悪代官の伏魔殿掲示板
Firefoxでのマルウェア
初めまして
Firefoxを使用していると何度か広告などが出て、そのたびにアドオン?が入っており、それを消すというイタチごっこをしておりましたが本格的になんとかしたいと思い、ご相談させていただきます

Ads by MinimumPriceという広告や、ソフトのバージョーンが古いので更新してくださいと言ったメッセージがでたり、画像のように特定の単語にリンクが作られると言った状況です

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:55:46, on 2015/04/15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)

FIREFOX: 37.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\Program Files (x86)\Jane Style\Jane2ch.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\Triple Y\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: NewwSAVer - {1fff048a-ac06-4304-8504-048c86d19cd1} - C:\Program Files (x86)\NewwSAVer\pKhUEoEsxnDzh6.dll
O2 - BHO: RReGulaRDeals - {42cce0e4-edf2-466f-a947-769a15152d47} - C:\Program Files (x86)\RReGulaRDeals\rjssWSTfTW2frM.dll
O2 - BHO: NeeettOCoupon - {79cc713d-e4d6-4c1e-a443-895670363dcf} - C:\Program Files (x86)\NeeettOCoupon\WboQuPRT1FUiFv.dll
O2 - BHO: RandomPrrice - {9b5d2f42-2a1e-460c-8d49-99e77bd2131b} - C:\Program Files (x86)\RandomPrrice\PJgd1JPRYoMgRh.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10188 bytes





7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Flash Player 16 ActiveX Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/07 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/20 203 MB 11.0.10
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BlockIt Ad remover BlockIt Ad remover 2014/02/22
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2014/03/22
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 40 (64-bit) Oracle 2013/09/15 118 MB 7.0.400
Java 7 Update 71 Oracle 2014/10/23 119 MB 7.0.710
Java 8 Update 11 (64-bit) Oracle Corporation 2015/02/05 129 MB 8.0.110
Lhaplus 2014/10/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/05 83.4 MB 37.0.1
Mozilla Maintenance Service Mozilla 2014/05/11 341 KB 29.0.1
MuionimumPPrice "" 2015/04/14
NewwSAVer "" 2015/04/14
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice.org 3.4.1 Apache Software Foundation 2013/07/14 312 MB 3.41.9593
Pixia Isao Maruoka 2014/01/06 4.80d
PrettyPrint "" 2015/04/14
ReactorTurbo Software Publisher 2014/03/18
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
RReGulaRDeals "" 2015/04/14
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Skype(TM) 7.0 Skype Technologies S.A. 2014/12/27 48.1 MB 7.0.102
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4

以上ですよろしくお願いいたします。
  • ドのつく素人
  • 2015/04/15 (Wed) 01:10:40
返信フォームへ 
MarkIt系アドウェアですね
こんばんは、IVNOと申します。
MarkIt系のアドウェア感染ですね。
あとは旧バージョンソフトウェアが入っていますので、そちらの更新も必要になってくるでしょう。
まずは更新と削除から行いましょう。

それでは作業準備を行いましょう。

まずはじめに連絡事項がございます。
相談いただいてから回答できるまでに、毎回1日かそれ以上かかる可能性もございます。
ご不便をおかけいたしますが、ご理解とご協力を賜りますよう、お願い申し上げます。
また、回答者側から「解決」と通達があるまで、駆除作業は続いております。
そのため、途中でPCの状況が良くなったかのように感じたからと言って、解決のご案内を待たずして作業を中断なされると、
高確率で再発しているのが現状で、再発時にこちらにお戻りになられる方が続出しております。
回答者から「解決」と「自衛策」の案内があるまでは、作業を続けるようにしてください。

それでは以下の説明を熟読し、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のソフトウェアをダウンロードしろと勧めてくるような広告も出てくる可能性がありますが、
それらは絶対にクリックしないでください。

GeekUninstaller(通称:Geek)
ダウンロード
http://www.geekuninstaller.com/geek.zip
ファイル直リンクです。zipファイルですので使用前に展開してください。
削除の際はそのままごみ箱に処分してください。
解説
http://www.gigafree.net/system/install/geekuninstaller.html

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードするようにしましょう。
なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
削除の際はGeekなどでアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【操作次第ではWindowsが動作しなくなる可能性もある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、こちらが指示した以外の操作はしないようにしてください。

準備できたら作業を開始しましょう。

以降の駆除作業でトラブルが発生しても直ちに復旧できるよう、システムの復元ポイントを手動で作成しましょう。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point
しかし、システムの復元はPCにかなりのダメージを与えますので、できれば使わないほうが望ましいです。
システムの復元が必要のない、慎重な作業を心がけましょう。

PCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Windows 8または8.1の方は以下を参考になされてください。
http://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=015917
HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、
こちらが指示した以外のものは絶対にチェックを入れないでください。

O2 - BHO: NewwSAVer - {1fff048a-ac06-4304-8504-048c86d19cd1} - C:\Program Files (x86)\NewwSAVer\pKhUEoEsxnDzh6.dll
O2 - BHO: RReGulaRDeals - {42cce0e4-edf2-466f-a947-769a15152d47} - C:\Program Files (x86)\RReGulaRDeals\rjssWSTfTW2frM.dll
O2 - BHO: NeeettOCoupon - {79cc713d-e4d6-4c1e-a443-895670363dcf} - C:\Program Files (x86)\NeeettOCoupon\WboQuPRT1FUiFv.dll
O2 - BHO: RandomPrrice - {9b5d2f42-2a1e-460c-8d49-99e77bd2131b} - C:\Program Files (x86)\RandomPrrice\PJgd1JPRYoMgRh.dll

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
上記のFixが完了したら、Geek起動させ、以下を削除してください。

BlockIt Ad remover BlockIt Ad remover 2014/02/22
Java 7 Update 40 (64-bit) Oracle 2013/09/15 118 MB 7.0.400
Java 7 Update 71 Oracle 2014/10/23 119 MB 7.0.710
Java 8 Update 11 (64-bit) Oracle Corporation 2015/02/05 129 MB 8.0.110
MuionimumPPrice "" 2015/04/14
NewwSAVer "" 2015/04/14
PrettyPrint "" 2015/04/14
ReactorTurbo Software Publisher 2014/03/18
RReGulaRDeals "" 2015/04/14

ダブルクリックで削除できます。
削除が完了したら自動的にスキャンが始まりますので、検出されたごみすべてにチェックを入れてOKを押してください。
Geekでのアンインストールが完了しましたらGeekを終了させ、PCを通常モードで再起動させてください。
再起動が完了しましたら、HJTのログ、CCのインストール情報ログを再取得し、
それらを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/15 (Wed) 04:53:43
返信フォームへ 
Re: Firefoxでのマルウェア
削除するまではできたのですが、その後の自動スキャンが始まりませんでした

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:58:14, on 2015/04/15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Triple Y\Desktop\削除関係\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8221 bytes


7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Flash Player 16 ActiveX Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/07 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/20 203 MB 11.0.10
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2014/03/22
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 40 (64-bit) 2013/07/11
Java 7 Update 71 2013/07/11
Java 8 Update 11 (64-bit) 2013/07/11
Lhaplus 2014/10/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/05 83.4 MB 37.0.1
Mozilla Maintenance Service Mozilla 2014/05/11 341 KB 29.0.1
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice.org 3.4.1 Apache Software Foundation 2013/07/14 312 MB 3.41.9593
Pixia Isao Maruoka 2014/01/06 4.80d
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Skype(TM) 7.0 Skype Technologies S.A. 2014/12/27 48.1 MB 7.0.102
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4

よろしくお願いします
  • ドのつく素人
  • 2015/04/15 (Wed) 22:03:04
返信フォームへ 
ソフトウェアの更新を行いましょう
ログを確認いたしましたが、旧バージョンソフトウェアが残っております。
こちらの削除と更新を行いましょう。
以下のソフトウェアは旧バージョンとなっております。

Adobe Flash Player 16 ActiveX Adobe Systems Incorporated 2015/02/05 6.00 MB 16.0.0.305
Adobe Flash Player 16 NPAPI Adobe Systems Incorporated 2015/02/07 6.00 MB 16.0.0.305
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/20 203 MB 11.0.10
Java 7 Update 40 (64-bit) 2013/07/11
Java 7 Update 71 2013/07/11
Java 8 Update 11 (64-bit) 2013/07/11
Skype(TM) 7.0 Skype Technologies S.A. 2014/12/27 48.1 MB 7.0.102

上書き更新ができないものはJavaだけですので、Java以外は上書き更新を行いましょう。
PCは通常モードのままで結構ですので、まずはGeekを用いてJavaをすべて削除なされてください。
その後以下のURLから最新バージョンをインストールなされてください。

Adobe Flash Player 17
https://get2.adobe.com/jp/flashplayer/
オプションのプログラムの部分は必ずチェックを外してからダウンロードしてください。

Adobe Acrobat Reader DC
https://get.adobe.com/reader/?loc=jp
オプションのプログラムの部分は必ずチェックを外してからダウンロードしてください。

Java 8 Update 45
https://java.com/ja/download/
インストール途中で出てくるAskツールバーは、駆除対象ソフトウェアです。
チェックを必ず外してからインストールしてください。

Skype 7.3
http://www.skype.com/ja/download-skype/skype-for-computer/

上記ソフトウェアの更新が終わりましたら、再度HJTのログ、CCのインストール情報ログを再取得し、
それらを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/16 (Thu) 03:24:23
返信フォームへ 
Geekの一覧にjavaがありません
Geekの一覧にjavaがないのですがどうしたらよいのでしょうか?

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:18:40, on 2015/04/16
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Jane Style\Jane2ch.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Triple Y\Desktop\削除関係\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8069 bytes




7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Flash Player 17 ActiveX Adobe Systems Incorporated 2015/04/15 6.00 MB 17.0.0.169
Adobe Flash Player 17 NPAPI Adobe Systems Incorporated 2015/04/16 6.00 MB 17.0.0.169
Adobe Reader XI (11.0.10) - Japanese Adobe Systems Incorporated 2014/12/20 203 MB 11.0.10
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2014/03/22
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 40 (64-bit) 2013/07/11
Java 7 Update 71 2013/07/11
Java 8 Update 11 (64-bit) 2013/07/11
Lhaplus 2014/10/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/05 83.4 MB 37.0.1
Mozilla Maintenance Service Mozilla 2014/05/11 341 KB 29.0.1
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice.org 3.4.1 Apache Software Foundation 2013/07/14 312 MB 3.41.9593
Pixia Isao Maruoka 2014/01/06 4.80d
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Skype(TM) 7.0 Skype Technologies S.A. 2014/12/27 48.1 MB 7.0.102
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4
  • ドのつく素人
  • 2015/04/16 (Thu) 20:31:01
返信フォームへ 
Javaはコンパネからどうぞ
こんばんは。
本館管理人の悪代官という、ドのつく悪党です。
IVNOさんがご多忙なので自分が代わりのレスします。

画像も見せてもらいましたが、GUでJavaが表示されないとのことですね。
ではJavaはコントロールパネルからアンインストールをお願いします。
そのあとJavaが必要なら再度公式サイトから最新版をダウンロードしてインストールすればいいですが、不要なら入れなおしもしなくていいです。

これができたらまたIVNOさんの指示に沿って続きの作業とレスをどうぞ
  • 悪代官
  • 2015/04/16 (Thu) 20:45:59
返信フォームへ 
コントロールパネルにもありません
管理人様早速のレスありがとうございます
ドのつく悪党と名乗っているのに実はものすごく優しいのですね!


コントロールパネルにも無いのですが、どうしたらよいでしょうか?
  • ドのつく素人
  • 2015/04/16 (Thu) 21:01:02
返信フォームへ 
ではCCから強制削除を
>コントロールパネルにも無いのですが、どうしたらよいでしょうか?

ということは、現在JavaはCCでのインストール情報ログだけに出ている状態ですか?
ではJava自体は既に削除されている状態で、その残骸だけが残っているために名前も残っている状態でしょう。

それでは下記の確認と作業をお願いします。

まずPCは通常モードでいいので、CCを起動してインストール情報画面を開いてください。
そこでJavaが表示されていればそこを選択して「エントリの削除」してください。

CCではこの操作で、削除不全に陥ったアプリも強制削除することが可能なのです。
ですがこれでも削除できない場合もありますが、一応これを試したうえで、その結果をまた報告ください
  • 悪代官
  • 2015/04/16 (Thu) 21:43:46
返信フォームへ 
削除不可
>ということは、現在JavaはCCでのインストール情報ログだけに出ている状態ですか?
どうやらそのようです。

「エントリの削除」を行いましたが、3つとも「MSIインストーラは削除できません。」と表示されます
  • ドのつく素人
  • 2015/04/16 (Thu) 21:57:34
返信フォームへ 
ではJavaは飛ばして進めてください
早速の作業と報告、ご苦労様です。

>「エントリの削除」を行いましたが、3つとも「MSIインストーラは削除できません。」と表示されます

なるほど、またその表示になりましたか。
Javaは一度削除不全に陥るとその状態になることも多く、他の方の相談でも同様の削除不全は多発しているのです。

ただ前述のようにJava自体はもう消えているはずなので、とりあえずJavaはスルーして他の作業を進めてもらえますか。
先のIVNOさん指示に沿って、まだできていなかった部分の作業とログが取れたら、それをまたレスください
  • 悪代官
  • 2015/04/16 (Thu) 22:03:32
返信フォームへ 
念のため確認
なるほど、ありがとうございます

以下の4つをDLするということでよろしいでしょうか?
それともjava以外の3つをDLということでしょうか?

Adobe Flash Player 17
https://get2.adobe.com/jp/flashplayer/
オプションのプログラムの部分は必ずチェックを外してからダウンロードしてください。

Adobe Acrobat Reader DC
https://get.adobe.com/reader/?loc=jp
オプションのプログラムの部分は必ずチェックを外してからダウンロードしてください。

Java 8 Update 45
https://java.com/ja/download/
インストール途中で出てくるAskツールバーは、駆除対象ソフトウェアです。
チェックを必ず外してからインストールしてください。

Skype 7.3
http://www.skype.com/ja/download-skype/skype-for-computer/
  • ドのつく素人
  • 2015/04/16 (Thu) 22:19:36
返信フォームへ 
入れなおしの判断はお任せします
再インストールについての確認ですね。

確認された各アプリは必要なものなら再インストールでいいですが、不要なものは再インストールしなくていいです。
Java必要なら入れなおしでいいですし、判断はお任せします。
  • 悪代官
  • 2015/04/16 (Thu) 23:08:56
返信フォームへ 
再インストール完了しました
Skypeは使っていなかったのでアンインストールしました

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:45:58, on 2015/04/16
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\Program Files (x86)\Jane Style\Jane2ch.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Users\Triple Y\Desktop\削除関係\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8294 bytes




7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/04/16 190 MB 15.007.20033
Adobe Flash Player 17 ActiveX Adobe Systems Incorporated 2015/04/15 6.00 MB 17.0.0.169
Adobe Flash Player 17 NPAPI Adobe Systems Incorporated 2015/04/16 6.00 MB 17.0.0.169
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2014/03/22
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 71 2013/07/11
Java 8 Update 45 Oracle Corporation 2015/04/16 77.1 MB 8.0.450
Lhaplus 2014/10/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.1 (x86 ja) Mozilla 2015/04/05 83.4 MB 37.0.1
Mozilla Maintenance Service Mozilla 2014/05/11 341 KB 29.0.1
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice.org 3.4.1 Apache Software Foundation 2013/07/14 312 MB 3.41.9593
Pixia Isao Maruoka 2014/01/06 4.80d
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4

ログですよろしくお願いします。
  • ドのつく素人
  • 2015/04/16 (Thu) 23:48:54
返信フォームへ 
今度はACでスキャンを
作業と報告、ご苦労様です。
ログを見せてもらいました。
Javaは最新版を入れなおしたようなので、これはいいです。
ではまた説明に沿って続きの作業をお願いします。

下記アプリも旧バージョンなので、使うなら更新しておいてください。
OpenOffice.org 3.4.1 Apache Software Foundation 2013/07/14 312 MB 3.41.9593

今度は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

準備できたらここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

次にPCをセーフモード起動して、そこでACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

このあとしばらくPC状態を様子見した後、ACの作業後ログとともにPC状態報告をレスください
  • 悪代官
  • 2015/04/17 (Fri) 00:48:20
返信フォームへ 
削除完了
悪代官様
ありがとうございます

削除が終了しましたので、今月いっぱいは様子を見ようと思います。
一応ログ貼って起きます。


# AdwCleaner v4.201 - ログファイルの作成日 18/04/2015 作成時間 10:01:51
# 更新日 08/04/2015 作成元 Xplode
# データベース : 2015-04-08.1 [ローカル]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (x64)
# ユーザー名 : Triple Y - TRIPLEY-PC
# 実行場所 : C:\Users\Triple Y\Desktop\adwcleaner_4.201.exe
# オプション : 削除

***** [ サービス ] *****


***** [ ファイル / フォルダ ] *****

フォルダ 削除済み項目 : C:\ProgramData\AlluSaveer
フォルダ 削除済み項目 : C:\ProgramData\IisaeveRR
フォルダ 削除済み項目 : C:\ProgramData\3e9592ac0000621c
フォルダ 削除済み項目 : C:\ProgramData\757db02abb22af21
フォルダ 削除済み項目 : C:\ProgramData\cc9711ca00002316
フォルダ 削除済み項目 : C:\Program Files (x86)\AllCheapPrricoe
フォルダ 削除済み項目 : C:\Program Files (x86)\AlluSaveer
フォルダ 削除済み項目 : C:\Program Files (x86)\BUyNssave
フォルダ 削除済み項目 : C:\Program Files (x86)\EEnjuooyCCoupon
フォルダ 削除済み項目 : C:\Program Files (x86)\FindBBestDeall
フォルダ 削除済み項目 : C:\Program Files (x86)\IisaeveRR
フォルダ 削除済み項目 : C:\Program Files (x86)\IsaeveER
フォルダ 削除済み項目 : C:\Program Files (x86)\MiNimoumPrIcee
フォルダ 削除済み項目 : C:\Program Files (x86)\MinimummPPrice
フォルダ 削除済み項目 : C:\Program Files (x86)\NeeettOCoupon
フォルダ 削除済み項目 : C:\Program Files (x86)\NeewSaVer
フォルダ 削除済み項目 : C:\Program Files (x86)\NewSAAvEr
フォルダ 削除済み項目 : C:\Program Files (x86)\RandomPrrice
フォルダ 削除済み項目 : C:\Program Files (x86)\RandomPrrIuce
フォルダ 削除済み項目 : C:\Program Files (x86)\RoboSaaver

***** [ スケジュールタスク ] *****


***** [ ショートカット ] *****


***** [ レジストリ ] *****

キー 削除済み項目 : HKLM\SOFTWARE\4a49d959-d866-cf69-cb11-8fb0360dc876
キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
キー 削除済み項目 : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
キー 削除済み項目 : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
キー 削除済み項目 : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
キー 削除済み項目 : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
キー 削除済み項目 : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
キー 削除済み項目 : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

***** [ Webブラウザ ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.1 (x86 ja)

[seghy30o.default-1423977803951\prefs.js] - ライン 削除済み項目 : user_pref("extensions.eejc5sia9sr7v3EU.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjnEqjC8rdrHrHY5qHr6rTUGrdr\")>-1){return;}}catch(e){}try{var d=[[\"acebook\",\"flybrain.com\",\"[...]
[seghy30o.default-1423977803951\prefs.js] - ライン 削除済み項目 : user_pref("extensions.wZUm1dJUEiWuvBH2.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjnEqjC8rdrHrHY5qHr6rTUGrdr\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\[...]

*************************

AdwCleaner[R0].txt - [5096 bytes] - [18/04/2015 09:59:20]
AdwCleaner[S0].txt - [4925 bytes] - [18/04/2015 10:01:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4984 bytes] ##########
  • ドのつく素人
  • 2015/04/18 (Sat) 10:09:06
返信フォームへ 
今度はMBAMで作業を
作業と報告、ご苦労様です。

ACの結果ログを見せてもらいましたが、まだ隠れていたものが多数見つかりましたね。
それらもACから全部処置したならいいです。

ACでの処置ができたところで次の作業をたたみかけましょう。

今度は以下のアプリを準備してください。
Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://fine.tok2.com/home/heto2/0700SecurityApp/Malwarebytes/0001.htm

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

アップデートまでできたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてセーフモードのままMBAMでスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」してください。
対象ドライブはCを含めて全ドライブを選択してください。

スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2015/04/18 (Sat) 21:12:25
返信フォームへ 
MBAMでの隔離完了
無事に終わったようなのでログを貼ります
よろしくお願いします

Malwarebytes Anti-Malware (試用) 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2015.04.18.04

Windows 7 Service Pack 1 x64 NTFS (セーフモード)
Internet Explorer 11.0.9600.17728
Triple Y :: TRIPLEY-PC [管理者]

リアルタイム保護: 無効

2015/04/19 9:08:01
mbam-log-2015-04-19 (09-08-01).txt

スキャンタイプ: フルスキャン (C:\|D:\|G:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 511473
経過時間: 18 分, 47 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリ値の検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 2
C:\ProgramData\3872871776 (Rogue.Multiple) -> 正常に隔離され削除されました。
C:\ProgramData\Yellow AdBlocker (PUP.Optional.YellowAdblocker.A) -> 正常に隔離され削除されました。

ファイルの検出: 9
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BUyNssave\BUyNssave.exe.vir (Trojan.Agent) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeeettOCoupon\WboQuPRT1FUiFv.x64.dll.vir (PUP.Optional.Multiplug) -> 正常に隔離され削除されました。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RandomPrrice\PJgd1JPRYoMgRh.x64.dll.vir (PUP.Optional.Multiplug) -> 正常に隔離され削除されました。
C:\Users\Triple Y\AppData\Local\Temp\7D18d7\temp\hpds_setup.exe (PUP.Optional.MultiPlug.A) -> 正常に隔離され削除されました。
C:\Users\Triple Y\Desktop\削除関係\backups\backup-20150415-214334-519.dll (PUP.Optional.Multiplug.A) -> 正常に隔離され削除されました。
C:\Users\Triple Y\Desktop\削除関係\backups\backup-20150415-214334-704.dll (PUP.Optional.Multiplug.A) -> 正常に隔離され削除されました。
C:\Users\Triple Y\Desktop\削除関係\backups\backup-20150415-214334-764.dll (PUP.Optional.MultiPlug.A) -> 正常に隔離され削除されました。
C:\Users\Triple Y\Desktop\削除関係\backups\backup-20150415-214334-985.dll (PUP.Optional.MultiPlug.A) -> 正常に隔離され削除されました。
C:\ProgramData\Yellow AdBlocker\Yellow AdBlocker.exe (PUP.Optional.YellowAdblocker.A) -> 正常に隔離され削除されました。

(終)
  • ドのつく素人
  • 2015/04/19 (Sun) 09:38:06
返信フォームへ 
次はOTLで調べます
作業と報告、ご苦労様です。
作業後のログを見たところ、先に処置したものの残骸などがMBAMで見つかってますが、それらもMBAMから全部隔離処置したならいいです。
処置ができたらMBAMはセーフモードでアンインストールしてください。

では今度は更に隠れているものをあぶりだします。
次は以下のツールを準備してください。
OTL(OldTimer Listit)
ファイル直リンなので、DLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2015/04/19 (Sun) 13:26:23
返信フォームへ 
OTL ログ1
MBAMのアンインストールとOTLでのスキャンが完了しました。
よろしくお願いします。

OTL logfile created on: 2015/04/19 21:37:40 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Triple Y\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.07 Gb Available Physical Memory | 76.49% Memory free
15.88 Gb Paging File | 14.08 Gb Available in Paging File | 88.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 70.23 Gb Free Space | 58.95% Space Free | Partition Type: NTFS
Drive G: | 1863.01 Gb Total Space | 1595.83 Gb Free Space | 85.66% Space Free | Partition Type: NTFS

Computer Name: TRIPLEY-PC | User Name: Triple Y | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/19 21:05:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Triple Y\Downloads\OTL.exe
PRC - [2015/03/07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/02/09 01:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/18 01:56:20 | 054,253,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2013/12/18 01:56:16 | 001,334,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/04/24 23:20:22 | 001,191,936 | ---- | M] (Crystal Dew World) -- C:\HDD kanri\CrystalDiskInfo\DiskInfo.exe
PRC - [2013/03/06 12:08:42 | 000,291,128 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013/02/01 01:06:44 | 001,421,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\EzML.exe
PRC - [2013/01/31 15:20:50 | 000,286,192 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/01/31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/01/23 16:57:38 | 000,366,552 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/01/23 16:57:30 | 000,169,432 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
PRC - [2011/09/15 15:41:06 | 000,117,760 | ---- | M] () -- C:\NanJoy\NanJoy.exe
PRC - [2011/02/23 16:40:38 | 000,459,264 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMAPP.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/04/16 20:02:56 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a596d0525d78281d86abce9c2e6105b5\System.IdentityModel.ni.dll
MOD - [2015/04/16 20:02:55 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\f2637acce0919a29bdf53912a359dbf2\System.ServiceModel.ni.dll
MOD - [2015/04/16 20:02:48 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\11a24c8e5dd833c8de63c6a7ec19ca89\System.ServiceModel.Web.ni.dll
MOD - [2014/10/15 19:04:37 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/15 19:04:35 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/15 19:04:35 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/15 19:04:35 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/15 19:04:33 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/15 19:04:32 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/15 19:04:32 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/15 19:04:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/15 19:04:32 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/15 19:04:32 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/02/28 00:36:54 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/02/01 01:06:44 | 001,421,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\EzML.exe
MOD - [2011/09/15 15:41:06 | 000,117,760 | ---- | M] () -- C:\NanJoy\NanJoy.exe
MOD - [2011/09/15 15:40:28 | 000,041,984 | ---- | M] () -- C:\NanJoy\NanJoy.dll
MOD - [2011/08/10 19:50:58 | 000,005,120 | ---- | M] () -- C:\NanJoy\out_Mouse.dll
MOD - [2011/08/07 14:29:00 | 000,003,584 | ---- | M] () -- C:\NanJoy\out_Other.dll
MOD - [2011/08/07 12:05:14 | 000,007,168 | ---- | M] () -- C:\NanJoy\out_WinSend.dll
MOD - [2011/08/05 21:38:54 | 000,004,096 | ---- | M] () -- C:\NanJoy\out_KeyBord.dll
MOD - [2011/02/23 16:40:38 | 000,459,264 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMAPP.exe
MOD - [2010/10/25 11:17:20 | 000,045,568 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMDLL.DLL
MOD - [2010/10/14 18:00:52 | 000,412,160 | ---- | M] () -- C:\mausu\BSMBU03\ADODEVCL.dll
MOD - [2006/10/12 12:05:42 | 000,110,592 | ---- | M] () -- C:\Program Files\Ez_MailChecker\AquesTalkDa.dll
MOD - [2000/12/28 19:17:00 | 000,013,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\MakeTran.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/03/13 12:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/01/31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2012/12/10 14:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/12/10 14:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/16 23:14:32 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/05 23:00:04 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/03/07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/02/09 01:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/01/23 16:57:38 | 000,366,552 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/01/23 16:57:30 | 000,169,432 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe -- (asComSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/11/15 14:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/08/15 22:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/11/28 22:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/01/31 15:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/01/31 15:20:10 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2013/01/25 11:51:38 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:[b]64bit:[/b] - [2013/01/23 16:57:32 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/12/27 02:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,786,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,366,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,020,616 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/23 23:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes\{001ABDF3-1AB3-4C02-8614-FA81BBB57C98}: "URL" = http://search.yahoo.co.jp/search?ei=UTF-8&fr=ie8scint&p={searchTerms}
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.hiddenOneOffs: "Amazon.co.jp,楽天市場,ヤフオク!"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/07/11 20:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Extensions
[2015/02/15 14:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\lj9ns0kj.default\extensions
[2015/02/15 14:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\lj9ns0kj.default\extensions\toolbar@addon.yahoo.co.jp
[2015/04/15 00:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\seghy30o.default-1423977803951\extensions
[2015/04/01 22:48:37 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\firefox\profiles\seghy30o.default-1423977803951\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/04/05 23:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/05 23:00:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ADOTMAPP] C:\mausu\BSMBU03\ADOTMAPP.exe ()
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EzML.lnk = File not found
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe (Jane, Inc.)
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NanJoy.lnk = C:\NanJoy\NanJoy.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/28 13:35:24 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 21:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{865229c5-1b72-11e3-8de4-74d02b921364}\Shell - "" = AutoRun
O33 - MountPoints2\{865229c5-1b72-11e3-8de4-74d02b921364}\Shell\AutoRun\command - "" = F:\CMADownloader.exe
O33 - MountPoints2\{90ca3847-e9f4-11e2-a2d5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{90ca3847-e9f4-11e2-a2d5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  • ドのつく素人
  • 2015/04/19 (Sun) 22:01:39
返信フォームへ 
OTL ログ2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/19 21:29:50 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/04/19 21:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/04/19 10:55:45 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\Desktop\Original-v1.2.4
[2015/04/19 10:51:06 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\Desktop\misc
[2015/04/19 08:37:46 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\Malwarebytes
[2015/04/19 08:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/18 10:23:19 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Local\Apps
[2015/04/18 09:56:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/04/18 09:39:55 | 000,000,000 | ---D | C] -- C:\Minecraft
[2015/04/17 07:52:08 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\OpenOffice
[2015/04/17 07:51:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
[2015/04/17 07:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2015/04/16 23:17:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/04/16 23:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/04/16 23:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/04/16 23:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/04/15 21:17:18 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\Desktop\削除関係
[2015/04/15 21:15:27 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\Geek Uninstaller
[2015/04/15 21:14:56 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/15 21:14:56 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/15 21:14:56 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/15 21:14:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/15 21:14:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/15 21:14:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/15 21:14:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/15 21:14:56 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/15 21:14:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/15 21:14:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/15 21:14:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/15 21:14:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/15 21:14:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/15 21:14:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/15 21:14:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/15 21:14:55 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/15 21:14:55 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/15 21:14:55 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/15 21:14:55 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/15 21:14:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/15 21:14:55 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/15 21:14:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/04/15 21:14:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/15 21:14:54 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/04/15 21:14:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/04/15 21:14:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/04/15 21:14:53 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/15 21:14:53 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/04/15 21:14:53 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/04/15 21:14:53 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/15 21:14:53 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/04/15 21:14:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/04/15 21:14:52 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/04/15 21:14:52 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/04/15 21:14:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/04/15 21:14:52 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/04/15 21:14:52 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/04/15 21:14:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/04/15 21:14:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/15 21:14:52 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/04/15 21:14:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/04/15 21:14:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/04/15 21:14:52 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/04/15 21:14:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/04/15 21:14:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/04/15 21:14:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/04/15 21:14:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/04/15 21:14:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/04/15 21:14:51 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/04/15 21:14:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/04/15 21:14:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/04/15 21:14:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/15 21:14:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/04/15 21:14:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/04/15 21:14:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/04/15 21:14:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:14:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:14:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/04/15 21:14:50 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/04/15 21:14:50 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/04/15 21:14:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/04/15 21:14:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/04/15 21:14:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/04/15 21:14:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/04/15 21:14:48 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/04/15 21:14:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/04/15 21:14:48 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/04/15 21:14:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/04/15 21:14:48 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/04/15 21:14:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/04/15 21:14:47 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/15 21:14:47 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/04/15 21:14:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/04/15 21:14:47 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/04/15 21:14:46 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/04/15 21:14:46 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/04/15 21:14:46 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/15 21:14:46 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/15 21:14:46 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/04/15 21:14:46 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/04/15 21:14:46 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/04/15 21:14:46 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/04/15 21:14:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/04/15 21:14:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/04/15 21:14:45 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/04/15 21:14:45 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/04/15 21:14:45 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/15 21:14:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/04/15 21:14:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/04/15 21:14:44 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/04/15 21:14:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/04/15 21:14:44 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/04/15 21:14:44 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/04/15 21:14:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/15 21:14:43 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/15 21:14:43 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/04/15 21:14:43 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/04/15 21:14:43 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/15 21:14:43 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/04/15 21:14:43 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/04/15 21:14:43 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/04/15 21:14:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/15 21:14:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015/04/15 00:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/04/15 00:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/04/11 09:41:53 | 000,000,000 | ---D | C] -- C:\foot-switch2-2.31
[2015/04/05 23:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/04/04 19:35:07 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/04/04 19:35:06 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/03/30 21:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Liam Payne News
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/19 21:29:40 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/04/19 21:19:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/19 21:10:30 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/19 21:10:30 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/19 21:09:35 | 001,316,588 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/19 21:09:35 | 000,655,292 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/19 21:09:35 | 000,412,200 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2015/04/19 21:09:35 | 000,122,744 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2015/04/19 21:09:35 | 000,122,662 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/19 21:08:06 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/19 21:02:48 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/19 21:02:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/19 21:02:40 | 2099,769,343 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/19 10:51:51 | 000,079,134 | ---- | M] () -- C:\Users\Triple Y\Desktop\Original-v1.2.4.zip
[2015/04/18 09:08:10 | 000,296,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/04/16 23:14:32 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/04/16 23:14:32 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/15 23:06:03 | 000,034,935 | ---- | M] () -- C:\Users\Triple Y\Desktop\cd098d5d.jpg
[2015/04/15 22:38:28 | 000,086,169 | ---- | M] () -- C:\Users\Triple Y\Desktop\c9ef29da-s.jpg
[2015/04/15 21:27:57 | 001,295,436 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/13 00:05:43 | 000,308,898 | ---- | M] () -- C:\Users\Triple Y\Desktop\ZTGstQJ.jpg
[2015/04/10 00:42:25 | 000,401,624 | ---- | M] () -- C:\Users\Triple Y\Desktop\pQkGOHW.jpg.png
[2015/04/10 00:42:23 | 000,380,504 | ---- | M] () -- C:\Users\Triple Y\Desktop\CLW8rIa.jpg.png
[2015/04/10 00:42:22 | 000,530,993 | ---- | M] () -- C:\Users\Triple Y\Desktop\YSNsAGB.jpg.png
[2015/03/30 20:42:50 | 000,177,075 | ---- | M] () -- C:\Users\Triple Y\Desktop\light.dotup.org164953.jpg
[2015/03/25 12:24:41 | 003,298,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/03/25 12:24:41 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/03/25 12:24:41 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/03/25 12:24:41 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/03/25 12:24:41 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/03/25 12:24:40 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/03/25 12:24:08 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/03/25 12:23:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/03/25 12:23:55 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/03/25 12:23:55 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/03/25 12:00:57 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/03/25 12:00:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/03/25 12:00:57 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/03/25 12:00:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/03/25 12:00:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/03/23 12:25:15 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/03/23 12:25:01 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/03/23 12:24:56 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/03/23 12:24:54 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/03/23 12:24:53 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/03/23 12:24:53 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/03/23 12:24:53 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/03/23 12:17:39 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/19 10:51:51 | 000,079,134 | ---- | C] () -- C:\Users\Triple Y\Desktop\Original-v1.2.4.zip
[2015/04/16 23:16:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/04/15 23:06:03 | 000,034,935 | ---- | C] () -- C:\Users\Triple Y\Desktop\cd098d5d.jpg
[2015/04/15 22:38:28 | 000,086,169 | ---- | C] () -- C:\Users\Triple Y\Desktop\c9ef29da-s.jpg
[2015/04/15 21:14:48 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/15 21:14:47 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/04/13 00:05:43 | 000,308,898 | ---- | C] () -- C:\Users\Triple Y\Desktop\ZTGstQJ.jpg
[2015/04/10 00:42:25 | 000,401,624 | ---- | C] () -- C:\Users\Triple Y\Desktop\pQkGOHW.jpg.png
[2015/04/10 00:42:23 | 000,380,504 | ---- | C] () -- C:\Users\Triple Y\Desktop\CLW8rIa.jpg.png
[2015/04/10 00:42:20 | 000,530,993 | ---- | C] () -- C:\Users\Triple Y\Desktop\YSNsAGB.jpg.png
[2015/03/30 20:42:50 | 000,177,075 | ---- | C] () -- C:\Users\Triple Y\Desktop\light.dotup.org164953.jpg
[2014/12/16 19:13:32 | 000,000,036 | ---- | C] () -- C:\Users\Triple Y\AppData\Local\housecall.guid.cache
[2013/12/01 17:31:16 | 000,007,633 | ---- | C] () -- C:\Users\Triple Y\AppData\Local\Resmon.ResmonCfg
[2013/07/11 15:49:27 | 001,295,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/11 15:44:24 | 000,051,857 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/07/11 15:44:24 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
[2013/07/11 15:43:46 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/07/11 15:43:41 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/07/11 15:43:37 | 000,040,629 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/19 21:08:06 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/19 21:02:48 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/19 21:19:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA PLEXTOR PX-128M5 SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA WDC WD20EADS-00R SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

以上です。

「Extras.txt」は出ず「OTL.txt」だけ出力されました
  • ドのつく素人
  • 2015/04/19 (Sun) 22:04:04
返信フォームへ 
Extras.txtはなかったでしょうか
また登場いたしましたIVNOです。
OTL.txtと同時にExtras.txtも出力されていなかったでしょうか。
そちらがあればそちらも貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/20 (Mon) 13:45:23
返信フォームへ 
もう一度実行したら出力されました(OTL1)
両方出力されましたので再度両方とも貼ります

終了後に拡張子の表示が非表示になったのですが、戻しても良いのでしょうか?


OTL logfile created on: 2015/04/20 21:01:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Triple Y\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.37 Gb Available Physical Memory | 80.23% Memory free
15.88 Gb Paging File | 14.24 Gb Available in Paging File | 89.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 69.96 Gb Free Space | 58.72% Space Free | Partition Type: NTFS
Drive G: | 1863.01 Gb Total Space | 1595.83 Gb Free Space | 85.66% Space Free | Partition Type: NTFS

Computer Name: TRIPLEY-PC | User Name: Triple Y | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:00:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Triple Y\Downloads\OTL.exe
PRC - [2015/03/07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/02/09 01:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/18 01:56:20 | 054,253,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2013/12/18 01:56:16 | 001,334,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/04/24 23:20:22 | 001,191,936 | ---- | M] (Crystal Dew World) -- C:\HDD kanri\CrystalDiskInfo\DiskInfo.exe
PRC - [2013/03/06 12:08:42 | 000,291,128 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013/02/01 01:06:44 | 001,421,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\EzML.exe
PRC - [2013/01/31 15:20:50 | 000,286,192 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/01/31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/01/23 16:57:38 | 000,366,552 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/01/23 16:57:30 | 000,169,432 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
PRC - [2011/09/15 15:41:06 | 000,117,760 | ---- | M] () -- C:\NanJoy\NanJoy.exe
PRC - [2011/02/23 16:40:38 | 000,459,264 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMAPP.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/04/16 20:02:56 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a596d0525d78281d86abce9c2e6105b5\System.IdentityModel.ni.dll
MOD - [2015/04/16 20:02:55 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\f2637acce0919a29bdf53912a359dbf2\System.ServiceModel.ni.dll
MOD - [2015/04/16 20:02:48 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\11a24c8e5dd833c8de63c6a7ec19ca89\System.ServiceModel.Web.ni.dll
MOD - [2014/10/15 19:04:37 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/15 19:04:35 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/15 19:04:35 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/15 19:04:33 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/15 19:04:32 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/15 19:04:32 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/15 19:04:32 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/15 19:04:32 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/15 19:04:32 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/02/28 00:36:54 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/02/01 01:06:44 | 001,421,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\EzML.exe
MOD - [2011/09/15 15:41:06 | 000,117,760 | ---- | M] () -- C:\NanJoy\NanJoy.exe
MOD - [2011/09/15 15:40:28 | 000,041,984 | ---- | M] () -- C:\NanJoy\NanJoy.dll
MOD - [2011/08/10 19:50:58 | 000,005,120 | ---- | M] () -- C:\NanJoy\out_Mouse.dll
MOD - [2011/08/07 14:29:00 | 000,003,584 | ---- | M] () -- C:\NanJoy\out_Other.dll
MOD - [2011/08/07 12:05:14 | 000,007,168 | ---- | M] () -- C:\NanJoy\out_WinSend.dll
MOD - [2011/08/05 21:38:54 | 000,004,096 | ---- | M] () -- C:\NanJoy\out_KeyBord.dll
MOD - [2011/02/23 16:40:38 | 000,459,264 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMAPP.exe
MOD - [2010/10/25 11:17:20 | 000,045,568 | ---- | M] () -- C:\mausu\BSMBU03\ADOTMDLL.DLL
MOD - [2010/10/14 18:00:52 | 000,412,160 | ---- | M] () -- C:\mausu\BSMBU03\ADODEVCL.dll
MOD - [2006/10/12 12:05:42 | 000,110,592 | ---- | M] () -- C:\Program Files\Ez_MailChecker\AquesTalkDa.dll
MOD - [2000/12/28 19:17:00 | 000,013,824 | ---- | M] () -- C:\Program Files\Ez_MailChecker\MakeTran.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/03/13 12:54:00 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/01/31 15:20:50 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2012/12/10 14:31:44 | 000,803,872 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/12/10 14:31:28 | 000,732,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/16 23:14:32 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/05 23:00:04 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/03/07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/02/09 01:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/01/23 16:57:38 | 000,366,552 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/01/23 16:57:30 | 000,169,432 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/10/30 07:48:16 | 000,927,232 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe -- (asComSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014/11/15 14:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/08/15 22:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/11/28 22:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/01/31 15:20:10 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/01/31 15:20:10 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2013/01/25 11:51:38 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:[b]64bit:[/b] - [2013/01/23 16:57:32 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/12/27 02:26:12 | 000,805,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,786,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,366,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/12/21 07:44:10 | 000,020,616 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/23 23:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes\{001ABDF3-1AB3-4C02-8614-FA81BBB57C98}: "URL" = http://search.yahoo.co.jp/search?ei=UTF-8&fr=ie8scint&p={searchTerms}
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.hiddenOneOffs: "Amazon.co.jp,楽天市場,ヤフオク!"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.co.jp/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/07/11 20:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Extensions
[2015/02/15 14:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\lj9ns0kj.default\extensions
[2015/02/15 14:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\lj9ns0kj.default\extensions\toolbar@addon.yahoo.co.jp
[2015/04/15 00:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\Firefox\Profiles\seghy30o.default-1423977803951\extensions
[2015/04/01 22:48:37 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Triple Y\AppData\Roaming\mozilla\firefox\profiles\seghy30o.default-1423977803951\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/04/05 23:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/05 23:00:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ADOTMAPP] C:\mausu\BSMBU03\ADOTMAPP.exe ()
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2405531978-808434178-3201954506-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EzML.lnk = File not found
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe (Jane, Inc.)
O4 - Startup: C:\Users\Triple Y\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NanJoy.lnk = C:\NanJoy\NanJoy.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/01/28 13:35:24 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 21:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{865229c5-1b72-11e3-8de4-74d02b921364}\Shell - "" = AutoRun
O33 - MountPoints2\{865229c5-1b72-11e3-8de4-74d02b921364}\Shell\AutoRun\command - "" = F:\CMADownloader.exe
O33 - MountPoints2\{90ca3847-e9f4-11e2-a2d5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{90ca3847-e9f4-11e2-a2d5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  • ドのつく素人
  • 2015/04/20 (Mon) 21:08:10
返信フォームへ 
OTL2
CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/19 21:29:50 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/04/19 21:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015/04/19 08:37:46 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\Malwarebytes
[2015/04/19 08:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/18 10:23:19 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Local\Apps
[2015/04/18 09:56:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/04/18 09:39:55 | 000,000,000 | ---D | C] -- C:\Minecraft
[2015/04/17 07:52:08 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\OpenOffice
[2015/04/17 07:51:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
[2015/04/17 07:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2015/04/16 23:17:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/04/16 23:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/04/16 23:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015/04/16 23:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015/04/15 21:17:18 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\Desktop\削除関係
[2015/04/15 21:15:27 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\Geek Uninstaller
[2015/04/15 21:14:56 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/15 21:14:56 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/15 21:14:56 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/15 21:14:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/15 21:14:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/15 21:14:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/15 21:14:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/15 21:14:56 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/15 21:14:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/15 21:14:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/15 21:14:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/15 21:14:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/15 21:14:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/15 21:14:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/15 21:14:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/15 21:14:55 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/15 21:14:55 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/15 21:14:55 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/15 21:14:55 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/15 21:14:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/15 21:14:55 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/15 21:14:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/04/15 21:14:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/15 21:14:54 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/04/15 21:14:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/04/15 21:14:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/04/15 21:14:53 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/15 21:14:53 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/04/15 21:14:53 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/04/15 21:14:53 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/15 21:14:53 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/04/15 21:14:53 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/04/15 21:14:52 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/04/15 21:14:52 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/04/15 21:14:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/04/15 21:14:52 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/04/15 21:14:52 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/04/15 21:14:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/04/15 21:14:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/15 21:14:52 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/04/15 21:14:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/04/15 21:14:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/04/15 21:14:52 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/04/15 21:14:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/04/15 21:14:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/04/15 21:14:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/04/15 21:14:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/04/15 21:14:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/04/15 21:14:51 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/04/15 21:14:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/04/15 21:14:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/04/15 21:14:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/15 21:14:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/04/15 21:14:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/04/15 21:14:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/04/15 21:14:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:14:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 21:14:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 21:14:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/04/15 21:14:50 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/04/15 21:14:50 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/04/15 21:14:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/04/15 21:14:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/04/15 21:14:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/04/15 21:14:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/04/15 21:14:48 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/04/15 21:14:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/04/15 21:14:48 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/04/15 21:14:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/04/15 21:14:48 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/04/15 21:14:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/04/15 21:14:47 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/15 21:14:47 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/04/15 21:14:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/04/15 21:14:47 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/04/15 21:14:46 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/04/15 21:14:46 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/04/15 21:14:46 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/15 21:14:46 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/15 21:14:46 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/04/15 21:14:46 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/04/15 21:14:46 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/04/15 21:14:46 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/04/15 21:14:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/04/15 21:14:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/04/15 21:14:45 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/04/15 21:14:45 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/04/15 21:14:45 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/15 21:14:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/04/15 21:14:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/04/15 21:14:44 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/04/15 21:14:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/04/15 21:14:44 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/04/15 21:14:44 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/04/15 21:14:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/15 21:14:43 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/15 21:14:43 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/04/15 21:14:43 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/04/15 21:14:43 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/15 21:14:43 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/04/15 21:14:43 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/04/15 21:14:43 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/04/15 21:14:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/15 21:14:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015/04/15 00:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/04/15 00:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/04/11 09:41:53 | 000,000,000 | ---D | C] -- C:\foot-switch2-2.31
[2015/04/05 23:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/04/04 19:35:07 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/04/04 19:35:06 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/03/30 21:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Liam Payne News
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/20 20:54:34 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/20 20:54:34 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/20 20:51:49 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/20 20:50:48 | 001,316,588 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/20 20:50:48 | 000,655,292 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/20 20:50:48 | 000,412,200 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2015/04/20 20:50:48 | 000,122,744 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2015/04/20 20:50:48 | 000,122,662 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/20 20:46:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/20 20:46:37 | 2099,769,343 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/19 23:08:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/19 22:19:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/19 21:29:40 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/04/18 09:08:10 | 000,296,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/04/16 23:14:32 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/04/16 23:14:32 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/15 23:06:03 | 000,034,935 | ---- | M] () -- C:\Users\Triple Y\Desktop\cd098d5d.jpg
[2015/04/15 22:38:28 | 000,086,169 | ---- | M] () -- C:\Users\Triple Y\Desktop\c9ef29da-s.jpg
[2015/04/15 21:27:57 | 001,295,436 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/13 00:05:43 | 000,308,898 | ---- | M] () -- C:\Users\Triple Y\Desktop\ZTGstQJ.jpg
[2015/04/10 00:42:25 | 000,401,624 | ---- | M] () -- C:\Users\Triple Y\Desktop\pQkGOHW.jpg.png
[2015/04/10 00:42:23 | 000,380,504 | ---- | M] () -- C:\Users\Triple Y\Desktop\CLW8rIa.jpg.png
[2015/04/10 00:42:22 | 000,530,993 | ---- | M] () -- C:\Users\Triple Y\Desktop\YSNsAGB.jpg.png
[2015/03/30 20:42:50 | 000,177,075 | ---- | M] () -- C:\Users\Triple Y\Desktop\light.dotup.org164953.jpg
[2015/03/25 12:24:41 | 003,298,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/03/25 12:24:41 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/03/25 12:24:41 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/03/25 12:24:41 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/03/25 12:24:41 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/03/25 12:24:40 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/03/25 12:24:08 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/03/25 12:23:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/03/25 12:23:55 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/03/25 12:23:55 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/03/25 12:00:57 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/03/25 12:00:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/03/25 12:00:57 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/03/25 12:00:57 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/03/25 12:00:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/03/23 12:25:15 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/03/23 12:25:01 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/03/23 12:24:56 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/03/23 12:24:54 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/03/23 12:24:53 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/03/23 12:24:53 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/03/23 12:24:53 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/03/23 12:17:39 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/16 23:16:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/04/15 23:06:03 | 000,034,935 | ---- | C] () -- C:\Users\Triple Y\Desktop\cd098d5d.jpg
[2015/04/15 22:38:28 | 000,086,169 | ---- | C] () -- C:\Users\Triple Y\Desktop\c9ef29da-s.jpg
[2015/04/15 21:14:48 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/15 21:14:47 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/04/13 00:05:43 | 000,308,898 | ---- | C] () -- C:\Users\Triple Y\Desktop\ZTGstQJ.jpg
[2015/04/10 00:42:25 | 000,401,624 | ---- | C] () -- C:\Users\Triple Y\Desktop\pQkGOHW.jpg.png
[2015/04/10 00:42:23 | 000,380,504 | ---- | C] () -- C:\Users\Triple Y\Desktop\CLW8rIa.jpg.png
[2015/04/10 00:42:20 | 000,530,993 | ---- | C] () -- C:\Users\Triple Y\Desktop\YSNsAGB.jpg.png
[2015/03/30 20:42:50 | 000,177,075 | ---- | C] () -- C:\Users\Triple Y\Desktop\light.dotup.org164953.jpg
[2014/12/16 19:13:32 | 000,000,036 | ---- | C] () -- C:\Users\Triple Y\AppData\Local\housecall.guid.cache
[2013/12/01 17:31:16 | 000,007,633 | ---- | C] () -- C:\Users\Triple Y\AppData\Local\Resmon.ResmonCfg
[2013/07/11 15:49:27 | 001,295,436 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/11 15:44:24 | 000,051,857 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/07/11 15:44:24 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
[2013/07/11 15:43:46 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/07/11 15:43:41 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/07/11 15:43:37 | 000,040,629 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/19 23:08:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/04/20 20:51:49 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/19 22:19:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA PLEXTOR PX-128M5 SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ATA WDC WD20EADS-00R SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 1048576
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2009/07/14 10:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/01/30 03:15:10 | 000,366,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/03/17 14:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • ドのつく素人
  • 2015/04/20 (Mon) 21:08:48
返信フォームへ 
Extras
OTL Extras logfile created on: 2015/04/20 21:01:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Triple Y\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.94 Gb Total Physical Memory | 6.37 Gb Available Physical Memory | 80.23% Memory free
15.88 Gb Paging File | 14.24 Gb Available in Paging File | 89.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 69.96 Gb Free Space | 58.72% Space Free | Partition Type: NTFS
Drive G: | 1863.01 Gb Total Space | 1595.83 Gb Free Space | 85.66% Space Free | Partition Type: NTFS

Computer Name: TRIPLEY-PC | User Name: Triple Y | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2405531978-808434178-3201954506-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F7D5B1-9BCE-4F22-8DDD-7999D337885D}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{0845434B-CAAC-459E-BC57-3BAEB3F024CA}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0975FB46-DF24-4D0B-9367-97323234073E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{098A1F0E-1AD4-4C3A-B317-2C5B95746DF7}" = lport=138 | protocol=17 | dir=in | app=system |
"{0D69D819-3278-4A1B-8E8D-7025B279206D}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{0FFD1609-840D-42FD-AFA2-106B306BC805}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{13EB67C1-AF7F-4AEA-873B-CE85154DEA00}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C1BDD67-EB84-4086-8C8E-A31CF2B3A309}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{23F8345B-AF90-4898-B1E6-B3604FD7B492}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2415529A-C2BD-4B0F-9919-C38D01EDDAC8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{263640A4-5567-4419-9274-18EF7F80FDC4}" = rport=138 | protocol=17 | dir=out | app=system |
"{288BEDAB-3EAB-4430-9812-3A7AF6EBB206}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{2F00C97D-E8E3-4D8B-B591-403C8AAE633A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2FA28D0F-B45B-4771-97C0-5E7026C231E0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4252F904-2BD2-426E-8342-BF47BC5E746B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5046EB42-BD4E-4003-85F7-6500D7079B51}" = lport=2869 | protocol=6 | dir=in | app=system |
"{507AA7A8-59C8-4D80-B089-B6E02B3AF18F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{525D9B09-9BED-483D-A8C0-66518B50990B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5DF35463-206A-4F2E-9E9F-B1C4BDF175AA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{679E4C79-42D4-413F-BF84-B7336200F73F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{684173CE-9FE6-4515-AC3E-C7D49E131A7E}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7452B74D-1F60-44C6-8911-0F1183666EB0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8359ED7C-8CBD-4073-9B4F-3EC6996D1AF4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D5CF550-C672-4DFF-9412-79B282B5C635}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{90A65567-2CF4-4250-983A-B87473457596}" = rport=139 | protocol=6 | dir=out | app=system |
"{9EF0BDEE-BDAE-4310-9A85-42C123B3C3F9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A3D7E644-6492-4647-92E0-4B0842EB009B}" = rport=445 | protocol=6 | dir=out | app=system |
"{AA393586-C71C-48DD-8AA4-C56A61489076}" = lport=137 | protocol=17 | dir=in | app=system |
"{B0DC9A5E-B1CB-4E2B-9921-410C67D3FA2B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C1A919C9-98E9-4B94-A2B6-D72304B6DBD8}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C3EC2166-B319-43A5-BBAE-2FACA2313047}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C720AB59-70A5-484D-A520-ED1EEE9D7970}" = lport=445 | protocol=6 | dir=in | app=system |
"{CD94668D-0E7D-4FBB-AD7B-4B7501765230}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{CE0AFB32-6F73-4311-B7ED-BBFFADDA3F1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0BBFE61-0B38-42E7-89BE-57E6B9082938}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E60CD97F-EE1F-416D-B621-F64C348C6171}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E6B6BE59-0F2A-40C4-A98F-43BE920BCED7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E8BFA44C-A35A-422C-BCCB-F83DC0BC4BE0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5D8224F-DD46-4ACE-9C6C-EF1AB7902201}" = rport=137 | protocol=17 | dir=out | app=system |
"{F7A6DCDF-28CE-46B9-8D52-028703193482}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FB7D9444-27F3-45FA-A5E4-556B04696556}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{094B604D-A76D-41D0-B2E1-E53E4B3BE2F4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{299A7A47-7028-43CA-A7E6-EFDAEEA4ABB8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{328CAC8B-E04C-439C-818F-7813CFC20475}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{41718946-FD23-484A-8F34-15DD7C53E063}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4B7EBA0F-41A5-46F3-A70E-9A9CACE57AAA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{65D0E184-D077-4F3A-9ABF-F86DB81CED48}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65DDA15D-222E-4EB0-A8C7-92F861BD7561}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{79239DC1-E223-425B-BFA8-DF752E4405F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F51348B-CD41-4879-9B26-663FD7DE422E}" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\java.exe |
"{81A58DE8-A1F0-4510-A62F-2837471BD4ED}" = protocol=6 | dir=out | app=system |
"{82124C2C-8AD2-4501-A61C-8CFBBFEB0770}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{867562CC-B0D6-4A64-8EF4-D5AA975775C0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{87581689-83F7-45C1-BC7F-47E7E5241875}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F2307DA-D382-4C85-9F4A-715FCDEC66B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A3CB89CB-7338-4BD5-8001-15943CE92ADE}" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\java.exe |
"{AA9F571F-4AE5-4FF6-A235-2FF11A4F740A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADB99D64-257B-42BC-88D6-2EBAE9658FE0}" = protocol=58 | dir=in | app=system |
"{B2768A36-D29F-4505-8D69-29F3004BC651}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B311DE83-344E-4FAA-9A0F-78B4697DABAC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9}" = protocol=6 | dir=in | app=c:\yahoo messenger\messenger\yahoomessenger.exe |
"{BA26CF95-A60B-4C17-B76E-FAF79230871F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D1223E7C-E09A-460E-BF9C-58F95DA47B3C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{D17A450C-D8DE-46A6-B73C-FE67F6EC1ADA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D23AC592-10E5-4969-9C7F-8FB2D230BAE8}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{DCCC27C2-5D93-437A-A3CD-9969E0D8BF3C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3DF1A93-61A1-4187-AAA9-DD5D59E5B5BB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E564B7AB-94B5-49AE-9156-7F9A61E2F030}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F4A3E608-B9A4-4DD4-9947-1C124214D85C}" = protocol=17 | dir=in | app=c:\yahoo messenger\messenger\yahoomessenger.exe |
"{F94D21B9-2677-476A-AE64-BC32C979175B}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FBB298A0-33DB-4BBD-8521-A5694DB6340B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{09FBF470-C98E-4F32-8F20-2567D3F0A900}C:\users\triple y\appdata\roaming\.minecraft\runtime\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\triple y\appdata\roaming\.minecraft\runtime\jre7\bin\javaw.exe |
"TCP Query User{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D}C:\yahoo messenger\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\yahoo messenger\messenger\yahoomessenger.exe |
"TCP Query User{607C50B2-D0AE-44BD-BAEC-93105977A335}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{827BA84C-5F5E-44AB-B73F-E1752BFB6249}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"TCP Query User{C024973B-2E5D-456F-A899-85A1462D5DA4}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{CEBD3479-1D09-43C1-AC60-3174F824C992}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{D2DB6A8F-5421-4978-AE6F-2FAC0E1E2F25}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{D7F43502-ADD6-428A-BA85-5238DE9820FA}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{EC7787A2-2E3E-4159-A51C-EA28E753B720}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{F98DEE59-26D3-4F63-B9DB-55FB27A9A52E}C:\program files\java\jre8\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\java.exe |
"UDP Query User{1180736A-AF4D-45F5-9999-73E51CAE98A8}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{398870F9-E9F8-4D20-865E-8334E6660F51}C:\yahoo messenger\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\yahoo messenger\messenger\yahoomessenger.exe |
"UDP Query User{574F5C54-72A9-44EC-AA14-46A436D7BFF1}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{8446B48B-71D6-4291-ABA6-83F28AB58178}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{8E152973-5A09-46C3-873B-41F9BE75486E}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"UDP Query User{9ED46C4E-3A73-4099-A89B-7D41B114376A}C:\users\triple y\appdata\roaming\.minecraft\runtime\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\triple y\appdata\roaming\.minecraft\runtime\jre7\bin\javaw.exe |
"UDP Query User{A2633978-8CA2-41CD-90AF-5E4946C65B88}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{ABCADF36-7E0D-4824-8FD0-A1F1775B7ABC}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{AFAAC141-685E-45D2-919E-3520C0F748DF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{FBBE2953-DDEC-44A0-980D-F52A38F5E891}C:\program files\java\jre8\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\java.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{28791292-D18D-42FA-AE66-3D3D20AA8618}" = Apple Application Support(64 ビット)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{5ED7462B-EF58-4757-B609-53755021EC34}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{7629623D-F0D0-4AC6-A763-FBE06ED8288C}" = Intel(R) Rapid Storage Technology
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{996D32B6-F629-4764-894B-CB24D9C19051}" = Microsoft Security Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
"Speccy" = Speccy

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{024D6C9E-4775-421D-B0D0-D4F123687778}" = Windows Live Essentials
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{15E13D3B-4B57-4F68-9BA4-5D86C0931833}" = Pixia
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}" = Apple Application Support(32 ビット)
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5E848897-1113-49FE-8FCE-D4BF39EDE254}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{81AD22B9-C28A-45a3-94B3-5FECD221AD5C}" = コンテンツ管理アシスタント for PlayStation(R)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EA12696-D38C-44DD-96E5-12C8DF6F8230}" = Windows Live Writer Resources
"{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}" = Movie Maker
"{98732F28-AF48-45CB-B7E0-4A3836DCC56A}" = ExifEraser
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1041-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Japanese
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{C81C7686-CF6D-49FA-8698-2BFE49A4256D}" = OpenOffice 4.1.1
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{C8FEB019-F2E1-4E8F-886E-AB5C68FE531C}" = Windows Live メール
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}" = フォト ギャラリー
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3BB7E2D-62E0-4008-8727-588EDC274C25}" = Photo Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"BSMBU03_is1" = BSMBU03 V1.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.6.2
"Ez_MailChecker" = Ez-MailChecker
"Jane Style_is1" = Jane Style Version 3.81
"Lhaplus" = Lhaplus
"Mozilla Firefox 37.0.1 (x86 ja)" = Mozilla Firefox 37.0.1 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"sakura editor_is1" = sakura editor(サクラエディタ)
"WinLiveSuite" = Windows Live Essentials

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014/12/26 22:28:18 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/12/27 1:18:16 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/12/27 1:22:01 | Computer Name = TripleY-PC | Source = RasClient | ID = 20227
Description =

Error - 2014/12/27 1:22:08 | Computer Name = TripleY-PC | Source = RasClient | ID = 20227
Description =

Error - 2014/12/27 1:22:33 | Computer Name = TripleY-PC | Source = RasClient | ID = 20227
Description =

Error - 2014/12/27 1:22:54 | Computer Name = TripleY-PC | Source = RasClient | ID = 20227
Description =

Error - 2014/12/27 3:50:14 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/12/27 4:25:46 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/12/27 21:12:57 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

Error - 2014/12/27 22:23:40 | Computer Name = TripleY-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2015/04/19 7:51:18 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/19 7:51:18 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/19 7:51:18 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/19 7:51:18 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/19 7:51:18 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/19 7:51:36 | Computer Name = TripleY-PC | Source = DCOM | ID = 10005
Description =

Error - 2015/04/19 7:51:36 | Computer Name = TripleY-PC | Source = DCOM | ID = 10005
Description =

Error - 2015/04/19 7:51:36 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/20 7:56:39 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7006
Description = ScRegSetValueExW 呼び出しは、Start について次のエラーで失敗しました: %%5

Error - 2015/04/20 7:56:41 | Computer Name = TripleY-PC | Source = Service Control Manager | ID = 7006
Description = ScRegSetValueExW 呼び出しは、FailureCommand について次のエラーで失敗しました: %%5


< End of report >
  • ドのつく素人
  • 2015/04/20 (Mon) 21:10:02
返信フォームへ 
OTLで処置を
お待たせいたしました。
OTLで処置を行いましょう。

メモ帳を起動させ、以下をコピペしてください。
なお、:OTL、:Files、:Commands等はOTLでの処理方法を決める命令文です。
削除なされないようご注意ください。

------コピペこの下より------
:OTL
[2015/04/19 08:37:46 | 000,000,000 | ---D | C] -- C:\Users\Triple Y\AppData\Roaming\Malwarebytes
[2015/04/19 08:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/18 09:56:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner

:Files
c:\yahoo messenger
c:\program files (x86)\yahoo!\messenger

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9}"=-
"{E564B7AB-94B5-49AE-9156-7F9A61E2F030}"=-
"{F4A3E608-B9A4-4DD4-9947-1C124214D85C}"=-
"{F94D21B9-2677-476A-AE64-BC32C979175B}"=-
"{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D}"=-
"{398870F9-E9F8-4D20-865E-8334E6660F51}"=-

:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

コピペが完了しましたら、分かりやすいお名前をつけて保存してください。
その後、PCをセーフモードで起動させてください。
再度OTLを起動させ、Custom Scan/Fixesの項目内に上記で保存した内容をコピペしてください。
今回は駆除作業のため、その他のチェック項目はありません。
赤い文字の[Run Fix]をクリックして処置を開始してください。
OTLの処置に従って進めてゆき、通常モードで再起動を行う前後いずれかに処置ログが表示されますので、
そちらのログを貼り付けてご連絡ください。
またその際に状況報告もお願いいたします。
  • IVNO
  • MAIL
  • 2015/04/21 (Tue) 14:48:32
返信フォームへ 
OTLでの処置完了
処置終了後
The system requires a reboot to finish removing files.
Click Ok to reboot now.
というメッセージが出たのでOKをクリックし再起動しました

その後、パスワードを入力し「ようこそ」の画面がしばらく出た後に再起動完了
その際に下記のログが出力されました。
以下ログです、よろしくお願いします。

wAll processes killed
========== OTL ==========
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\757db02abb22af21 folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RoboSaaver folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RandomPrrIuce folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RandomPrrice folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewSAAvEr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeewSaVer folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeeettOCoupon folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MinimummPPrice folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MiNimoumPrIcee folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\IsaeveER folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindBBestDeall folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\EEnjuooyCCoupon folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BUyNssave folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AllCheapPrricoe folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86) folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner folder moved successfully.
========== FILES ==========
c:\yahoo Messenger folder moved successfully.
File\Folder c:\program files (x86)\yahoo!\messenger not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E564B7AB-94B5-49AE-9156-7F9A61E2F030} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E564B7AB-94B5-49AE-9156-7F9A61E2F030}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4A3E608-B9A4-4DD4-9947-1C124214D85C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F4A3E608-B9A4-4DD4-9947-1C124214D85C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F94D21B9-2677-476A-AE64-BC32C979175B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F94D21B9-2677-476A-AE64-BC32C979175B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{398870F9-E9F8-4D20-865E-8334E6660F51} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{398870F9-E9F8-4D20-865E-8334E6660F51}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Triple Y
->Flash cache emptied: 17817921 bytes

Total Flash Files Cleaned = 17.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Triple Y
->Java cache emptied: 1259912 bytes

Total Java Files Cleaned = 1.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Triple Y
->Temp folder emptied: 17535593 bytes
->Temporary Internet Files folder emptied: 248826111 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 377596685 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 348918412 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42306164 bytes
RecycleBin emptied: 86772377 bytes

Total Files Cleaned = 1,070.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04212015_200955

Files\Folders moved on Reboot...
C:\Users\Triple Y\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Triple Y\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • ドのつく素人
  • 2015/04/21 (Tue) 20:24:08
返信フォームへ 
異常なければ全体の再確認を
今日はかなり遅くなってごめんなさい。

処置後のログを見たところ、OTLで処置できるものはできたようなのでいいです。
では現在PCに異常は出てませんか?

特に出てなければ全体の再確認しましょう。
またCCでの各タブのログと、HJTとインストール情報ログを取り直して、それらをレスで見せてください
  • 悪代官
  • 2015/04/22 (Wed) 22:10:10
返信フォームへ 
Re: Firefoxでのマルウェア
特に以上はみられません
強いて言うなら、回線速度が遅く感じられるようになったくらいでしょうか

CCでの各タブのログというのがよくわかりません。

HJT
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:20:00, on 2015/04/23
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Jane Style\Jane2ch.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Triple Y\Desktop\削除関係\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7977 bytes


インストール情報
7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/04/16 190 MB 15.007.20033
Adobe Flash Player 17 ActiveX Adobe Systems Incorporated 2015/04/19 6.00 MB 17.0.0.169
Adobe Flash Player 17 NPAPI Adobe Systems Incorporated 2015/04/19 6.00 MB 17.0.0.169
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2015/04/19
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 71 2013/07/11
Java 8 Update 45 Oracle Corporation 2015/04/19 77.1 MB 8.0.450
Lhaplus 2015/04/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.2 (x86 ja) Mozilla 2015/04/22 83.4 MB 37.0.2
Mozilla Maintenance Service Mozilla 2015/04/19 341 KB 29.0.1
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice 4.1.1 Apache Software Foundation 2015/04/17 335 MB 4.11.9775
Pixia Isao Maruoka 2014/01/06 4.80d
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4
  • ドのつく素人
  • 2015/04/23 (Thu) 22:21:09
返信フォームへ 
CCの操作案内です
作業と報告、ご苦労様です。

>CCでの各タブのログというのがよくわかりません。

ごめんなさい、これは自分の説明が抜けてました。
こいつはうっかりだぁ!(←それ悪代官のポジションじゃないから

ではCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。
ただし、「コンテキストメニュー」のログは取らなくていいです。

CCの各ログをとったらCCは終了してください。

これで保存したCCでの各タブのログを返信に貼り付けて見せてください。

なお、自分から次のレスできるのは明日夕か夜になりそうなので、ご了承ください
  • 悪代官
  • 2015/04/23 (Thu) 22:52:30
返信フォームへ 
Re: Firefoxでのマルウェア
説明有り難うございます!
遅くなっても構いませんのでよろしくお願いします

Windows
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\System32\StikyNot.exe
有効 HKLM:Run ADOTMAPP "C:\mausu\BSMBU03\ADOTMAPP"
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup User EzML.lnk C:\Program Files\Ez_MailChecker\EzML.exe
有効 Startup User firefox.lnk Mozilla Corporation C:\Program Files (x86)\Mozilla Firefox\firefox.exe
有効 Startup User Jane.lnk Jane, Inc. C:\Program Files (x86)\Jane Style\Jane2ch.exe
有効 Startup User NanJoy.lnk C:\NanJoy\NanJoy.exe

IE
無効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
無効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll

Firefox
有効 Extension Adblock Plus 2.6.9 Wladimir Palant default-1423977803951 Firefox 37.0.2 C:\Users\Triple Y\AppData\Roaming\Mozilla\Firefox\Profiles\seghy30o.default-1423977803951\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Plugin 3.0.72.0 Intel Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin 3.0.72.0 Intel Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Adobe Acrobat 15.7.20033.2203 Adobe Systems Inc. default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Google Update 1.3.25.11 Google Inc. default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
有効 Plugin Java Deployment Toolkit 8.0.450.14 11.45.2.14 Oracle Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U45 11.45.2.14 Oracle Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
有効 Plugin NVIDIA 3D Vision 7.17.13.3489 NVIDIA Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3489 NVIDIA Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin Photo Gallery 16.4.3528.331 Microsoft Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
有効 Plugin Shockwave Flash 17.0.0.169 Adobe Systems Incorporated default-1423977803951 Firefox 37.0.2 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
有効 Plugin Silverlight Plug-In 5.1.30514.0 Microsoft Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

スケジュールされたタスク
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task CrystalDiskInfo Crystal Dew World "C:\HDD kanri\CrystalDiskInfo\DiskInfo.exe" /Startup
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

以上です
  • ドのつく素人
  • 2015/04/24 (Fri) 00:52:32
返信フォームへ 
CCの設定変更後に様子見ですね
作業と報告、ご苦労様です。

続きのログを見せてもらいました。
今のところは危険なものはなさそうですね。

ではPC動作を少し軽くするためにCCの設定を操作してみてください。

CCを起動して「オプション」→「モニタリング」を開いてください。

そこで「システムモニタリングを有効」「アクティブモニタリングを有効」欄にチェックが入っていたらそのチェックを外してください。
この時確認メッセージが出てもそのまま「はい」選択でいいです。

この設定はCCの常駐監視機能ですが、有効にしておくといくらか動作に負担が出るのと、普通にPC操作するだけでも警告が出ることもあるので、PCの通常使用も使いにくくなることもある機能です。
なので特に必要なければ無効化しておくといいです。

これができたら他に異常出てなければ様子見に入りましょう。
普通にPCを使いつつ1週間様子見のあと、そこでまたCCの各タブのログと、インストール情報とHJTのログを取り直して、それらを様子見中の状態報告とともにレスください。

この時点でログにも状態にも異常が消えていればヤマも越えられるでしょうが、何か再発とかあったら1週待たなくていいのでそこでレスください
  • 悪代官
  • 2015/04/24 (Fri) 20:26:10
返信フォームへ 
Re: Firefoxでのマルウェア
ありがとうございます
CCの設定変更をしました。

何もなければ5月の頭くらいにレスします。

ありがとうございました
  • ドのつく素人
  • 2015/04/24 (Fri) 20:39:12
返信フォームへ 
状況報告
アレから一週間たちましたが、今のところこれといった問題は発生しておりません

各ログ
Windows
有効 HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\System32\StikyNot.exe
有効 HKLM:Run ADOTMAPP "C:\mausu\BSMBU03\ADOTMAPP"
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup User EzML.lnk C:\Program Files\Ez_MailChecker\EzML.exe
有効 Startup User firefox.lnk Mozilla Corporation C:\Program Files (x86)\Mozilla Firefox\firefox.exe
有効 Startup User Jane.lnk Jane, Inc. C:\Program Files (x86)\Jane Style\Jane2ch.exe
有効 Startup User NanJoy.lnk C:\NanJoy\NanJoy.exe


IE
無効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
無効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll


firefox
有効 Extension Adblock Plus 2.6.9 Wladimir Palant default-1423977803951 Firefox 37.0.2 C:\Users\Triple Y\AppData\Roaming\Mozilla\Firefox\Profiles\seghy30o.default-1423977803951\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Plugin 3.0.72.0 Intel Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin 3.0.72.0 Intel Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin Adobe Acrobat 15.7.20033.2203 Adobe Systems Inc. default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Google Update 1.3.25.11 Google Inc. default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
有効 Plugin Java Deployment Toolkit 8.0.450.14 11.45.2.14 Oracle Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U45 11.45.2.14 Oracle Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
有効 Plugin NVIDIA 3D Vision 7.17.13.3489 NVIDIA Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3489 NVIDIA Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin Photo Gallery 16.4.3528.331 Microsoft Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
有効 Plugin Shockwave Flash 17.0.0.169 Adobe Systems Incorporated default-1423977803951 Firefox 37.0.2 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
有効 Plugin Silverlight Plug-In 5.1.30514.0 Microsoft Corporation default-1423977803951 Firefox 37.0.2 C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll


スケジュールされたタスク
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task CrystalDiskInfo Crystal Dew World "C:\HDD kanri\CrystalDiskInfo\DiskInfo.exe" /Startup
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler


インストール情報
7-Zip 9.20 (x64 edition) Igor Pavlov 2014/01/15 4.53 MB 9.20.00.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/04/16 190 MB 15.007.20033
Adobe Flash Player 17 ActiveX Adobe Systems Incorporated 2015/04/19 6.00 MB 17.0.0.169
Adobe Flash Player 17 NPAPI Adobe Systems Incorporated 2015/04/19 6.00 MB 17.0.0.169
Apple Application Support(32 ビット) Apple Inc. 2015/03/04 94.3 MB 3.1.1
Apple Application Support(64 ビット) Apple Inc. 2015/03/04 107 MB 3.1.1
Apple Mobile Device Support Apple Inc. 2015/03/04 27.9 MB 8.1.0.18
ASUS Product Register Program ASUSTek Computer Inc. 2013/07/11 21.2 MB 1.0.020
BSMBU03 V1.0 iBUFFALO 2013/07/16 2.62 MB
Canon MG3100 series MP Drivers 2013/07/13
CCleaner Piriform 2015/04/15 5.04
CrystalDiskInfo 5.6.2 Crystal Dew World 2013/07/11 3.94 MB 5.6.2
ExifEraser Kosuke 2013/10/05 116 KB 1.0.1
Ez-MailChecker 2015/04/19
Google 日本語入力 Google Inc. 2014/01/31 83.0 MB 1.13.1641.0
Intel(R) Control Center Intel Corporation 2013/07/11 1.2.1.1010
Intel(R) Management Engine Components Intel Corporation 2013/01/23 9.0.0.1310
Intel(R) Rapid Storage Technology Intel Corporation 2013/07/11 12.0.0.1083
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/03/06 2.0.0.100
Jane Style Version 3.81 Jane, Inc. 2015/03/12 3.81
Java 7 Update 71 2013/07/11
Java 8 Update 45 Oracle Corporation 2015/04/19 77.1 MB 8.0.450
Lhaplus 2015/04/19
Microsoft .NET Framework 4.5.1 Microsoft Corporation 2014/02/26 38.8 MB 4.5.50938
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/02/28 2.93 MB 4.5.50938
Microsoft Security Essentials Microsoft Corporation 2015/02/11 4.7.205.0
Microsoft Silverlight Microsoft Corporation 2014/07/25 249 MB 5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/11/29 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/07/12 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2013/07/14 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/09/12 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2013/07/14 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2013/07/11 11.1 MB 10.0.40219
Mozilla Firefox 37.0.2 (x86 ja) Mozilla 2015/04/22 83.4 MB 37.0.2
Mozilla Maintenance Service Mozilla 2015/04/19 341 KB 29.0.1
NVIDIA 3D Vision コントローラー ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA 3D Vision ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
NVIDIA HD オーディオ ドライバー 1.3.30.1 NVIDIA Corporation 2014/02/19 1.3.30.1
NVIDIA PhysX システム ソフトウェア 9.13.1220 NVIDIA Corporation 2014/02/19 9.13.1220
NVIDIA グラフィックス ドライバー 334.89 NVIDIA Corporation 2014/02/19 334.89
OpenOffice 4.1.1 Apache Software Foundation 2015/04/17 335 MB 4.11.9775
Pixia Isao Maruoka 2014/01/06 4.80d
Realtek Ethernet Controller Driver Realtek 2013/07/11 7.67.1226.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/07/11 6.0.1.6782
sakura editor(サクラエディタ) サクラエディタ開発チーム 2014/01/15 5.58 MB
Speccy Piriform 2014/09/17 1.25
Windows Live Essentials Microsoft Corporation 2014/11/29 16.4.3528.0331
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2014/08/02 6.39 MB 3.10.7525.4


HJT
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:33:18, on 2015/05/04
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\mausu\BSMBU03\ADOTMAPP.exe
C:\Program Files\Ez_MailChecker\EzML.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Jane Style\Jane2ch.exe
C:\NanJoy\NanJoy.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Triple Y\Desktop\削除関係\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ADOTMAPP] "C:\mausu\BSMBU03\ADOTMAPP"
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: EzML.lnk = C:\Program Files\Ez_MailChecker\EzML.exe
O4 - Startup: firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Startup: Jane.lnk = C:\Program Files (x86)\Jane Style\Jane2ch.exe
O4 - Startup: NanJoy.lnk = C:\NanJoy\NanJoy.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{1699D06C-AA75-427C-82A1-B4F22F48441E}: NameServer = 218.219.15.129 218.219.15.130
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7884 bytes


  • どのつく素人
  • 2015/05/04 (Mon) 20:39:19
返信フォームへ 
作業は終了ですが、以後の自衛はここからです
作業と報告、ご苦労様です。
様子見中もおかしな症状は出なかったようですね。

各ログも見せてもらいましたが、不審な痕跡も見えません。

では本題の処置に関してはこれで終了にしましょう。
ですが以後の再被害を防ぐための自衛はこれからがスタートと思ってください。
ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

今日も相談者さん多数のため細かい箇所まで案内できなくてすみませんが、他の方のスレも参考にしながら、わかる範囲から少しずつでもPC環境とセキュリティ意識を再構築していってください。

慣れない作業を頑張ってくれてお疲れ様でした。
きれいに掃除できたPCを大事に使いながら、以後は安全で快適なPCライフを
  • 悪代官
  • 2015/05/04 (Mon) 20:51:28
返信フォームへ 
ありがとうございました!
またここでお世話にならぬよう、自衛を頑張りたいと思います。

本当に有難うございました
  • どのつく素人
  • 2015/05/06 (Wed) 10:44:53
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック