:14
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\ecset\confproc.exe
Publisher: BUFFALO INC.
MD5: 1b795f233334bfeacc0d12b702e2ff7d
SHA-1: 5fa53c08e63f8a58da007219b7475d1f00954e97
Created: 2011/06/30 14:19:14
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\ethsetup\bufadptn.sys
Publisher: BUFFALO INC.
MD5: 621a8e4e01897a168df37407959826db
SHA-1: b04567078cab8c90f2252e2e5dfe934e4c9bb67f
Created: 2011/06/30 14:19:14
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Nonim (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\a\airnavi1054\win\tool\ethsetup\confproc.exe
Publisher: BUFFALO INC.
MD5: 1b795f233334bfeacc0d12b702e2ff7d
SHA-1: 5fa53c08e63f8a58da007219b7475d1f00954e97
Created: 2011/06/30 14:19:15
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.m (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\install\installerapp\x-application\x-application\japanese\issetup.dll
Publisher: Acresso Software Inc.
MD5: 1d3e0140a30fd4ebff79c9ff6e1c80ff
SHA-1: 87bdf23afb7b489257155ef91bcd73014de1235b
Created: 2011/12/19 23:26:36
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Packed.PECompact-1

---------------------------------------------------------------------------------

File path: c:\users\mina\desktop\新しいフォルダー\新しいフォルダ\nicopodder1_1_19_x86\ionic.zip.dll
Publisher: Microsoft
MD5: 2e6a5bb08f4d2b04c0857b8f506af198
SHA-1: db608225fc47c757223705792514220a46e8a294
Created: 2011/06/30 14:22:21
Detections: 1
Determination: Ignore detections (false positive)
- eSafe as Undefined

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\asctaskscheduler.dll
Publisher: Ascentive LLC
MD5: fa93a78266c8c7d9cf50db94a28a74e3
SHA-1: d010647dc5b13194ecabc3e72352dd858d5e2f6b
Created: 2013/09/26 16:19:32
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Ascentive.Q (Adware)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\iglhsip32.dll
Publisher: Intel Corporation
MD5: 9b53cd10412f905d3391f530415dd7c8
SHA-1: d52456fc82acc6f7ad4b88ae86c5f55354d4d4b9
Created: 2011/04/22 14:31:58
Detections: 1
Determination: Ignore detections (false positive)
- Emsisoft Anti-Malware as JS:Exploit.BlackHole.HB (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\iscsicpl.dll
Publisher: Microsoft Corporation
MD5: f945adcef203e6104aec8ec9c337cfd0
SHA-1: 85fe50b2c2fcbec2c09c5039c8f8c1d38523780a
Created: 2009/07/14 8:46:13
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoA (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\msderun.dll
Publisher: Microsoft Corporation
MD5: 3ccf24e43e8e8d802e52e9c9990ae335
SHA-1: 76d63a4f1291673812eca13d6faef0aad180e4d0
Created: 2011/07/02 22:13:14
Detections: 1
Determination: Ignore detections (false positive)
- XVirus List as Win.Detected (Undefined)

---------------------------------------------------------------------------------

File path: c:\windows\syswow64\sysrestore.dll
Publisher: Ascentive LLC
MD5: dd1305a66e418b77a6a1f0201bbcaa3a
SHA-1: bbaebd54cfae26cb2c6cb9b750f5fa535d880404
Created: 2013/05/29 17:25:42
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Ascentive.K (Adware)

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\reader\9.4\arm\17372\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\reader\9.4\arm\2015\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\adobe\reader\9.4\arm\8043\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\reader\9.4\arm\17372\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\reader\9.4\arm\2015\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\adobe\reader\9.4\arm\8043\adobearm.exe
Publisher: Adobe Systems Incorporated
Signer: Adobe Systems, Incorporated
MD5: 48be298f7fd1bef4d8fbacb04d8d95c4
SHA-1: 84d9a67a700a87c8c5ddd6b7dfc5eef70fa98020
Created: 2013/04/05 6:06:36
Detections: 2
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Swrort (Undefined)
- Boost by Reason as UnneededApp.Startup.AdobeSystemsorporated.I

---------------------------------------------------------------------------------

File path: c:\programdata\application data\sony corporation\sony packaging manager\packagingtemp\{a0414019-f99b-43b2-9adc-82ddd0a98325}\x-application\japanese\issetup.dll
Publisher: Flexera Software, Inc.
MD5: 940b4982e9c4e4a35970aed7c664601a
SHA-1: 780e49568ba754a751d235c372fd7f855564726f
Created: 2014/03/27 15:17:28
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\application data\temp\{01fb4998-33c4-4431-85ed-079e3eefe75d}\postbuild.exe
Publisher:
MD5: 11b0c4f03d271213ff01fe2a81bc7c6a
SHA-1: 03dd1973f24b6085a24487291876297ccd3e24d9
Created: 2011/05/06 22:55:25
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\sony corporation\sony packaging manager\packagingtemp\{a0414019-f99b-43b2-9adc-82ddd0a98325}\x-application\japanese\issetup.dll
Publisher: Flexera Software, Inc.
MD5: 940b4982e9c4e4a35970aed7c664601a
SHA-1: 780e49568ba754a751d235c372fd7f855564726f
Created: 2014/03/27 15:17:28
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.CDB (Undefined)

---------------------------------------------------------------------------------

File path: c:\programdata\temp\{01fb4998-33c4-4431-85ed-079e3eefe75d}\postbuild.exe
Publisher:
MD5: 11b0c4f03d271213ff01fe2a81bc7c6a
SHA-1: 03dd1973f24b6085a24487291876297ccd3e24d9
Created: 2011/05/06 22:55:25
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\users\mina\appdata\local\apps\2.0\data\nv4635qc.hzq\hm8nca59.3oo\unit...app_3ba2843229693745_0001.0000_88a324fdb122f223\data\unitywebplayer.exe
Publisher: Unity Technologies ApS
Signer: Unity Technologies ApS
MD5: d94bd72e1408ce7ffdbd560be837dd09
SHA-1: 6c81f58bac97935a3d4202a7e77908ad7153ab6a
Created: 2012/02/10 22:35:56
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.Dropper!6.3CE (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\chorokuf\chosche.exe
Publisher:
MD5: 315e1f3445df0fbaf397fd7c3d60feea
SHA-1: 54a2039918d2f79c0f377779bd3dd2fe5e62e696
Created: 2005/07/14 5:04:25
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\chorokuf\jword_plugin.exe
Publisher: web technology Corp.
http://www.webtech.co.jp/exepress/
MD5: b189bd00021e72894cf77ccc95270710
SHA-1: cbf5d4259f866d75863a1c1c0f27b028b2ae1aee
Created: 2005/03/16 10:24:54
Detections: 1
Determination: Inconclusive
- Sophos as CnsMin (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\garrus.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: ae56c210524befdc7653dedbc7daeda3
SHA-1: 1518ca0d83c269a64f865357e043fba1dd422e0f
Created: 2015/02/09 1:38:39
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\mseff32.dll
Publisher:
Signer: Jabuticaba Ltd
MD5: 108c67e49eda4f7638223ba6c360c08f
SHA-1: 839c3966113ca33feee51e14a1687a94eb19b558
Created: 2015/02/09 1:38:35
Detections: 9
Determination: Adware
- Reason Heuristics as PUP.BHO.Bitcocktail (Adware)
- Dr.Web as Adware.Shopper.863 (Adware)
- Emsisoft Anti-Malware as Adware.Shopperz (Adware)
- Lavasoft Ad-Aware as Adware.Shopperz.A (Adware)
- F-Secure as Adware.Shopperz.A (Adware)
- MicroWorld eScan as Adware.Shopperz.A (Adware)
- nProtect as Adware.Shopperz.A (Adware)
- Bitdefender as Adware.Shopperz.A (Adware)
- G Data as Adware.Shopperz (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\nfregdrv64.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: ee8f9cb5e7810cebdfdf54d3e7ae0983
SHA-1: 2c0e252efe362e6f68fc3e25aad8e9c27b4472cb
Created: 2015/02/09 1:38:34
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\nseven.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 5ee22ef09ffe290a1d93de4dca95cc21
SHA-1: edd4e103ffb9e30466f5009e97611403635b6bbe
Created: 2015/02/09 1:38:38
Detections: 2
Determination: Adware
- Qihoo 360 Security as HEUR/QVM10.1.Malware.Gen (Undefined)
- Reason Heuristics as PUP.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\prc64.exe
Publisher:
Signer: Jabuticaba Ltd
MD5: 2ac26ce268e612441166915e4adad21a
SHA-1: 2529994b0b33b7bc4a9f8caddbda4bd2b5d443aa
Created: 2015/02/09 1:38:32
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\prexec.exe
Publisher: TODO: <Company name>
Signer: Jabuticaba Ltd
MD5: 56d3d6421e09a31e398c4cf52b4c1ad8
SHA-1: b62eec13af71a514596e58751728df2b7bd786c5
Created: 2015/02/09 1:38:32
Detections: 1
Determination: Adware
- Reason Heuristics as PUP.Bitcocktail (Adware)

---------------------------------------------------------------------------------

File path: c:\program files\shopperz\unins000.exe
Publisher:
MD5: c77aafd65c74b9232c904950548762d8
SHA-1: 067b2e48da45d185aab16ceba6ea069cc60e0d96
Created: 2015/02/09 1:38:29
Detections: 3
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Obscu.Gen.001 (Undefined)
- Trend Micro House Call as Suspicious_GEN.F47V0119 (Undefined)
- Baidu Antivirus as Adware.Win32.Eorezo (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ascentive\pc speedscan pro\launcher.exe
Publisher: Ascentive LLC
MD5: de569d779309bd440c1cdbd4e6312cea
SHA-1: 2cc57418bdea6d1e56c8950f3ca9e915df58e5b7
Created: 2013/05/29 17:25:40
Detections: 2
Determination: Inconclusive
- CMC Antivirus as Heur.Win32.Veebee.3!O (Undefined)
- Reason Heuristics as PUP.Optional.Ascentive.I (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ascentive\pc speedscan pro\mailsupport.exe
Publisher: Ascentive LLC
Signer: Ascentive LLC
MD5: 6928abff58f0c3d8bbea23db9f1e97ec
SHA-1: 540b50e307a57fcb5880abb2bff116d2d83fac52
Created: 2013/09/26 16:50:14
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.Ascentive.L (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ascentive\pc speedscan pro\uninstall.exe
Publisher:
MD5: 0ea32619530b4ebab0770052f5fa3614
SHA-1: a54a5bbbe0aebfa84288b097fa28094d3b7e2f55
Created: 2015/04/05 16:28:26
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as BehavesLike.Win32.Backdoor.dc (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\autodesk\composite 2012\program\senddmp.exe
Publisher: Autodesk, Inc.
Signer: Autodesk, Inc.
MD5: 3c4e0a8b82808849d9bb000117ce2e48
SHA-1: ea11785250ca9cebd87b48ec3e94c358e7df25da
Created: 2011/03/03 0:31:54
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Patched.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\baidu\update\crashul.exe
Publisher: Baidu, Inc.
Signer: Baidu Online Network Technology (Beijing)Co., Ltd
MD5: 1a7048fd88c011904dfc011b96f5288d
SHA-1: 9ec5291b05fa9eea8445c18dc33057b81358ba99
Created: 2015/03/19 11:10:08
Detections: 25
Determination: UndefinedMalware
- Dr.Web as Win32.Runonce.6652 (Undefined)
- Microsoft Security Essentials as Threat.Undefined (Undefined)
- VIPRE Antivirus as Threat.219451 (Undefined)
- avast! as Win32:Oncer (Undefined)
- F-Prot as W32/Thecid.B@mm (Undefined)
- Clam AntiVirus as WIN.Worm.Brontok (Undefined)
- Quick Heal as W32.Runouce.B (Undefined)
- Malwarebytes as Virus.Chir (Undefined)
- Zillya! Antivirus as Worm.Runouce.Win32.2 (Undefined)
- K7 AntiVirus as EmailWorm (Undefined)
- K7 Gateway Antivirus as EmailWorm (Undefined)
- Norman as Malware (Undefined)
- Rising Antivirus as PE:Worm.ChineseHacker-2!23772 (Undefined)
- Comodo Security as EmailWorm.Win32.Runonce.~v001 (Undefined)
- McAfee Web Gateway as Heuristic.LooksLike.Win32.SuspiciousPE.J (Undefined)
- Sophos as W32/Chir-A (Undefined)
- Jiangmin as Win32/cnPeace.b (Undefined)
- Kingsoft AntiVirus as Win32.Type.b.6637 (Undefined)
- Commtouch SDK as W32/Thecid.B@mm (Undefined)
- AhnLab V3 Security as Win32/ChiHack.6652 (Undefined)
- Vba32 AntiVirus as Virus.Win32.Chur.A (Undefined)
- IKARUS anti.virus as Email-Worm.Win32.Runouce (Undefined)
- Qihoo 360 Security as Virus.Win32.CNHacker.C (Undefined)
- Emsisoft Anti-Malware as Generic.Malware.SWX!.702FE106 (Undefined)
- NANO AntiVirus as Trojan.Win32.Click.cquqqp (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\buffalo\clientmgrv\driver\netset32.exe
Publisher: BUFFALO INC.
MD5: c8fa85cdbc9231faf368a74ea3c520f9
SHA-1: 8ea2ad65a581634ece6ccbb1cb0ab0937a6f1f88
Created: 2011/06/04 22:40:07
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.l (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\common files\autodesk shared\directconnect2012\java\jre1.6.0_03\bin\java-rmi.exe
Publisher: Sun Microsystems, Inc.
MD5: f4ee0e9a3c8963528c8db929078e44ef
SHA-1: 67845507b439cf69caddafb7e0619dd4bb1dc786
Created: 2011/02/16 4:53:56
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Agent.tcq (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\common files\autodesk shared\directconnect2012\setup_dc\setup\setup\acdeltree.exe
Publisher: Autodesk, Inc.
Signer: Autodesk, Inc.
MD5: 60c83efcb40cdea9836d02445d02458f
SHA-1: ff54f67f0a1fcd5a0d67ff98f07ad8238d5b753a
Created: 2011/01/18 17:50:04
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Backdoor/Win32.Agent.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\common files\autodesk shared\directconnect2012\setup_dc\setup\setup\senddmp.exe
Publisher: Autodesk, Inc.
Signer: Autodesk, Inc.
MD5: 3c4e0a8b82808849d9bb000117ce2e48
SHA-1: ea11785250ca9cebd87b48ec3e94c358e7df25da
Created: 2011/01/18 17:44:34
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Patched.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\common files\oberon media\odyssey\2.0.0.29\odyssey.dll
Publisher: Oberon Media
Signer: Oberon Media Inc.
MD5: b4d62a48b95542bbcef81216beda3c86
SHA-1: e05d986dec439189e8e77968861860e1b2a645f7
Created: 2007/07/04 3:17:40
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Trojan/Win32.Generic.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\gretech\gomplayer\vsutil.dll
Publisher: Gretech Corp.
Signer: GRETECH
MD5: d0af9939daf22e3eba094daedd7c87d0
SHA-1: ac92b643e950b29eb8935867af18959a60131252
Created: 2011/05/17 9:49:30
Detections: 1
Determination: Inconclusive
- Reason Heuristics as PUP.Optional.GRETECH.G (Adware)
  • 2015/04/17 (Fri) 14:20:09
返信フォームへ 
OTLログ1
OTL logfile created on: 2015/04/17 13:55:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.86 Gb Total Physical Memory | 3.25 Gb Available Physical Memory | 84.34% Memory free
7.71 Gb Paging File | 7.14 Gb Available in Paging File | 92.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.07 Gb Total Space | 363.62 Gb Free Space | 62.58% Space Free | Partition Type: NTFS

Computer Name: ASPIRE5750 | User Name: mina | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/16 21:08:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mina\Desktop\OTL.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/03/13 12:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/02/09 01:39:20 | 000,036,344 | ---- | M] () [Unknown (-1) | Unknown] -- C:\Windows\SysNative\drivers\bsdriver.sys -- (bsdriver)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2011/02/22 21:00:46 | 000,873,064 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2011/01/31 13:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:[b]64bit:[/b] - [2010/10/08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\rundll32.exe -- (ff39eb65)
SRV - [2014/12/19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012/11/02 15:39:58 | 000,131,168 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2)
SRV - [2012/10/19 02:09:44 | 000,163,424 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2011/08/02 23:25:59 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/15 11:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/02/02 06:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/02 06:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/27 18:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/05/11 01:52:00 | 003,690,864 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009/07/09 10:18:24 | 000,126,328 | ---- | M] (BUFFALO INC.) [Auto | Stopped] -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe -- (BWH32S)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/02/09 01:39:20 | 000,036,344 | ---- | M] () [Unknown (-1) | Unknown (-1) | Running] -- C:\Windows\SysNative\drivers\bsdriver.sys -- (bsdriver)
DRV:[b]64bit:[/b] - [2015/01/09 16:22:47 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:[b]64bit:[/b] - [2015/01/06 12:38:12 | 000,060,376 | ---- | M] (Cherimoya Ltd) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\cherimoya.sys -- (cherimoya)
DRV:[b]64bit:[/b] - [2014/11/15 14:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/08/15 23:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/15 15:24:54 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2011/04/21 22:13:59 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2011/04/21 22:13:59 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2011/04/21 22:13:59 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2011/03/26 10:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/03/10 13:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2011/03/10 13:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2011/01/20 18:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:[b]64bit:[/b] - [2011/01/20 18:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:[b]64bit:[/b] - [2011/01/19 20:28:26 | 000,052,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:[b]64bit:[/b] - [2011/01/17 15:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011/01/13 18:22:24 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:[b]64bit:[/b] - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/09 19:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010/10/20 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/10/08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2010/09/13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/07/29 22:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2007/08/17 14:48:40 | 000,018,432 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bufeap64.sys -- (Bufeap)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/03 15:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {1CFD0698-D62D-4C56-86DC-2FFB55915E0D}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.jp/
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D}: C:\PROGRAM FILES\SHOPPERZ\FIREFOX

[2012/04/24 22:41:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\affmlfjaccgajlhglnhfhfaiohelbmec\209\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.1.5_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\..\Toolbar\WebBrowser: (Yahoo!ツールバー) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_12\Modules\YahooToolBar.dll (Yahoo! JAPAN)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [Del1041969225] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del118921387] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del205230609] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del291622403] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del32416742] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del379863370] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del464419952] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del869162066] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [Del955569553] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del1041969225] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del118921387] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del205230609] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del291622403] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del32416742] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del379863370] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del464419952] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del869162066] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [Del955569553] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {7BD15D9F-7684-48AE-888E-46AF1CAEDB2E} http://www.milu.jp/MILU.cab (MILU Download Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.24.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79C4DE10-17F0-444B-80B5-E89CA5228774}: DhcpNameServer = 192.168.24.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC19DA87-04D4-42C3-915D-AB3157FF6FF5}: DhcpNameServer = 192.168.24.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD793A3E-7B98-4B4A-B3BA-36B008AB3E33}: DhcpNameServer = 111.87.221.145 111.87.221.129
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/05/15 00:48:55 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  • 2015/04/17 (Fri) 14:23:34
返信フォームへ 
OTLログ2
[2015/04/16 21:09:11 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/16 21:08:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mina\Desktop\OTL.exe
[2015/04/16 21:06:07 | 002,827,152 | ---- | C] (Reason Company Software Inc.) -- C:\Users\mina\Desktop\herdProtectScan_Portable.exe
[2015/04/15 21:52:42 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/15 21:52:42 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/15 21:52:42 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/15 21:52:42 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/15 21:52:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/15 21:52:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/15 21:52:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/15 21:52:42 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/15 21:52:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/15 21:52:42 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/15 21:52:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/15 21:52:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/15 21:52:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/15 21:52:42 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/15 21:52:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/15 21:52:40 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/15 21:52:40 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/15 21:52:40 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/15 21:52:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/15 21:52:39 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/15 21:52:39 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/15 21:52:39 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/15 21:52:39 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/04/15 21:52:38 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/04/15 21:52:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/04/15 21:52:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/04/15 21:52:28 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/15 21:52:27 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/15 21:52:25 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/04/15 21:52:25 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/04/15 21:52:25 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/04/15 21:52:24 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/04/15 21:52:24 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/04/15 21:52:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/04/15 21:52:23 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/04/15 21:52:23 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/04/15 21:52:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/15 21:52:22 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/04/15 21:52:22 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/04/15 21:52:22 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/04/15 21:52:21 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/04/15 21:52:21 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/04/15 21:52:21 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/04/15 21:52:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/04/15 21:52:20 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/04/15 21:52:20 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/04/15 21:52:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/04/15 21:52:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/04/15 21:52:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/04/15 21:52:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/04/15 21:52:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/04/15 21:52:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/15 21:52:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:52:19 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:52:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/04/15 21:52:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:52:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:52:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:52:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:52:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:52:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:52:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:52:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:52:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:52:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:52:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:52:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:52:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:52:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:52:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:52:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:52:13 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:52:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:52:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:52:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:52:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:52:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:52:11 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/04/15 21:52:11 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/04/15 21:52:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/04/15 21:52:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/04/15 21:52:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/04/15 21:52:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/04/15 21:52:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/04/15 21:52:10 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/04/15 21:52:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/04/15 21:52:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/04/15 21:51:28 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/04/15 21:51:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/04/15 21:51:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/04/15 21:51:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/04/15 21:51:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/04/15 21:51:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/04/15 21:51:25 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/15 21:51:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/04/15 21:51:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/04/15 21:51:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/04/15 21:51:22 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/04/15 21:51:22 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/15 21:51:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/04/15 21:51:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/04/15 21:51:21 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/04/15 21:51:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/04/15 21:51:20 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/04/15 21:51:20 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/15 21:51:20 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/04/15 21:51:20 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/04/15 21:51:19 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/04/15 21:51:19 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/15 21:51:19 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/04/15 21:51:18 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/04/15 21:51:17 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/04/15 21:51:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/04/15 21:51:15 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/04/15 21:51:13 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/04/15 21:51:13 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/04/15 21:51:12 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/15 21:51:12 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/04/15 21:51:12 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/04/15 21:51:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/15 21:51:11 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/15 21:51:11 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/04/15 21:51:10 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/04/15 21:51:10 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/04/15 21:50:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/15 21:50:05 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015/04/15 21:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/04/15 21:32:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/04/15 21:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/04/15 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/04/15 21:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/04/15 21:27:04 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\Apple Computer
[2015/04/13 12:08:38 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\Apple
[2015/04/10 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Malwarebytes
[2015/04/10 21:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/10 21:22:31 | 017,305,616 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe
[2015/04/09 22:01:44 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\Acer
[2015/04/09 22:00:29 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Baidu
[2015/04/09 22:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\baidu
[2015/04/09 22:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu
[2015/04/09 22:00:28 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\Adobe
[2015/04/09 21:46:57 | 000,000,000 | ---D | C] -- C:\Users\mina\Desktop\backups
[2015/04/09 21:36:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\mina\Desktop\HijackThis.exe
[2015/04/09 20:56:18 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Oracle
[2015/04/07 22:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/04/07 22:10:12 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Geek Uninstaller
[2015/04/07 20:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2015/04/05 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Ascentive
[2015/04/05 16:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive
[2015/04/05 16:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2015/04/05 16:27:14 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\WeatherTool
[2015/04/05 16:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WeatherTool
[2015/04/05 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\MiniService
[2015/04/05 15:49:26 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/04/05 15:49:26 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/04/01 22:12:54 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Local\Software

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/17 13:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/17 13:52:01 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/17 13:49:39 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/17 13:49:32 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WeatherTool_start_schedule_task.job
[2015/04/17 13:49:31 | 000,000,518 | ---- | M] () -- C:\Windows\tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job
[2015/04/17 13:35:38 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/16 21:08:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mina\Desktop\OTL.exe
[2015/04/16 21:06:11 | 002,827,152 | ---- | M] (Reason Company Software Inc.) -- C:\Users\mina\Desktop\herdProtectScan_Portable.exe
[2015/04/15 23:49:47 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/15 23:49:47 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/15 22:25:07 | 001,313,358 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/15 22:25:07 | 000,654,508 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/15 22:25:07 | 000,411,456 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2015/04/15 22:25:07 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2015/04/15 22:25:07 | 000,122,380 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/15 22:15:15 | 001,293,142 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/15 21:34:01 | 000,001,717 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/14 21:50:16 | 002,526,545 | ---- | M] () -- C:\Users\mina\Desktop\150402_1541_001.jpg
[2015/04/13 23:01:33 | 000,000,020 | ---- | M] () -- C:\Users\mina\AppData\Roaming\appdataFr3.bin
[2015/04/10 21:23:06 | 017,305,616 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe
[2015/04/09 21:36:59 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\mina\Desktop\HijackThis.exe
[2015/04/09 20:54:01 | 000,000,097 | ---- | M] () -- C:\Users\mina\AppData\Roaming\WB.CFG
[2015/04/07 22:09:51 | 002,585,202 | ---- | M] () -- C:\Users\mina\Desktop\geek.zip
[2015/04/05 13:06:29 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/03/25 17:59:28 | 001,880,283 | ---- | M] () -- C:\Users\mina\Desktop\image.jpg
[2015/03/25 12:24:41 | 003,298,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/03/25 12:24:41 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/03/25 12:24:41 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/03/25 12:24:41 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/03/25 12:24:41 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/03/25 12:24:40 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/03/25 12:24:08 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/03/25 12:23:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/03/25 12:23:55 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/03/25 12:23:55 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/03/25 12:00:57 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/03/25 12:00:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/03/25 12:00:57 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/03/25 12:00:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/03/25 12:00:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/03/23 12:25:15 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/03/23 12:25:01 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/03/23 12:24:56 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/03/23 12:24:54 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/03/23 12:24:53 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/03/23 12:24:53 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/03/23 12:24:53 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/03/23 12:17:39 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/03/19 22:28:44 | 000,169,900 | -H-- | M] () -- C:\Windows\SysNative\mlfcache.dat
[2015/03/18 21:03:08 | 000,000,909 | ---- | M] () -- C:\Users\mina\Desktop\Internet Explorer.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/15 21:51:28 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/15 21:51:25 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/04/15 21:34:01 | 000,001,717 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/04/13 23:01:33 | 000,000,020 | ---- | C] () -- C:\Users\mina\AppData\Roaming\appdataFr3.bin
[2015/04/10 21:35:48 | 000,000,518 | ---- | C] () -- C:\Windows\tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job
[2015/04/07 22:09:22 | 002,585,202 | ---- | C] () -- C:\Users\mina\Desktop\geek.zip
[2015/04/05 22:40:08 | 002,526,545 | ---- | C] () -- C:\Users\mina\Desktop\150402_1541_001.jpg
[2015/04/05 16:27:15 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\WeatherTool_start_schedule_task.job
[2015/03/25 17:56:52 | 001,880,283 | ---- | C] () -- C:\Users\mina\Desktop\image.jpg
[2015/03/19 22:28:44 | 000,169,900 | -H-- | C] () -- C:\Windows\SysNative\mlfcache.dat
[2014/04/14 01:27:46 | 000,002,681 | ---- | C] () -- C:\Users\mina\Skype.lnk
[2014/03/31 21:39:59 | 000,000,207 | ---- | C] () -- C:\Users\mina\.swfinfo
[2014/02/24 02:02:09 | 000,000,042 | ---- | C] () -- C:\Users\mina\.a-downloader
[2014/02/17 17:41:20 | 000,002,023 | ---- | C] () -- C:\Users\mina\Adobe Reader XI.lnk
[2013/09/13 05:03:49 | 000,000,907 | ---- | C] () -- C:\Users\mina\.recently-used.xbel
[2013/08/23 21:18:26 | 000,000,097 | ---- | C] () -- C:\Users\mina\AppData\Roaming\WB.CFG
[2013/08/21 01:45:57 | 000,001,274 | ---- | C] () -- C:\Users\mina\Image Converter.lnk
[2013/05/29 17:25:42 | 000,450,560 | ---- | C] () -- C:\Windows\SysWow64\AscSqlite.dll
[2012/09/14 20:38:07 | 001,092,031 | ---- | C] () -- C:\Users\mina\sai-1.1.0-upd-ja.exe
[2011/04/21 21:54:21 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[1999/07/07 09:00:00 | 000,000,006 | RHS- | C] () -- C:\ProgramData\275EA05B-B892-4d89-A8C0-D1F1B7BD9CEC

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/17 13:49:31 | 000,000,518 | ---- | M] () -- C:\Windows\tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job
[2015/04/17 13:49:39 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/17 13:35:38 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/17 13:49:32 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WeatherTool_start_schedule_task.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: TOSHIBA MK6465GSX
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 15.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 16107175936
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 581.00GB
Starting Offset: 16212033536
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

次にextrasのログです
  • 2015/04/17 (Fri) 14:28:51
返信フォームへ 
Extrasログです
OTL Extras logfile created on: 2015/04/17 13:55:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.86 Gb Total Physical Memory | 3.25 Gb Available Physical Memory | 84.34% Memory free
7.71 Gb Paging File | 7.14 Gb Available in Paging File | 92.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.07 Gb Total Space | 363.62 Gb Free Space | 62.58% Space Free | Partition Type: NTFS

Computer Name: ASPIRE5750 | User Name: mina | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = BaiduSparkHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = BaiduSparkHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Classes\<extension>]
.html [@ = BaiduSparkHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\baidu\Spark\Spark.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07AF41AA-1BFD-431A-908D-87E07FA0FFAB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0D9D343E-055B-4B8A-A83A-235BDF5DC6B0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0DC1FACA-A341-4740-A125-375D246AA2D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{29986AD4-58F0-4B7C-A565-06D5AA2356FC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3994451D-7208-4EDF-A767-0F46DB922636}" = lport=49898 | protocol=6 | dir=in | name=akamai netsession interface |
"{3E650991-CDE2-4E7B-9660-AFA2BA9931DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{43B860C4-63C1-4785-9E49-46F82C8B4A21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4DE0212A-14F4-4A02-918E-169F7A3141B1}" = rport=445 | protocol=6 | dir=out | app=system |
"{52CEFDD5-F79F-4B0F-83E5-BBF5ED8BA112}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{546C1777-1261-490E-8178-2D541CEFE611}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{589D3BBD-2201-4715-BBAA-621F7804C231}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59B4515D-14EF-43F8-B945-6302279B6349}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{619FD717-29F1-4428-BE12-DBC6519D8C46}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{648A8060-DA05-4687-8987-3206F7AC05CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{722223A2-467E-4E7C-9BF6-B6839F8CA385}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7FA78032-635D-49C6-BD84-164F2D9EC32F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7FC0E875-EB03-4956-8B0F-F2C01BEA138D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8284A5F9-7543-4BBA-8999-215D16E787E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8DEFEFAF-8528-405F-89C7-8ECE0F110FB8}" = rport=137 | protocol=17 | dir=out | app=system |
"{8E328B98-9A47-4CC7-B42A-DACDD494BCC0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A280715-1F68-45B3-A2FE-A761016CA792}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9A3C408F-9377-4245-BF4A-DF52DC3DB714}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF8D0FDE-E864-4EE7-81F5-111E7D0808E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0076BF4-7517-42B6-B314-EBE688819C54}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BAB0D481-7D5A-445B-A887-B34CD68CDCA8}" = lport=139 | protocol=6 | dir=in | app=system |
"{BF058486-7342-46E7-9627-8EE7911727BF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF39BA71-5170-4312-9FA0-1747172CA590}" = rport=138 | protocol=17 | dir=out | app=system |
"{C06E65E3-A057-49F8-9519-BBBEAE67D05B}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{C271D816-C3BE-44B0-AEE9-0A4506646A2A}" = lport=137 | protocol=17 | dir=in | app=system |
"{DF7152C5-BA47-47B5-81FA-9F9FAFDF2E4B}" = lport=138 | protocol=17 | dir=in | app=system |
"{E50030A4-9B25-442A-852A-FDE688DD9F0F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E69DFACC-D6BE-483F-B610-C4A8F34C3CAA}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6EFB094-5745-4121-93B6-CD375B55FDF9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E974B110-B935-4C26-BD2C-65045A8F117D}" = rport=139 | protocol=6 | dir=out | app=system |
"{EBB93C14-BE7F-4D81-9D5C-6169DE242DD8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F5F33C62-7C6D-4A02-8C75-C364C6A79A19}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{F8968244-1AD4-4275-858E-3DAB0410269A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B1A804-6D40-40FE-B2AD-60C892A2D8E6}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovieservice.exe |
"{071BAC78-1802-40E4-B754-1F3D3AD5B841}" = protocol=6 | dir=in | app=c:\program files (x86)\baidu\spark\spark.exe |
"{0A1768BC-532F-4961-837F-015B700223C5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0EA1C3EF-8D12-438A-BD83-1C02563A4C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0FFBCBB4-6A04-42F1-852A-40458D5045C4}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{10F36A24-9FE9-421D-92A2-D8B5F7438113}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{150A9D2D-514A-444B-AA53-C3D39F0F6DDA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{17A39785-4B57-4217-BF56-E7D6256FD015}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{180D498B-D572-4350-82C7-698B5910BC40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1B15FD2A-781D-4AA2-AAD7-2C3FDAED94DB}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{262998CA-D1F6-4E06-B966-3AA682A336D3}" = dir=in | app=c:\program files (x86)\janetter2\bin\janettersrv.exe |
"{29CED4AD-BEFB-4F8B-B33D-B505A73D7CD3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2A35E630-1419-40AD-A5D5-23F9ED35E373}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{366342EF-A9CA-419A-9C12-976E2A8DB9E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3B562372-8D4D-4514-BA38-199112FCEF5B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{41E25FDD-673E-4A9A-A786-A54833698560}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{42660460-E1EA-43E2-A46C-D4F3AB9342CD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{442E3647-94E5-459A-952B-BCF1E145BC14}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{5C73BD0F-A5F1-4B3F-8E5E-1DBE9BD55F16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65BA9D47-123E-4DAD-B764-79E3D173286F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E53E3EC-CAB3-4698-A6B1-8F64F2E78465}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{70BFEC04-8E10-44A3-9424-4B388DFF1EDF}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{74448CA8-6F92-45AB-A436-DA340627AC99}" = protocol=17 | dir=in | app=c:\program files (x86)\baidu\spark\spark.exe |
"{7563CB5E-0C6C-40A3-B3FC-69EE06CB5299}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{80CE5746-BBC9-40AA-A4F5-8E3283DAEEC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{813D04F3-1629-4203-9FD2-806A265DCAA8}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{8539D53C-1A41-443F-8953-5CC43D16D1E5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87224B39-4239-4978-BED9-D99A248B5EBB}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{8A89FFF3-F586-43C1-B7A5-45B262870092}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8AB13982-62A4-4249-B65D-2B62403F6035}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8B403FED-169F-4417-BA77-D8C22893BE29}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FBE6093-D813-48D0-A1A3-563F689EDCE9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A088CEB8-109E-4355-953E-641D8AD36D4A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A08CD66B-954C-45C9-81C6-D569D30E211B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A17A11FE-9430-4DF7-8598-1B1D929A012B}" = protocol=6 | dir=out | app=system |
"{A5FB5295-D659-4AAE-AB26-A9D4CFBBA0A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1547A14-CE4C-4C52-8DBD-FAFD1843C7F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3000DF6-4633-4ECD-AB31-D0328033A239}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\kingsoft\kiscommon\kxeserv.exe |
"{B581555B-0122-436E-BE57-AE01CB6732A6}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{BC4FF44C-BB86-4378-92A1-E14E6CAA45DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C3558277-57AE-457E-82CC-5E5D7BB26E4E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C8795AFE-B8A1-4F37-A57F-8EE5A71BE2AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CB2E002E-0C55-4787-ACEB-FF464C9622FE}" = protocol=6 | dir=in | app=c:\users\mina\appdata\local\akamai\netsession_win.exe |
"{CD30B3DE-DBE0-4FCB-BCB5-720B27E7F749}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
"{D08B7279-8AE8-41F6-A29D-2C7DE3CBC02F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\kingsoft\kiscommon\kxeserv.exe |
"{D1ECC75B-E409-4F9F-9C27-24BF4EDE856B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D3142C0E-C926-413B-9695-D27C5ABB0CC5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D4A2AFCC-464F-4F6E-8939-CD01C0FA6F19}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{D5812A24-0D49-4702-8458-A7BB88091B21}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DB72E853-8338-4862-8509-C09C92A5F455}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{DD41E1CC-92A2-42EF-B640-001ED6B63BEF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DF69FA0C-C6AF-4851-9AB6-7173143E76A9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB}" = protocol=17 | dir=in | app=c:\users\mina\appdata\local\akamai\netsession_win.exe |
"{E32C853A-7559-4D9A-A64E-ABC9E053A4D9}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovie.exe |
"{E9616E8A-AF1F-4AE5-B687-E861AF70DD68}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{E9ACE4BF-AD4A-453D-B865-3A91BAE59945}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EF483824-65BE-4C34-A10D-71D816E95322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F38393E5-E2AD-4467-AD4D-DD2318CDF588}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F60FDE55-F6BB-4DD4-8B4B-E60980B970D7}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
"TCP Query User{15518E2A-8B0D-436F-A3C6-DFB533D67904}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{7FA6D572-07BA-4D47-AF00-B61440EE50B0}C:\users\mina\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mina\appdata\local\akamai\netsession_win.exe |
"TCP Query User{AFC0C1E4-7832-4452-8708-AD5F6E1B3321}C:\users\mina\desktop\woopie video desktop\woopievideodesktop.exe" = protocol=6 | dir=in | app=c:\users\mina\desktop\woopie video desktop\woopievideodesktop.exe |
"UDP Query User{2C8E4506-6A6E-454E-81A4-466ED98959AA}C:\users\mina\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mina\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8DBD45DE-CD23-473F-B00F-A713BE8E3A16}C:\users\mina\desktop\woopie video desktop\woopievideodesktop.exe" = protocol=17 | dir=in | app=c:\users\mina\desktop\woopie video desktop\woopievideodesktop.exe |
"UDP Query User{FAC9563B-849E-44A9-B304-9243D72E82F1}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3B1E1F4C-031D-410F-A93A-1220236608C8}" = Microsoft Antimalware Service JA-JP Language Pack
"{3BF2C0A8-2C44-4A36-AA96-3BD6FB7BB01F}" = Windows Live Remote Client Resources
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{5081D2D4-1637-404c-B74F-50526718257D}_is1" = shopperz 2.0.0.456
"{54C5B89F-0A8C-4C07-A51D-7380974DA459}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0028-0411-1000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0411-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Japanese) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-011C-0411-1000-0000000FF1CE}" = Microsoft Office ナビ 2010
"{996D32B6-F629-4764-894B-CB24D9C19051}" = Microsoft Security Client
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = インテル(R) ターボ・ブースト・テクノロジー・モニター 2.0
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support(64 ビット)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client JA-JP Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WeatherTool" = Baidu The Desktop Weather 1.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00C5E42C-5C3D-4712-91BA-691EBC23DD5C}" = Autodesk MatchMover 2012 32-bit
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = MediaEspresso
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{223469C7-3B3F-4D18-AB4A-4F4B298D0DB2}" = x-APPLICATION Components
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3C7A758F-E865-4748-B6C3-72B0F45BD7D5}" = Autodesk DirectConnect 2012 32-bit
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7134EF35-DA07-41F8-A71F-66709E194BB5}" = Windows Live Mesh
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0016-0411-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Japanese) 2010
"{90140000-0018-0411-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Japanese) 2010
"{90140000-001A-0411-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Japanese) 2010
"{90140000-001B-0411-0000-0000000FF1CE}" = Microsoft Office Word MUI (Japanese) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0411-0000-0000000FF1CE}" = Microsoft Office Proof (Japanese) 2010
"{90140000-0028-0411-0000-0000000FF1CE}" = Microsoft Office IME (Japanese) 2010
"{90140000-002C-0411-0000-0000000FF1CE}" = Microsoft Office Proofing (Japanese) 2010
"{90140000-006E-0411-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Japanese) 2010
"{90140000-00A1-0411-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Japanese) 2010
"{91140000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Essentials 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Japanese
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support(32 ビット)
"{B05B64BA-D9C8-47B9-A2CB-A1F8E796C843}" = Windows Live Messenger
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{BA0B4781-7874-49CF-BF45-D83DAB54888C}" = x-アプリ
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFE4A2B6-4894-436C-8847-70FF3F18D892}" = NVIDIA PhysX Plug-in for Autodesk Maya 2012 32 bit
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C52C2534-08A0-4714-8F2E-2A6224207A5F}" = ComicStudioEX 4.0
"{C7C48E52-3E06-43E7-BC3B-CBD13AE6ACAB}" = COMICART CG illust 4.06 Plus DEMO
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF9F8631-E410-4C72-8B69-71C5BE5BE005}" = NW-E050 WALKMAN Guide
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8FA2A48-A1E8-432E-AE96-5276D9E6A50F}" = Sony Media Library Earth 8.0.00
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFCBE6B6-D226-43E1-BEDD-7CDA7B52A302}" = x-APPLICATION NetMD Driver for x64
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE408577-9C0E-4E5F-BCB2-DB5B3A220958}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA82D553-7A07-43A4-98E8-14C62402A4F2}" = Autodesk SketchBook Copic Edition
"{FEC02973-0781-49C7-9F04-28DA9BAF0372}" = Composite 2012
"32fsj32_is1" = File Scavenger 3.2 (Japanese)
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Autodesk DirectConnect 2012 32-bit" = Autodesk DirectConnect 2012 32-bit
"BUFFALO_AirSet2_is1" = BUFFALO エアステーション設定ツール
"chorokuf" = ♪超録 - パソコン長時間録音機 フリーウェア版
"CoreAAC" = CoreAAC
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{BA0B4781-7874-49CF-BF45-D83DAB54888C}" = x-アプリ 5.0.01
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{D8FA2A48-A1E8-432E-AE96-5276D9E6A50F}" = Sony Media Library Earth 8.0.00
"Office14.EssentialsR" = Microsoft Office 2010
"PaintToolSAI" = ペイントツールSAI Ver.1
"PC SpeedScan Pro" = PC SpeedScan Pro
"RadioLine Free" = RadioLine Free
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"UN900119" = BUFFALO クライアントマネージャV
"WinLiveSuite" = Windows Live Essentials
"Yahoo!Jツールバー" = Yahoo!ツールバー

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealPly" = DealPly

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3550251776-2451250284-1976259649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download Manager Packages" = Download Manager Packages

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/01/28 7:14:19 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2015/01/28 7:14:20 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9984

Error - 2015/01/28 7:14:20 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9984

Error - 2015/01/28 9:17:35 | Computer Name = Aspire5750 | Source = SideBySide | ID = 16842832
Description = "C:\Users\mina\Desktop\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe"
のアクティブ化コンテキストの生成に失敗しました。マニフェストまたはポリシー ファイル "" 行 のエラーです。 アプリケーションで必要なコンポーネントのバージョンが、既にアクティブな別のコンポーネントのバージョンと競合しています。
競合しているコンポーネントは次のとおりです:
コンポーネント
1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest
コンポーネント
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest

Error - 2015/01/28 12:36:52 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2015/01/28 12:36:52 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9984

Error - 2015/01/28 12:36:52 | Computer Name = Aspire5750 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9984

Error - 2015/01/29 11:41:09 | Computer Name = Aspire5750 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: UPDATE~1.EXE、バージョン: 0.0.0.0、タイム スタンプ: 0x2a425e19
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x005819fe
障害が発生しているプロセス
ID: 0x1b24 障害が発生しているアプリケーションの開始時刻: 0x01d03bb903306a3e 障害が発生しているアプリケーション パス: C:\Users\mina\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
障害が発生しているモジュール
パス: unknown レポート ID: 3e725bd1-a7cd-11e4-9b0b-b870f477a3e9

Error - 2015/01/29 11:50:03 | Computer Name = Aspire5750 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: UPDATE~1.EXE、バージョン: 0.0.0.0、タイム スタンプ: 0x2a425e19
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x003719fe
障害が発生しているプロセス
ID: 0x1574 障害が発生しているアプリケーションの開始時刻: 0x01d03bda8a212663 障害が発生しているアプリケーション パス: C:\Users\mina\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
障害が発生しているモジュール
パス: unknown レポート ID: 7cc2d0cb-a7ce-11e4-9b0b-b870f477a3e9

Error - 2015/01/29 13:15:11 | Computer Name = Aspire5750 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: UPDATE~1.EXE、バージョン: 0.0.0.0、タイム スタンプ: 0x2a425e19
障害が発生しているモジュール名:
unknown、バージョン: 0.0.0.0、タイム スタンプ: 0x00000000 例外コード: 0xc0000005 障害オフセット: 0x01e119fe
障害が発生しているプロセス
ID: 0x25f0 障害が発生しているアプリケーションの開始時刻: 0x01d03be2ebf6083d 障害が発生しているアプリケーション パス: C:\Users\mina\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
障害が発生しているモジュール
パス: unknown レポート ID: 618d80cd-a7da-11e4-9b0b-b870f477a3e9

Error - 2015/01/31 11:30:29 | Computer Name = Aspire5750 | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 2014/05/16 8:38:18 | Computer Name = Aspire5750 | Source = MCUpdate | ID = 0
Description = 21:38:18 - インターネットの接続中にエラーが発生しました。 21:38:18 - サーバーと通信できません。.

Error - 2014/05/16 8:38:28 | Computer Name = Aspire5750 | Source = MCUpdate | ID = 0
Description = 21:38:24 - インターネットの接続中にエラーが発生しました。 21:38:24 - サーバーと通信できません。.

[ System Events ]
Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = DCOM | ID = 10005
Description =

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = DCOM | ID = 10005
Description =

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 0:52:44 | Computer Name = Aspire5750 | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/17 1:09:11 | Computer Name = Aspire5750 | Source = DCOM | ID = 10005
Description =

Error - 2015/04/17 1:09:11 | Computer Name = Aspire5750 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 で定義を更新しようとしてエラーが発生しました。 新しい定義のバージョン: 以前の定義のバージョン: 1.195.3371.0

更新元:
%%859 更新ステージ: %%852 ソース パス: Default URL 定義の種類: %%800 更新の種類: %%803 ユーザー: NT AUTHORITY\SYSTEM

現在のエンジンのバージョン:
以前のエンジンのバージョン: 1.1.11502.0 エラー コード: 0x8007043c エラーの説明: このサービスはセーフ モードで開始できません


< End of report >
  • 2015/04/17 (Fri) 14:31:17
返信フォームへ 
OTLで処置しましょう
とりあえずですね・・・PC内にごみが多すぎですので、ごみ掃除なされたほうが良いと思います。
HPは不要ですので、導入時の指示に従って削除なされてください。

メモ帳を起動させ、以下の3つをそれぞれコピペしてください。
なお、:OTL、:Files、:Commands等はOTLでの処理方法を決める命令文です。
削除なされないようご注意ください。

1回目
------コピペこの下より------
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5081D2D4-1637-404c-B74F-50526718257D}: C:\PROGRAM FILES\SHOPPERZ\FIREFOX
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
[2015/04/10 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Malwarebytes
[2015/04/10 21:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/10 21:22:31 | 017,305,616 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe
[2015/04/09 22:00:29 | 000,000,000 | ---D | C] -- C:\Users\mina\AppData\Roaming\Baidu
[2015/04/09 22:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\baidu
[2015/04/09 22:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu
[2015/04/05 16:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Ascentive
[2015/04/05 16:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive
[2015/04/05 16:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2015/04/17 13:49:32 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\WeatherTool_start_schedule_task.job
[2015/04/17 13:49:31 | 000,000,518 | ---- | M] () -- C:\Windows\tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job

:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

2回目
------コピペこの下より------
:Files
c:\program files\shopperz
%userprofile%\appdata\local\temp
%userprofile%\downloads\fileopenersetup (1).exe
%userprofile%\downloads\fileopenersetup (2).exe
%userprofile%\downloads\fileopenersetup (3).exe
%userprofile%\downloads\file_extractor_4.exe
%userprofile%\downloads\gomencodersetup_jpn.exe
%userprofile%\downloads\gomplayerjpsetup.exe
%userprofile%\downloads\imageresizersetup.exe
%userprofile%\setupdvddecrypter_3.5.4.0.exe
%userprofile%\downloads\woopie_video_desktop_3.6.3.exe
%userprofile%\downloads\a-downloader701
%userprofile%\desktop\cprmdecrypter
%userprofile%\desktop\新しいフォルダー\ともちん動画ラジオ\heroe\vidplayasetup_v2.exe
c:\windows\syswow64\asctaskscheduler.dll
c:\program files\chorokuf\jword_plugin.exe
%userprofile%\appdata\local\akamai
C:\program files (x86)\orbitdownloader
%userprofile%\Desktop\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe

:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

3回目
------コピペこの下より------
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3994451D-7208-4EDF-A767-0F46DB922636}"=-
"{C06E65E3-A057-49F8-9519-BBBEAE67D05B}"=-
"{071BAC78-1802-40E4-B754-1F3D3AD5B841}"=-
"{74448CA8-6F92-45AB-A436-DA340627AC99}"=-
"{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB}"=-
"{15518E2A-8B0D-436F-A3C6-DFB533D67904}"=-
"{7FA6D572-07BA-4D47-AF00-B61440EE50B0}"=-
"{AFC0C1E4-7832-4452-8708-AD5F6E1B3321}"=-
"{2C8E4506-6A6E-454E-81A4-466ED98959AA}"=-
"{8DBD45DE-CD23-473F-B00F-A713BE8E3A16}"=-
"{FAC9563B-849E-44A9-B304-9243D72E82F1}"=-

:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

コピペが完了しましたら、分かりやすいお名前をつけて保存してください。
その後、PCをセーフモードで起動させてください。
再度OTLを起動させ、Custom Scan/Fixesの項目内に上記で保存した内容をコピペしてください。
今回は駆除作業のため、その他のチェック項目はありません。
赤い文字の[Run Fix]をクリックして処置を開始してください。
OTLの処置に従って進めてゆき、通常モードで再起動を行う前後いずれかに処置ログが表示されますので、
そちらのログをそれぞれレスを分けて貼り付けてご連絡ください。
またその際に状況報告もお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/17 (Fri) 21:23:31
返信フォームへ 
OTLログ 1
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform\dump folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu folder moved successfully.
C:\ProgramData\baidu\update\download folder moved successfully.
C:\ProgramData\baidu\update folder moved successfully.
C:\ProgramData\baidu folder moved successfully.
C:\Program Files (x86)\Baidu\update\x64 folder moved successfully.
C:\Program Files (x86)\Baidu\update folder moved successfully.
C:\Program Files (x86)\Baidu folder moved successfully.
C:\ProgramData\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\ProgramData\Ascentive folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive folder moved successfully.
C:\Program Files (x86)\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\Program Files (x86)\Ascentive folder moved successfully.
C:\Windows\Tasks\WeatherTool_start_schedule_task.job moved successfully.
C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job moved successfully.
File rity] not found.
File sethosts] not found.
File ptyflash] not found.
File ptyjava] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.

続きます
  • 2015/04/21 (Tue) 22:04:57
返信フォームへ 
OTLログ 2
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform\dump folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu folder moved successfully.
C:\ProgramData\baidu\update\download folder moved successfully.
C:\ProgramData\baidu\update folder moved successfully.
C:\ProgramData\baidu folder moved successfully.
C:\Program Files (x86)\Baidu\update\x64 folder moved successfully.
C:\Program Files (x86)\Baidu\update folder moved successfully.
C:\Program Files (x86)\Baidu folder moved successfully.
C:\ProgramData\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\ProgramData\Ascentive folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive folder moved successfully.
C:\Program Files (x86)\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\Program Files (x86)\Ascentive folder moved successfully.
C:\Windows\Tasks\WeatherTool_start_schedule_task.job moved successfully.
C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job moved successfully.
File rity] not found.
File sethosts] not found.
File ptyflash] not found.
File ptyjava] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.
========== FILES ==========
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\~rnsetup\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetup folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1 folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0 folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FECF0658-4BBC-40CD-8A59-B24DFFC22DC9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FEB26979-08BA-4E1E-913C-306D3E34C4EA} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FD8839A0-6585-4ABC-81D2-8CDC68299B37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB29B863-F12F-49DD-B629-7BDB157F9ED8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB162EF0-17FB-472E-B305-6B815B0E64D1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F9D2EF8D-D3A3-4105-AF36-05376D92A56E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{f3a57af6-88ca-45b1-b7cc-1107dc9937cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F1080F62-CEA0-4616-B995-2F63084FE80F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EF50CB82-FE8B-4661-8F82-A8058C860628} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECFC06F1-2167-4BEF-A7BA-DBEF7A6A221D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECF3F358-7CC7-45FF-8850-6310823007F7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EB64DF0B-C974-48F6-95B4-9B3742018EFD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EA82548E-17B1-41BF-8F86-DCCE18B58942} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E9855083-8996-4917-9FEC-1929962F6934} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{e81d90f8-71f7-4a99-a081-41ad48b5e85f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E769DE67-5447-49AA-87A9-F6028F44E2D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E1FD021D-9458-4FF7-93CA-F0B7636AD1D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{DA23E86A-2DC1-403E-9CE6-B2A5AB30C82F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D92FD6F0-896D-46DD-B1C3-4B5B494E311E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3BF339E-BFCE-4D0D-9EFE-55C1C6254545} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3350011-66BD-4E65-B639-17ABDD2DCD15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D1660D3E-7EFF-4663-B69A-09AA6007ECB8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C6775D51-2F41-4C81-9EDB-5F36FD9335FD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C32F0596-2B3D-42BD-BCAB-063413C5743D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B98A6BE5-7A69-4304-99C5-B397FD36517B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B86E6AE8-7F76-4096-91CE-9E3981DAB7C4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B60ADAA0-34B5-4DE7-B8E1-E707C52D704B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B51C9C7C-FCF6-4850-BBF9-94A4EE84DC86} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF}\{C9639F28-F548-4B40-B716-4D71FB951F31} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3281854-FBF3-46A9-B9AC-65EEF06BD46D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{b052aa6e-8087-47f0-8192-e766e97fba15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A6C25CCB-471A-49BC-B1A1-0A5AF4A4C4CB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{a0da6614-57b9-4624-a02c-da37f8f3988d} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A0C4B64E-43C9-4A97-8C86-68D7E31BF45A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9FBF712D-C4EF-4E25-B6FD-2CD84A5BB60C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9F6DFDE1-AF28-4F16-B7BE-B290E305BC76} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9DA1F377-A82A-447D-AA82-28D1BF76856E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9D196C56-F5F5-4FBA-9536-D4141F1CD023} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9A1CFD40-80D1-416C-83CE-08053121624F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98CF6048-BE22-4BE4-A2D8-2419CA942AFE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98C45147-525F-4CE6-9E86-818DF0271ABC} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{937CF2D5-327F-41BB-8307-D53539D68690} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{93583C5F-F708-40FD-BDA7-62490C525827} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{929501f1-4af7-48fa-9263-6a787b69b93e} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{918D9962-DBFC-48B9-B4D5-6F319FEC2A0D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{90C55D2C-DC8B-4F15-9FCA-A3A7EBB3D4B8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DC99E7D-F2C2-49E8-96AC-412F35255C40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DA1B4EB-DD13-444A-BB8A-FE59A18B2B4B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0}\{43AAE145-83CF-4C96-9A5E-756CEFCE879F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{86f47482-f86d-4249-a5a3-a389c7e78fec} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{85CFD056-0A45-459D-A407-EBF17DAF3AD9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{82094C23-211E-4A8A-9AFA-E11D53B44BF0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7D5F0495-D5F6-4A75-8B94-32F16DED1FCD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7b341aa3-370d-486b-8758-cc86f11ff9cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{78A0294D-523A-443F-B4FC-4C2497BEECD0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{77E542C5-3174-4FC6-89FD-AE95D4CDAFD6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7113C11E-898C-4363-A489-E96943235917} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6E3A21D6-9D6C-42C4-89C5-AFF995671EE1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6A4ADE93-8F24-4D1E-9B10-1A40566A7AA7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{67B22EFA-DC04-4B79-B6FA-7967F534E4FF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65FF1BDB-8C8B-4E1B-B40B-04D00DD5689A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65F96BE2-CB10-4851-91C9-C8978AFD3706} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{64772E8D-BE96-4B50-9D9C-82B7EF594066} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{63D225A2-392F-4884-85FE-25CC50085EA8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6237D6A3-F905-445A-B01F-4B8136F9B1A5} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{60794be6-786a-4e52-8770-5adf90686703} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5E1E3537-5309-49A6-AA60-9303BB3C09DB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{52B91CAB-6CC0-4D3F-9E5D-06565B3CF652} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5142CA7F-6E8B-41E0-A028-307A81D96060} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4C912254-A084-4DBD-9BD1-2BB899E91C5A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4AFFC2ED-B67E-43F7-86F8-1AB83D70C77A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\ja-jp folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\en-us folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{434F56A5-4B35-4124-B380-9BF467744EE8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3FCAC424-C048-4027-854A-7B0CBE74F360} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3294DB96-CA18-4940-BCA0-841FB2E55E35} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{32669C70-7122-46B0-83E6-C6D0ACB0B57F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{2519463B-6823-4E36-89C3-B9FEBFA97C4E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{24B14CF4-8D52-4C9E-9182-801D3432FC51} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{210AD32E-A39A-4BD4-A844-511878933E3D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1EC61463-13DC-426C-8B39-A7B4CADA1D57} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1AFED947-C4DF-4821-A411-47EA8939EF6D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1084ee1e-2cbe-498a-bd5e-64100582a08f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{107DFCD7-1527-4943-9730-7168A50453DE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{0E0AE565-809C-4297-B071-63371E44BCE6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{07C19D99-4F2B-4FCB-8D91-2D6E90ACAA6B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{05A804ED-F751-4B9D-8B92-A3920AE3496C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{04A99291-D5B2-4FB7-A533-279C78660C37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{02E0D29D-F95C-4DC8-B55D-A2E0AF50A201} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{007F778D-F15C-4EAB-AE92-071D21FAF632} folder moved successfully.
C:\Users\mina\appdata\local\Temp\YontooLayers folder moved successfully.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\Temp1_geek.zip folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164\CRX_INSTALL folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164 folder moved successfully.
C:\Users\mina\appdata\local\Temp\nspA7A5.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\nskB626.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\15DA51D2_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\049AE7E3_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038 folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
C:\Users\mina\appdata\local\Temp\AdobeDownload folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
C:\Users\mina\downloads\FileOpenerSetup (1).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (2).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (3).exe moved successfully.
C:\Users\mina\downloads\File_Extractor_4.exe moved successfully.
C:\Users\mina\downloads\GOMENCODERSETUP_JPN.EXE moved successfully.
C:\Users\mina\downloads\GOMPLAYERJPSETUP.EXE moved successfully.
C:\Users\mina\downloads\ImageResizerSetup.exe moved successfully.
File/Folder C:\Users\mina\setupdvddecrypter_3.5.4.0.exe not found.
C:\Users\mina\downloads\Woopie_Video_DeskTop_3.6.3.exe moved successfully.
C:\Users\mina\downloads\A-Downloader701 folder moved successfully.
C:\Users\mina\desktop\CPRMDecrypter folder moved successfully.
C:\Users\mina\desktop\新しいフォルダー\ともちん動画ラジオ\heroe\VidPlayaSetup_v2.exe moved successfully.
c:\windows\syswow64\AscTaskScheduler.dll moved successfully.
c:\program files\chorokuf\jword_plugin.exe moved successfully.
File/Folder C:\Users\mina\appdata\local\akamai not found.
File\Folder C:\program files (x86)\orbitdownloader not found.
File/Folder C:\Users\mina\Desktop\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe not found.
File\Folder :Commands not found.
File\Folder [purity] not found.
File\Folder [resethosts] not found.
File\Folder [emptyflash] not found.
File\Folder [emptyjava] not found.
File\Folder [emptytemp] not found.
File\Folder [createrestorepoint] not found.
File\Folder [reboot] not found.
  • 2015/04/21 (Tue) 22:10:07
返信フォームへ 
OTLログ 3
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform\dump folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu folder moved successfully.
C:\ProgramData\baidu\update\download folder moved successfully.
C:\ProgramData\baidu\update folder moved successfully.
C:\ProgramData\baidu folder moved successfully.
C:\Program Files (x86)\Baidu\update\x64 folder moved successfully.
C:\Program Files (x86)\Baidu\update folder moved successfully.
C:\Program Files (x86)\Baidu folder moved successfully.
C:\ProgramData\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\ProgramData\Ascentive folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive folder moved successfully.
C:\Program Files (x86)\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\Program Files (x86)\Ascentive folder moved successfully.
C:\Windows\Tasks\WeatherTool_start_schedule_task.job moved successfully.
C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job moved successfully.
File rity] not found.
File sethosts] not found.
File ptyflash] not found.
File ptyjava] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.
========== FILES ==========
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\~rnsetup\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetup folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1 folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0 folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FECF0658-4BBC-40CD-8A59-B24DFFC22DC9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FEB26979-08BA-4E1E-913C-306D3E34C4EA} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FD8839A0-6585-4ABC-81D2-8CDC68299B37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB29B863-F12F-49DD-B629-7BDB157F9ED8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB162EF0-17FB-472E-B305-6B815B0E64D1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F9D2EF8D-D3A3-4105-AF36-05376D92A56E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{f3a57af6-88ca-45b1-b7cc-1107dc9937cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F1080F62-CEA0-4616-B995-2F63084FE80F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EF50CB82-FE8B-4661-8F82-A8058C860628} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECFC06F1-2167-4BEF-A7BA-DBEF7A6A221D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECF3F358-7CC7-45FF-8850-6310823007F7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EB64DF0B-C974-48F6-95B4-9B3742018EFD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EA82548E-17B1-41BF-8F86-DCCE18B58942} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E9855083-8996-4917-9FEC-1929962F6934} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{e81d90f8-71f7-4a99-a081-41ad48b5e85f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E769DE67-5447-49AA-87A9-F6028F44E2D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E1FD021D-9458-4FF7-93CA-F0B7636AD1D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{DA23E86A-2DC1-403E-9CE6-B2A5AB30C82F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D92FD6F0-896D-46DD-B1C3-4B5B494E311E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3BF339E-BFCE-4D0D-9EFE-55C1C6254545} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3350011-66BD-4E65-B639-17ABDD2DCD15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D1660D3E-7EFF-4663-B69A-09AA6007ECB8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C6775D51-2F41-4C81-9EDB-5F36FD9335FD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C32F0596-2B3D-42BD-BCAB-063413C5743D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B98A6BE5-7A69-4304-99C5-B397FD36517B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B86E6AE8-7F76-4096-91CE-9E3981DAB7C4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B60ADAA0-34B5-4DE7-B8E1-E707C52D704B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B51C9C7C-FCF6-4850-BBF9-94A4EE84DC86} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF}\{C9639F28-F548-4B40-B716-4D71FB951F31} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3281854-FBF3-46A9-B9AC-65EEF06BD46D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{b052aa6e-8087-47f0-8192-e766e97fba15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A6C25CCB-471A-49BC-B1A1-0A5AF4A4C4CB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{a0da6614-57b9-4624-a02c-da37f8f3988d} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A0C4B64E-43C9-4A97-8C86-68D7E31BF45A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9FBF712D-C4EF-4E25-B6FD-2CD84A5BB60C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9F6DFDE1-AF28-4F16-B7BE-B290E305BC76} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9DA1F377-A82A-447D-AA82-28D1BF76856E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9D196C56-F5F5-4FBA-9536-D4141F1CD023} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9A1CFD40-80D1-416C-83CE-08053121624F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98CF6048-BE22-4BE4-A2D8-2419CA942AFE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98C45147-525F-4CE6-9E86-818DF0271ABC} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{937CF2D5-327F-41BB-8307-D53539D68690} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{93583C5F-F708-40FD-BDA7-62490C525827} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{929501f1-4af7-48fa-9263-6a787b69b93e} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{918D9962-DBFC-48B9-B4D5-6F319FEC2A0D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{90C55D2C-DC8B-4F15-9FCA-A3A7EBB3D4B8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DC99E7D-F2C2-49E8-96AC-412F35255C40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DA1B4EB-DD13-444A-BB8A-FE59A18B2B4B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0}\{43AAE145-83CF-4C96-9A5E-756CEFCE879F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{86f47482-f86d-4249-a5a3-a389c7e78fec} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{85CFD056-0A45-459D-A407-EBF17DAF3AD9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{82094C23-211E-4A8A-9AFA-E11D53B44BF0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7D5F0495-D5F6-4A75-8B94-32F16DED1FCD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7b341aa3-370d-486b-8758-cc86f11ff9cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{78A0294D-523A-443F-B4FC-4C2497BEECD0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{77E542C5-3174-4FC6-89FD-AE95D4CDAFD6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7113C11E-898C-4363-A489-E96943235917} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6E3A21D6-9D6C-42C4-89C5-AFF995671EE1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6A4ADE93-8F24-4D1E-9B10-1A40566A7AA7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{67B22EFA-DC04-4B79-B6FA-7967F534E4FF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65FF1BDB-8C8B-4E1B-B40B-04D00DD5689A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65F96BE2-CB10-4851-91C9-C8978AFD3706} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{64772E8D-BE96-4B50-9D9C-82B7EF594066} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{63D225A2-392F-4884-85FE-25CC50085EA8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6237D6A3-F905-445A-B01F-4B8136F9B1A5} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{60794be6-786a-4e52-8770-5adf90686703} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5E1E3537-5309-49A6-AA60-9303BB3C09DB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{52B91CAB-6CC0-4D3F-9E5D-06565B3CF652} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5142CA7F-6E8B-41E0-A028-307A81D96060} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4C912254-A084-4DBD-9BD1-2BB899E91C5A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4AFFC2ED-B67E-43F7-86F8-1AB83D70C77A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\ja-jp folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\en-us folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{434F56A5-4B35-4124-B380-9BF467744EE8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3FCAC424-C048-4027-854A-7B0CBE74F360} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3294DB96-CA18-4940-BCA0-841FB2E55E35} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{32669C70-7122-46B0-83E6-C6D0ACB0B57F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{2519463B-6823-4E36-89C3-B9FEBFA97C4E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{24B14CF4-8D52-4C9E-9182-801D3432FC51} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{210AD32E-A39A-4BD4-A844-511878933E3D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1EC61463-13DC-426C-8B39-A7B4CADA1D57} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1AFED947-C4DF-4821-A411-47EA8939EF6D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1084ee1e-2cbe-498a-bd5e-64100582a08f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{107DFCD7-1527-4943-9730-7168A50453DE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{0E0AE565-809C-4297-B071-63371E44BCE6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{07C19D99-4F2B-4FCB-8D91-2D6E90ACAA6B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{05A804ED-F751-4B9D-8B92-A3920AE3496C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{04A99291-D5B2-4FB7-A533-279C78660C37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{02E0D29D-F95C-4DC8-B55D-A2E0AF50A201} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{007F778D-F15C-4EAB-AE92-071D21FAF632} folder moved successfully.
C:\Users\mina\appdata\local\Temp\YontooLayers folder moved successfully.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\Temp1_geek.zip folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164\CRX_INSTALL folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164 folder moved successfully.
C:\Users\mina\appdata\local\Temp\nspA7A5.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\nskB626.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\15DA51D2_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\049AE7E3_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038 folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
C:\Users\mina\appdata\local\Temp\AdobeDownload folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
C:\Users\mina\downloads\FileOpenerSetup (1).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (2).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (3).exe moved successfully.
C:\Users\mina\downloads\File_Extractor_4.exe moved successfully.
C:\Users\mina\downloads\GOMENCODERSETUP_JPN.EXE moved successfully.
C:\Users\mina\downloads\GOMPLAYERJPSETUP.EXE moved successfully.
C:\Users\mina\downloads\ImageResizerSetup.exe moved successfully.
File/Folder C:\Users\mina\setupdvddecrypter_3.5.4.0.exe not found.
C:\Users\mina\downloads\Woopie_Video_DeskTop_3.6.3.exe moved successfully.
C:\Users\mina\downloads\A-Downloader701 folder moved successfully.
C:\Users\mina\desktop\CPRMDecrypter folder moved successfully.
C:\Users\mina\desktop\新しいフォルダー\ともちん動画ラジオ\heroe\VidPlayaSetup_v2.exe moved successfully.
c:\windows\syswow64\AscTaskScheduler.dll moved successfully.
c:\program files\chorokuf\jword_plugin.exe moved successfully.
File/Folder C:\Users\mina\appdata\local\akamai not found.
File\Folder C:\program files (x86)\orbitdownloader not found.
File/Folder C:\Users\mina\Desktop\HEROE\SoftonicDownloader_for_jpeg-to-pdf.exe not found.
File\Folder :Commands not found.
File\Folder [purity] not found.
File\Folder [resethosts] not found.
File\Folder [emptyflash] not found.
File\Folder [emptyjava] not found.
File\Folder [emptytemp] not found.
File\Folder [createrestorepoint] not found.
File\Folder [reboot] not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3994451D-7208-4EDF-A767-0F46DB922636} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3994451D-7208-4EDF-A767-0F46DB922636}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C06E65E3-A057-49F8-9519-BBBEAE67D05B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C06E65E3-A057-49F8-9519-BBBEAE67D05B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{071BAC78-1802-40E4-B754-1F3D3AD5B841} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{071BAC78-1802-40E4-B754-1F3D3AD5B841}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74448CA8-6F92-45AB-A436-DA340627AC99} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74448CA8-6F92-45AB-A436-DA340627AC99}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15518E2A-8B0D-436F-A3C6-DFB533D67904} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15518E2A-8B0D-436F-A3C6-DFB533D67904}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FA6D572-07BA-4D47-AF00-B61440EE50B0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA6D572-07BA-4D47-AF00-B61440EE50B0}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFC0C1E4-7832-4452-8708-AD5F6E1B3321} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFC0C1E4-7832-4452-8708-AD5F6E1B3321}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C8E4506-6A6E-454E-81A4-466ED98959AA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C8E4506-6A6E-454E-81A4-466ED98959AA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8DBD45DE-CD23-473F-B00F-A713BE8E3A16} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DBD45DE-CD23-473F-B00F-A713BE8E3A16}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAC9563B-849E-44A9-B304-9243D72E82F1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FAC9563B-849E-44A9-B304-9243D72E82F1}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 396 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: mina
->Flash cache emptied: 19110234 bytes

User: Public

Total Flash Files Cleaned = 18.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: mina
->Java cache emptied: 707066 bytes

User: Public

Total Java Files Cleaned = 1.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mina
->Temp folder emptied: 112558174 bytes
->Temporary Internet Files folder emptied: 5971447446 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 129650125 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51699548 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42312094 bytes
RecycleBin emptied: 10914075 bytes

Total Files Cleaned = 6,026.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04212015_210211
Files\Folders moved on Reboot...
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\nsfD911.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
File move failed. C:\Users\mina\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Users\mina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
  • 2015/04/21 (Tue) 22:12:07
返信フォームへ 
状況ですが
ここまで作業しての現在の状況ですが、広告はまだ出てます。
あとここ2、3日、「インターネットエクスプローラーが動作を停止しました」と出てはプログラムを終了、を繰り返し最終的に元のページに戻れないと出てきて、パソコンからこの掲示板に書き込みができなくなってます。(今は携帯からアクセスしてます)
  • 2015/04/21 (Tue) 22:23:44
返信フォームへ 
IEのトラブルですね
OTLの処置は正常に終了している模様です。
ひとまずはGoogle Chromeを利用するかFirefoxを導入なされるなど、
IE以外の手段でブラウザを起動なされることで回避をお願いいたします。
その上で一度IEのリセットを行ってみましょう。
スタートボタンを押し、コントロールパネルを開いてください。
ネットワークとインターネット→インターネットオプションを開きます。
詳細設定のタブを開き、リセットのボタンを押します。
個人設定を削除するの部分にチェックを入れてリセットを押してください。
これでIEがリセットされますので、動作の確認を行って結果をご連絡ください。
  • IVNO
  • MAIL
  • 2015/04/22 (Wed) 17:14:46
返信フォームへ 
特に変わりはなく
処置をしてみましたが、特に変わりはないみたいです。
  • 2015/04/26 (Sun) 21:28:15
返信フォームへ 
力技でChromeの入れ替えを
こんばんは。
本館管理人の悪代官です。
IVNOさんがご多忙なので、貧乏な自分が代わりのレスします。

Chromeのリセット後も異常が続いてますか。
では力技での処置しましょうか。

まずChromeのブックマークで必要なものがあったらブクマをエクスポートしておいてください。
一度Chromeを完全削除するのでその準備です。

準備できたらセーフモードでGUを使ってGoogle系アプリを削除してください。
>Google Chrome Google Inc. 2014/07/30 41.0.2272.118
>Google Toolbar for Internet Explorer Google Inc. 2015/03/11 7.5.6227.252

削除できたらスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

ここでPCを通常モードで再起動してから、Cドライブを開いて手動目視で下記のフォルダを順番に探して、見つかったらそれを削除です。
C:\Program Files (x86)\Google
C:\Users\【ユーザー名】\AppData\Local\Google
C:\Users\【ユーザー名】\AppData\LocalLow\Google
探しても見つからないときはスルーでいいです。

ここまでできたらGoogle公式サイトにアクセスして、Chrome最新版をダウンロード、再インストールしてください。

再インスト後にChrome起動してしばらく様子見の後、状態報告をレスください
  • 悪代官
  • 2015/04/26 (Sun) 21:59:34
返信フォームへ 
Re: 広告が多くて困ってます
とても遅くなりました。
IEの具合、広告は出なくなったように思えます。
ただ、windows7の修理、修復のポップ、強制的なページ移行がまだあるのが気になっています。
  • 2015/05/24 (Sun) 21:34:13
返信フォームへ 
ログから全体の見直しします
レスが遅くなってすみません。

>IEの具合、広告は出なくなったように思えます。
>ただ、windows7の修理、修復のポップ、強制的なページ移行がまだあるのが気になっています

はい、その症状が出るブラウザはChromeだけですか?
とりあえず全体のログをまた見せてください。
CCで各タブのログとインストール情報ログと、HJTのログを取り直して、それらをレスください
  • 悪代官
  • 2015/05/25 (Mon) 06:38:27
返信フォームへ 
遅くなりました。
遅くなりました、すみません。
強制的なページ移行等は、IE、Chromeともに出ます。
どっちを使っても同じ、という印象です。

CCのスタートアップのログより貼っていきます。

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run ArcadeMovieService CyberLink Corp. "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run EgisTecPMMUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
有効 HKLM:Run EgisUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IME14 JPN Setup Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
  • 2015/06/22 (Mon) 22:20:55
返信フォームへ 
CCのIE,
無効 Extension OneNote に送る Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
無効 Extension OneNote に送る Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
無効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
無効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
無効 Extension Skype Click to Call Skype Technologies S.A. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
無効 Extension Skype Click to Call Skype Technologies S.A. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
無効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
  • 2015/06/22 (Mon) 22:23:27
返信フォームへ 
GC、スケジュール、コンテキストログ
有効 App Gmail 8.1 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 6.4 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0
有効 App YouTube 4.2.7 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension Google スプレッドシート 1.1 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension Skype Click to Call 6.9.0.12585 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0


スケジュールログ

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task AdobeAAMUpdater-1.0-Aspire5750-mina Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} Baidu C:\Program Files (x86)\baidu\update\baidujp_update.exe -Update
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PC SpeedScan Pro@Logon C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m
有効 Task PC SpeedScan Pro_Aspire5750@mina C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
有効 Task RealUpgradeLogonTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
有効 Task RealUpgradeScheduledTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
有効 Task WeatherTool_start_schedule_task Baidu Online Network Technology (Beijing)Co., Ltd C:\Program Files (x86)\WeatherTool\1.1.1.13\InstallHelper.exe -start
有効 Task {1420EB0C-42D4-4CD2-911F-5BBE3F7BEC6D} Microsoft Corporation "c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.115/ja/go/help.faq.installer?LastError=1618
有効 Task {E133FC02-608C-4985-9C10-FC19F41CF866} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\install.log"

コンテキストログ

有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
  • 2015/06/22 (Mon) 22:25:42
返信フォームへ 
CCログ
Acer Backup Manager NTI Corporation 2011/04/21 3.0.0.85
Acer Crystal Eye Webcam CyberLink Corp. 2011/05/06 1.0.1510
Acer ePower Management Acer Incorporated 2011/05/06 6.00.3006
Acer eRecovery Management Acer Incorporated 2011/04/21 5.00.3002
Acer ScreenSaver Acer Incorporated 1.1.1130.2010
Acrobat.com Adobe Systems Incorporated 2011/04/21 1.60 MB 1.6.65
Adobe Photoshop Elements 9 Adobe Systems Incorporated 2011/08/04 9.0
Adobe Reader XI (11.0.11) - Japanese Adobe Systems Incorporated 2015/05/14 205 MB 11.0.11
Apple Application Support(32 ビット) Apple Inc. 2015/04/15 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/04/15 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/04/15 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/10/26 2.38 MB 2.1.3.127
Autodesk Backburner 2012.0.0 Autodesk, Inc. 2011/08/02 12.9 MB 2012.0.0
Autodesk DirectConnect 2012 32-bit Autodesk 2011/08/02 6.0.432.0
Autodesk MatchMover 2012 32-bit Autodesk 2011/08/02 114 MB 14.00.0000
Autodesk SketchBook Copic Edition Autodesk 2012/05/15 50.8 MB 1.00.0000
Baidu The Desktop Weather 1.1 Baidu Japan Inc. 1.1.1.13
Bonjour Apple Inc. 2015/02/16 2.04 MB 3.0.0.10
Broadcom Card Reader Driver Installer Broadcom Corporation 2011/04/21 2.76 MB 14.6.1.2
Broadcom Gigabit NetLink Controller Broadcom Corporation 2011/04/21 496 KB 14.6.1.2
BUFFALO エアステーション設定ツール BUFFALO INC. 2011/07/01 2.0.5
BUFFALO クライアントマネージャV BUFFALO INC.
CCleaner Piriform 5.02
clear.fi CyberLink Corp. 2011/05/06 1.0.1422.00
clear.fi Client Acer Incorporated 2011/05/06 1.00.3008
COMICART CG illust 4.06 Plus DEMO SE Inc. 2012/01/10 2.99 MB 04.06.0003
ComicStudioEX 4.0 CELSYS 2012/01/11 104 MB 4.6.00
Composite 2012 Autodesk 2011/08/02 332 MB 7.0.0
CoreAAC
Download Manager Packages
File Scavenger 3.2 (Japanese) QueTek Consulting Corporation 2011/11/03 3.2.21.0
Google Chrome Google Inc. 2015/05/24 43.0.2357.124
Intel(R) Control Center Intel Corporation 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 8.15.10.2342
Intel(R) Rapid Storage Technology Intel Corporation 10.0.0.1046
iTunes Apple Inc. 2015/04/15 233 MB 12.1.2.27
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/05/14 4.5.51209
Microsoft Office 2010 Microsoft Corporation 14.0.7015.1000
Microsoft Office ナビ 2010 Microsoft Corporation 2013/12/14 16.9 MB 14.0.7015.1000
Microsoft Security Essentials Microsoft Corporation 2015/05/14 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/05/14 447 MB 5.1.40416.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/04/21 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2011/08/02 2.62 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/06/27 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/01 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2011/04/21 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/08/02 222 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/30 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 10.0.50903
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2015/04/07 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2015/04/07 1.33 MB 4.20.9876.0
MyWinLocker Suite Egis Technology Inc. 2011/04/21 4.0.14.11
NTI Media Maker 9 NTI Corporation 2011/05/06 9.0.2.8942
NVIDIA PhysX Plug-in for Autodesk Maya 2012 32 bit NVIDIA Corporation 2011/08/02 147 MB 2.60.0216.1828
NW-E050 WALKMAN Guide Sony Corporation 2011/12/19 388 KB 2.1.0.17210
PC SpeedScan Pro Ascentive 8.2.3
RadioLine Free Coderium 2012/10/17
RPGツクールVX Ace RTP Enterbrain 2013/05/30 1.00
shopperz 2.0.0.456 shopperz 2015/02/09 2.0.0.456
Skype Click to Call Skype Technologies S.A. 2013/09/20 22.5 MB 6.9.12585
Sony Media Library Earth 8.0.00 Sony Corporation 2013/05/30 8.0.00.10191
Synaptics Pointing Device Driver Synaptics Incorporated 15.1.6.0
Welcome Center Acer Incorporated 1.02.3102
Windows Live Essentials Microsoft Corporation 2011/04/21 15.4.3508.1109
x-アプリ 5.0.01 Sony Corporation 2013/05/30 9.0.01
Yahoo!ツールバー Yahoo! JAPAN. 7.3.0.12
♪超録 - パソコン長時間録音機 フリーウェア版
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.0 インテル 2011/05/06 27.5 MB 2.0.82.0
ペイントツールSAI Ver.1
  • 2015/06/22 (Mon) 22:27:19
返信フォームへ 
HJTログ
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:11:26, on 2015/06/22
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files\shopperz\wrex.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\mina\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del869162066] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del955569553] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del1041969225] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del32416742] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del118921387] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del205230609] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del291622403] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del379863370] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Del464419952] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {7BD15D9F-7684-48AE-888E-46AF1CAEDB2E} (MILU Download Class) - http://www.milu.jp/MILU.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (file missing)
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Mobile Phone Align (xiwujebi) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\nsb3154.tmpfs (file missing)

--
End of file - 12097 bytes
  • 2015/06/22 (Mon) 22:28:38
返信フォームへ 
やはり多数見つかってます
おはようございます。
各ログも見せてもらいました。

>強制的なページ移行等は、IE、Chromeともに出ます。
>どっちを使っても同じ、という印象です。

はい、ではまた説明をよんでから続きの作業をお願いします。

PCをセーフモードで、GUを使って下記をアンインストールしてください。うまく削除できないときは「エントリの削除」で強制削除してみてください。
>Baidu The Desktop Weather 1.1 Baidu Japan Inc. 1.1.1.13

>shopperz 2.0.0.456 shopperz 2015/02/09 2.0.0.456

次にセーフモードのままHJTでスキャンして、表示された中の下記をfixです。
>O4 - HKUS\S-1-5-18\..\RunOnce: [Del869162066] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del955569553] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del1041969225] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del32416742] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del118921387] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del205230609] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del291622403] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del379863370] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O4 - HKUS\S-1-5-18\..\RunOnce: [Del464419952] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User 'SYSTEM')

>O9 - Extra button: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)

>O9 - Extra 'Tools' menuitem: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)

PCを通常モードで再起動したら、今度はCC起動して「スケジュールされたタスク」内の下記を「エントリの削除」です。
>有効 Task BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} Baidu C:\Program Files (x86)\baidu\update\baidujp_update.exe -Update

>有効 Task PC SpeedScan Pro@Logon C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m

>有効 Task PC SpeedScan Pro_Aspire5750@mina C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe

>有効 Task WeatherTool_start_schedule_task Baidu Online Network Technology (Beijing)Co., Ltd C:\Program Files (x86)\WeatherTool\1.1.1.13\InstallHelper.exe -start

ここまでできたらまた一度PC再起動後、しばらく様子見したあとにCCでスケジュールタブのログとインストール情報ログとHJTログを取り直して、それらを状態報告とともにレスください
  • 悪代官
  • 2015/06/23 (Tue) 08:17:10
返信フォームへ 
CCスケジュールログ
随分と間が空いてしまいました、すみません。
CCのスケジュールログです。

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task AdobeAAMUpdater-1.0-Aspire5750-mina Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program
Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task RealUpgradeLogonTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
有効 Task RealUpgradeScheduledTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
有効 Task {1420EB0C-42D4-4CD2-911F-5BBE3F7BEC6D} Microsoft Corporation "c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.115/ja/go/help.faq.installer?LastError=1618
有効 Task {E133FC02-608C-4985-9C10-FC19F41CF866} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\Uninstall.exe" -c "C:\Program Files
(x86)\Acer GameZone\Bejeweled 2 Deluxe\install.log"
  • 2016/03/30 (Wed) 00:51:14
返信フォームへ 
CCインストールログ
続きまして、インストールログです。

Acer Backup Manager NTI Corporation 2011/04/21 336 MB 3.0.0.85
Acer Crystal Eye Webcam CyberLink Corp. 2011/05/06 33.7 MB 1.0.1510
Acer ePower Management Acer Incorporated 2011/05/06 6.00.3006
Acer eRecovery Management Acer Incorporated 2011/04/21 5.00.3002
Acer ScreenSaver Acer Incorporated 2011/05/06 1.1.1130.2010
Acrobat.com Adobe Systems Incorporated 2011/04/21 1.60 MB 1.6.65
Adobe Flash Player 21 ActiveX Adobe Systems Incorporated 2016/03/11 9.95 MB 21.0.0.182
Adobe Photoshop Elements 9 Adobe Systems Incorporated 2011/08/04 2.60 GB 9.0
Adobe Reader XI (11.0.14) - Japanese Adobe Systems Incorporated 2016/01/13 205
MB 11.0.14
Advanced Calendar 2.0 Baidu Japan Inc. 2015/09/30 2.0.0.10741
Apple Application Support(32 ビット) Apple Inc. 2015/12/08 114 MB 4.1
Apple Application Support(64 ビット) Apple Inc. 2015/12/08 128 MB 4.1
Apple Mobile Device Support Apple Inc. 2015/12/08 28.0 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/12/08 2.39 MB 2.1.4.131
Autodesk Backburner 2012.0.0 Autodesk, Inc. 2011/08/02 12.9 MB 2012.0.0
Autodesk DirectConnect 2012 32-bit Autodesk 2011/08/02 6.0.432.0
Autodesk MatchMover 2012 32-bit Autodesk 2011/08/02 114 MB 14.00.0000
Autodesk SketchBook Copic Edition Autodesk 2012/05/15 50.8 MB 1.00.0000
Bandisoft MPEG-1 Decoder Bandisoft.com 2015/09/30
Bonjour Apple
Inc. 2015/12/08 2.01 MB 3.1.0.1
BUFFALO エアステーション設定ツール BUFFALO INC. 2011/07/01 2.84 MB 2.0.5
BUFFALO クライアントマネージャV BUFFALO INC. 2011/07/01
CCleaner Piriform 2015/02/09 5.02
clear.fi CyberLink Corp. 2011/05/06 127 MB 1.0.1422.00
clear.fi Client Acer Incorporated 2011/05/06 1.00.3008
COMICART CG illust 4.06 Plus DEMO SE Inc. 2012/01/10 2.99 MB 04.06.0003
ComicStudioEX 4.0 CELSYS 2012/01/11 104 MB 4.6.00
Composite 2012 Autodesk 2011/08/02 332 MB 7.0.0
CoreAAC 2013/03/15
Download Manager Packages 2015/04/05
File Scavenger 3.2 (Japanese) QueTek Consulting Corporation 2011/11/03 2.08 MB 3.2.21.0
Google Chrome Google
Inc. 2015/05/24 49.0.2623.87
Intel(R) Control Center Intel Corporation 2011/05/06 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/11/05 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 2012/11/05 8.15.10.2342
Intel(R) Rapid Storage Technology Intel Corporation 2012/11/05 10.0.0.1046
iTunes Apple Inc. 2015/12/08 218 MB 12.3.1.23
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/27 2.93 MB 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/02/09 38.8 MB 4.5.51209
Microsoft Office 2010 Microsoft Corporation 2013/12/14 14.0.7015.1000
Microsoft Office ナビ 2010 Microsoft Corporation 2013/12/14 16.9 MB 14.0.7015.1000
Microsoft Security
Essentials Microsoft Corporation 2015/05/14 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/08/13 497 MB 5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/04/21 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2011/06/30 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/06/27 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/01 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2011/04/21 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/08/02 222
KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/30 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/04/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/06/03 17.3 MB 11.0.61030.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft
Corporation 2015/02/13 10.0.50903
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2015/04/07 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2015/04/07 1.33 MB 4.20.9876.0
MyWinLocker Suite Egis Technology Inc. 2011/04/21 2.59 MB 4.0.14.11
NTI Media Maker 9 NTI Corporation 2011/05/06 1.60 GB 9.0.2.8942
NVIDIA PhysX Plug-in for Autodesk Maya 2012 32 bit NVIDIA Corporation 2011/08/02 147 MB 2.60.0216.1828
NW-E050 WALKMAN Guide Sony Corporation 2011/12/19 388 KB 2.1.0.17210
PC SpeedScan Pro Ascentive 2015/04/05 8.2.3
RadioLine Free Coderium 2012/10/17
RPGツクールVX Ace RTP Enterbrain 2013/05/30 194 MB 1.00
Sony Media Library Earth 8.0.00 Sony Corporation 2013/05/30 46.3
MB 8.0.00.10191
Synaptics Pointing Device Driver Synaptics Incorporated 2011/05/06 46.4 MB 15.1.6.0
Treasure Track Treasure Track 2015/09/30 971 KB 2.0.5751.8479
Welcome Center Acer Incorporated 2011/05/06 1.02.3102
Windows Live Essentials Microsoft Corporation 2011/04/21 15.4.3508.1109
x-アプリ 5.0.01 Sony Corporation 2013/05/30 87.8 MB 9.0.01
Yahoo!ツールバー Yahoo! JAPAN. 2011/11/08 7.3.0.12
♪超録 - パソコン長時間録音機 フリーウェア版 2014/09/09
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.0 インテル 2011/05/06 27.5 MB 2.0.82.0
ペイントツールSAI Ver.1 2013/05/19
  • 2016/03/30 (Wed) 00:52:55
返信フォームへ 
HJTのログです。
最後にHJTのログです。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:21:46, on 2016/03/30
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Safe mode
Running processes:
C:\Users\mina\Desktop\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Treasure Track - {1ef422df-c387-4f0d-88d1-b75bdfd51013} - C:\Program Files (x86)\Treasure Track\Extensions\1ef422df-c387-4f0d-88d1-b75bdfd51013.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec
MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
(User &#39;LOCAL SERVICE&#39;)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User &#39;LOCAL SERVICE&#39;)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User &#39;NETWORK SERVICE&#39;)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User &#39;NETWORK SERVICE&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User &#39;SYSTEM&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [Del118921387] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User &#39;SYSTEM&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [Del205230609] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User &#39;SYSTEM&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [Del291622403] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User &#39;SYSTEM&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [Del379863370] cmd.exe /Q /D /c del "C:\Windows\TEMP\0.del" (User &#39;SYSTEM&#39;)
O4 - HKUS\S-1-5-18\..\RunOnce: [Del464419952] cmd.exe /Q /D /c del
"C:\Windows\TEMP\0.del" (User &#39;SYSTEM&#39;)
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User &#39;Default user&#39;)
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra &#39;Tools&#39; menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra &#39;Tools&#39; menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra &#39;Tools&#39; menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O9 - Extra &#39;Tools&#39; menuitem: Woopie Video DeskTop - {4907A6EA-67FC-4466-83A0-FCDEF915A820} - C:\Users\mina\Desktop\Woopie Video DeskTop\geturl3.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program
files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {7BD15D9F-7684-48AE-888E-46AF1CAEDB2E} (MILU Download Class) - http://www.milu.jp/MILU.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo
Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (file missing)
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown
owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service:
FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
(file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Photoshop Elements
Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr TreasureTrack - Unknown owner - C:\ProgramData\59afa7b8-54e5-4124-8be7-716a905c1142\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony
Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: The Calendar Service (TheCalendarService) - Unknown owner - C:\Program Files (x86)\CalendarTool\2.0.0.10741\CalendarServ.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr TreasureTrack -
Unknown owner - C:\Program Files (x86)\Common Files\59afa7b8-54e5-4124-8be7-716a905c1142\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Mobile
Phone Align (xiwujebi) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\nsb3154.tmpfs (file missing)
--
End of file - 12007 bytes

なんだか以前より悪化してるような気もします。
  • 2016/03/30 (Wed) 00:54:17
返信フォームへ 
長期間の間に悪化。できればリカバリが確実ですが
こんばんは。
お久しぶりです。

9か月ぶりのログも見せてもらいましたが、

>なんだか以前より悪化してるような気もします。

はい、はっきりと悪化してますね。
お忙しかったせいで作業とレスできなかったのは仕方ないでしょうが、その間にまたよくないモノも入ってます。

現在のログでもまだ見えないモノが入り込んでいる疑いも十分あるので、こうなると安全優先のうえでは一度PCのリカバリするのが確実でしょうね。

ここからまた解析と作業に取り組んで解決を目指すなら自分もできるかぎり協力しますが、ここからの作業は以前より難度と、解決できる望みのうえで厳しくなったことは覚悟してください。
これ以上の時間浪費は避けたいとか、または作業に自信ないなら必要なデータのバックアップ後に速やかにPCのリカバリするのが安全です。

リカバリの場合はそのあとWindowsUpdateやセキュリティソフト等も最新まで更新のあと、そこでまたHJTとCCでのインストール情報と各タブのログも取り直して、それらをレスで見せてください。

リカバリせずに続きの作業を目指すなら、CCで「スケジュール」以外の各タブのログもとってからそれも追加で見せてください。
それらを見たうえで調べてみましょう。
  • 悪代官
  • 2016/03/30 (Wed) 20:50:17
返信フォームへ 
CCインストールログ
Acer Backup Manager NTI Corporation 2011/04/21 336 MB 3.0.0.85
Acer Crystal Eye Webcam CyberLink Corp. 2011/05/06 33.7 MB 1.0.1510
Acer ePower Management Acer Incorporated 2011/05/06 6.00.3006
Acer eRecovery Management Acer Incorporated 2011/04/21 5.00.3002
Acer ScreenSaver Acer Incorporated 2011/05/06 1.1.1130.2010
Acrobat.com Adobe Systems Incorporated 2011/04/21 1.60 MB 1.6.65
Adobe Flash Player 21 ActiveX Adobe Systems Incorporated 2016/03/31 4.45 MB 21.0.0.197
Adobe Photoshop Elements 9 Adobe Systems Incorporated 2011/08/04 2.60 GB 9.0
Adobe Reader XI (11.0.14) - Japanese Adobe Systems Incorporated 2016/01/13 205 MB 11.0.14
Advanced Calendar 2.0 Baidu Japan Inc. 2015/09/30 2.0.0.10741
Apple Application Support(32 ビット) Apple Inc. 2015/12/08 114 MB 4.1
Apple Application Support(64 ビット) Apple Inc. 2015/12/08 128 MB 4.1
Apple Mobile Device Support Apple Inc. 2015/12/08 28.0 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/12/08 2.39 MB 2.1.4.131
Autodesk Backburner 2012.0.0 Autodesk, Inc. 2011/08/02 12.9 MB 2012.0.0
Autodesk DirectConnect 2012 32-bit Autodesk 2011/08/02 6.0.432.0
Autodesk MatchMover 2012 32-bit Autodesk 2011/08/02 114 MB 14.00.0000
Autodesk SketchBook Copic Edition Autodesk 2012/05/15 50.8 MB 1.00.0000
Bandisoft MPEG-1 Decoder Bandisoft.com 2015/09/30
Bonjour Apple Inc. 2015/12/08 2.01 MB 3.1.0.1
BUFFALO エアステーション設定ツール BUFFALO INC. 2011/07/01 2.84 MB 2.0.5
BUFFALO クライアントマネージャV BUFFALO INC. 2011/07/01
CCleaner Piriform 2015/02/09 5.02
clear.fi CyberLink Corp. 2011/05/06 127 MB 1.0.1422.00
clear.fi Client Acer Incorporated 2011/05/06 1.00.3008
COMICART CG illust 4.06 Plus DEMO SE Inc. 2012/01/10 2.99 MB 04.06.0003
ComicStudioEX 4.0 CELSYS 2012/01/11 104 MB 4.6.00
Composite 2012 Autodesk 2011/08/02 332 MB 7.0.0
CoreAAC 2013/03/15
Download Manager Packages 2015/04/05
File Scavenger 3.2 (Japanese) QueTek Consulting Corporation 2011/11/03 2.08 MB 3.2.21.0
Google Chrome Google Inc. 2015/05/24 49.0.2623.110
Intel(R) Control Center Intel Corporation 2011/05/06 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2012/11/05 7.0.0.1144
Intel(R) Processor Graphics Intel Corporation 2012/11/05 8.15.10.2342
Intel(R) Rapid Storage Technology Intel Corporation 2012/11/05 10.0.0.1046
iTunes Apple Inc. 2015/12/08 218 MB 12.3.1.23
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/02/09 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2016/04/02 2.93 MB 4.5.51209
Microsoft Office 2010 Microsoft Corporation 2013/12/14 14.0.7015.1000
Microsoft Office ナビ 2010 Microsoft Corporation 2013/12/14 16.9 MB 14.0.7015.1000
Microsoft Security Essentials Microsoft Corporation 2016/04/02 4.9.218.0
Microsoft Silverlight Microsoft Corporation 2016/04/02 547 MB 5.1.41212.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/04/21 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2011/06/30 300 KB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/06/27 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/01 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2011/04/21 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2011/08/02 222 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2011/06/30 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2014/04/19 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2014/06/03 17.3 MB 11.0.61030.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2015/04/07 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2015/04/07 1.33 MB 4.20.9876.0
MyWinLocker Suite Egis Technology Inc. 2011/04/21 2.59 MB 4.0.14.11
NTI Media Maker 9 NTI Corporation 2011/05/06 1.60 GB 9.0.2.8942
NVIDIA PhysX Plug-in for Autodesk Maya 2012 32 bit NVIDIA Corporation 2011/08/02 147 MB 2.60.0216.1828
NW-E050 WALKMAN Guide Sony Corporation 2011/12/19 388 KB 2.1.0.17210
PC SpeedScan Pro Ascentive 2015/04/05 8.2.3
RadioLine Free Coderium 2012/10/17
RPGツクールVX Ace RTP Enterbrain 2013/05/30 194 MB 1.00
Sony Media Library Earth 8.0.00 Sony Corporation 2013/05/30 46.3 MB 8.0.00.10191
Synaptics Pointing Device Driver Synaptics Incorporated 2011/05/06 46.4 MB 15.1.6.0
Treasure Track Treasure Track 2015/09/30 971 KB 2.0.5751.8479
Welcome Center Acer Incorporated 2011/05/06 1.02.3102
Windows Live Essentials Microsoft Corporation 2011/04/21 15.4.3508.1109
x-アプリ 5.0.01 Sony Corporation 2013/05/30 87.8 MB 9.0.01
Yahoo!ツールバー Yahoo! JAPAN. 2011/11/08 7.3.0.12
♪超録 - パソコン長時間録音機 フリーウェア版 2014/09/09
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.0 インテル 2011/05/06 27.5 MB 2.0.82.0
ペイントツールSAI Ver.1 2013/05/19
  • 2016/04/02 (Sat) 22:47:50
返信フォームへ 
Windows ログとinternetログ
windows log

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run ArcadeMovieService CyberLink Corp. "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run EgisTecPMMUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
有効 HKLM:Run EgisUpdate Egis Technology Inc. "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IME14 JPN Setup Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe


internet log

無効 Extension OneNote に送る Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
無効 Extension OneNote に送る Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
無効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
無効 Extension OneNote リンク ノート(K) Microsoft Corporation C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
無効 Extension Skype Click to Call Skype Technologies S.A. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
無効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
有効 Helper Treasure Track Anything or Nothing C:\Program Files (x86)\Treasure Track\Extensions\1ef422df-c387-4f0d-88d1-b75bdfd51013.dll
  • 2016/04/02 (Sat) 22:57:09
返信フォームへ 
グーグルとコンテキストログ
google log

有効 App Gmail 8.1 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1
有効 App Google ドライブ 14.1 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Google オフライン ドキュメント 1.4 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1
有効 Extension Google スライド 0.9 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1
有効 Extension Google ドキュメント 0.9 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1
無効 Extension Skype Click to Call 6.9.0.12585 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
有効 Extension Treasure Track 1.0.5750.35675 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocmpkddncdfcgaofacpenlcfkdaeoekk\1.0.5750.35675_0

スケジュールログ

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task AdobeAAMUpdater-1.0-Aspire5750-mina Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task RealUpgradeLogonTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
有効 Task RealUpgradeScheduledTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
有効 Task {05E2368C-ABDB-4B42-B4AD-23199D38EF9D} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\mina\Desktop\HijackThis.exe -d C:\Users\mina\Desktop
有効 Task {1420EB0C-42D4-4CD2-911F-5BBE3F7BEC6D} Microsoft Corporation "c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.115/ja/go/help.faq.installer?LastError=1618
有効 Task {E133FC02-608C-4985-9C10-FC19F41CF866} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Bejeweled 2 Deluxe\install.log"

コンテキスト

有効 Directory SHAREit.FileContextMenuExt C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File SHAREit.FileContextMenuExt C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
  • 2016/04/02 (Sat) 22:58:22
返信フォームへ 
HJTログ
HJT log

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:44:22, on 2016/04/02
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)

Boot mode: Normal
Running processes:
C:\Program Files\shopperz\wrex.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\ProgramData\59afa7b8-54e5-4124-8be7-716a905c1142\plugins\3\plugin.exe
C:\ProgramData\59afa7b8-54e5-4124-8be7-716a905c1142\plugins\12\plugin.exe
C:\ProgramData\59afa7b8-54e5-4124-8be7-716a905c1142\plugins\7\plugin.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE
C:\Users\mina\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Treasure Track - {1ef422df-c387-4f0d-88d1-b75bdfd51013} - C:\Program Files (x86)\Treasure Track\Extensions\1ef422df-c387-4f0d-88d1-b75bdfd51013.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {7BD15D9F-7684-48AE-888E-46AF1CAEDB2E} (MILU Download Class) - http://www.milu.jp/MILU.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe (file missing)
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr TreasureTrack - Unknown owner - C:\ProgramData\59afa7b8-54e5-4124-8be7-716a905c1142\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: The Calendar Service (TheCalendarService) - Unknown owner - C:\Program Files (x86)\CalendarTool\2.0.0.10741\CalendarServ.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr TreasureTrack - Unknown owner - C:\Program Files (x86)\Common Files\59afa7b8-54e5-4124-8be7-716a905c1142\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Mobile Phone Align (xiwujebi) - Unknown owner - C:\Users\mina\AppData\Roaming\VOPackage\nsb3154.tmpfs (file missing)
--
End of file - 12157 bytes
  • 2016/04/02 (Sat) 22:59:56
返信フォームへ 
では再度処置していきましょう
作業と報告、ご苦労様です。
各ログも見せていただきましたが、やはり色々見つかってますね。

ではまずリカバリせずに再度作業で解決を目指すということで進めますか。
ですがこのあとの解析で更に深刻な状態と見えたらそこでリカバリ選択になる可能性も承知しておいてください。

以下の説明に沿って作業をお願いします。

GUを使って下記をアンインストール推奨です。
Adobe Reader XI (11.0.14) - Japanese Adobe Systems Incorporated 2016/01/13 205 MB 11.0.14

次にセーフモードでまたGUを使って、下記をアンインストール。
Advanced Calendar 2.0 Baidu Japan Inc. 2015/09/30 2.0.0.10741
Bandisoft MPEG-1 Decoder Bandisoft.com 2015/09/30
Download Manager Packages 2015/04/05
PC SpeedScan Pro Ascentive 2015/04/05 8.2.3

PCを通常モードで再起動したらCCを使って各タブ内の下記をそれぞれ「無効」「エントリの削除」してください。
「IE」タブ
有効 Helper Treasure Track Anything or Nothing C:\Program Files (x86)\Treasure Track\Extensions\1ef422df-c387-4f0d-88d1-b75bdfd51013.dll

「Chrome」タブ
有効 Extension Treasure Track 1.0.5750.35675 Default C:\Users\mina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocmpkddncdfcgaofacpenlcfkdaeoekk\1.0.5750.35675_0

「スケジュール」タブ
有効 Task RealUpgradeLogonTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck
有効 Task RealUpgradeScheduledTaskS-1-5-21-3550251776-2451250284-1976259649-1001 C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck

ここまでできたら先にも使ったはずのMBAMとACを再度準備して、それでスキャンです。
スキャンで見つかったものがあればそれも処置してください。

このあと一度PC再起動後、各ブラウザを順番に起動してしばらく様子見後、そこでHJTログと、CCでインストール情報と各タブのログも取り直して、それらをMBAMとACのログも添えて、状態報告とともにレスください
  • 悪代官
  • 2016/04/03 (Sun) 06:00:19
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック