悪代官の伏魔殿掲示板
放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
1週間ほど前から、Webブラウザの調子が悪くて困っています。
ブラウザを放置していると別ページ(PCがウイルスに感染しています、など記載された、ウイルス除去ソフトの広告サイト)にリダイレクトで飛ばされたり、ページ上にby DNSUnlockerの書かれた広告が出るようになってしまいました。
それ以外にも、ページ上でクリックすると広告サイトのタブが開く、ページ自体の中身は読み込み終わっているのにタブの左のアイコンが読み込み中のぐるぐるのままで、そのまま放置しているとエラーを起こして再読み込みを求められる、全体的にブラウザの動きが重い、などの症状が出ています。

最近インストールしたソフトなどに心当たりがなく、症状を検索しても思ったような解決方法が見つかりませんでした。
解決の手助けをしていただけたら幸いです。

以下ログです。

-----------------------

HJTのログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:54:41, on 2015/08/23
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

FIREFOX: 40.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Thunder Master\THPanel.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
D:\Tapur\tapmgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\Tapur\Tapur.exe
C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
D:\SnapCrab for Windows\SnapCrab.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
D:\LINE\Line.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
D:\Firefox\firefox.exe
D:\Users\Dai\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
O4 - HKCU\..\Run: [Line] "D:\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Tapur] D:\Tapur\tapmgr.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: SnapCrab.lnk = D:\SnapCrab for Windows\SnapCrab.exe
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9462411-646D-4818-84F1-023340BFC850}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SplashtopR Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\VMwarePlayer\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 13286 bytes



CCのログ

+Lhaca 2014/10/18
7-Zip 9.20 2014/10/18
Acrobat.com Adobe Systems Incorporated 2014/06/03 1.1.377
ActivePerl 5.16.3 Build 1604 (64-bit) ActiveState 2014/06/13 83.9 MB 5.16.1604
Adobe AIR Adobe Systems Incorporated 2015/08/05 18.0.0.180
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/12 8.30 MB 18.0.0.232
Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/07/16 205 MB 11.0.12
Alliance of Valiant Arms 株式会社ゲームオン 2015/07/30 11240472
Any Video Converter 5.6.3 Any-Video-Converter.com 2014/07/21 99.8 MB
Apple Application Support(32 ビット) Apple Inc. 2015/05/02 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/05/02 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/02/21 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/06/08 2.38 MB 2.1.3.127
ASRock App Charger v1.0.6 ASRock Inc. 2014/06/03 1.32 MB 1.0.6
ASRock HDMI Switch v1.0.25 2014/06/03 3.48 MB 1.0.25
ASRock Key Master v1.0.7 2014/06/03 6.08 MB 1.0.7
ASRock SmartConnect v1.0.6 ASRock Inc. 2014/06/03 3.00 MB
ASRock XFast RAM v3.0.2 ASRock Inc. 2014/06/03 12.0 MB
Audacity 2.0.5 Audacity Team 2014/06/25 45.5 MB 2.0.5
Battlelog Web Plugins EA Digital Illusions CE AB 2015/01/22 2.6.2
BioShock 2K Boston 2014/11/02
BioShock 2 2K Marin 2014/11/02
BioShock Infinite Irrational Games 2014/11/02
Bonjour Apple Inc. 2014/06/08 2.00 MB 3.0.0.10
Brother ドライバー&ソフトウェア DCP-J952N Brother Industries, Ltd. 2014/06/12 1.0.4.0
CCI-Pro-MR_x86 COSMOSOFT 2014/08/12 2.20 MB 3.13.0919
CCleaner Piriform 2015/08/20 5.08
CitiesOnline 2014/11/12
Common GameOn 2015/07/30 2290680
Craving Explorer Version 1.6.16 T-Craft 2015/04/11 23.1 MB 1.6.16.0
Dead Rising 2 Capcom Vancouver 2015/04/03
Debut Video Capture Software NCH Software 2014/08/12 1.90
DesignDoll Terawell 2015/01/08 1.1.0.6
F-Stream Tuning v2.0.48 2014/06/03 84.5 MB 2.0.48
Google Chrome Google Inc. 2015/02/22 44.0.2403.157
Google 日本語入力 Google Inc. 2014/09/11 83.0 MB 1.13.1641.0
GSview 5.0 Ghostgum Software Pty Ltd 2014/10/14 5.0
Gyazo 3.1.6 Nota Inc. 2015/08/21 22.1 MB
Hangame 2014/11/15
Intel(R) Network Connections 18.5.54.0 Intel 2014/06/03 25.7 MB 18.5.54.0
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/03 12.8.0.1016
Intel(R) Smart Connect Technology 4.1 x64 Intel 2014/06/03 44.0 MB 4.1.40.2143
IObit Uninstaller IObit 2015/08/17 4.3.0.118
iTunes Apple Inc. 2015/05/02 233 MB 12.1.2.27
Janetter 4.3.0.2 Jane, Inc. 2014/10/15
Java 7 Update 79 (64-bit) Oracle 2015/07/10 118 MB 7.0.790
Java 8 Update 31 Oracle Corporation 2015/01/26 6.07 MB 8.0.310
Java SE Development Kit 7 Update 79 (64-bit) Oracle 2015/07/10 245 MB 1.7.0.790
JUMAN 7.0 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 52.8 MB
KNP 4.11 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 2.47 GB
Left 4 Dead 2 Valve 2014/10/03
Lhaplus 2014/07/13
LINE LINE Corporation 2015/08/13 4.1.2.516
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2014/10/16 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2015/02/22 2.93 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable (PartnerNet) Microsoft Corporation 2015/04/03 31.5 MB 3.5.88.0
Microsoft Games for Windows Marketplace (Partnernet) Microsoft Corporation 2015/04/03 5.26 MB 3.5.50.0
Microsoft Office Professional 2013 - ja-jp Microsoft Corporation 2015/08/23 15.0.4745.1002
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/14 4.8.204.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/07/17 298 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/04/03 570 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/02/17 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2015/04/22 240 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/02/18 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/04 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/04/22 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/06/05 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 5.38 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 15.0 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
Minecraft Mojang 2015/01/30 1.22 MB 1.0.3.0
Mozilla Firefox 40.0.2 (x86 ja) Mozilla 2015/08/17 84.5 MB 40.0.2
Mozilla Maintenance Service Mozilla 2015/08/17 233 KB 40.0.2
Neffy 1,2,5,0 CDNetworks 2015/07/29 1,2,5,0
Nexus Mod Manager Black Tree Gaming 2014/10/25 16.3 MB 0.52.3
NVIDIA 3D Vision コントローラー ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA 3D Vision ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA GeForce Experience 1.7.1 NVIDIA Corporation 2014/06/04 1.7.1
NVIDIA HD オーディオ ドライバー 1.3.26.4 NVIDIA Corporation 2014/06/04 1.3.26.4
NVIDIA PhysX システム ソフトウェア 9.13.0725 NVIDIA Corporation 2014/06/04 9.13.0725
NVIDIA Virtual Audio 1.2.9 NVIDIA Corporation 2014/06/04 1.2.9
NVIDIA グラフィックス ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
Oracle VM VirtualBox 4.3.26 Oracle Corporation 2015/04/22 157 MB 4.3.26
Origin Electronic Arts, Inc. 2014/06/04 9.4.7.2799
Outlast Red Barrels 2014/10/03
PHANTASY STAR ONLINE 2 SEGA 2014/07/29 7.51 MB
Pmangインストールマネージャー GameOn,Pmang 2014/08/18 1.0.1.1
PunkBuster Services Even Balance, Inc. 2014/06/04 0.991
QuickTime 7 Apple Inc. 2014/10/25 70.2 MB 7.76.80.95
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/06/03 6.0.1.7004
Robocraft Freejam 2014/07/09
RPGツクール2000 ランタイムパッケージ 2014/06/07
RPGツクール2003 ランタイムパッケージ 2015/07/12
Skype Click to Call Microsoft Corporation 2015/05/22 10.1 MB 7.4.0.9058
Skype(TM) 7.7 Skype Technologies S.A. 2015/08/17 74.5 MB 7.7.103
SnapCrab for Windows 1.1.1 Fenrir Inc. 2014/06/04 8.28 MB
SPECIAL FORCE 2 NHN PlayArt Corp. 2015/01/10 6.15 GB 1.0.0.0
Splashtop Software Updater Splashtop Inc. 2014/06/03 1.5.6.14
Splashtop Streamer Splashtop Inc. 2014/06/03 25.6 MB 2.3.0.2
Steam Valve Corporation 2014/06/11
Tapur 5.3.0.111 tapur.com 2014/06/24 9.43 MB
TERA GameOn 2014/08/18 1
TeraPad 2014/09/10
The Elder Scrolls V: Skyrim Bethesda Game Studios 2014/10/03
The Evil Within Tango Gameworks 2014/12/03
Thunder Master v1.9 Palit Microsystems Ltd. 2014/06/03 5.21 MB 1.9.8.5
Tomb Raider Crystal Dynamics 2014/10/17
Tomb Raider: Anniversary Crystal Dynamics 2015/04/04
TrimMaker Software Publisher 2014/03/18
Trine Frozenbyte 2014/10/17
Trine 2 Frozenbyte 2014/10/17
VMware Player VMware, Inc 2015/04/22 390 MB 7.1.0
Warframe Digital Extremes 2015/04/01
Warframe Digital Extremes 2014/06/11 1.95 MB 1.0.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
Windows Live ID Sign-in Assistant Microsoft Corporation 2015/04/03 10.0 MB 6.500.3165.0
XFast LAN v9.05 cFos Software GmbH, Bonn 2014/06/03 9.05
XFastUSB ASRock Inc. 2014/06/03 3.02.38
XSplit SplitMediaLabs 2014/06/03 95.7 MB 1.2.1303.0101
エレコム マウスカスタマイザー ELECOM 2014/07/26 1.00.00000
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2014/10/16 376 KB 1.16
バトルフィールド 3 Electronic Arts 2014/06/04 1.6.0.0
ペイントツールSAI Ver.1 2014/06/06
ワコム タブレット Wacom Technology Corp. 2014/06/04 6.3.6-1
  • sora
  • 2015/08/23 (Sun) 21:12:49
返信フォームへ 
とりあえず応急処置だけレスします
こんばんは。
ここの管理人の悪代官です。
説明とログを見せていただきました。

では以下の説明を読んでから、順番に作業してください。

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html

その状態でコントロールパネルから下記をアンインストールしてください。
>Audacity 2.0.5 Audacity Team 2014/06/25 45.5 MB 2.0.5

>GSview 5.0 Ghostgum Software Pty Ltd 2014/10/14 5.0

>Gyazo 3.1.6 Nota Inc. 2015/08/21 22.1 MB

>Splashtop Software Updater Splashtop Inc. 2014/06/03 1.5.6.14

>Splashtop Streamer Splashtop Inc. 2014/06/03 25.6 MB 2.3.0.2

ここでPCを通常モードで再起動してから、今度はCCleaner(CC)を起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとしばらくPC状態を様子見後に、CCでの各タブのログとともに状態報告をレスください。

もし前述の作業で異常が沈静化してもしなくても、、上記の作業ではまだ「解決」にはなりません。
その作業後の状態とログを見てから次の対処にかかります。

なお、都合で自分が次にレスできるのは明日夜くらいになるかと思うので、すみませんがご了承ください
  • 悪代官
  • 2015/08/23 (Sun) 21:38:31
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レス早くて驚きました。

アンインストールを行った結果、Audacity、Gyazoは「一部のファイルが削除できなかったので手動で削除してください」という旨のメッセージが出ました。
Splashtop Streamer Splashtopは「Windows Installer サービスにアクセスできませんでした。サポート担当者に連絡して、Windows Installerが正しく登録されているか確認してください」というメッセージが出て、アンインストールできませんでした。
ほか2つは無事アンインストールできたようです。

PCの状態はあまり変わっていません。
広告はでていますし、読み込み中のぐるぐるのままのページもあります。
放置中のリダイレクトや別のタブが勝手に開くようなことはまだありませんが、おそらく起きるとは思います。

明日の夜ですね。
了解しました、お待ちしております。

以下ログです。

-------------

Windowsタブ

有効 HKCU:Run ASRockHDMISwitch
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Fatal1tySTU
有効 HKCU:Run Line LINE Corporation "D:\LINE\Line.exe" --booting
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run Tapur tapur.com D:\Tapur\tapmgr.exe
有効 HKCU:Run THPanel Palit Microsystems Ltd. "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
有効 HKLM:Run ElcMouse C:\Program Files\ELECOM_Mouse_Driver\ElcMouseApl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
無効 HKLM:Run LogMeIn Hamachi Ui "D:\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Nvtmru NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
有効 HKLM:Run QuickTime Task Apple Inc. "D:\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run XFast LAN cFos Software GmbH C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
有効 HKLM:Run XFastUSB FNet Co., Ltd. "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
有効 Startup Common iSCTsysTray.lnk Intel Corporation C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
無効 Startup User backpacks.lnk C:\ProgramData\{a51ded89-9674-0a88-a51d-ded89967b626}\backpacks.exe --startup=1
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
有効 Startup User SnapCrab.lnk Fenrir Inc. D:\SnapCrab for Windows\SnapCrab.exe



Internet Explorerタブ

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll



FireFoxタブ

有効 Extension Adblock Plus 2.6.10 Wladimir Palant default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension BarTab Lite 1.3.1-signed Philipp von Weitershausen default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\bartablite@philikon.de.xpi
有効 Extension Fasterfox Lite 3.9.9Lite.1-signed BigRedBrent default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\FasterFox_Lite@BigRedBrent
有効 Extension Memory Fox 7.4.1-signed IDEVFH default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
有効 Extension Password Exporter 1.3.1.1-signed Justin Scott default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
有効 Extension Restart Button 0.1.5.1-signed sotarok default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\restartbutton@strk.jp.xpi
有効 Plugin Adobe Acrobat 11.0.12.18 Adobe Systems Inc. default Firefox 40.0.2 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.2 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.1 Google Inc. default Firefox 40.0.2 C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.2 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.310.13 11.31.2.13 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U31 11.31.2.13 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 40.0.2 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin NVIDIA 3D Vision 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin pmangdiagnostic 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangdiagnostic.dll
有効 Plugin pmangsupport 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangsupport.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin QuickTime Plug-in 7.7.6 7.7.6.0 Apple Inc. default Firefox 40.0.2 D:\QuickTime\Plugins\npqtplugin5.dll
有効 Plugin WacomTabletPlugin 2.1.0.3 Wacom default Firefox 40.0.2 C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll



Google Chromeタブ

有効 Extension Postcron 250 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\kahoebmmfnjmjcbclecdkhiapmefpaed\250
有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1



スケジュールされたタスクタブ

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task Bidaily Synchronize Task[8da6] c:\programdata\{34996709-c7be-243e-3499-96709c7b9c27}\hqghumeaylnlf.exe --startup=1 --single
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GyazoUpdateTaskMachine "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
有効 Task GyazoUpdateTaskMachineDaily "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
有効 Task HDMISwitch ASROCK Incorporation C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
有効 Task Microsoft Office 15 Sync Maintenance for Dai-PC-Dai Dai-PC Microsoft Corporation C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
有効 Task ThunderMaster Palit Microsystems Ltd. C:\Program Files (x86)\Thunder Master\THPanel.exe /A
有効 Task Uninstaller_SkipUac_Dai IObit C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
有効 Task {0882BD34-7519-4D9F-8AF0-78CB50DAB104} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register
有効 Task {5635A0B3-AEAC-42BD-94BB-45D5470FD1AE} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Steam\SteamApps\common\Trine\PhysX_9.09.0408_SystemSoftware.exe -d D:\Steam\steamapps\common\Trine\_enchanted_edition_ -c /passive
有効 Task {6A591FB8-F725-41FC-87F5-4F46D46BB678} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\Dai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QN5D3SZ\pmang_common_module.exe" -d D:\Users\Dai\Desktop
有効 Task {81D8AC7C-6E8D-4E9D-9758-84452E6CEE84} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\vcredist_x86.exe -d D:\Users\Dai\Downloads
有効 Task {F7AF52A5-08B1-4B46-BF8E-18B7B0C81238} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\HijackThis.exe -d D:\Users\Dai\Downloads



コンテキストメニュータブ

有効 Directory 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 Directory IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Drive Lhaplus D:\Lhaplus\LplsShlx.dll
有効 Drive VMDiskMenuHandler VMware, Inc. E:\VMwarePlayer\vmdkShellExt.dll
有効 Drive VMDiskMenuHandler64 VMware, Inc. E:\VMwarePlayer\x64\vmdkShellExt64.dll
有効 File 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 File IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 File Lhaplus D:\Lhaplus\LplsShlx.dll
有効 Folder IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Folder Lhaplus D:\Lhaplus\LplsShlx.dll
  • sora
  • 2015/08/24 (Mon) 01:21:28
返信フォームへ 
Chromeはリセットしてみましょう
レスが遅くなってすみません。

先の作業後も異常は続いているようですね。
ですが続きのログも見せてもらってだいぶ状態も見えてきました。

ではまた説明に沿って作業をお願いします。
先に説明できなかった部分も含めて再度進めていくので、一応確認を兼ねて読み直してください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

少なくとも下記のアプリは旧バージョンです。
>Adobe Reader XI (11.0.12) - Japanese Adobe Systems Incorporated 2015/07/16 205 MB 11.0.12

>Java 8 Update 31 Oracle Corporation 2015/01/26 6.07 MB 8.0.310

>Lhaplus 2014/07/13

Skype(TM) 7.7 Skype Technologies S.A. 2015/08/17 74.5 MB 7.7.103

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

>Craving Explorer Version 1.6.16 T-Craft 2015/04/11 23.1 MB 1.6.16.0
ダウンロード支援ツールはできればアンインストールをお勧めします。
DLツールは各社のアンチウイルスソフトでサポート外です。
つまり、これらDLツールを使って危険なサイトやファイルにアクセスすると、マルウェアがあってもブロックできずに感染してしまう危険が高くなります。
ただでさえDLツールを使う人が多い動画サイトは現在、その隙を狙う危険な罠リンクや悪質広告の巣窟に成り果てています。
どうしても使うなら最新版に更新したうえで、これによるいかなトラブルに遭っても自己責任で。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html

続いてセーフモードのままでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe

>O23 - Service: SplashtopR Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe

>O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、今度はCCを起動してください。

起動したら先の要領で「Windows」タブを開いて、その中の下記を右クリックから「エントリの削除」してください。
>無効 Startup User backpacks.lnk C:\ProgramData\{a51ded89-9674-0a88-a51d-ded89967b626}\backpacks.exe --startup=1

次に「Firefox」タブ内の下記の拡張を見てください。
>有効 Extension BarTab Lite 1.3.1-signed Philipp von Weitershausen default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\bartablite@philikon.de.xpi

>有効 Extension Restart Button 0.1.5.1-signed sotarok default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\restartbutton@strk.jp.xpi
この拡張はご自身で必要として入れたものならそのままでいいですが、もし覚えもないのに入っていたならこれも右クリックから「無効」にしたうえで「エントリの削除」してください。

つぎに「スケジュールされたタスク」タブ内の下記も無効と削除してください。
>有効 Task Bidaily Synchronize Task[8da6] c:\programdata\{34996709-c7be-243e-3499-96709c7b9c27}\hqghumeaylnlf.exe --startup=1 --single

>有効 Task GyazoUpdateTaskMachine "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"

>有効 Task GyazoUpdateTaskMachineDaily "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"

ここでCCを終了したら今度はChromeを起動して、アドレスバーに下記をコピペで貼り付けて移動してください。
chrome://settings/

そこで最下段の「詳細設定を表示」したあと、更に最下段に出た「設定のリセット」を押してください。
これを実行するとChromeにインストールされた拡張が初期化されます。

ここまでできたら一度PC再起動後、しばらく状態を様子見した後に、またCCでの各タブのログとインストール情報ログとHJTログを取り直して、それらを状態報告とともにレスください。
それらを見てからまた次の対処を調べます
  • 悪代官
  • 2015/08/24 (Mon) 20:36:51
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レスありがとうございます。

HJTのスキャンでは
>O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
>O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
はみつかりませんでした。

現状状態はほとんど変化していません。
広告などは出ているままです。

相談者多数の状況は了承しました。
急を要するものではないので、気長にお待ちしております。

以下ログです。

----------------

Windowsタブ

有効 HKCU:Run ASRockHDMISwitch
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Fatal1tySTU
有効 HKCU:Run Line LINE Corporation "D:\LINE\Line.exe" --booting
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run Tapur tapur.com D:\Tapur\tapmgr.exe
有効 HKCU:Run THPanel Palit Microsystems Ltd. "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
有効 HKLM:Run ElcMouse C:\Program Files\ELECOM_Mouse_Driver\ElcMouseApl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
無効 HKLM:Run LogMeIn Hamachi Ui "D:\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Nvtmru NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
有効 HKLM:Run QuickTime Task Apple Inc. "D:\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run XFast LAN cFos Software GmbH C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
有効 HKLM:Run XFastUSB FNet Co., Ltd. "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
有効 Startup Common iSCTsysTray.lnk Intel Corporation C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
有効 Startup User SnapCrab.lnk Fenrir Inc. D:\SnapCrab for Windows\SnapCrab.exe



Internet Explorerタブ

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files\Java\jre7\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files\Java\jre7\bin\ssv.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll



有効 Extension Adblock Plus 2.6.10 Wladimir Palant default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Fasterfox Lite 3.9.9Lite.1-signed BigRedBrent default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\FasterFox_Lite@BigRedBrent
有効 Extension Memory Fox 7.4.1-signed IDEVFH default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
有効 Extension Password Exporter 1.3.1.1-signed Justin Scott default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
無効 Extension Skype Click to Call 7.4.0.9058 Microsoft Corporation default Firefox 40.0.2 D:\Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
有効 Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 40.0.2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.2 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.1 Google Inc. default Firefox 40.0.2 C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.2 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 40.0.2 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin NVIDIA 3D Vision 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin pmangdiagnostic 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangdiagnostic.dll
有効 Plugin pmangsupport 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangsupport.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin QuickTime Plug-in 7.7.6 7.7.6.0 Apple Inc. default Firefox 40.0.2 D:\QuickTime\Plugins\npqtplugin5.dll
有効 Plugin WacomTabletPlugin 2.1.0.3 Wacom default Firefox 40.0.2 C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll



Firefoxタブ

有効 Extension Adblock Plus 2.6.10 Wladimir Palant default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Fasterfox Lite 3.9.9Lite.1-signed BigRedBrent default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\FasterFox_Lite@BigRedBrent
有効 Extension Memory Fox 7.4.1-signed IDEVFH default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
有効 Extension Password Exporter 1.3.1.1-signed Justin Scott default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
無効 Extension Skype Click to Call 7.4.0.9058 Microsoft Corporation default Firefox 40.0.2 D:\Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
有効 Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 40.0.2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.2 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.1 Google Inc. default Firefox 40.0.2 C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.2 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.2 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 40.0.2 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin NVIDIA 3D Vision 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.2 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin pmangdiagnostic 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangdiagnostic.dll
有効 Plugin pmangsupport 1.0.0.1 gameon default Firefox 40.0.2 E:\pmang\GameOn\Common files\nppmangsupport.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 40.0.2 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin QuickTime Plug-in 7.7.6 7.7.6.0 Apple Inc. default Firefox 40.0.2 D:\QuickTime\Plugins\npqtplugin5.dll
有効 Plugin WacomTabletPlugin 2.1.0.3 Wacom default Firefox 40.0.2 C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll



Google Chromeタブ

有効 Extension Postcron 250 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\kahoebmmfnjmjcbclecdkhiapmefpaed\250
有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1



スケジュールされたタスクタブ

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task HDMISwitch ASROCK Incorporation C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
有効 Task Microsoft Office 15 Sync Maintenance for Dai-PC-Dai Dai-PC Microsoft Corporation C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
有効 Task ThunderMaster Palit Microsystems Ltd. C:\Program Files (x86)\Thunder Master\THPanel.exe /A
有効 Task Uninstaller_SkipUac_Dai IObit C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
有効 Task {0882BD34-7519-4D9F-8AF0-78CB50DAB104} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register
有効 Task {5635A0B3-AEAC-42BD-94BB-45D5470FD1AE} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Steam\SteamApps\common\Trine\PhysX_9.09.0408_SystemSoftware.exe -d D:\Steam\steamapps\common\Trine\_enchanted_edition_ -c /passive
有効 Task {6A591FB8-F725-41FC-87F5-4F46D46BB678} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\Dai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QN5D3SZ\pmang_common_module.exe" -d D:\Users\Dai\Desktop
有効 Task {81D8AC7C-6E8D-4E9D-9758-84452E6CEE84} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\vcredist_x86.exe -d D:\Users\Dai\Downloads
有効 Task {F7AF52A5-08B1-4B46-BF8E-18B7B0C81238} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\HijackThis.exe -d D:\Users\Dai\Downloads



コンテキストメニュータブ

有効 Directory 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 Directory IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Drive Lhaplus D:\Lhaplus\LplsShlx64.dll
有効 Drive VMDiskMenuHandler VMware, Inc. E:\VMwarePlayer\vmdkShellExt.dll
有効 Drive VMDiskMenuHandler64 VMware, Inc. E:\VMwarePlayer\x64\vmdkShellExt64.dll
有効 File 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 File IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 File Lhaplus D:\Lhaplus\LplsShlx64.dll
有効 Folder IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Folder Lhaplus D:\Lhaplus\LplsShlx64.dll



インストール情報

+Lhaca 2014/10/18
7-Zip 9.20 2014/10/18
Acrobat.com Adobe Systems Incorporated 2014/06/03 1.1.377
ActivePerl 5.16.3 Build 1604 (64-bit) ActiveState 2014/06/13 83.9 MB 5.16.1604
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/08/24 206 MB 15.008.20082
Adobe AIR Adobe Systems Incorporated 2015/08/05 18.0.0.180
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/12 8.30 MB 18.0.0.232
Alliance of Valiant Arms 株式会社ゲームオン 2015/07/30 11240472
Any Video Converter 5.6.3 Any-Video-Converter.com 2014/07/21 99.8 MB
Apple Application Support(32 ビット) Apple Inc. 2015/05/02 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/05/02 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/02/21 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/06/08 2.38 MB 2.1.3.127
ASRock App Charger v1.0.6 ASRock Inc. 2014/06/03 1.32 MB 1.0.6
ASRock HDMI Switch v1.0.25 2014/06/03 3.48 MB 1.0.25
ASRock Key Master v1.0.7 2014/06/03 6.08 MB 1.0.7
ASRock SmartConnect v1.0.6 ASRock Inc. 2014/06/03 3.00 MB
ASRock XFast RAM v3.0.2 ASRock Inc. 2014/06/03 12.0 MB
Battlelog Web Plugins EA Digital Illusions CE AB 2015/01/22 2.6.2
BioShock 2K Boston 2014/11/02
BioShock 2 2K Marin 2014/11/02
BioShock Infinite Irrational Games 2014/11/02
Bonjour Apple Inc. 2014/06/08 2.00 MB 3.0.0.10
Brother ドライバー&ソフトウェア DCP-J952N Brother Industries, Ltd. 2014/06/12 1.0.4.0
CCI-Pro-MR_x86 COSMOSOFT 2014/08/12 2.20 MB 3.13.0919
CCleaner Piriform 2015/08/20 5.08
CitiesOnline 2014/11/12
Common GameOn 2015/07/30 2290680
Dead Rising 2 Capcom Vancouver 2015/04/03
Debut Video Capture Software NCH Software 2014/08/12 1.90
DesignDoll Terawell 2015/01/08 1.1.0.6
F-Stream Tuning v2.0.48 2014/06/03 84.5 MB 2.0.48
Google Chrome Google Inc. 2015/02/22 44.0.2403.157
Google 日本語入力 Google Inc. 2014/09/11 83.0 MB 1.13.1641.0
Hangame 2014/11/15
Intel(R) Network Connections 18.5.54.0 Intel 2014/06/03 25.7 MB 18.5.54.0
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/03 12.8.0.1016
Intel(R) Smart Connect Technology 4.1 x64 Intel 2014/06/03 44.0 MB 4.1.40.2143
IObit Uninstaller IObit 2015/08/17 4.3.0.118
iTunes Apple Inc. 2015/05/02 233 MB 12.1.2.27
Janetter 4.3.0.2 Jane, Inc. 2014/10/15
Java 7 Update 80 (64-bit) Oracle 2015/08/24 118 MB 7.0.800
Java 8 Update 60 Oracle Corporation 2015/08/24 20.6 MB 8.0.600.27
Java SE Development Kit 7 Update 79 (64-bit) Oracle 2015/07/10 245 MB 1.7.0.790
JUMAN 7.0 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 52.8 MB
KNP 4.11 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 2.47 GB
Left 4 Dead 2 Valve 2014/10/03
Lhaplus 2014/07/13
LINE LINE Corporation 2015/08/13 4.1.2.516
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2014/10/16 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2015/02/22 2.93 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable (PartnerNet) Microsoft Corporation 2015/04/03 31.5 MB 3.5.88.0
Microsoft Games for Windows Marketplace (Partnernet) Microsoft Corporation 2015/04/03 5.26 MB 3.5.50.0
Microsoft Office Professional 2013 - ja-jp Microsoft Corporation 2015/08/23 15.0.4745.1002
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/14 4.8.204.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/07/17 298 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/04/03 570 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/02/17 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2015/04/22 240 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/02/18 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/04 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/04/22 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/06/05 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 5.38 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 15.0 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
Minecraft Mojang 2015/01/30 1.22 MB 1.0.3.0
Mozilla Firefox 40.0.2 (x86 ja) Mozilla 2015/08/17 84.5 MB 40.0.2
Mozilla Maintenance Service Mozilla 2015/08/17 233 KB 40.0.2
Neffy 1,2,5,0 CDNetworks 2015/07/29 1,2,5,0
Nexus Mod Manager Black Tree Gaming 2014/10/25 16.3 MB 0.52.3
NVIDIA 3D Vision コントローラー ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA 3D Vision ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA GeForce Experience 1.7.1 NVIDIA Corporation 2014/06/04 1.7.1
NVIDIA HD オーディオ ドライバー 1.3.26.4 NVIDIA Corporation 2014/06/04 1.3.26.4
NVIDIA PhysX システム ソフトウェア 9.13.0725 NVIDIA Corporation 2014/06/04 9.13.0725
NVIDIA Virtual Audio 1.2.9 NVIDIA Corporation 2014/06/04 1.2.9
NVIDIA グラフィックス ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
Oracle VM VirtualBox 4.3.26 Oracle Corporation 2015/04/22 157 MB 4.3.26
Origin Electronic Arts, Inc. 2014/06/04 9.4.7.2799
Outlast Red Barrels 2014/10/03
PHANTASY STAR ONLINE 2 SEGA 2014/07/29 7.51 MB
Pmangインストールマネージャー GameOn,Pmang 2014/08/18 1.0.1.1
ProcessMaker Software Publisher 2014/03/18
PunkBuster Services Even Balance, Inc. 2014/06/04 0.991
QuickTime 7 Apple Inc. 2014/10/25 70.2 MB 7.76.80.95
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/06/03 6.0.1.7004
Robocraft Freejam 2014/07/09
RPGツクール2000 ランタイムパッケージ 2014/06/07
RPGツクール2003 ランタイムパッケージ 2015/07/12
Skype Click to Call Microsoft Corporation 2015/08/24 13.2 MB 7.4.0.9058
Skype(TM) 7.8 Skype Technologies S.A. 2015/08/24 71.1 MB 7.8.102
SnapCrab for Windows 1.1.1 Fenrir Inc. 2014/06/04 8.28 MB
SPECIAL FORCE 2 NHN PlayArt Corp. 2015/01/10 6.15 GB 1.0.0.0
Splashtop Streamer Splashtop Inc. 2014/06/03 25.6 MB 2.3.0.2
Steam Valve Corporation 2014/06/11
Tapur 5.3.0.111 tapur.com 2014/06/24 9.43 MB
TERA GameOn 2014/08/18 1
TeraPad 2014/09/10
The Elder Scrolls V: Skyrim Bethesda Game Studios 2014/10/03
The Evil Within Tango Gameworks 2014/12/03
Thunder Master v1.9 Palit Microsystems Ltd. 2014/06/03 5.21 MB 1.9.8.5
Tomb Raider Crystal Dynamics 2014/10/17
Tomb Raider: Anniversary Crystal Dynamics 2015/04/04
TrimMaker Software Publisher 2014/03/18
Trine Frozenbyte 2014/10/17
Trine 2 Frozenbyte 2014/10/17
VMware Player VMware, Inc 2015/04/22 390 MB 7.1.0
Warframe Digital Extremes 2015/04/01
Warframe Digital Extremes 2014/06/11 1.95 MB 1.0.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
Windows Live ID Sign-in Assistant Microsoft Corporation 2015/04/03 10.0 MB 6.500.3165.0
XFast LAN v9.05 cFos Software GmbH, Bonn 2014/06/03 9.05
XFastUSB ASRock Inc. 2014/06/03 3.02.38
XSplit SplitMediaLabs 2014/06/03 95.7 MB 1.2.1303.0101
エレコム マウスカスタマイザー ELECOM 2014/07/26 1.00.00000
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2014/10/16 376 KB 1.16
バトルフィールド 3 Electronic Arts 2014/06/04 1.6.0.0
ペイントツールSAI Ver.1 2014/06/06
ワコム タブレット Wacom Technology Corp. 2014/06/04 6.3.6-1



HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:17:17, on 2015/08/25
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

FIREFOX: 40.0.2 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Thunder Master\THPanel.exe
C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
D:\LINE\Line.exe
D:\Tapur\tapmgr.exe
C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
D:\Tapur\Tapur.exe
D:\SnapCrab for Windows\SnapCrab.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
D:\Firefox\firefox.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
D:\Users\Dai\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
O4 - HKCU\..\Run: [Line] "D:\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Tapur] D:\Tapur\tapmgr.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: SnapCrab.lnk = D:\SnapCrab for Windows\SnapCrab.exe
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9462411-646D-4818-84F1-023340BFC850}: NameServer = 82.163.143.169,82.163.142.171
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SplashtopR Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\VMwarePlayer\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 13771 bytes
  • sora
  • 2015/08/25 (Tue) 00:21:49
返信フォームへ 
Fatal1tySTU←これの処置から
今日もレスが遅くなってすみません。
悪代官はお天道様が苦手なので日中は地に潜って、夜の闇に動きます(←そのまま土に還れ

>現状状態はほとんど変化していません。
>広告などは出ているままです。

はい、続きのログも見せてもらってまたわかりました。
まだ隠れていたものが徐々にあぶり出されてます。
ではまた説明に沿って作業をお願いします。

まず下記のアプリがまだ残っていれば、セーフモードでGUを使ってアンインストールしてください。
>Lhaplus 2014/07/13

>Splashtop Streamer Splashtop Inc. 2014/06/03 25.6 MB 2.3.0.2

ただ、GUでそれが表示されなければスルーしていいです。

PCを通常モードで再起動したらまたCCを起動して「Windows」タブ内の下記を右クリックから「無効」「エントリの削除」してください。
>有効 HKCU:Run Fatal1tySTU

無効にできないときはそのまま削除でもいいです。

次に「Chrome」タブ内のかきも同様に処置ですが、
>有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1

これは削除できないときは無効にだけでもできればいいです。

CCを終了したら次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2015/08/25 (Tue) 19:48:20
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レスありがとうございます。

まず

>次に「Chrome」タブ内のかきも同様に処置ですが、
>>有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1

これですが、Chromeのタブ内にはありませんでした。
消えたのでしょうか。

あと、MBAMでの作業ですが、「remove」というのはスキャンが終わった後、詳細を表示→検出された項目にチェック→左下の「~を隔離」をクリックということで良かったのでしょうか。

また、その処置が終わった後、再起動した結果、一時的にネットに繋がらない状況になりました。
Windows側のトラブルシューティング?のようなもので回復しました。

現状、まだ問題は残ったままです。
返答お待ちしております。

以下ログです。

------------

ACのログ

# AdwCleaner v5.000 - Logfile created 25/08/2015 at 22:57:38
# Updated 14/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Dai - DAI-PC
# Running from : D:\Users\Dai\Downloads\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****

[-] Service Deleted : 2f086fd2
[-] Service Deleted : b2b350ef

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker

***** [ Files ] *****

[-] File Deleted : C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\cc1c9945-e005-ca02-8fa6-2651bb0cf5af
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{2f086fd2}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b2b350ef}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1

***** [ Web browsers ] *****

[-] [C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : trovi.search

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [13039 octets] - [17/08/2015 18:57:26]
C:\AdwCleaner[C2].txt - [1881 octets] - [25/08/2015 22:57:38]
C:\AdwCleaner[S1].txt - [32672 octets] - [17/08/2015 18:56:53]
C:\AdwCleaner[S2].txt - [1908 octets] - [25/08/2015 22:56:44]

########## EOF - C:\AdwCleaner[C2].txt - [2071 octets] ##########



MBAMのログ

Malwarebytes Anti-Malware (試用) 1.75.0.1300
www.malwarebytes.org

定義バージョン: v2015.08.25.04

Windows 7 Service Pack 1 x64 NTFS (セーフモード)
Internet Explorer 11.0.9600.17959
Dai :: DAI-PC [管理者]

リアルタイム保護: 無効

2015/08/25 23:02:30
MBAM-log-2015-08-26 (00-58-08).txt

スキャンタイプ: フルスキャン (C:\|D:\|E:\|F:\|R:\|)
有効なスキャン領域: メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン  | ヒューリスティック/Shuriken エンジンを使用してスキャン  | 不審なプログラム (PUP) | 不審な変更 (PUM)
無効なスキャン領域: ピア・ツー・ピアプログラム(P2P)
スキャンしたアイテム数: 882742
経過時間: 48 分, 35 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 2
HKCR\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} (PUP.Optional.MultiPlug) -> 何の措置も取られませんでした。
HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE (PUM.Security.Hijack.DisableChromeUpdates) -> 何の措置も取られませんでした。

レジストリ値の検出: 1
HKLM\SOFTWARE\Policies\Google\Update|DisableAutoUpdateChecksCheckboxValue (PUM.Security.Hijack.DisableChromeUpdates) -> データ: 1 -> 何の措置も取られませんでした。

レジストリデータ項目の検出: 1
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E9462411-646D-4818-84F1-023340BFC850}|NameServer (Trojan.DNSChanger) -> 悪: (199.203.131.145,82.163.143.167) 良: () -> 何の措置も取られませんでした。

フォルダの検出: 2
C:\ProgramData\GreenBay App (PUP.Optional.GreenBayApp.A) -> 何の措置も取られませんでした。
C:\ProgramData\GreenBay App\Setup (PUP.Optional.GreenBayApp.A) -> 何の措置も取られませんでした。

ファイルの検出: 14
C:\$Recycle.Bin\S-1-5-21-1265446842-1208567973-370051150-1000\$RRV8GHU\backpacks.exe (PUP.Optional.MultiPlug.A) -> 何の措置も取られませんでした。
C:\$Recycle.Bin\S-1-5-21-1265446842-1208567973-370051150-1000\$RSGXY4M\backpacks.exe (PUP.Optional.MultiPlug.A) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ActiveDiscount\ActiveDiscount.exe.vir (PUP.Optional.MultiPlug.Uns) -> 何の措置も取られませんでした。
C:\AdwCleaner\Quarantine\C\ProgramData\{34996709-c7be-243e-3499-96709c7b9c27}\hqghumeaylnlf.exe.vir (PUP.Optional.SuperOptimizer.A) -> 何の措置も取られませんでした。
C:\Program Files (x86)\ProcessMaker\ProcessMaker.dll (PUP.Optional.MultiPlug.PLY) -> 何の措置も取られませんでした。
C:\Program Files (x86)\SystemChronicles\SystemChronicles.dll (PUP.Optional.MultiPlug) -> 何の措置も取られませんでした。
C:\Program Files (x86)\TrimMaker\TrimMaker.dll (PUP.Optional.MultiPlug.PLY) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\05b1fc31\127544.ftf (PUP.Optional.DNSUnlocker.A) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\8cFBbC983\temp\embededstub.exe (PUP.Optional.Conduit.A) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\8cFBbC983\temp\EzDownloader_setup.exe (PUP.Optional.EZDownloader.A) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\KKTNHZ.tmp\bubit.dll (PUP.Optional.MultiPlug.PLY) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\QKFQYG.tmp\bubit.dll (PUP.Optional.MultiPlug.PLY) -> 何の措置も取られませんでした。
C:\Users\Dai\AppData\Local\Temp\XSYUTT.tmp\bubit.dll (PUP.Optional.MultiPlug.PLY) -> 何の措置も取られませんでした。
D:\$RECYCLE.BIN\S-1-5-21-1265446842-1208567973-370051150-1000\$RBFPXC8.exe (PUP.Optional.MultiPlug.A) -> 何の措置も取られませんでした。

(終)

  • sora
  • 2015/08/26 (Wed) 01:19:48
返信フォームへ 
次はOTLで更に解析します
今夜もレスが遅くなってすみません。

一部作業でひっかかった箇所があるようですが、その後PCも普通に起動しているならいいです。

>現状、まだ問題は残ったままです。

はい、ログも見せてもらいましたが、やはり検出もありましたね。
それらはツール上から全部隔離処置していればいいです。

現在も異常が続いていることもあるし、また続きの解析しましょう。

以下のツールを準備してください。
OTL(OldTimer Listit)
ファイル直リンなので、DLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2015/08/26 (Wed) 20:58:00
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レスが遅れて申し訳ありません。

以下ログです。

--------------------

OTL.txt

OTL logfile created on: 2015/08/27 19:04:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.95 Gb Available Physical Memory | 75.11% Memory free
15.84 Gb Paging File | 12.92 Gb Available in Paging File | 81.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 54.09 Gb Free Space | 45.40% Space Free | Partition Type: NTFS
Drive D: | 345.44 Gb Total Space | 45.44 Gb Free Space | 13.15% Space Free | Partition Type: NTFS
Drive E: | 292.97 Gb Total Space | 200.28 Gb Free Space | 68.36% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 272.83 Gb Free Space | 93.13% Space Free | Partition Type: NTFS

Computer Name: DAI-PC | User Name: Dai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/08/27 19:02:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL\OTL.exe
PRC - [2015/08/20 15:12:39 | 000,404,064 | ---- | M] (Microsoft Corporation) -- C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015/08/17 18:47:13 | 001,089,312 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015/08/13 14:41:08 | 015,660,568 | ---- | M] (LINE Corporation) -- D:\LINE\Line.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/06/23 19:14:00 | 000,084,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2015/02/06 18:40:12 | 000,359,104 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2015/02/06 18:40:10 | 000,438,464 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2015/02/06 17:39:40 | 000,087,744 | ---- | M] (VMware, Inc.) -- E:\VMwarePlayer\vmware-authd.exe
PRC - [2015/01/22 15:59:07 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/09/28 23:25:23 | 000,195,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
PRC - [2014/06/03 21:38:51 | 006,226,624 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUSB\XFastUsb.exe
PRC - [2013/12/24 13:00:00 | 001,914,656 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/12/24 13:00:00 | 001,028,384 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/12/18 01:56:20 | 054,253,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2013/12/18 01:56:16 | 001,334,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/11/08 12:05:14 | 002,175,784 | ---- | M] (Palit Microsystems Ltd.) -- C:\Program Files (x86)\Thunder Master\THPanel.exe
PRC - [2013/09/04 17:26:26 | 002,217,224 | ---- | M] () -- C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
PRC - [2013/08/07 14:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/05/28 17:58:26 | 000,454,656 | ---- | M] () -- C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
PRC - [2013/04/05 13:39:16 | 000,505,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2013/04/05 13:37:00 | 001,448,960 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/04/03 19:38:44 | 000,551,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013/03/14 14:42:38 | 000,248,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
PRC - [2013/02/12 14:15:56 | 001,589,056 | ---- | M] (Fenrir Inc.) -- D:\SnapCrab for Windows\SnapCrab.exe
PRC - [2012/12/27 14:26:20 | 004,522,496 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2012/10/09 08:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2011/04/24 00:23:22 | 001,481,728 | ---- | M] (tapur.com) -- D:\Tapur\Tapur.exe
PRC - [2010/08/16 23:34:00 | 000,171,520 | ---- | M] (tapur.com) -- D:\Tapur\tapmgr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/08/13 14:41:18 | 003,129,368 | ---- | M] () -- D:\LINE\ampkit_windows.dll
MOD - [2015/06/16 20:19:08 | 000,123,416 | ---- | M] () -- D:\LINE\PlayerHelper.dll
MOD - [2015/05/14 03:03:40 | 001,071,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8d17de4cf6bd55506c509502178d2c20\System.ServiceModel.Web.ni.dll
MOD - [2015/05/14 03:03:10 | 002,964,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\dd7948371a8babd1bc4291924ec94d05\System.IdentityModel.ni.dll
MOD - [2015/05/14 03:03:08 | 019,547,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a78078ff6ff0c28ef3bf65bd84e193f0\System.ServiceModel.ni.dll
MOD - [2015/05/14 03:01:06 | 012,897,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\02e0d9af050d6a1af047b62b7cd9f0f2\System.Windows.Forms.ni.dll
MOD - [2015/05/14 03:01:04 | 006,982,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c61bafa9d029e3f2bf83bd5af3f1f5ac\System.Core.ni.dll
MOD - [2015/05/14 03:01:01 | 000,967,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\908075c4922acdf834c67ac802814c9d\System.Configuration.ni.dll
MOD - [2014/11/23 06:30:10 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
MOD - [2014/11/23 06:29:45 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014/10/17 18:36:09 | 000,788,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\9d31dc037429437307aacdbcb88bab3c\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/17 18:35:57 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
MOD - [2014/10/17 18:35:34 | 000,118,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\6e7ce9401fda1718a4b6e3a27e8de909\SMDiagnostics.ni.dll
MOD - [2014/10/16 03:04:35 | 002,803,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ad1a5e8488b493088c4317191604dc81\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 03:04:34 | 001,639,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\53d0b6fa2fc28f7d50f84999fc2a1bbf\System.Drawing.ni.dll
MOD - [2014/10/16 03:04:33 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
MOD - [2014/10/16 01:03:10 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
MOD - [2013/09/04 17:26:26 | 002,217,224 | ---- | M] () -- C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
MOD - [2013/02/12 14:00:52 | 002,931,008 | ---- | M] () -- D:\SnapCrab for Windows\en_util.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2006/11/09 14:07:02 | 001,669,824 | ---- | M] () -- D:\Tapur\vidgrab_VC6.ocx
MOD - [2005/11/15 22:24:22 | 001,163,264 | ---- | M] () -- D:\Tapur\vorbis.dll
MOD - [2005/11/15 22:04:40 | 000,057,344 | ---- | M] () -- D:\Tapur\ogg.dll
MOD - [2005/06/12 19:18:40 | 000,244,736 | ---- | M] () -- D:\Tapur\sqlite3.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/07/17 05:21:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/14 03:32:44 | 002,765,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2015/05/26 03:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/12/24 13:00:00 | 015,125,280 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2013/08/07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2013/07/08 21:30:24 | 000,195,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/05/31 16:23:36 | 000,652,640 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\ASRock\XFast LAN\spd.exe -- (cFosSpeedS)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/05/22 00:25:32 | 000,598,840 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:[b]64bit:[/b] - [2013/03/14 14:42:48 | 000,182,248 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV - [2015/08/26 02:38:13 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/08/17 18:48:29 | 002,909,472 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/08/13 11:58:15 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2015/04/14 08:44:34 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/02/06 18:40:12 | 000,359,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2015/02/06 18:40:10 | 000,438,464 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2015/02/06 17:39:40 | 000,087,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\VMwarePlayer\vmware-authd.exe -- (VMAuthdService)
SRV - [2015/01/22 15:59:07 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/01/22 15:23:16 | 001,903,472 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- D:\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/01/07 08:02:48 | 000,915,648 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2014/06/17 23:53:00 | 003,482,368 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/24 13:00:00 | 001,914,656 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/28 17:58:26 | 000,454,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe -- (ASRockIOMon)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/04/03 19:38:44 | 000,551,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/09/18 14:20:26 | 000,171,072 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/08/26 01:00:27 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:[b]64bit:[/b] - [2015/03/16 17:35:46 | 000,141,440 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2015/03/04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2015/02/06 18:40:16 | 000,026,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:[b]64bit:[/b] - [2015/02/06 18:40:06 | 000,066,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:[b]64bit:[/b] - [2015/02/06 18:39:48 | 000,048,832 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:[b]64bit:[/b] - [2015/02/06 18:39:48 | 000,028,864 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:[b]64bit:[/b] - [2015/02/06 18:39:42 | 000,033,472 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:[b]64bit:[/b] - [2015/01/07 15:55:58 | 000,076,480 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:[b]64bit:[/b] - [2015/01/07 15:55:56 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:[b]64bit:[/b] - [2015/01/07 08:02:54 | 000,055,488 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:[b]64bit:[/b] - [2014/09/11 15:53:20 | 000,032,320 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/06/03 21:38:51 | 000,016,648 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:[b]64bit:[/b] - [2013/12/24 13:00:00 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2013/12/24 13:00:00 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/09/09 20:06:50 | 000,020,232 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsrHidFilter.sys -- (AsrHidFilter)
DRV:[b]64bit:[/b] - [2013/08/07 15:23:22 | 000,018,432 | ---- | M] (ELECOM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElcMouLFlt.sys -- (ElcMouLFlt)
DRV:[b]64bit:[/b] - [2013/08/07 15:23:22 | 000,017,408 | ---- | M] (ELECOM) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElcMouUFlt.sys -- (ElcMouUFlt)
DRV:[b]64bit:[/b] - [2013/08/07 14:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/08/07 14:23:46 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/05/31 16:23:40 | 001,814,880 | ---- | M] (cFos Software GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cfosspeed6.sys -- (cFosSpeed)
DRV:[b]64bit:[/b] - [2013/05/30 09:54:40 | 000,495,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress)
DRV:[b]64bit:[/b] - [2013/05/09 16:50:48 | 000,040,200 | ---- | M] (ASRock Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AsrRamDisk.sys -- (AsrRamDisk)
DRV:[b]64bit:[/b] - [2013/05/01 02:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:[b]64bit:[/b] - [2013/05/01 02:18:10 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2013/03/14 14:34:46 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:[b]64bit:[/b] - [2013/03/14 14:34:44 | 000,021,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:[b]64bit:[/b] - [2013/03/14 14:34:44 | 000,021,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:[b]64bit:[/b] - [2013/01/11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/12/21 07:20:06 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/11/07 10:13:06 | 000,017,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 15:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 09:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2014/06/03 21:38:32 | 000,022,280 | ---- | M] (ASRock Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AsrDrv101.sys -- (AsrDrv101)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB 11 9B B0 2D DB CF 01 [binary data]
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: FasterFox_Lite%40BigRedBrent:3.9.9Lite.1-signed
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4.1-signed
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangdiagnostic-1: E:\pmang\GameOn\Common files\nppmangdiagnostic_0.dll (gameon)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: E:\pmang\GameOn\Common files\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Components: D:\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Plugins: D:\Firefox\plugins

[2014/06/04 01:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dai\AppData\Roaming\mozilla\Extensions
[2015/08/24 22:17:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dai\AppData\Roaming\mozilla\Firefox\Profiles\q4cm5j9v.default\extensions
[2015/08/18 00:43:53 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\Dai\AppData\Roaming\mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2015/08/18 00:43:04 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Dai\AppData\Roaming\mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\FasterFox_Lite@BigRedBrent
[2015/08/17 19:29:32 | 000,085,756 | ---- | M] () (No name found) -- C:\Users\Dai\AppData\Roaming\mozilla\firefox\profiles\q4cm5j9v.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2015/08/17 19:34:39 | 000,963,213 | ---- | M] () (No name found) -- C:\Users\Dai\AppData\Roaming\mozilla\firefox\profiles\q4cm5j9v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\
CHR - Extension: No name found = C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\

O1 HOSTS File: ([2009/06/11 06:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [ElcMouse] C:\Program Files\ELECOM_Mouse_Driver\ElcMouseApl.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [XFastUSB] C:\Program Files (x86)\XFastUSB\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [ASRockHDMISwitch] File not found
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [Line] D:\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [OneDrive] C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [Tapur] D:\Tapur\tapmgr.exe (tapur.com)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1000..\Run: [THPanel] C:\Program Files (x86)\Thunder Master\THPanel.exe (Palit Microsystems Ltd.)
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1265446842-1208567973-370051150-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Dai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SnapCrab.lnk = D:\SnapCrab for Windows\SnapCrab.exe (Fenrir Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{141D093B-3B74-4AA3-B455-9D58ACC1903C}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9462411-646D-4818-84F1-023340BFC850}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{47b16386-eb1f-11e3-a554-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{47b16386-eb1f-11e3-a554-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/08/26 01:07:07 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Local\ElevatedDiagnostics
[2015/08/25 22:49:32 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Malwarebytes
[2015/08/25 22:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/08/25 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/25 22:49:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/08/25 22:42:33 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Geek Uninstaller
[2015/08/24 21:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/08/24 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/08/24 21:33:54 | 000,320,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2015/08/24 21:33:51 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2015/08/24 21:33:51 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2015/08/24 21:33:51 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015/08/24 21:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015/08/24 21:05:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/08/24 21:04:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/08/24 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Sun
[2015/08/24 21:04:11 | 000,000,000 | ---D | C] -- C:\Users\Dai\.oracle_jre_usage
[2015/08/23 22:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProcessMaker
[2015/08/23 20:48:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrimMaker
[2015/08/20 23:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/08/20 23:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/08/17 19:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/08/17 18:56:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/08/17 18:47:23 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\ProductData
[2015/08/17 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2015/08/17 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015/08/17 18:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/08/17 18:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015/08/17 18:47:08 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\IObit
[2015/08/17 18:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/08/13 03:06:41 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/08/13 03:06:40 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 14:21:02 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/08/12 14:21:02 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/08/12 14:21:02 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/08/12 14:21:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/08/12 14:21:02 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/08/12 14:21:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/08/12 14:21:02 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/08/12 14:21:02 | 000,017,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/08/12 14:21:00 | 005,568,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/08/12 14:21:00 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/08/12 14:21:00 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/08/12 14:21:00 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/08/12 14:21:00 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/08/12 14:20:59 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/08/12 14:20:59 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/08/12 14:20:59 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/08/12 14:20:59 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/08/12 14:20:59 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/08/12 14:20:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/08/12 14:20:59 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/08/12 14:20:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/08/12 14:20:59 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/08/12 14:20:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/08/12 14:20:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/08/12 14:20:59 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/08/12 14:20:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/08/12 14:20:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/08/12 14:20:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/08/12 14:20:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/08/12 14:20:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/08/12 14:20:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/08/12 14:20:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/08/12 14:20:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/08/12 14:20:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/08/12 14:20:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/08/12 14:20:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/08/12 14:20:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/08/12 14:20:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 14:20:57 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/08/12 14:20:57 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/08/12 14:20:57 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/08/12 14:20:57 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/08/12 14:20:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/08/12 14:20:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/08/12 14:20:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/08/12 14:20:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/08/12 14:20:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/08/12 14:20:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 14:20:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 14:20:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 14:20:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/08/12 14:20:54 | 003,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015/08/12 14:20:54 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015/08/12 14:20:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2015/08/12 14:20:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2015/08/12 14:20:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2015/08/12 14:20:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2015/08/12 14:20:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2015/08/12 14:20:43 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/08/12 14:20:43 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/08/12 14:20:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/08/12 14:20:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/08/12 14:20:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/08/12 14:20:42 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/08/12 14:20:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/08/12 14:20:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/08/12 14:20:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/08/12 14:20:41 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/08/12 14:20:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/08/12 14:20:41 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/08/12 14:20:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/08/12 14:20:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/08/12 14:20:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/08/12 14:20:40 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/08/12 14:20:40 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/08/12 14:20:40 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/08/12 14:20:40 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/08/12 14:20:40 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/08/12 14:20:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/08/12 14:20:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/08/12 14:20:39 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/08/12 14:20:39 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/08/12 14:20:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/08/12 14:20:39 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/08/12 14:20:39 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/08/12 14:20:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/08/12 14:20:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/08/12 14:20:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/08/12 14:20:38 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
  • sora
  • 2015/08/27 (Thu) 19:18:39
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
分割が中途半端なことになってしまったのですこし重複させます。

------------------------

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/08/26 01:07:07 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Local\ElevatedDiagnostics
[2015/08/25 22:49:32 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Malwarebytes
[2015/08/25 22:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/08/25 22:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/25 22:49:15 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/08/25 22:42:33 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Geek Uninstaller
[2015/08/24 21:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/08/24 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/08/24 21:33:54 | 000,320,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2015/08/24 21:33:51 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2015/08/24 21:33:51 | 000,189,864 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2015/08/24 21:33:51 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015/08/24 21:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015/08/24 21:05:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/08/24 21:04:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/08/24 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\Sun
[2015/08/24 21:04:11 | 000,000,000 | ---D | C] -- C:\Users\Dai\.oracle_jre_usage
[2015/08/23 22:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProcessMaker
[2015/08/23 20:48:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrimMaker
[2015/08/20 23:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/08/20 23:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/08/17 19:27:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/08/17 18:56:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/08/17 18:47:23 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\ProductData
[2015/08/17 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2015/08/17 18:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2015/08/17 18:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015/08/17 18:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2015/08/17 18:47:08 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\IObit
[2015/08/17 18:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/08/13 03:06:41 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/08/13 03:06:40 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/08/12 14:21:02 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/08/12 14:21:02 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/08/12 14:21:02 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/08/12 14:21:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/08/12 14:21:02 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/08/12 14:21:02 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/08/12 14:21:02 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/08/12 14:21:02 | 000,017,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/08/12 14:21:00 | 005,568,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/08/12 14:21:00 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/08/12 14:21:00 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/08/12 14:21:00 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/08/12 14:21:00 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/08/12 14:20:59 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/08/12 14:20:59 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/08/12 14:20:59 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/08/12 14:20:59 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/08/12 14:20:59 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/08/12 14:20:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/08/12 14:20:59 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/08/12 14:20:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/08/12 14:20:59 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/08/12 14:20:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/08/12 14:20:59 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/08/12 14:20:59 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/08/12 14:20:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/08/12 14:20:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/08/12 14:20:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/08/12 14:20:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/08/12 14:20:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/08/12 14:20:58 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/08/12 14:20:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/08/12 14:20:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/08/12 14:20:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/08/12 14:20:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/08/12 14:20:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/08/12 14:20:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/08/12 14:20:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/08/12 14:20:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 14:20:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 14:20:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/08/12 14:20:57 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/08/12 14:20:57 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/08/12 14:20:57 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/08/12 14:20:57 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/08/12 14:20:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/08/12 14:20:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/08/12 14:20:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/08/12 14:20:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/08/12 14:20:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/08/12 14:20:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/08/12 14:20:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 14:20:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 14:20:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/08/12 14:20:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/08/12 14:20:54 | 003,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2015/08/12 14:20:54 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2015/08/12 14:20:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2015/08/12 14:20:54 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2015/08/12 14:20:54 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2015/08/12 14:20:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2015/08/12 14:20:51 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basesrv.dll
[2015/08/12 14:20:43 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/08/12 14:20:43 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/08/12 14:20:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/08/12 14:20:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/08/12 14:20:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/08/12 14:20:42 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/08/12 14:20:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/08/12 14:20:42 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/08/12 14:20:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/08/12 14:20:41 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/08/12 14:20:41 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/08/12 14:20:41 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/08/12 14:20:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/08/12 14:20:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/08/12 14:20:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/08/12 14:20:40 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/08/12 14:20:40 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/08/12 14:20:40 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/08/12 14:20:40 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/08/12 14:20:40 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/08/12 14:20:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/08/12 14:20:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/08/12 14:20:39 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/08/12 14:20:39 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/08/12 14:20:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/08/12 14:20:39 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/08/12 14:20:39 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/08/12 14:20:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/08/12 14:20:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/08/12 14:20:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/08/12 14:20:38 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/08/12 14:20:38 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/08/12 14:20:38 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/08/12 14:20:37 | 005,923,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/08/12 14:20:37 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/08/12 14:20:37 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/08/12 14:20:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/08/12 14:20:37 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/08/12 14:20:37 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/08/12 14:20:25 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2015/08/12 14:20:24 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015/08/12 14:20:24 | 000,372,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/08/12 14:20:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2015/08/12 14:20:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2015/08/12 14:20:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/08/12 14:20:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/08/12 14:20:23 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2015/08/12 14:20:23 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/08/12 14:20:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/08/12 14:20:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/08/12 14:20:23 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/08/12 14:20:23 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/08/12 14:20:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/08/12 14:20:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/08/12 14:20:22 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\notepad.exe
[2015/08/12 14:20:21 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/08/12 14:20:21 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/08/12 14:20:20 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/08/12 14:20:20 | 000,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2015/08/12 14:20:20 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/08/12 14:20:20 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/08/12 14:20:20 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/08/12 14:20:20 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/08/12 14:20:20 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/08/12 14:20:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/08/12 14:20:20 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/08/12 14:20:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/08/12 14:20:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/08/12 14:20:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/08/12 14:20:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/08/12 14:20:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/08/05 10:07:54 | 000,000,000 | ---D | C] -- C:\Users\Dai\Documents\OneNote ノートブック
[2015/08/05 09:34:38 | 000,000,000 | ---D | C] -- C:\Users\Dai\Documents\Add-in Express
[2015/08/05 09:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2015/08/03 11:50:50 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\.atlauncher
[2015/07/30 05:36:42 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Roaming\ftblauncher
[2015/07/30 05:36:42 | 000,000,000 | ---D | C] -- C:\Users\Dai\AppData\Local\ftblauncher
[2015/07/29 23:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neffy
[2015/07/29 23:16:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2015/07/29 05:15:03 | 000,000,000 | ---D | C] -- C:\MinGW
[2015/07/29 04:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTeXEdit
[2015/07/29 04:50:44 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2015/07/29 04:50:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/08/27 18:55:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/08/27 18:49:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/27 18:40:57 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/27 18:40:57 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/27 05:55:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/26 02:38:13 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/08/26 02:38:13 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/08/26 01:06:21 | 001,323,990 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/26 01:06:21 | 000,657,802 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/26 01:06:21 | 000,414,710 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2015/08/26 01:06:21 | 000,123,780 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2015/08/26 01:06:21 | 000,123,698 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/26 01:00:27 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2015/08/26 01:00:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/26 01:00:23 | 2083,917,823 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/25 22:49:18 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/24 22:21:26 | 000,000,242 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/08/24 21:58:52 | 000,002,681 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/08/24 21:43:50 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/08/24 21:33:48 | 000,320,424 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2015/08/24 21:33:48 | 000,189,864 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2015/08/24 21:33:48 | 000,189,864 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2015/08/24 21:33:48 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015/08/24 21:04:06 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/08/22 05:56:35 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/08/20 23:17:55 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/08/17 19:27:24 | 000,000,611 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/17 18:47:18 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2015/08/17 12:06:05 | 000,476,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/08/05 10:08:02 | 000,001,087 | ---- | M] () -- C:\Users\Dai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk
[2015/07/31 03:06:57 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2015/07/31 03:06:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015/07/31 03:06:42 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/07/31 03:06:39 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/07/31 03:06:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/07/31 03:06:34 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/07/31 02:57:08 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/07/31 02:57:02 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/07/31 01:52:53 | 000,372,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/07/31 01:49:55 | 000,299,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/07/30 22:13:38 | 000,103,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 22:13:11 | 000,124,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2015/07/30 00:23:20 | 000,000,189 | ---- | M] () -- C:\Users\Public\Desktop\Alliance of Valiant Arms.url
[2015/07/29 07:08:25 | 000,011,094 | ---- | M] () -- C:\Users\Dai\gsview32.ini
[2015/07/29 05:16:04 | 000,000,845 | ---- | M] () -- D:\Users\Dai\Desktop\MinGW Installer.lnk
[2015/07/29 05:09:44 | 000,017,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015/07/29 05:05:53 | 000,774,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/07/29 05:05:50 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/07/29 05:05:47 | 000,437,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/07/29 05:05:45 | 001,116,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/07/29 05:05:44 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/07/29 05:05:44 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/07/29 04:55:14 | 001,148,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/07/29 04:50:44 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2015/07/29 04:50:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

  • sora
  • 2015/08/27 (Thu) 19:26:26
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
この次の
[color=#E56717]========== Files Created - No Company Name ==========[/color]
内に禁止ワードが入っているらしく、そのままの投稿ができません。
[2014/06/12 02:40:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\B*RTCPCON.DLL(*は禁止ワード避けのために入れました)の行です。
該当行にも「*」を入れましたので、申し訳ありませんがご確認ください。

-----------

[2015/08/25 22:49:18 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/24 21:43:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/08/24 21:43:50 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/08/20 23:17:55 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/08/17 19:27:24 | 000,000,611 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/08/17 19:27:24 | 000,000,611 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/08/17 18:47:18 | 000,001,228 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2015/08/05 10:08:02 | 000,001,087 | ---- | C] () -- C:\Users\Dai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk
[2015/07/30 00:23:20 | 000,000,189 | ---- | C] () -- C:\Users\Public\Desktop\Alliance of Valiant Arms.url
[2015/07/29 05:16:04 | 000,000,845 | ---- | C] () -- D:\Users\Dai\Desktop\MinGW Installer.lnk
[2015/05/31 23:25:34 | 000,000,000 | ---- | C] () -- C:\Users\Dai\AppData\Local\Temp.dat
[2015/04/10 23:20:06 | 000,000,000 | ---- | C] () -- C:\Users\Dai\AppData\Local\{16005050-D3FA-476C-A1E5-8007F044FD5A}
[2015/02/22 11:12:38 | 000,000,020 | ---- | C] () -- C:\Users\Dai\AppData\Roaming\appdataFr3.bin
[2014/10/18 18:24:03 | 000,361,247 | ---- | C] () -- C:\Users\Dai\tus-cygwin-1.5.21.tar.gz
[2014/10/18 18:04:02 | 000,000,281 | ---- | C] () -- C:\Windows\Lhaca.ini
[2014/10/14 09:05:49 | 000,011,094 | ---- | C] () -- C:\Users\Dai\gsview32.ini
[2014/06/20 13:44:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/06/13 01:10:40 | 000,000,048 | ---- | C] () -- C:\Windows\knp.ini
[2014/06/13 00:54:05 | 000,000,031 | ---- | C] () -- C:\Windows\juman.ini
[2014/06/12 02:40:57 | 000,007,889 | ---- | C] () -- C:\Windows\BRRBCOM.INI
[2014/06/12 02:40:57 | 000,007,818 | ---- | C] () -- C:\Windows\BROPJ952N.INI
[2014/06/12 02:40:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\B*RTCPCON.DLL
[2014/06/12 02:40:41 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2014/06/04 04:05:34 | 000,348,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/06/04 04:05:33 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/06/04 01:50:21 | 000,007,619 | ---- | C] () -- C:\Users\Dai\AppData\Local\Resmon.ResmonCfg
[2014/06/03 22:02:05 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/06/03 21:34:55 | 001,335,790 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/03 21:34:39 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/12/24 13:00:00 | 000,003,748 | ---- | C] () -- C:\Windows\cadx2.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/07/11 02:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/11 02:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/08/27 18:49:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/27 05:55:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/27 18:55:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: TOSHIBA THNSNJ128GCSU SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: Intel Raid 1 Volume SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 119.00GB
Starting Offset: 105906176
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 345.00GB
Starting Offset: 135266304
Hidden sectors: 0


DeviceID: Disk #1, Partition #1
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 293.00GB
Starting Offset: 371043860480
Hidden sectors: 0


DeviceID: Disk #1, Partition #2
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 293.00GB
Starting Offset: 685616660480
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2015/03/04 13:41:26 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2015/06/16 06:45:34 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/07/16 03:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/04/28 04:23:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/04/28 04:04:37 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/03/03 15:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/05/24 20:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/07/16 03:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/07/16 03:10:10 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/05/27 14:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/06/16 06:44:47 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/06/16 06:42:49 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/07/21 03:12:45 | 002,606,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >
  • sora
  • 2015/08/27 (Thu) 19:33:31
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
Extra.txt

OTL Extras logfile created on: 2015/08/27 19:04:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.92 Gb Total Physical Memory | 5.95 Gb Available Physical Memory | 75.11% Memory free
15.84 Gb Paging File | 12.92 Gb Available in Paging File | 81.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 54.09 Gb Free Space | 45.40% Space Free | Partition Type: NTFS
Drive D: | 345.44 Gb Total Space | 45.44 Gb Free Space | 13.15% Space Free | Partition Type: NTFS
Drive E: | 292.97 Gb Total Space | 200.28 Gb Free Space | 68.36% Space Free | Partition Type: NTFS
Drive F: | 292.97 Gb Total Space | 272.83 Gb Free Space | 93.13% Space Free | Partition Type: NTFS

Computer Name: DAI-PC | User Name: Dai | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F2E623-B1BC-4320-8054-53373A92818C}" = rport=80 | protocol=6 | dir=out | app=d:\steam\steamapps\common\warframe\tools\remotecrashsender.exe |
"{0B4ABE10-595D-4749-9158-CC0B3FBA01BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{3CDECB41-7ACA-4352-9BDB-EF884BBFA954}" = rport=80 | protocol=6 | dir=in | app=d:\steam\steamapps\common\warframe\tools\launcher.exe |
"{3F1B954C-F844-468B-9492-5CB138F42DA2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4631F933-8440-4988-AE5A-570731D8CB40}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{51E3DAF1-C62A-4E91-ABA6-B7266DCDD0C8}" = rport=80 | protocol=6 | dir=out | app=d:\warframe\downloaded\public\warframe.exe |
"{5F67624D-5A21-49DB-8B85-89063690243F}" = rport=80 | protocol=6 | dir=in | app=d:\steam\steamapps\common\warframe\warframe.exe |
"{669BDACA-C677-43CF-ADD4-BF298201483E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{71ADBE83-253E-4BEA-868C-D964F7352A05}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{76A4345E-9D9E-49D6-B12D-15A29DD6306A}" = rport=80 | protocol=6 | dir=out | app=d:\steam\steamapps\common\warframe\tools\launcher.exe |
"{86D703AA-0CE6-4E7D-9B14-F0137DC44B61}" = rport=80 | protocol=6 | dir=in | app=d:\steam\steamapps\common\warframe\tools\remotecrashsender.exe |
"{9CF78ADF-E7DA-4ACD-BC8B-A149834D8109}" = rport=80 | protocol=6 | dir=out | app=c:\users\dai\appdata\local\warframe\downloaded\public\tools\launcher.exe |
"{9F7C533C-FEDC-46EB-B10E-DBA5228A186A}" = rport=80 | protocol=6 | dir=in | app=d:\steam\steamapps\common\warframe\warframe.x64.exe |
"{A2D26B3A-20DB-4F72-8303-72330B89A08E}" = rport=80 | protocol=6 | dir=out | app=d:\steam\steamapps\common\warframe\warframe.x64.exe |
"{D9B9379C-93E7-4DC0-BE71-EA0EEBEC1BD6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E8802712-E17E-4923-B659-F194B2D266BB}" = rport=80 | protocol=6 | dir=out | app=d:\warframe\downloaded\public\warframe.x64.exe |
"{EBF97925-AC45-448C-84C9-12533477BF62}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F0B93936-DECE-4ADC-B91F-AF6EFF3301E5}" = rport=80 | protocol=6 | dir=out | app=d:\steam\steamapps\common\warframe\warframe.exe |
"{F776503C-1878-44BB-8EED-282D0780FFB4}" = lport=25565 | protocol=6 | dir=in | name=minecraft |
"{F79703AE-1B58-4C10-BE4D-F5179A32EE1F}" = lport=54925 | protocol=17 | dir=in | svc=stisvc | name=brothernetwork scanner |
"{FF6B0702-7346-4F26-BD4B-4637DF2DBF3A}" = rport=80 | protocol=6 | dir=out | app=c:\users\dai\appdata\local\warframe\downloaded\public\tools\remotecrashsender.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F8763B-D136-4865-B5B9-D75CC17CAA9B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{02A2575D-8F99-403E-8D31-522B017EA34A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{05269E31-14B1-43A9-BA48-2FABB534EA51}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\outlast\outlastlauncher.exe |
"{084EED85-1613-4AE1-A81A-FE63ED4AD7F4}" = protocol=17 | dir=out | app=d:\warframe\downloaded\public\warframe.exe |
"{0911255D-12A4-48E0-B24B-00A37B8255E6}" = dir=in | app=e:\vmwareplayer\vmware-authd.exe |
"{0A8F5456-C3A1-4DA1-82E3-8BEDE052F74A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{0AFE3414-4152-4ACA-9A75-5BE307576A18}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{0E39F6D1-5673-4EC9-9FF7-BE323F5B202A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{10F16E94-84B7-4750-9196-5BB20A9C2970}" = protocol=17 | dir=in | app=c:\users\dai\appdata\roaming\bittorrent\bittorrent.exe |
"{151FFE7C-6AC8-4AC3-A456-7FCEDCD371F7}" = protocol=6 | dir=in | app=d:\firefox\firefox.exe |
"{1538789E-34AC-4EBF-B860-4781B717B131}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{1846C05F-A66F-44DE-B87A-36DFD6EFCECF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1A13F730-2A52-4A34-BA71-4F795BC6FE3D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{1C44D7B8-6B70-4F7A-A246-A8CC8240F295}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1DB5ACFF-6FBE-4306-B240-BB613DB98B21}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{20417BC9-16EF-4AA9-9A59-10EB9E535F08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{25C2C3BB-4838-4679-A872-730F5F715DCD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
"{2830F1A9-7E3C-4037-9F77-A39C7AD665FB}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{28B51988-C7C2-4FFD-9350-FDFA28C36D6F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{29C2F757-79C7-4E91-BD1D-2E0A2ADF59AD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tomb raider\tombraider.exe |
"{2B340061-24FA-4668-B5CA-0F5EB631F3F0}" = protocol=17 | dir=in | app=d:\firefox\firefox.exe |
"{2E6046B2-516A-43B0-B0D5-DA5555EF3BDB}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{2E656FB7-0577-4D15-B131-FF3EABB1F76B}" = protocol=17 | dir=out | app=d:\steam\steamapps\common\warframe\warframe.exe |
"{31A52119-236A-4482-891B-7473BC48B513}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{383930D2-3964-488E-9BE1-C7AF39F029DC}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{3B5011A9-F0D5-4FDB-9FA2-6F8225AB3B1F}" = dir=in | app=e:\vmwareplayer\vmware-authd.exe |
"{45F49317-4849-4CE3-8E98-88987B2B87E8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\outlast\outlastlauncher.exe |
"{4BC799A5-91A7-4C7C-B61C-E8ACD1E33CE5}" = dir=in | app=d:\janetter2\bin\janettersrv.exe |
"{51354888-B216-4947-BC3F-B7255E93B180}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{5A75A124-2750-4126-8541-F6B495B7CC8D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"{5A7F69F4-5BD8-4F31-9091-9901634FD55A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{68CF90B2-A6E4-4FEF-BF2E-8483D5BC7BCB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{6CBE01CA-7AC2-4FFF-ADEF-25492A1C5EB1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{6D27626F-64F0-4D4A-942A-AA2DCC446DEB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F232769-3C19-4DF5-AA8C-A7441A948767}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\robocraft\robocraft.exe |
"{6F36B529-E6C5-4CC1-BC06-38EEDEC4B3E3}" = protocol=6 | dir=in | app=c:\windows\downloaded program files\sf2launcher.exe |
"{732DED08-8D23-4403-B9A1-1D61FCB17742}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{73EEBE43-D49E-4A75-8D73-DD10D476704B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\theevilwithin\evilwithin.exe |
"{749C6122-5C53-4AC4-B92A-654F4409612C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warframe\warframe.x64.exe |
"{7C20EB1B-E4BB-42DF-A121-39C007CCB25E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tomb raider\tombraider.exe |
"{7FD7FFE0-DB87-4943-81E6-07217CD239A3}" = protocol=17 | dir=in | app=d:\firefox\firefox.exe |
"{8076BF3C-0E95-4F75-B08D-5344E498DCAD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{811D709E-0DDB-439A-9A85-49CCA5937849}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"{877F88AA-2823-4901-9172-ACB62027A096}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe |
"{878CA8AB-DB77-42C7-B30C-CE4C78F8B5ED}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8A5CA3F9-D1DC-48DE-9400-F1E53F0B17CB}" = protocol=17 | dir=in | app=d:\warframe\downloaded\public\warframe.exe |
"{8F297483-2CB9-4341-9CE0-1A32C2F33ED9}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"{912DCE55-79BF-433A-A80D-B5BB46F18C93}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\warframe\warframe.exe |
"{9AED5443-76F2-4420-9C26-3B0F8D69F4EA}" = protocol=17 | dir=in | app=c:\windows\downloaded program files\sf2launcher.exe |
"{9FB1C717-149C-49B3-9A18-06E498959436}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tomb raider anniversary\tra.exe |
"{A3A8E1EE-3DE5-4D8F-B47E-3147C50C2C3D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{A5D7B9F4-8DAC-49F0-B4B7-3D977DE3171F}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{A8D5EAB8-D454-4D0D-B67B-79EBDE9FD2AE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{AC96A2E6-187E-4660-A0FA-0286E50CEA3F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tomb raider anniversary\tra.exe |
"{B2392A3A-0490-463F-945C-E2A33140BF13}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{B23C78E6-7393-419F-A149-778714DA566B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B2ADC424-667B-468B-BE6C-ADE44CDEEC16}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{B8F305E7-E685-4B88-9B42-A9264E3FF090}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\robocraft\robocraft.exe |
"{BE04F5FA-547A-422B-AA08-C68630C854D0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{C60247BD-C841-4D23-B293-2477B03FE11A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C7CF8256-1130-4760-9CC2-7FB0CCF7DFCE}" = protocol=17 | dir=out | app=d:\warframe\downloaded\public\warframe.x64.exe |
"{C84E7CD1-8F50-4786-BBA6-EC63EA3B11EE}" = protocol=17 | dir=in | app=d:\warframe\downloaded\public\warframe.x64.exe |
"{D0E0BB1B-DB83-410E-9018-2757005427D4}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{D16D0813-558F-4F03-90D5-749C1D828C40}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\theevilwithin\evilwithin.exe |
"{D2911397-8796-4338-98CA-16C87DEF8ABD}" = protocol=6 | dir=in | app=e:\hanpurple\j_sf2\binaries\win32\sf2.exe |
"{DAE80CF7-96BC-4250-99F0-E3F91FCA2363}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC4EB85E-9C1A-4A3C-BDBA-F7D0B1EB1C88}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"{DD0F5D83-F0BC-41B7-916A-413905FA48A1}" = protocol=6 | dir=in | app=d:\firefox\firefox.exe |
"{DEDE2E12-91C9-49BD-949E-8F17B1093222}" = dir=in | app=c:\users\dai\appdata\local\microsoft\skydrive\skydrive.exe |
"{E04A46A4-E5B8-44E4-B33C-DE42425F380D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{E06DF95B-F601-46E8-AEFC-E0594471A842}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{E68F1CDA-17C4-48AF-A3F2-F5D407D72365}" = protocol=17 | dir=in | app=e:\hanpurple\j_sf2\binaries\win32\sf2.exe |
"{E9E49FEC-D6C6-434A-B1CF-BB900800A232}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ED155ADB-B0C9-45B9-B7A9-068447C23E57}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe |
"{EF65B5F9-D4BD-4A10-989A-2D0F4B688DCE}" = protocol=6 | dir=in | app=c:\users\dai\appdata\roaming\bittorrent\bittorrent.exe |
"{F12CDF9B-23AC-413D-9297-A39781BEFF8F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F4662C2B-578A-4B93-9F31-D7DFFA22A0AF}" = protocol=17 | dir=out | app=d:\steam\steamapps\common\warframe\warframe.x64.exe |
"{F7F73E49-139B-4D8D-9FE1-9A4C0999EAC3}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{FD3925D5-FACB-45EB-A068-394214FA23FB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
"TCP Query User{0C2864CB-A2B5-4DE6-B081-E25D63826DB3}D:\tapur\tapur.exe" = protocol=6 | dir=in | app=d:\tapur\tapur.exe |
"TCP Query User{1A6FF26A-5798-4D64-A890-E22EDF118373}C:\windows\downloaded program files\reactor.exe" = protocol=6 | dir=in | app=c:\windows\downloaded program files\reactor.exe |
"TCP Query User{1EA347FD-1661-4A20-A018-8DA6ED1A3A31}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"TCP Query User{77E717EF-978D-434D-99D0-6A0EE12498ED}D:\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=d:\java\jre7\bin\javaw.exe |
"TCP Query User{7CB1FCE3-92AF-402C-BD5B-4996B0A03E48}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{87F0C87A-2732-4FB9-954B-6DA4B6D49303}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"TCP Query User{99C13D6A-201F-43CB-A499-4209226FB1AF}C:\windows\downloaded program files\sf2launcher.exe" = protocol=6 | dir=in | app=c:\windows\downloaded program files\sf2launcher.exe |
"TCP Query User{9B641DD1-51C5-4695-9A53-1FD4197AA4F8}D:\steam\steamapps\common\outlast\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
"TCP Query User{DCE2EECF-3E5C-48E7-8900-DBC384199B7D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{E2E07F9B-AC6A-4965-85A5-4CF57109140F}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{E9280014-634F-43EF-BAC4-4DE849B85C2E}C:\java\jdk1.7.0_79\bin\javaw.exe" = protocol=6 | dir=in | app=c:\java\jdk1.7.0_79\bin\javaw.exe |
"TCP Query User{F3B72AA3-DC88-4B6B-A05B-E332EA1A1E90}D:\tapur\tapur.exe" = protocol=6 | dir=in | app=d:\tapur\tapur.exe |
"UDP Query User{0DDEDD24-063B-4CE5-AF49-7AF1C252EB89}D:\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\trine 2\trine2_32bit.exe |
"UDP Query User{17BCEAE7-7147-453A-955D-DE10D0F1F54B}D:\tapur\tapur.exe" = protocol=17 | dir=in | app=d:\tapur\tapur.exe |
"UDP Query User{1F7AC87C-9871-4F39-8B30-B2437BCBC64B}D:\steam\steamapps\common\outlast\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\outlast\binaries\win64\olgame.exe |
"UDP Query User{214234AC-7907-40A7-B28F-E5C11078D331}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{287AB55A-7237-4235-BD32-F1D0AB161449}D:\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=d:\java\jre7\bin\javaw.exe |
"UDP Query User{35EC1BF3-2865-4E51-A6F4-BDA10875C940}D:\tapur\tapur.exe" = protocol=17 | dir=in | app=d:\tapur\tapur.exe |
"UDP Query User{61636CE1-0462-43CF-9E74-407BF31095DA}C:\java\jdk1.7.0_79\bin\javaw.exe" = protocol=17 | dir=in | app=c:\java\jdk1.7.0_79\bin\javaw.exe |
"UDP Query User{791E4935-2F7A-48AB-8985-3BBB5C058CE2}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{8379ABA0-C6E1-455F-9D32-610B88136D03}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"UDP Query User{C23FE755-58CA-4900-A921-3490421C5B20}C:\windows\downloaded program files\reactor.exe" = protocol=17 | dir=in | app=c:\windows\downloaded program files\reactor.exe |
"UDP Query User{D3155246-40EA-4985-97B2-F41377EDC7D3}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{DDE7CC74-D4FD-45DD-924B-3743AED64820}C:\windows\downloaded program files\sf2launcher.exe" = protocol=17 | dir=in | app=c:\windows\downloaded program files\sf2launcher.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417080FF}" = Java 7 Update 80 (64-bit)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}" = Intel(R) Network Connections 18.5.54.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}" = Oracle VM VirtualBox 4.3.26
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63B4D665-34F5-333A-BE00-6DDE0CBD4A6C}" = Microsoft .NET Framework 4.5.2 (JPN)
"{64A3A4F4-B792-11D6-A78A-00B0D0170790}" = Java SE Development Kit 7 Update 79 (64-bit)
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.2 (日本語)
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A7915697-1675-433D-AD07-759E8550582F}" = ActivePerl 5.16.3 Build 1604 (64-bit)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision ドライバー 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA コントロール パネル 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA グラフィックス ドライバー 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision コントローラー ドライバー 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX システム ソフトウェア 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD オーディオ ドライバー 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B71910C5-BE1F-4091-A685-3FA2342A7635}" = Intel(R) Smart Connect Technology 4.1 x64
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support(64 ビット)
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"ASRock App Charger_is1" = ASRock App Charger v1.0.6
"ASRock SmartConnect_is1" = ASRock SmartConnect v1.0.6
"ASRock XFast RAM_is1" = ASRock XFast RAM v3.0.2
"CCleaner" = CCleaner
"JUMAN_is1" = JUMAN 7.0
"KNP_is1" = KNP 4.11
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"ProfessionalRetail - ja-jp" = Microsoft Office Professional 2013 - ja-jp
"PROSetDX" = Intel(R) Network Connections 18.5.54.0
"Wacom Tablet Driver" = ワコム タブレット
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"XFast LAN" = XFast LAN v9.05

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}" = RPGツクール2003 ランタイムパッケージ
"{004B8175-BD94-4548-879A-F6AA628696D2}" = Microsoft Games for Windows - LIVE Redistributable (PartnerNet)
"{135618FF-C86E-49F4-A74C-C95872743F59}" = CCI-Pro-MR_x86
"{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}" = Minecraft
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{31B9D218-FED2-4C6C-B19F-7294FFC130B0}" = Adobe AIR
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{486860C5-962B-45C5-857D-F441F983E797}" = Warframe
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57672BEC-E777-4D4B-944A-719414E84D3F}" = Microsoft Games for Windows Marketplace (Partnernet)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype(TM) 7.8
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = バトルフィールド 3
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}" = Brother ドライバー&ソフトウェア DCP-J952N
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7B74F851-4A9B-4A4D-8B3A-31AE8C5C21B6}" = エレコム マウスカスタマイザー
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0411-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1041-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Japanese
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support(32 ビット)
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{DAA18A0D-A57C-4611-B135-46EA06990E7D}" = XSplit
"{DFE05470-1F39-4D18-8BF0-EB7D9917946B}" = ELECOM Mouse Customizer
"{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1" = Thunder Master v1.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F166676E-ACD2-43A4-88E2-8EC5E1568266}" = ニコ生デスクトップキャプチャー(XP) SEASON2
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Any Video Converter_is1" = Any Video Converter 5.6.3
"ASRock HDMI Switch_is1" = ASRock HDMI Switch v1.0.25
"ASRock Key Master_is1" = ASRock Key Master v1.0.7
"Battlelog Web Plugins" = Battlelog Web Plugins
"CitiesOnline" = CitiesOnline
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Debut" = Debut Video Capture Software
"F-Stream Tuning_is1" = F-Stream Tuning v2.0.48
"Google Chrome" = Google Chrome
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"IObitUninstall" = IObit Uninstaller
"Janetter2_is1" = Janetter 4.3.0.2
"Lhaplus" = Lhaplus
"LINE" = LINE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 40.0.2 (x86 ja)" = Mozilla Firefox 40.0.2 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neffy" = Neffy 1,2,5,0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PaintToolSAI" = ペイントツールSAI Ver.1
"Pmang" = Pmangインストールマネージャー
"Pmang_AVA" = Alliance of Valiant Arms
"Pmang_common" = Common
"Pmang_tera" = TERA
"PunkBusterSvc" = PunkBuster Services
"SnapCrab for Windows_is1" = SnapCrab for Windows 1.1.1
"SPECIAL FORCE 2" = SPECIAL FORCE 2
"Steam" = Steam
"Steam App 203160" = Tomb Raider
"Steam App 230410" = Warframe
"Steam App 238320" = Outlast
"Steam App 268050" = The Evil Within
"Steam App 301520" = Robocraft
"Steam App 35700" = Trine
"Steam App 35720" = Trine 2
"Steam App 45740" = Dead Rising 2
"Steam App 550" = Left 4 Dead 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7670" = BioShock
"Steam App 8000" = Tomb Raider: Anniversary
"Steam App 8850" = BioShock 2
"Steam App 8870" = BioShock Infinite
"Tapur_is1" = Tapur 5.3.0.111
"TeraPad" = TeraPad
"VMware_Player" = VMware Player
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"XFastUSB" = XFastUSB

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7702405da06edcbf" = DesignDoll
"Hangame.com" = Hangame
"OneDriveSetup.exe" = Microsoft OneDrive

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/08/25 9:57:39 | Computer Name = Dai-PC | Source = PerfNet | ID = 2004
Description =

Error - 2015/08/25 9:57:39 | Computer Name = Dai-PC | Source = PerfNet | ID = 2002
Description =

Error - 2015/08/25 9:58:46 | Computer Name = Dai-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2015/08/25 9:58:46 | Computer Name = Dai-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2015/08/25 10:00:17 | Computer Name = Dai-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/08/25 10:03:35 | Computer Name = Dai-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/08/25 12:00:49 | Computer Name = Dai-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2015/08/25 12:00:49 | Computer Name = Dai-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2015/08/25 12:02:20 | Computer Name = Dai-PC | Source = WinMgmt | ID = 10
Description =

Error - 2015/08/25 15:19:23 | Computer Name = Dai-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(28:e1:4c:4d:1b:0c@fe80::2ae1:4cff:fe4d:1b0c._apple-mobdev2._tcp.local.)
active for over two minutes. This places considerable burden on the network.

[ System Events ]
Error - 2015/08/25 10:01:57 | Computer Name = Dai-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/25 10:01:57 | Computer Name = Dai-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/25 10:01:57 | Computer Name = Dai-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/25 10:01:57 | Computer Name = Dai-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/25 10:01:57 | Computer Name = Dai-PC | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/08/25 10:12:18 | Computer Name = Dai-PC | Source = DCOM | ID = 10005
Description =

Error - 2015/08/25 10:12:18 | Computer Name = Dai-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 で定義を更新しようとしてエラーが発生しました。 新しい定義のバージョン: 以前の定義のバージョン: 1.205.342.0

更新元:
%%859 更新ステージ: %%852 ソース パス: Default URL 定義の種類: %%800 更新の種類: %%803 ユーザー: NT AUTHORITY\SYSTEM

現在のエンジンのバージョン:
以前のエンジンのバージョン: 1.1.12002.0 エラー コード: 0x8007043c エラーの説明: このサービスはセーフ モードで開始できません

Error - 2015/08/25 10:12:19 | Computer Name = Dai-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 で定義を更新しようとしてエラーが発生しました。 新しい定義のバージョン: 以前の定義のバージョン: 1.205.342.0

更新元:
%%851 更新ステージ: %%852 ソース パス: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.12002.0&avdelta=1.205.342.0&asdelta=1.205.342.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

定義の種類:
%%800 更新の種類: %%803 ユーザー: NT AUTHORITY\NETWORK SERVICE 現在のエンジンのバージョン: 以前のエンジンのバージョン:
1.1.12002.0 エラー コード: 0x80072ee7 エラーの説明: サーバー名またはアドレスは解決されませんでした

Error - 2015/08/25 10:12:19 | Computer Name = Dai-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 で定義を更新しようとしてエラーが発生しました。 新しい定義のバージョン: 以前の定義のバージョン: 1.205.342.0

更新元:
%%851 更新ステージ: %%852 ソース パス: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.12002.0&avdelta=1.205.342.0&asdelta=1.205.342.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

定義の種類:
%%801 更新の種類: %%803 ユーザー: NT AUTHORITY\NETWORK SERVICE 現在のエンジンのバージョン: 以前のエンジンのバージョン:
1.1.12002.0 エラー コード: 0x80072ee7 エラーの説明: サーバー名またはアドレスは解決されませんでした

Error - 2015/08/25 10:12:19 | Computer Name = Dai-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 で定義を更新しようとしてエラーが発生しました。 新しい定義のバージョン: 以前の定義のバージョン: 0.0.0.0 更新元:
%%851 更新ステージ: %%852 ソース パス: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094

定義の種類:
%%886 更新の種類: %%803 ユーザー: NT AUTHORITY\NETWORK SERVICE 現在のエンジンのバージョン: 以前のエンジンのバージョン:
0.0.0.0 エラー コード: 0x80072ee7 エラーの説明: サーバー名またはアドレスは解決されませんでした


< End of report >
  • sora
  • 2015/08/27 (Thu) 19:34:33
返信フォームへ 
splashtopが往生際悪いですね
作業と報告、ご苦労様です。
OTLスキャンログを見せてもらいました。

まだSplashtopが残ってますね。以前より妙に往生際悪くなってます。
ではこれを含めて、今度はOTLを使っての掃除しましょう。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
SRV - [2013/04/03 19:38:44 | 000,551,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://jp.msn.com/
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB 11 9B B0 2D DB CF 01 [binary data]
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4.1-signed
CHR - Extension: No name found = C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\
[2015/08/17 18:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss

:Files
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
C:\Windows\pss

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2015/08/27 (Thu) 21:15:56
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レスが遅くなって申し訳ありません。

作業はひと通り終了し、現状広告は出ておりません。
全部の問題が無くなったかどうかはまだわかりませんが、とりあえず一目見てわかる問題はもう残っていないと思います。

解決にご協力いただき、本当にありがとうございます。

とりあえず、再起動後に出たログを張っておきます。
次の指示をお待ちしております。

------------------

All processes killed
========== OTL ==========
Service SplashtopRemoteService stopped successfully!
Service SplashtopRemoteService deleted successfully!
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe moved successfully.
HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main\

\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main\

\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKU\S-1-5-21-1265446842-1208567973-370051150-1000\SOFTWARE\Microsoft\Internet Explorer\Main\

\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Prefs.js: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4.1-signed removed from

extensions.enabledAddons
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\_platform_specific\x86-64_ja folder moved

successfully.
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\_platform_specific folder moved successfully.
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\_metadata folder moved successfully.
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\audio folder moved successfully.
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1 folder moved successfully.
C:\Windows\pss folder moved successfully.
========== FILES ==========
C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Default\Extensions

\lccekmodgklaepjeofjdjpbminllajkg folder moved successfully.
File\Folder C:\Windows\pss not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Dai
->Temp folder emptied: 25325290 bytes
->Temporary Internet Files folder emptied: 46299543 bytes
->Java cache emptied: 77069 bytes
->FireFox cache emptied: 481392046 bytes
->Google Chrome cache emptied: 418573098 bytes
->Flash cache emptied: 481905 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 207375280 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet

Files folder emptied: 55392038 bytes
RecycleBin emptied: 6157032723 bytes

Total Files Cleaned = 7,050.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 08292015_164421

Files\Folders moved on Reboot...
C:\Users\Dai\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Dai\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved

successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • sora
  • 2015/08/29 (Sat) 17:08:41
返信フォームへ 
ここで各ログを見直しましょう
今夜はいつも以上に遅くなってごめんなさい。

OTLでの処置後は異常も治まってますか。
ログでも大体処置できたようですね。

ではここで一度全体の再確認します。
またCCで各タブのログとインストール情報とHJTログを取り直して、それらをレスください
  • 悪代官
  • 2015/08/29 (Sat) 21:44:58
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
レスありがとうございます。

現状、異常は見られていません。
本当にありがとうございます。

ただ、拡張子を表示する設定にしていたのですが、それが解除されています。

以下ログです。

----------------

windowsタブ

有効 HKCU:Run ASRockHDMISwitch
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Line LINE Corporation "D:\LINE\Line.exe" --booting
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run Tapur tapur.com D:\Tapur\tapmgr.exe
有効 HKCU:Run THPanel Palit Microsystems Ltd. "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
有効 HKLM:Run BrStsMon00 Brother Industries, Ltd. C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
有効 HKLM:Run ControlCenter4 Brother Industries, Ltd. C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
有効 HKLM:Run ElcMouse C:\Program Files\ELECOM_Mouse_Driver\ElcMouseApl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
無効 HKLM:Run LogMeIn Hamachi Ui "D:\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
有効 HKLM:Run MSC Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Nvtmru NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
有効 HKLM:Run QuickTime Task Apple Inc. "D:\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run XFast LAN cFos Software GmbH C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
有効 HKLM:Run XFastUSB FNet Co., Ltd. "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
有効 Startup Common iSCTsysTray.lnk Intel Corporation C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
有効 Startup User SnapCrab.lnk Fenrir Inc. D:\SnapCrab for Windows\SnapCrab.exe



Internet Explorerタブ

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files\Java\jre7\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files\Java\jre7\bin\ssv.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll



Firefoxタブ

有効 Extension Adblock Plus 2.6.10 Wladimir Palant default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
有効 Extension Fasterfox Lite 3.9.9Lite.1-signed BigRedBrent default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\FasterFox_Lite@BigRedBrent
有効 Extension Memory Fox 7.4.1-signed IDEVFH default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
有効 Extension Password Exporter 1.3.1.1-signed Justin Scott default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
無効 Extension Skype Click to Call 7.4.0.9058 Microsoft Corporation default Firefox 40.0.3 D:\Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
有効 Plugin Adobe Acrobat 15.8.20082.15957 Adobe Systems Inc. default Firefox 40.0.3 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.3 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.13 Google Inc. default Firefox 40.0.3 C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.3 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 40.0.3 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin NVIDIA 3D Vision 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.3 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.3182 NVIDIA Corporation default Firefox 40.0.3 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin pmangdiagnostic 1.0.0.1 gameon default Firefox 40.0.3 E:\pmang\GameOn\Common files\nppmangdiagnostic.dll
有効 Plugin pmangsupport 1.0.0.1 gameon default Firefox 40.0.3 E:\pmang\GameOn\Common files\nppmangsupport.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 12 Adobe Systems Inc default Firefox 40.0.3 C:\Users\Dai\AppData\Roaming\Mozilla\Firefox\Profiles\q4cm5j9v.default\gmp-eme-adobe\12\eme-adobe.dll
有効 Plugin QuickTime Plug-in 7.7.6 7.7.6.0 Apple Inc. default Firefox 40.0.3 D:\QuickTime\Plugins\npqtplugin5.dll
有効 Plugin Shockwave Flash 18.0.0.232 Adobe Systems Incorporated default Firefox 40.0.3 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
有効 Plugin WacomTabletPlugin 2.1.0.3 Wacom default Firefox 40.0.3 C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll



Google Chromeタブ

有効 Extension Postcron 250 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\kahoebmmfnjmjcbclecdkhiapmefpaed\250
有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1



スケジュールされたタスクタブ

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DNSKINGSTON C:\Program Files (x86)\DNS Unlocker\dnskingston.exe /Scheduled
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task HDMISwitch ASROCK Incorporation C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
有効 Task Microsoft Office 15 Sync Maintenance for Dai-PC-Dai Dai-PC Microsoft Corporation C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
有効 Task ThunderMaster Palit Microsystems Ltd. C:\Program Files (x86)\Thunder Master\THPanel.exe /A
有効 Task Uninstaller_SkipUac_Dai IObit C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
有効 Task {0882BD34-7519-4D9F-8AF0-78CB50DAB104} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "D:\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "D:\Steam\steamapps\common\Left 4 Dead 2" -c /register
有効 Task {5635A0B3-AEAC-42BD-94BB-45D5470FD1AE} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Steam\SteamApps\common\Trine\PhysX_9.09.0408_SystemSoftware.exe -d D:\Steam\steamapps\common\Trine\_enchanted_edition_ -c /passive
有効 Task {6A591FB8-F725-41FC-87F5-4F46D46BB678} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\Dai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5QN5D3SZ\pmang_common_module.exe" -d D:\Users\Dai\Desktop
有効 Task {81D8AC7C-6E8D-4E9D-9758-84452E6CEE84} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\vcredist_x86.exe -d D:\Users\Dai\Downloads
有効 Task {F7AF52A5-08B1-4B46-BF8E-18B7B0C81238} Microsoft Corporation C:\Windows\system32\pcalua.exe -a D:\Users\Dai\Downloads\HijackThis.exe -d D:\Users\Dai\Downloads



コンテキストメニュータブ

有効 Directory 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 Directory IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Drive Lhaplus D:\Lhaplus\LplsShlx64.dll
有効 Drive VMDiskMenuHandler VMware, Inc. E:\VMwarePlayer\vmdkShellExt.dll
有効 Drive VMDiskMenuHandler64 VMware, Inc. E:\VMwarePlayer\x64\vmdkShellExt64.dll
有効 File 7-Zip Igor Pavlov D:\7-Zip\7-zip.dll
有効 File IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 File Lhaplus D:\Lhaplus\LplsShlx64.dll
有効 File MBAMShlExt Malwarebytes Corporation D:\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder IObitUnstaler IObit C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll
有効 Folder Lhaplus D:\Lhaplus\LplsShlx64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation D:\Malwarebytes' Anti-Malware\mbamext.dll



インストール情報

7-Zip 9.20 2014/10/18
Acrobat.com Adobe Systems Incorporated 2014/06/03 1.1.377
ActivePerl 5.16.3 Build 1604 (64-bit) ActiveState 2014/06/13 83.9 MB 5.16.1604
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2015/08/24 206 MB 15.008.20082
Adobe AIR Adobe Systems Incorporated 2015/08/05 18.0.0.180
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/12 8.30 MB 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 2015/08/26 17.8 MB 18.0.0.232
Alliance of Valiant Arms 株式会社ゲームオン 2015/07/30 11240472
Any Video Converter 5.6.3 Any-Video-Converter.com 2014/07/21 99.8 MB
Apple Application Support(32 ビット) Apple Inc. 2015/05/02 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/05/02 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/02/21 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/06/08 2.38 MB 2.1.3.127
ASRock App Charger v1.0.6 ASRock Inc. 2014/06/03 1.32 MB 1.0.6
ASRock HDMI Switch v1.0.25 2014/06/03 3.48 MB 1.0.25
ASRock Key Master v1.0.7 2014/06/03 6.08 MB 1.0.7
ASRock SmartConnect v1.0.6 ASRock Inc. 2014/06/03 3.00 MB
ASRock XFast RAM v3.0.2 ASRock Inc. 2014/06/03 12.0 MB
Battlelog Web Plugins EA Digital Illusions CE AB 2015/01/22 2.6.2
BioShock 2K Boston 2014/11/02
BioShock 2 2K Marin 2014/11/02
BioShock Infinite Irrational Games 2014/11/02
Bonjour Apple Inc. 2014/06/08 2.00 MB 3.0.0.10
Brother ドライバー&ソフトウェア DCP-J952N Brother Industries, Ltd. 2014/06/12 1.0.4.0
CCI-Pro-MR_x86 COSMOSOFT 2014/08/12 2.20 MB 3.13.0919
CCleaner Piriform 2015/08/20 5.08
CitiesOnline 2014/11/12
Common GameOn 2015/07/30 2290680
Dead Rising 2 Capcom Vancouver 2015/04/03
Debut Video Capture Software NCH Software 2014/08/12 1.90
DesignDoll Terawell 2015/01/08 1.1.0.6
F-Stream Tuning v2.0.48 2014/06/03 84.5 MB 2.0.48
Google Chrome Google Inc. 2015/02/22 44.0.2403.157
Google 日本語入力 Google Inc. 2014/09/11 83.0 MB 1.13.1641.0
Hangame 2014/11/15
Intel(R) Network Connections 18.5.54.0 Intel 2014/06/03 25.7 MB 18.5.54.0
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/03 12.8.0.1016
Intel(R) Smart Connect Technology 4.1 x64 Intel 2014/06/03 44.0 MB 4.1.40.2143
IObit Uninstaller IObit 2015/08/17 4.3.0.118
iTunes Apple Inc. 2015/05/02 233 MB 12.1.2.27
Janetter 4.3.0.2 Jane, Inc. 2014/10/15
Java 7 Update 80 (64-bit) Oracle 2015/08/24 118 MB 7.0.800
Java 8 Update 60 Oracle Corporation 2015/08/24 20.6 MB 8.0.600.27
Java SE Development Kit 7 Update 79 (64-bit) Oracle 2015/07/10 245 MB 1.7.0.790
JUMAN 7.0 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 52.8 MB
KNP 4.11 Kurohashi-Kawahara Laboratory, Kyoto University 2014/06/13 2.47 GB
Left 4 Dead 2 Valve 2014/10/03
Lhaplus 2014/07/13
LINE LINE Corporation 2015/08/13 4.1.2.516
Malwarebytes Anti-Malware version 1.75.0.1300 Malwarebytes Corporation 2015/08/25 19.2 MB 1.75.0.1300
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2014/10/16 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2015/02/22 2.93 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable (PartnerNet) Microsoft Corporation 2015/04/03 31.5 MB 3.5.88.0
Microsoft Games for Windows Marketplace (Partnernet) Microsoft Corporation 2015/04/03 5.26 MB 3.5.50.0
Microsoft Office Professional 2013 - ja-jp Microsoft Corporation 2015/08/23 15.0.4745.1002
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/14 4.8.204.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/07/17 298 KB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/04/03 570 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/02/17 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2015/04/22 240 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/02/18 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/04 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/04/22 232 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/06/05 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 5.38 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 15.0 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
Minecraft Mojang 2015/01/30 1.22 MB 1.0.3.0
Mozilla Firefox 40.0.2 (x86 ja) Mozilla 2015/08/17 84.5 MB 40.0.2
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/08/29 84.8 MB 40.0.3
Mozilla Maintenance Service Mozilla 2015/08/17 233 KB 40.0.2
Neffy 1,2,5,0 CDNetworks 2015/07/29 1,2,5,0
Nexus Mod Manager Black Tree Gaming 2014/10/25 16.3 MB 0.52.3
NVIDIA 3D Vision コントローラー ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA 3D Vision ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
NVIDIA GeForce Experience 1.7.1 NVIDIA Corporation 2014/06/04 1.7.1
NVIDIA HD オーディオ ドライバー 1.3.26.4 NVIDIA Corporation 2014/06/04 1.3.26.4
NVIDIA PhysX システム ソフトウェア 9.13.0725 NVIDIA Corporation 2014/06/04 9.13.0725
NVIDIA Virtual Audio 1.2.9 NVIDIA Corporation 2014/06/04 1.2.9
NVIDIA グラフィックス ドライバー 331.82 NVIDIA Corporation 2014/06/04 331.82
Oracle VM VirtualBox 4.3.26 Oracle Corporation 2015/04/22 157 MB 4.3.26
Origin Electronic Arts, Inc. 2014/06/04 9.4.7.2799
Outlast Red Barrels 2014/10/03
PHANTASY STAR ONLINE 2 SEGA 2014/07/29 7.51 MB
Pmangインストールマネージャー GameOn,Pmang 2014/08/18 1.0.1.1
PunkBuster Services Even Balance, Inc. 2014/06/04 0.991
QuickTime 7 Apple Inc. 2014/10/25 70.2 MB 7.76.80.95
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/06/03 6.0.1.7004
Robocraft Freejam 2014/07/09
RPGツクール2000 ランタイムパッケージ 2014/06/07
RPGツクール2003 ランタイムパッケージ 2015/07/12
Skype Click to Call Microsoft Corporation 2015/08/24 13.2 MB 7.4.0.9058
Skype(TM) 7.8 Skype Technologies S.A. 2015/08/24 71.1 MB 7.8.102
SnapCrab for Windows 1.1.1 Fenrir Inc. 2014/06/04 8.28 MB
SPECIAL FORCE 2 NHN PlayArt Corp. 2015/01/10 6.15 GB 1.0.0.0
Steam Valve Corporation 2014/06/11
Tapur 5.3.0.111 tapur.com 2014/06/24 9.43 MB
TERA GameOn 2014/08/18 1
TeraPad 2014/09/10
The Elder Scrolls V: Skyrim Bethesda Game Studios 2014/10/03
The Evil Within Tango Gameworks 2014/12/03
Thunder Master v1.9 Palit Microsystems Ltd. 2014/06/03 5.21 MB 1.9.8.5
Tomb Raider Crystal Dynamics 2014/10/17
Tomb Raider: Anniversary Crystal Dynamics 2015/04/04
Trine Frozenbyte 2014/10/17
Trine 2 Frozenbyte 2014/10/17
VMware Player VMware, Inc 2015/04/22 390 MB 7.1.0
Warframe Digital Extremes 2015/04/01
Warframe Digital Extremes 2014/06/11 1.95 MB 1.0.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2014/06/04 2.1.0.3
Windows Live ID Sign-in Assistant Microsoft Corporation 2015/04/03 10.0 MB 6.500.3165.0
XFast LAN v9.05 cFos Software GmbH, Bonn 2014/06/03 9.05
XFastUSB ASRock Inc. 2014/06/03 3.02.38
XSplit SplitMediaLabs 2014/06/03 95.7 MB 1.2.1303.0101
エレコム マウスカスタマイザー ELECOM 2014/07/26 1.00.00000
ニコ生デスクトップキャプチャー(XP) SEASON2 Consolas 2014/10/16 376 KB 1.16
バトルフィールド 3 Electronic Arts 2014/06/04 1.6.0.0
ペイントツールSAI Ver.1 2014/06/06
ワコム タブレット Wacom Technology Corp. 2014/06/04 6.3.6-1



HJTログ

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:46:09, on 2015/08/30
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)

FIREFOX: 40.0.2 (x86 ja)
Boot mode: Normal

Running processes:
D:\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Thunder Master\THPanel.exe
C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
D:\LINE\Line.exe
D:\Tapur\tapmgr.exe
C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
D:\Tapur\Tapur.exe
D:\SnapCrab for Windows\SnapCrab.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
D:\Firefox\firefox.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
D:\Users\Dai\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
O4 - HKCU\..\Run: [Line] "D:\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Tapur] D:\Tapur\tapmgr.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dai\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1265446842-1208567973-370051150-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote に送る.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: SnapCrab.lnk = D:\SnapCrab for Windows\SnapCrab.exe
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) - http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASRock IO Monitor Service (ASRockIOMon) - Unknown owner - C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\VMwarePlayer\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 13978 bytes
  • sora
  • 2015/08/30 (Sun) 19:52:25
返信フォームへ 
力技でChromeの入れなおしを
作業と報告、ご苦労様です。
現在のログも見せていただきました。

現在異常は出てないようなので、それはいいですが、Chromeに食い込んでいる下記が最後のヤマですね。
>有効 Extension WhhItteDDealse 1.1 ゲスト C:\Users\Dai\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bfniojdgcmjfifbdopbnaloohnfbdecn\1.1

では力技でChromeを一度削除しましょう。

Chromeのブックマークで必要なものがあればブクマをエクスポート(バックアップ)しておいてください。

準備できたらセーフモードでGUを使って下記を一度アンインストールです。
Google Chrome Google Inc. 2015/02/22 44.0.2403.157
Google 日本語入力 Google Inc. 2014/09/11 83.0 MB 1.13.1641.0

削除後にPCを通常モードで再起動したら、ディスククリーンアップ実行後に、Cドライブを手動目視で開いて、下記のフォルダが見つかったらそれを削除です。探しても見つからないものはスルーでいいです。
C:\Program Files (x86)\Google

C:\Users\【ユーザー名】\AppData\Local\Google

C:\Users\【ユーザー名】\AppData\LocalLow\Google

このあとにまたGoogle公式サイトに行ってChrome最新版をダウンロードと再インストールしてください。

ですが今後はChromeを使わなくていいなら再インストールもしなくていいです。
むしろこの方が楽でしょう。

このあとまたしばらく様子見後、CCでChromeタブのログだけ取り直して、それをレスで見せてください
  • 悪代官
  • 2015/08/30 (Sun) 20:46:39
返信フォームへ 
Re: 放置していると別ページにリダイレクト、他にもWeb上にDNSUnlockerの広告が
返信が非常に遅くなり申し訳ありません。

>C:\Program Files (x86)\Google
>C:\Users\【ユーザー名】\AppData\LocalLow\Google

この2つですが、削除しようとしても他のプログラムがこのフォルダを開いているので削除できません、という旨のメッセージが表示されて削除できません。

セーフモードで削除すればいいのでしょうか?
  • sora
  • 2015/09/03 (Thu) 01:12:07
返信フォームへ 
他にGoogle系アプリは入れてませんか?
作業と報告、ご苦労様です。

作業後にGoogleフォルダが削除できないとのことですね。
一応確認しますが、Google 日本語入力とChromeはともにアンインストールして、現在他のGoogle系アプリもインストールはされてない状態ですね?
他にもGoogle系アプリが入っていればそれも削除しないとフォルダ削除はできないはずなので。

他にGoogleアプリが入ってないならそこはスルーでいいです。

では続きの手順でChromeの再インストールしてから、そのあとの状態報告もお願いします。
Chromeを今後は使わないなら入れなおしもしなくていいです
  • 悪代官
  • 2015/09/03 (Thu) 06:36:21
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック