悪代官の伏魔殿掲示板

マルウェアに感染したようです

教えてgooにて似た悩みで相談していた方からこのサイトにたどり着きました
二つのソフトにてログの解析は行ってあります、
どなたかご協力お願いします

いするぎ
MAIL
2015/11/09 (Mon) 00:14:19

返信フォームへ

それではログを見せてください

こんばんは。
ここの管理人の悪代官です。

>教えてgooにて似た悩みで相談していた方からこのサイトにたどり着きました
>二つのソフトにてログの解析は行ってあります、

はい、ではHJTとインストール情報のログは準備できているようなので、その2つのログを返信に貼り付けてレスください。
それを見てから順番に調べていきましょう。

なお、今夜は自分は都合でレスできないと思うので、ログを見せてもらったら明日以降にレスすることになると思います。
すみませんがご了承ください

悪代官
2015/11/09 (Mon) 20:41:52

返信フォームへ

Re: マルウェアに感染したようです

かしこまりました
以下が出力されたログのデータです

HJT
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:54:19, on 2015/11/08
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe
C:\Users\裕也\Documents\LINE\Line.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\裕也\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: ???????? ??????????? BHO - {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: パスワードマネージャーツールバー - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O3 - Toolbar: Cubeツールバー(&C) - {0CBC8163-AC34-476a-9E22-4B6D5184E060} - C:\Program Files (x86)\CubeToolBar\ToolBarBand.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKCU\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S4D45.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EP-803A(ネットワーク)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S6EF6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cubepdf-checker] "C:\Users\裕也\Documents\CubePDF\cubepdf-checker.exe"
O4 - HKCU\..\Run: [Line] "C:\Users\裕也\Documents\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'Default user')
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O8 - Extra context menu item: Cube : WEB 検索 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/search.html
O8 - Extra context menu item: Cube : リンク文字列を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/anchor.html
O8 - Extra context menu item: Cube : 選択範囲を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/translation.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: パスワードマネージャー管理サービス (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: The Desktop Weather Service (TheDesktopWeatherService) - Unknown owner - C:\Program Files (x86)\WeatherTool\2.0.0.10750\WeatherService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 13825 bytes

CC

3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
AccuWeather - Weather for Life AccuWeather 2015/08/11 4.1.0.24
Adobe AIR Adobe Systems Incorporated 2015/10/08 19.0.0.190
Algodoo v2.1.0 Algoryx 2015/05/09 91.8 MB
Bamboo Dock 3.3 Wacom Co., Ltd. 2015/08/01 3.3
BEAT!MusicPlayer 2015/08/01
Beauty Guide Lite 2.2.5 Tint Guide 2015/05/27 8.86 MB 2.2.5
Camera Man LENOVO INC 2015/08/01 1.0.1929.30229
Candy Crush Saga king.com 2015/10/21 1.620.1.0
CCleaner Piriform 2015/11/08 5.11
CinemaP-1.9cV06.11 Cinema PlusV06.11 2015/11/07 1.36.01.22
Cisco EAP-FAST Module Cisco Systems, Inc. 2014/06/17 1.53 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 2014/06/17 632 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 2014/06/17 1.22 MB 1.1.6
Conexant HD Audio Conexant 2015/09/05 8.66.16.50
CoolSoft VirtualMIDISynth 1.13.0 CoolSoft 2015/08/01 1.13.0.0
CubePDF 1.0.0RC7 CubeSoft 2014/12/02 24.8 MB
Cubeツールバー CubeSoft 2014/12/02 3.20 MB
CyberLink MediaStory CyberLink Corp. 2014/06/17 474 MB 1.0.1314
CyberLink PhotoDirector 3 CyberLink Corp. 2014/06/17 226 MB 3.0.1.4107
CyberLink PowerDirector 10 CyberLink Corp. 2015/08/01 293 MB 10.0.0.2810
Dolby Digital Plus Advanced Audio Dolby Laboratories Inc 2014/06/17 2.75 MB 7.5.1.1
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2015/09/05 33.7 MB 7.6.5.1
Energy Manager Lenovo 2014/06/17 47.8 MB 1.0.0.35
Entity Framework 6.1.1 Tools for Visual Studio 2013 Microsoft Corporation 2015/06/04 145 MB 12.0.30610.0
EPSON EP-803A プリンターアンインストール SEIKO EPSON Corporation 2015/08/01
EPSON EP-803A ﾈｯﾄﾜｰｸｶﾞｲﾄﾞ 2015/08/01
EPSON EP-803A ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ 2015/08/01
EPSON Scan Seiko Epson Corporation 2015/08/01
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/11/20 1.10.0000
EpsonNet Print SEIKO EPSON CORPORATION 2014/11/20 2.4i
EpsonNet Setup 3.3 SEIKO EPSON CORPORATION 2014/11/20 3.3a
Evernote Touch Evernote 2015/11/03 3.2.2.96
Explzh for Windows pon software 2015/09/19 7.2.9.0
Express Zip ファイル圧縮ソフト NCH Software 2015/09/26 2.29
FINAL FANTASY XIV - A Realm Reborn SQUARE ENIX CO., LTD. 2015/10/15 1.0.0000
FINAL FANTASY XIV: A Realm Reborn Free Trial SQUARE ENIX 2015/10/10
GIMP 2.6.11 The GIMP Team 2015/03/24 107 MB 2.6.11
GIMP 2.8.14 The GIMP Team 2015/03/24 268 MB 2.8.14
Google Chrome Google Inc. 2014/11/23 46.0.2490.80
Google Toolbar for Internet Explorer Google Inc. 2015/09/21 7.5.6904.2028
Groove ミュージック Microsoft Corporation 2015/11/08 3.6.13831.0
Host App Service Pokki 2015/08/01 0.269.5.460
IIS 8.0 Express Microsoft Corporation 2015/06/05 36.3 MB 8.0.1557
IIS Express Application Compatibility Database for x64 2015/08/01
IIS Express Application Compatibility Database for x86 2015/08/01
Intel(R) Management Engine Components Intel Corporation 9.5.15.1730
Intel(R) Processor Graphics Intel Corporation 10.18.10.3379
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/17 13.0.0.1098
Java 8 Update 25 Oracle Corporation 2014/12/21 73.3 MB 8.0.250
JWord(日本語キーワード) 2015/08/01
Kingsoft Office 2013 (9.1.0.4057) Kingsoft Corp. 2015/08/01 9.1.0.4057
Lenovo Companion Lenovo, INC. 2015/10/31 3.34.0.0
Lenovo EasyCamera Realtek Semiconductor Corp. 2014/06/17 13.6 MB 6.2.9200.10249
Lenovo EasyCamera Realtek Semiconductor Corp. 2015/08/01 6.3.9600.11105
Lenovo OneKey Recovery CyberLink Corp. 2015/08/01 8.0.0.2105
Lenovo pointing device ELAN Microelectronic Corp. 2015/08/19 11.4.69.4
Lenovo PowerDVD10 CyberLink Corp. 2014/06/17 203 MB 10.0.5630.52
Lenovo Solution Center Lenovo Group Limited 2014/06/17 28.0 MB 2.1.003.00
Lenovo Support Lenovo, INC. 2015/08/01 2.0.5.0
Lenovo Web Start Pokki 2014/11/16 1.0.2.53457
Lhaplus 2015/08/01
LINE LINE Corporation 2015/10/01 4.1.3.586
Live TV FilmOn TV Inc. 2015/08/01 1.3.6.115
McAfee® Central for Lenovo McAfee_Inc 2015/08/01 4.5.141.1
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 2015/06/04 41.8 MB 4.5.50710
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 2015/06/04 18.5 MB 4.5.50710
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 2015/06/04 49.3 MB 4.5.50932
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 2015/06/04 75.2 MB 4.5.50932
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 2015/06/04 19.4 MB 4.5.51641
Microsoft Help Viewer 2.1 Microsoft Corporation 2015/08/01 12.1 MB 2.1.21005
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2015/10/30 15.0.4763.1003
Microsoft Silverlight Microsoft Corporation 2015/06/04 35.4 MB 5.1.20513.0
Microsoft Silverlight 5 SDK Microsoft Corporation 2015/06/04 77.5 MB 5.0.61118.0
Microsoft Solitaire Collection Microsoft Studios 2015/10/10 3.4.9241.0
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 2015/06/04 876 KB 11.1.3000.0
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 2015/06/04 158 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 2015/06/04 23.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects (x64) Microsoft Corporation 2015/06/04 16.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Native Client Microsoft Corporation 2015/06/04 7.19 MB 11.1.3000.0
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 2015/06/04 6.14 MB 11.1.3000.0
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 4.53 MB 11.1.3000.0
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 2015/06/04 227 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 2015/06/04 23.1 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects (x64) Microsoft Corporation 2015/06/04 15.1 MB 12.0.2000.8
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 2015/06/04 6.65 MB 12.0.2000.8
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 6.17 MB 12.0.2000.8
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 2015/06/04 18.1 MB 4.0.8876.1
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 2015/06/04 29.1 MB 12.0.41012.0
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 2015/06/04 2.15 MB 12.0.30919.1
Microsoft SQL Server System CLR Types Microsoft Corporation 2015/06/04 2.53 MB 10.50.1600.1
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 2015/06/04 3.13 MB 10.50.1600.1
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 2015/06/04 1.75 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 2015/06/04 1.62 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 2015/06/04 5.59 MB 12.0.2000.8
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/06/17 4.89 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/06/17 12.4 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2014/06/17 13.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/17 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/06/17 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2015/08/01 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2015/08/01 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/08/01 17.3 MB 11.0.61030.0
Microsoft Visual Studio Community 2013 with Update 4 Microsoft Corporation 2015/08/01 8.92 GB 12.0.31101
Microsoft Web Deploy 3.5 Microsoft Corporation 2015/06/04 11.8 MB 3.1237.1763
MotioninJoy Gamepad tool 0.7.1001 www.motioninjoy.com 2015/08/22 3.89 MB 0.7.1001
MSN トラベル Microsoft Corporation 2015/08/01 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/08/01 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/08/01 3.0.4.336
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2015/10/15 3.3.1.0
NeroKwik Nero Inc. 2015/08/01 1.2.30.0
Nexus Mod Manager Black Tree Gaming 2015/06/21 23.1 MB 0.55.6
NifSkope (remove only) 2015/09/26
OneKey Recovery CyberLink Corp. 8.0.0.2105
OneNote Microsoft Corporation 2015/11/06 17.6228.10091.0
Opera Stable 33.0.1990.58 Opera Software 2015/11/07 33.0.1990.58
People Microsoft Corporation 2015/11/03 10.0.3030.0
PHANTASY STAR ONLINE 2 SEGA 2014/11/22 7.24 MB
PhotoPad 写真編集ソフト NCH Software 2015/08/01 2.70
Pixia ver. 6 Isao Maruoka 2014/12/30 31.1 MB 6.01.0160
Pixillion 画像ファイル変換ソフト NCH Software 2015/08/01 2.68
Power2Go CyberLink Corp. 2015/08/01 5.6.0.10525
PowerDirector CyberLink Corp. 293 MB 10.0.0.2810
PowerDVD for Lenovo Idea CYBERLINK COM CORPORATION 2015/08/01 1.1.2618.24808
Prerequisites for SSDT Microsoft Corporation 2015/06/04 6.94 MB 12.0.2000.8
REALTEK Bluetooth Driver REALTEK Semiconductor Corp. 2014/06/17 3.810.810.032714
Realtek Card Reader Realtek Semiconductor Corp. 2014/06/17 6.2.9200.39052
Realtek Ethernet Controller Driver Realtek 2014/06/17 8.20.815.2013
REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 2014/06/17 1.00.0238
RGSS-RTP Standard Enterbrain 2015/08/10 1.03
Rip!AudiCO FREE Ver 4.03 2015/08/01
Robocraft Freejam 2015/08/01
RPGツクール2000 ランタイムパッケージ 2015/08/01
RPGツクールVX Ace Enterbrain 2014/11/16 59.8 MB 1.02a
RPGツクールVX Ace RTP Enterbrain 2014/11/16 194 MB 1.00
sakura editor(サクラエディタ) サクラエディタ開発チーム 2015/03/26 5.32 MB
Skype を手に入れよう Skype 2015/08/01 3.2.1.0
Skype(TM) 7.12 Skype Technologies S.A. 2015/10/21 75.2 MB 7.12.101
Start Menu Pokki 2015/08/01 0.269.5.460
Steam Valve Corporation 2015/08/01 2.10.91.91
Sumo Paint Bamboo 2.2 UNKNOWN 2015/08/01 v2.2
The Desktop Weather 2.0 Baidu Japan Inc. 2015/11/07 2.0.0.10750
The Elder Scrolls V: Skyrim Bethesda Game Studios 2015/08/01
Twitter Twitter Inc. 2015/11/04 4.2.5.0
Unity Web Player Unity Technologies ApS 2015/08/01 12.0 MB 5.0.0f4
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/17 4.54 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/03/17 34.9 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/28 9.00 KB 16.0.1515.1
User Manuals Lenovo 2014/06/17 26.1 MB 3.0.0.3
WCF RIA Services V1.0 SP2 Microsoft Corporation 2015/06/04 9.60 MB 4.1.62812.0
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2015/08/01 2.1.0.7
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2015/08/01 2.1.0.7
Windows スキャン Microsoft Corporation 2015/08/01 6.3.9654.17133
Windows ドライバパッケージ - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) Lenovo 2015/08/01 02/17/2013 9.52.0.776
Windows ドライバパッケージ - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) Lenovo 2015/08/01 07/25/2013 10.30.0.288
Windows リーディングリスト Microsoft Corporation 2015/08/22 6.3.9654.20947
Wondershare PDF Editor(Build 3.9.11) Wondershare Software Co.,Ltd. 2014/11/20 97.5 MB 3.9.11.9
Wrye Bash Wrye & Wrye Bash Development Team 2015/08/01 0.3.0.5
Xbox Microsoft Corporation 2015/10/01 9.9.28033.0
YouSendIt for Lenovo YouSendIt 2015/08/01 1.0.5.1412
Zinio Reader Zinio LLC 2015/08/01 2.1.0.317
はじめに Microsoft Corporation 2015/10/15 2.4.13.0
アプリコネクター Microsoft Corporation 2015/08/01 1.3.3.0
アラーム & クロック Microsoft Corporation 2015/10/21 10.1510.14020.0
ウイルスバスタークラウドトレンドマイクロ株式会社 2015/11/08 450 MB 10.0
カスタムメイド3D 2 Edit体験版 KISS 2015/08/01 1.03 GB
カスタムメイドオンライン KISS 2015/08/01 6.49 GB
カメラ Microsoft Corporation 2015/10/30 2015.1078.40.0
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2015/10/11 5.01 MB 3.55.7671.0901
ストア Microsoft Corporation 2015/11/04 2015.21.12.0
スポーツ Microsoft Corporation 2015/11/06 4.7.104.0
ソリティア Random Salad Games LLC 2015/10/29 4.9.0.29
ニュース Microsoft Corporation 2015/11/06 4.7.104.0
パスワードマネージャー Trend Micro Incorporated 2015/08/22 50.0 MB 1.9.1189
フォト Microsoft Corporation 2015/10/27 15.1026.13580.0
ペイントツールSAI Ver.1 2015/09/30
ボイスレコーダー Microsoft Corporation 2015/10/22 10.1510.13110.0
マップ Microsoft Corporation 2015/10/29 4.1510.3000.0
マネー Microsoft Corporation 2015/11/06 4.7.104.0
メール/カレンダー Microsoft Corporation 2015/10/20 17.6310.42251.0
モバイルコンパニオン Microsoft Corporation 2015/09/22 10.1509.17010.0
ヤフオク! (lv) Yahoo JAPAN 2015/08/01 2.2.0.1
リーダー Microsoft Corporation 2015/08/01 6.4.9926.17994
ワコム Wacom Technology Corp. 2015/08/01 5.3.5-3
剣の街の異邦人白の王宮体験版株式会社エクスペリエンス 2015/08/01
天気 Microsoft Corporation 2015/11/06 4.7.104.0
採譜の達人 2015/08/01
新しい Office を始めよう Microsoft Corporation 2015/10/16 17.6314.23751.0
映画 & テレビ Microsoft Corporation 2015/11/05 3.6.15081.0
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2015/10/02 2.2.2.3
電卓 Microsoft Corporation 2015/10/23 10.1510.13020.0

一日前のログなので、もっとも新しいログをだした方がよろしければ再び出力しておきます

いするぎ
MAIL
2015/11/10 (Tue) 00:20:12

返信フォームへ

花右京メイド痛いなレス（謎

レスが遅くなってすみません。
2つのログも見せていただきました。
WondershareやJWordにAccuWeather、CinemaPなどなど、毎度おなじみの曲者群が団体で入り込んでますね。
自分はこんなのよりもメイド幼なじみの団体でも来てくれたほうが嬉しいですが（←悪代官なら冥土に堕ちろ

一応確認しますが、それらのアプリはご自身で必要として入れたものですか？
ご自身で入れたならどこからどういう経緯で入れたかを次回レスで教えてください。
覚えもないのに入っていたなら遠慮なく削除しましょう。

ですが全部片付くまでには確実に手間はかけてもらうことになるので、時間はかかってもいいですから落ち着いてひとつずつ確実に進めてください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓）
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」（通称：GU）
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」（通称：CC）
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

少なくとも下記のアプリは旧バージョンです。
>Java 8 Update 25 Oracle Corporation 2014/12/21 73.3 MB 8.0.250

>Skype(TM) 7.12 Skype Technologies S.A. 2015/10/21 75.2 MB 7.12.101

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

>Cubeツールバー CubeSoft 2014/12/02 3.20 MB
>Google Toolbar for Internet Explorer Google Inc. 2015/09/21 7.5.6904.2028
ツールバーの複数併用はそれだけで不具合のもとになります。
使うならひとつだけ残して、他はGUを使ってアンインストールしてください。
事前にブラウザや他のプログラムを終了してから削除してください。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

今度はPCをセーフモードで起動してください（やり方↓）
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>AccuWeather - Weather for Life AccuWeather 2015/08/11 4.1.0.24

>CinemaP-1.9cV06.11 Cinema PlusV06.11 2015/11/07 1.36.01.22

>Host App Service Pokki 2015/08/01 0.269.5.460

>JWord(日本語キーワード) 2015/08/01

>NifSkope (remove only) 2015/09/26

>Start Menu Pokki 2015/08/01 0.269.5.460

>The Desktop Weather 2.0 Baidu Japan Inc. 2015/11/07 2.0.0.10750

>Wondershare PDF Editor(Build 3.9.11) Wondershare Software Co.,Ltd. 2014/11/20 97.5 MB 3.9.11.9

続いてセーフモードのままでスタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32

O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)

O23 - Service: The Desktop Weather Service (TheDesktopWeatherService) - Unknown owner - C:\Program Files (x86)\WeatherTool\2.0.0.10750\WeatherService.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、今度はCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

続いて「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。

悪代官
2015/11/10 (Tue) 22:15:51

返信フォームへ

Re: 花右京メイド痛いなレス（謎

>一応確認しますが、それらのアプリはご自身で必要として入れたものですか？
>ご自身で入れたならどこからどういう経緯で入れたかを次回レスで教えてください

恐らくですが、ゲームのmodを導入する際に勘違いでインストールしてしまったものの可能性があります消すよう指示していたファイルにそれらで心当たりのあるものがあったのでその線が大きいと思います、今から作業に取りかかります

いするぎ
MAIL
2015/11/11 (Wed) 01:11:11

返信フォームへ

Re: 花右京メイド痛いなレス（謎

ひとまず、日付を跨いだあたりで指示されたログの保存とアプリの削除はしておきました
帰宅したらすぐにでも例のログを張り付けますね

いするぎ
MAIL
2015/11/11 (Wed) 09:07:09

返信フォームへ

Re: マルウェアに感染したようです

では出力できたログを上げます
禁止ワードにひっかかったのですこし遅くなりそうですが

HJT

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:02:58, on 2015/11/11
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

Boot mode: Safe mode

Running processes:
C:\Users\裕也\Desktop\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: ???????? ??????????? BHO - {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O3 - Toolbar: パスワードマネージャーツールバー - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S4D45.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EP-803A(ネットワーク)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S6EF6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Line] "C:\Users\裕也\Documents\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'Default user')
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O8 - Extra context menu item: Cube : WEB 検索 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/search.html
O8 - Extra context menu item: Cube : リンク文字列を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/anchor.html
O8 - Extra context menu item: Cube : 選択範囲を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/translation.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: JWord(日本語キーワード) - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://www.jword.jp/intro/?partner=AP&type=lk&frm=iebutton (file missing)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: パスワードマネージャー管理サービス (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: The Desktop Weather Service (TheDesktopWeatherService) - Unknown owner - C:\Program Files (x86)\WeatherTool\2.0.0.10750\WeatherService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 12658 bytes
　

いするぎ
MAIL
2015/11/11 (Wed) 22:05:51

返信フォームへ

目安箱を使いましょう

レスが遅くなってすみません。
先に確認した各アプリについてですが
>恐らくですが、ゲームのmodを導入する際に勘違いでインストールしてしまったものの可能性があります消すよう指示していたファイルにそれらで心当たりのあるものがあったのでその線が大きいと思います、今から作業に取りかかります

やはりご自身で望んで入れたのではないようですね。
ではそれらは削除でいいでしょう。

>禁止ワードにひっかかったのですこし遅くなりそうですが

あ、またfc2の禁止ワードにかかりましたか。これは自分のほうでも解除できないのです。
まあこれが出るということはやはりログ内に悪玉が見つかった可能性が高いでしょう。
では以下の手順でログを送ってください。

下記のメールフォームにアクセスして、そこでログ全文をフォーム内に貼り付けて送信してください。
「悪代官の目安箱」（悪代官の分際で目安箱って…
http://form1.fc2.com/form/?id=828024

ここから送信した内容は掲示板には非公開で自分の元に届きます。
それを受信したら解析の後にまた自分から次の対処をレスします

悪代官
2015/11/11 (Wed) 23:03:54

返信フォームへ

今回は自分からメールで作業指示します

レスが遅くなってすみません。
目安箱に届いたログを見せていただきました。

解析後の作業ですが、今回はメールで作業内容を送ったので、それに沿って作業をお願いします。
作業ができたらそのあとの結果をまた掲示板のほうにレスください

悪代官
2015/11/12 (Thu) 21:23:06

返信フォームへ

Re: マルウェアに感染したようです

指示通りのものを削除しておきました

ウィンドウズ
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run EP-803A(ネットワーク) SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S6EF6.tmp" /EF "HKCU"
有効 HKCU:Run EPSON94D431 (EP-803A) SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S4D45.tmp" /EF "HKCU"
有効 HKCU:Run Line LINE Corporation "C:\Users\裕也\Documents\LINE\Line.exe" --booting
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
有効 HKLM:Run BambooCore Wacom Europe GmbH C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
有効 HKLM:Run cAudioFilterAgent Conexant Systems, Inc. "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
有効 HKLM:Run Energy Manager Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run ForteConfig Fortemedia Inc "C:\Program Files\Conexant\ForteConfig\fmapp.exe"
有効 HKLM:Run HotKeysCmds "C:\WINDOWS\system32\hkcmd.exe"
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run IgfxTray Intel Corporation - pGFX "C:\WINDOWS\system32\igfxtray.exe"
有効 HKLM:Run Lenovo Utility Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
有効 HKLM:Run Persistence "C:\WINDOWS\system32\igfxpers.exe"
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run PwmConsole.exe Trend Micro Inc. "C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe" -s
有効 HKLM:Run RtsFT Realtek semiconductor RTFTrack.exe
有効 HKLM:Run SmartAudio Conexant Systems, Inc. "C:\Program Files\CONEXANT\SAII\SACpl.exe" /t
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run UpdateP2GShortCut CyberLink Corp. "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
有効 Startup Common コンテンツ管理アシスタント for PlayStation(R).lnk Sony Computer Entertainment Inc. C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe

エクスプローラ
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
有効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
無効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
無効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
無効 Helper トレンドマイクロIEプロテクション Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe64.dll
無効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
無効 Helper トレンドマイクロセキュリティツールバーヘルパー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
無効 Helper トレンドマイクロネットワークフィルタプラグイン Trend Micro Inc. C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll
有効 Helper パスワードマネージャー BHO Trend Micro Inc. C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
有効 Helper パスワードマネージャー BHO Trend Micro Inc. C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll
有効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
有効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
無効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
無効 Toolbar Trend ツールバー Trend Micro Inc. C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
有効 Toolbar パスワードマネージャーツールバー Trend Micro Inc. C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
有効 Toolbar パスワードマネージャーツールバー Trend Micro Inc. C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll

クローム
有効 App Gmail 7 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
有効 App Google ドライブ 6.3 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
有効 App Google 検索 0.0.0.20 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
有効 App YouTube 4.2.6 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
有効 Extension Google スプレッドシート 1.0 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0
有効 Extension Google スライド 0.8 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0
有効 Extension Google ドキュメント 0.7 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
無効 Extension Trend ツールバー 8.0.0.1184 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\8.0.0.1184_0
無効 Extension パスワードマネージャー 1.9.0.1129 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0

オペラ（空白）

スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Opera scheduled Autoupdate 1446827017 C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3583450532-2804974510-3264961352-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3583450532-2804974510-3264961352-500
有効 Task PDVDServ Task CyberLink Corp. C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
有効 Task WpsUpdateTask_Administrator Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task WpsUpdateTask_裕也 Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task {F7ABDAE1-3565-4B7B-BB22-851F40ACB302} Microsoft Corporation "c:\windows\system32\launchwinapp.exe" http://ui.skype.com/ui/0/7.13.0.101.607/ja/go/help.faq.installer?LastError=1618

コンテキストメニュー
有効 Directory ShExplzh pon software C:\WINDOWS\SysWow64\ShExplzh.dll
有効 Directory ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Directory スタートメニューに追加 Pokki "C:\Users\裕也\AppData\Local\Pokki\Engine\HostAppService.exe" /ADDFAVORITE"%1"
有効 Directory 書庫内検索(I)... pon software C:\Users\裕也\Explzh\Explzh.exe /f %1
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Drive ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Drive スタートメニューに追加 Pokki "C:\Users\裕也\AppData\Local\Pokki\Engine\HostAppService.exe" /ADDFAVORITE"%1"
有効 Drive 書庫内検索(I)... pon software C:\Users\裕也\Explzh\Explzh.exe /f %1
有効 File ExpressZip C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File ShExplzh pon software C:\WINDOWS\SysWow64\ShExplzh.dll
有効 File ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder ExpressZip C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll

いするぎ
MAIL
2015/11/13 (Fri) 00:47:54

返信フォームへ

次はMBAMで作業です

作業と報告、ご苦労様です。
続きのログも見せていただきましたが、今度は掲示板にレスできましたね。
ログでも指示した箇所は処置できているのでいいです。

現在どこまで状態が改善しているかわかりませんが、引き続きの作業しましょう。

次は下記のツールを準備してください。
「AdwCleaner」（通称：AC）
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware（通称・MBAM）
本家サイト
http://www.malwarebytes.org/

ですが、MBAMは現在安定性や動作でかなり難が出ており、普通に使っても正常にスキャンができないバグまで多発中です。
そのため本家サイトから最新版のダウンロードせず、ここではあえて旧バージョンで作業します。

旧バージョンの説明サイト↓
http://www.japan-secure.com/entry/blog-entry-7.html

以下のURLからMBAMの旧バージョンをダウンロードしてください。
http://www.oldapps.com/malwarebytes.php?old_malwarebytes=12090?download
ファイル直リンです。保存しておいてください。

注）インストール時に日本語でインストールすると文字化けすることがあります。英語でインストール後に日本語化してください。
MBAM起動して「Settings」タブ→「Language」→「Japanese」で日本語化できます。

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。
なお、ここでMBAMの更新で「プログラム」自体は更新せず、定義だけ更新しておいてください。
プログラム本体を更新すると、バグ多発中の最新版になってしまうので、せっかく旧バージョンでインストールした意味がなくなります。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらPCをセーフモードで再起動してから、ディスククリーンアップを使ってゴミファイルの掃除してください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
セーフモードのままMBAM起動してスキャンしてください。
MBAM起動したら「スキャナー」タブから「フルスキャン」です。
対象ドライブはCを含めて全ドライブを選択してください。
ですが、もし「フルスキャン」というボタンが表示されない場合はMBAMを最新版に更新してしまった可能性があるので、この時は「カスタムスキャン」を選択してください。
この操作が最新版MBAMでのフルスキャンにあたります。
スキャン対象は全ドライブを選択（チェック）してください。時間はかかりますができるだけ細かくスキャンするためです。
順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」（隔離）したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、「詳細を表示」を押すとその結果が表示されるはずなので、そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

悪代官
2015/11/13 (Fri) 22:14:53

返信フォームへ

Re: マルウェアに感染したようです

この作業で画面端の天気予報が消えました、ブラウザは依然と比べれば広告が出る頻度は減りました、今のところは出てきてはいませんね
AC

# AdwCleaner v5.020 - ログファイルの作成日 16/11/2015 作成時間 19:24:48
# 更新日 13/11/2015 作成元 Xplode
# データベース : 2015-11-13.3 [サーバー]
# オペレーティングシステム : Windows 10 Home (x64)
# ユーザー名 : 裕也 - RUGIRUGI
# 実行場所 : C:\Users\裕也\Desktop\AdwCleaner.exe
# オプション : 削除
# サポート : http://toolslib.net/forum

***** [ サービス ] *****

[-] サービス削除済み項目 : TheDesktopWeatherService

***** [ フォルダ ] *****

[-] フォルダ削除済み項目 : C:\Program Files (x86)\WeatherTool
[-] フォルダ削除済み項目 : C:\ProgramData\pokki
[-] フォルダ削除済み項目 : C:\Users\裕也\AppData\Local\pokki
[-] フォルダ削除済み項目 : C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] フォルダノット削除済み項目 : C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[-] フォルダ削除済み項目 : C:\Users\裕也\AppData\Roaming\WeatherTool
[-] フォルダ削除済み項目 : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\WeatherTool

***** [ ファイル ] *****

[-] ファイル削除済み項目 : C:\Users\裕也\AppData\Local\Temp\VOPackage.exe
[-] ファイル削除済み項目 : C:\Users\裕也\AppData\Local\Temp\task.vbs

***** [ DLLs ] *****

***** [ ショートカット ] *****

***** [ スケジュールタスク ] *****

[-] タスク削除済み項目 : f687929a-6688-4882-9ac3-e46dfcc86ffb-10_user
[-] タスク削除済み項目 : f687929a-6688-4882-9ac3-e46dfcc86ffb-13
[-] タスク削除済み項目 : f687929a-6688-4882-9ac3-e46dfcc86ffb-14
[-] タスク削除済み項目 : f687929a-6688-4882-9ac3-e46dfcc86ffb-5_user

***** [ レジストリ ] *****

[-] キー削除済み項目 : HKCU\Software\Classes\pokki
[-] キー削除済み項目 : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] キー削除済み項目 : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] キー削除済み項目 : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] キー削除済み項目 : HKCU\Software\Classes\Directory\shell\pokki
[-] キー削除済み項目 : HKCU\Software\Classes\Drive\shell\pokki
[-] キー削除済み項目 : HKCU\Software\Classes\lnkfile\shell\pokki
[-] キー削除済み項目 : HKLM\SOFTWARE\21254f33-af10-4ebb-8026-37eab72af156
[-] キー削除済み項目 : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] キー削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] キー削除済み項目 : HKCU\Software\Conduit
[-] キー削除済み項目 : HKCU\Software\InstalledBrowserExtensions
[-] キー削除済み項目 : HKCU\Software\YorkNewCin
[-] キー削除済み項目 : HKCU\Software\HighDefAction
[-] キー削除済み項目 : HKCU\Software\ArenaHD
[-] キー削除済み項目 : HKCU\Software\WeatherTool
[-] キー削除済み項目 : HKCU\Software\AppDataLow\Software\Crossrider
[-] キー削除済み項目 : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] キー削除済み項目 : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] キー削除済み項目 : HKLM\SOFTWARE\Conduit
[-] キー削除済み項目 : HKLM\SOFTWARE\GlobalUpdate
[-] キー削除済み項目 : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] キー削除済み項目 : HKLM\SOFTWARE\YorkNewCin
[-] キー削除済み項目 : HKLM\SOFTWARE\HighDefAction
[-] キー削除済み項目 : HKLM\SOFTWARE\ArenaHD
[-] キー削除済み項目 : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] キー削除済み項目 : [x64] HKLM\SOFTWARE\YorkNewCin
[-] キー削除済み項目 : [x64] HKLM\SOFTWARE\HighDefAction
[-] キー削除済み項目 : [x64] HKLM\SOFTWARE\ArenaHD
[-] キー削除済み項目 : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] キー削除済み項目 : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] キー削除済み項目 : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] キー削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7543FC52-A9F5-11E4-82BB-90489AC99B9A}
[-] キー削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\homepage-web.com
[-] キー削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimagenetwork.com
[-] キー削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\veoh.com
[-] キー削除済み項目 : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.veoh.com

***** [ Webブラウザ ] *****

[-] [C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 削除済み項目 : homepage-web.com
[-] [C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] 削除済み項目 : hxxp://homepage-web.com/?s=lenovo&m=start
[-] [C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] 削除済み項目 : hxxp://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
[-] [C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] 削除済み項目 : hxxp://homepage-web.com/?s=lenovo&m=home

*************************

:: "Tracing"キーは削除します
:: Winsock設定を初期化しました

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5898 バイト] ##########

MBAM
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

定義バージョン： v2015.11.14.03

Windows 8 x64 NTFS (セーフモード)
Internet Explorer 11.0.10240.16590
裕也 :: RUGIRUGI [管理者]

2015/11/16 19:50:57
mbam-log-2015-11-16 (19-50-57).txt

スキャンタイプ：フルスキャン (C:\|D:\|E:\|F:\|)
有効なスキャン領域：メモリ | スタートアップ | レジストリ | ファイルシステム | ヒューリスティック/追加アイテムのスキャン　 | ヒューリスティック/Shuriken　エンジンを使用してスキャン　 | 不審なプログラム　（PUP） | 不審な変更　（PUM）
無効なスキャン領域: ピア・ツー・ピアプログラム（P2P）
スキャンしたアイテム数: 908615
経過時間： 3 時間, 7 分, 56 秒

メモリプロセスの検出: 0
(悪意のあるアイテムは検出されていません。)

メモリモジュールの検出: 0
(悪意のあるアイテムは検出されていません。)

レジストリキーの検出: 12
HKCR\CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\TypeLib\{AAB6BCE3-1DF6-4930-9B14-9CA79DC8C267} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\Interface\{DF692509-D9EF-48A0-9CD0-3AA5B81F6F68} (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH.1 (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCR\CnsHelper.CH (Adware.CnsMin) -> 正常に隔離され削除されました。
HKCU\SOFTWARE\3721 (PUP.Optional.BitSpirit) -> 正常に隔離され削除されました。
HKCU\Software\CinemaP-1.9cV06.11-nv (PUP.Optional.Cinema) -> 正常に隔離され削除されました。
HKCU\Software\CinemaP-1.9cV06.11-nv-ie (PUP.Optional.Cinema) -> 正常に隔離され削除されました。
HKLM\SOFTWARE\3721 (PUP.Optional.BitSpirit) -> 正常に隔離され削除されました。
HKLM\Software\CinemaP-1.9cV06.11-nv (PUP.Optional.Cinema) -> 正常に隔離され削除されました。
HKLM\Software\CinemaP-1.9cV06.11-nv-edge (PUP.Optional.Cinema) -> 正常に隔離され削除されました。
HKLM\Software\CinemaP-1.9cV06.11-nv-ie (PUP.Optional.Cinema) -> 正常に隔離され削除されました。

レジストリ値の検出: 2
HKCU\Software\Microsoft\Internet Explorer\Main|CNSReset (Adware.CnsMin) -> データ: 1989997023 -> 正常に隔離され削除されました。
HKCU\Software\Microsoft\Internet Explorer\Main|CNSHint (Adware.CnsMin) -> データ: 1 -> 正常に隔離され削除されました。

レジストリデータ項目の検出: 0
(悪意のあるアイテムは検出されていません。)

フォルダの検出: 12
C:\Users\裕也\AppData\Local\Temp\comh.417577 (PUP.Optional.GlobalUpdate) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu\Common (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu\Common\I18N (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu\Common\I18N\IPCSUpdateCache\baidujp_update (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\InstallHelper (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\nsx94E9.tmp (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\weather (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。

ファイルの検出: 12
C:\Windows\Downloaded Program Files\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Program Files\JWord_pino\CnsMin.dll (Adware.CnsMin) -> 正常に隔離され削除されました。
C:\Program Files (x86)\Algodoo\915b1dfc-8390-4bdd-a4be-ef173894b55e.dll (PUP.Optional.Nova) -> 正常に隔離され削除されました。
C:\Program Files (x86)\Algodoo\fab1d782-0de8-49a8-be77-3e0c821addf7.dll (PUP.Optional.CrossRider) -> 正常に隔離され削除されました。
C:\Program Files (x86)\fab1d782-0de8-49a8-be77-3e0c821addf7\2a474844-478a-4e38-b5d4-ff9890f49fa3.dll (PUP.Optional.CrossRider) -> 正常に隔離され削除されました。
C:\Program Files (x86)\fab1d782-0de8-49a8-be77-3e0c821addf7\cd6e9d9f-ff9e-4522-9925-daaf34009da5.dll (PUP.Optional.Nova) -> 正常に隔離され削除されました。
C:\Users\裕也\AppData\Local\Temp\setup_mbot_jp.exe (PUP.Optional.EoRezo) -> 正常に隔離され削除されました。
C:\Users\裕也\AppData\Local\Temp\MaxDrivrUpdater.exe (PUP.Optional.MaxDriverUpdater) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Baidu\Common\I18N\conf.db (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\conf.db (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\weather\245641645649accd (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。
C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\weather\61887965640d64d (PUP.Optional.ChinAd) -> 正常に隔離され削除されました。

(終)

いするぎ
MAIL
2015/11/16 (Mon) 23:20:19

返信フォームへ

続いてOTLで解析です

作業と報告、ご苦労様です。

>この作業で画面端の天気予報が消えました、ブラウザは依然と比べれば広告が出る頻度は減りました、今のところは出てきてはいませんね

はい、異常も沈静化しているようで何よりです。

両ログを見せていただきましたが、かなり検出もありました。
それらは全部ツール上から隔離処置していればいいです。

それではまた別のツールで解析にかかります。
次のツールによる解析がヤマになります。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで分割して、複数回に分けてレス送信してください。

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです

悪代官
2015/11/17 (Tue) 18:06:24

返信フォームへ

Re: マルウェアに感染したようです

スキャンしました

OTL
OTL logfile created on: 2015/11/17 19:47:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\裕也\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.36 Gb Available Physical Memory | 67.95% Memory free
9.14 Gb Paging File | 6.47 Gb Available in Paging File | 70.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424.78 Gb Total Space | 236.06 Gb Free Space | 55.57% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 23.07 Gb Free Space | 92.26% Space Free | Partition Type: NTFS
Drive F: | 7.41 Gb Total Space | 0.17 Gb Free Space | 2.36% Space Free | Partition Type: FAT32

Computer Name: RUGIRUGI | User Name: 裕也 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2015/11/17 19:45:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\裕也\Desktop\OTL.exe
PRC - [2015/11/10 11:44:38 | 003,011,152 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2015/11/10 11:44:38 | 001,939,536 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
PRC - [2015/11/10 11:44:38 | 000,836,176 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2015/11/05 18:27:20 | 017,380,888 | ---- | M] (LINE Corporation) -- C:\Users\裕也\Documents\LINE\Line.exe
PRC - [2015/11/03 16:34:14 | 000,548,552 | ---- | M] (Microsoft Corporation) -- C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015/10/30 16:22:50 | 000,683,520 | ---- | M] (LINE Corp) -- C:\Users\裕也\Documents\LINE\LinePlayer\LinePlayer.exe
PRC - [2015/09/17 16:36:36 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2015/09/01 15:43:22 | 000,525,448 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
PRC - [2015/09/01 15:43:18 | 003,784,312 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
PRC - [2015/08/17 08:35:44 | 001,360,320 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
PRC - [2015/07/28 17:55:45 | 000,195,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
PRC - [2015/07/13 16:09:02 | 000,345,920 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
PRC - [2015/01/12 16:47:24 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2014/08/20 04:12:17 | 000,656,664 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
PRC - [2014/02/26 09:11:26 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2014/02/26 09:11:26 | 000,016,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/09/17 04:20:16 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/09/17 04:20:10 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013/03/08 15:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2012/10/09 08:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/16 15:49:02 | 002,934,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\733eb3843fd20c4f85c690e99eed9d1f\System.IdentityModel.ni.dll
MOD - [2015/11/16 15:48:59 | 019,421,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\fff431b7a80bb954e2e8220a88ca33ca\System.ServiceModel.ni.dll
MOD - [2015/11/16 15:48:41 | 001,101,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\f48ccf3345da51ec2f0909cb953a9f08\System.ServiceModel.Web.ni.dll
MOD - [2015/11/16 15:45:08 | 013,535,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\3c9e0e2bb451ae1d6d52c9aeff878623\System.Web.ni.dll
MOD - [2015/11/16 15:44:52 | 012,934,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6d1d2ffff0311fe12f1d5c3d250ce510\System.Windows.Forms.ni.dll
MOD - [2015/11/10 11:44:42 | 002,541,648 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2015/11/10 11:44:38 | 000,806,992 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2015/11/05 18:27:36 | 003,379,224 | ---- | M] () -- C:\Users\裕也\Documents\LINE\ampkit_windows.dll
MOD - [2015/11/04 07:00:12 | 000,201,728 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\openvr_api.dll
MOD - [2015/11/01 00:24:07 | 000,431,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\9498c7f2e03d9a312f178f0c80b6459c\System.ServiceModel.Channels.ni.dll
MOD - [2015/11/01 00:21:36 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\2323d28fd5a3da6b8015c47a7b1bd076\System.ServiceModel.Internals.ni.dll
MOD - [2015/11/01 00:21:36 | 000,117,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\dc92ba4ca16df1772d16803348f5fff5\SMDiagnostics.ni.dll
MOD - [2015/11/01 00:21:20 | 001,619,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\fbdef51c0e89515e75a83e4751c79d4a\System.Drawing.ni.dll
MOD - [2015/10/31 11:49:47 | 007,419,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\a73b5a097f4a7e26470de5940f71e623\System.Xml.ni.dll
MOD - [2015/10/31 11:49:40 | 002,773,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\0ae5397e59e320e24681e9297b413ed2\System.Runtime.Serialization.ni.dll
MOD - [2015/10/31 11:49:38 | 000,972,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\8cc5a2101f88ecce594d053af3256a7e\System.Configuration.ni.dll
MOD - [2015/10/31 11:49:37 | 007,406,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\b985aa78aab4528aaa723b90b52986d1\System.Core.ni.dll
MOD - [2015/10/31 11:49:14 | 010,133,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\33c22596ef36ae634d7c7fa0d834a1a3\System.ni.dll
MOD - [2015/10/27 21:24:30 | 000,857,088 | ---- | M] () -- C:\Users\裕也\Documents\LINE\LinePlayer\LPEngine.dll
MOD - [2015/10/27 21:24:30 | 000,117,248 | ---- | M] () -- C:\Users\裕也\Documents\LINE\PlayerHelper.dll
MOD - [2015/10/21 12:08:12 | 019,057,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\68b0897c4cade2a6a72889bff2bd0904\mscorlib.ni.dll
MOD - [2015/10/09 07:20:18 | 045,010,208 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2015/10/06 01:18:14 | 000,778,752 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2015/09/24 09:33:18 | 002,549,248 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll
MOD - [2015/09/24 09:33:18 | 000,491,008 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll
MOD - [2015/09/24 09:33:18 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll
MOD - [2015/09/24 09:33:18 | 000,442,880 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll
MOD - [2015/09/24 09:33:18 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll
MOD - [2015/07/04 01:12:46 | 004,962,816 | ---- | M] () -- C:\Program Files (x86)\Steam\v8.dll
MOD - [2015/07/04 01:12:28 | 001,556,992 | ---- | M] () -- C:\Program Files (x86)\Steam\icui18n.dll
MOD - [2015/07/04 01:12:28 | 001,187,840 | ---- | M] () -- C:\Program Files (x86)\Steam\icuuc.dll
MOD - [2015/01/12 16:47:24 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2014/12/08 17:03:19 | 000,316,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2015/11/05 13:03:52 | 002,180,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2015/11/05 13:03:49 | 001,015,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2015/11/05 13:01:38 | 000,713,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2015/11/05 12:59:13 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/11/05 12:55:55 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2015/10/07 19:27:58 | 002,780,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2015/09/25 12:00:50 | 001,423,872 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2015/09/25 11:59:48 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2015/09/25 11:59:38 | 001,205,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2015/09/17 15:48:41 | 000,809,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2015/09/17 15:06:04 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2015/09/17 15:03:28 | 000,267,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:58:01 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:52:31 | 000,591,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:48:26 | 002,093,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:47:56 | 000,513,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:44:10 | 000,526,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2015/09/17 14:44:08 | 001,844,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/09/17 14:43:32 | 000,378,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2015/08/19 23:23:06 | 000,135,072 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:[b]64bit:[/b] - [2015/08/18 15:58:25 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2015/08/18 15:54:03 | 000,322,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2015/08/17 08:36:30 | 000,272,424 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe -- (LSCWinService)
SRV:[b]64bit:[/b] - [2015/08/11 18:50:47 | 001,643,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2015/08/01 07:04:09 | 001,031,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/08/01 07:04:05 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2015/08/01 07:04:05 | 000,343,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2015/08/01 07:04:04 | 000,658,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2015/07/30 12:44:49 | 000,280,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/07/30 12:44:28 | 000,229,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2015/07/18 00:35:40 | 000,351,120 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2015/07/17 03:31:17 | 001,137,664 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe -- (Platinum Host Service)
SRV:[b]64bit:[/b] - [2015/07/10 20:01:10 | 000,621,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/07/10 20:01:10 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/07/10 20:01:10 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:41 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:36 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:20 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:16 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,337,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 001,149,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 001,019,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:07 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:06 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:03 | 003,467,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:02 | 000,918,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:02 | 000,836,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:02 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:01 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:01 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,296,960 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_Session2)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_Session2)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_Session2)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_Session2)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:57 | 000,405,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:57 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:56 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:55 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:55 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:54 | 000,275,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:53 | 000,063,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:51 | 000,583,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:50 | 000,550,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:50 | 000,362,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2015/06/29 18:55:27 | 000,333,856 | ---- | M] (Trend Micro Inc.) [Auto | Start_Pending] -- C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe -- (PwmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/08/20 04:12:17 | 000,656,664 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:[b]64bit:[/b] - [2014/07/22 21:17:28 | 000,089,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:[b]64bit:[/b] - [2014/02/26 09:11:26 | 000,016,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/07/25 14:39:26 | 000,206,552 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:[b]64bit:[/b] - [2012/04/24 18:43:50 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2015/11/10 11:44:38 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/11/05 12:27:12 | 002,049,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/09/25 11:34:00 | 000,928,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/09/17 14:45:35 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015/09/17 14:16:16 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015/07/18 00:36:00 | 000,283,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015/07/10 20:00:30 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/07/10 20:00:24 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/07/09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/04/18 10:26:10 | 000,427,224 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2014/11/12 00:29:00 | 003,398,544 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2014/10/29 12:50:12 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/02/20 00:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2013/09/17 04:20:16 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/17 04:20:10 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/08/22 04:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/09/17 15:50:17 | 000,099,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2015/09/17 15:48:41 | 000,278,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2015/09/17 15:48:22 | 000,516,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2015/09/17 14:50:08 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/09/10 14:24:04 | 000,095,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2015/09/05 00:27:26 | 001,561,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2015/08/19 23:23:05 | 000,467,032 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2015/08/18 16:55:45 | 000,373,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2015/08/11 19:02:56 | 000,080,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/08/06 12:17:40 | 000,200,528 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2015/08/06 11:22:03 | 000,685,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2015/08/03 11:18:37 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/08/03 11:17:53 | 000,052,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/08/01 07:04:05 | 000,934,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/08/01 07:04:05 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/08/01 07:04:04 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2015/08/01 07:04:04 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/07/30 12:44:26 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/07/22 18:56:22 | 000,886,528 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2015/07/22 10:32:52 | 000,100,320 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2015/07/22 10:28:16 | 000,326,896 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2015/07/22 10:28:16 | 000,134,280 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2015/07/18 00:36:32 | 006,389,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2015/07/11 01:34:25 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/07/11 01:34:15 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/07/10 20:01:20 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:14 | 000,380,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:14 | 000,215,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:10 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:10 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:10 | 000,031,072 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,200,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,153,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,061,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:09 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,245,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/07/10 20:00:00 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:59 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:56 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:53 | 000,129,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:53 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:50 | 000,082,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,291,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,083,968 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,044,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:48 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:40 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:40 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:40 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,474,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,040,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,222,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,207,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:38 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:37 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 003,453,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,237,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,122,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,116,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,092,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,043,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fcvsc.sys -- (fcvsc)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/07/10 19:59:36 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/07/03 10:00:52 | 000,410,880 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:[b]64bit:[/b] - [2015/06/29 11:38:56 | 000,091,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TMUMH.sys -- (tmumh)
DRV:[b]64bit:[/b] - [2015/06/26 19:20:04 | 000,116,528 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:[b]64bit:[/b] - [2015/06/23 11:49:48 | 000,039,056 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:[b]64bit:[/b] - [2015/06/16 08:22:00 | 003,068,160 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:[b]64bit:[/b] - [2015/06/08 14:54:40 | 000,116,576 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:[b]64bit:[/b] - [2015/05/28 19:26:40 | 000,416,608 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tmnciesc.sys -- (tmnciesc)
DRV:[b]64bit:[/b] - [2015/03/11 01:33:24 | 000,593,624 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkBtfilter.sys -- (RtkBtFilter)
DRV:[b]64bit:[/b] - [2015/01/30 12:55:43 | 000,067,408 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbfilter.sys -- (kbfilter)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,102,200 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:[b]64bit:[/b] - [2014/06/17 08:12:29 | 000,035,600 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:[b]64bit:[/b] - [2014/02/26 09:11:04 | 000,645,992 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/12/19 06:02:19 | 000,450,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2013/12/15 08:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/12/15 08:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2013/09/17 04:20:12 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/13 17:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:[b]64bit:[/b] - [2012/05/12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2011/12/07 19:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2015/07/10 19:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
DRV - [2015/07/10 19:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.jp/webhp?sourceid=navclient&hl=ja&ie=UTF-8&gws_rd=ssl
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_jaJP615
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.65.2: C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.65.2: C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\裕也\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\9.1.1035\9.1.1035\FIREFOXEXTENSION [2015/11/08 23:40:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8197dd50-b252-4b08-a1be-1277f22357bb}: C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015/08/22 11:23:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\tmbepff@trendmicro.com: C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015/11/08 23:40:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015/11/08 23:40:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2015/11/08 23:40:27 | 000,000,000 | ---D | M]

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\8.0.0.1184_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (パスワードマネージャー BHO) - {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロセキュリティツールバーヘルパー) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (トレンドマイクロネットワークフィルタプラグイン) - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\Tmop

いするぎ
MAIL
2015/11/17 (Tue) 23:27:33

返信フォームへ

Re: マルウェアに感染したようです

Extras

OTL Extras logfile created on: 2015/11/17 19:47:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\裕也\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.89 Gb Total Physical Memory | 5.36 Gb Available Physical Memory | 67.95% Memory free
9.14 Gb Paging File | 6.47 Gb Available in Paging File | 70.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424.78 Gb Total Space | 236.06 Gb Free Space | 55.57% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 23.07 Gb Free Space | 92.26% Space Free | Partition Type: NTFS
Drive F: | 7.41 Gb Total Space | 0.17 Gb Free Space | 2.36% Space Free | Partition Type: FAT32

Computer Name: RUGIRUGI | User Name: 裕也 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Users\裕也\Explzh\Explzh.exe /f %1 (pon software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FindArchive] -- C:\Users\裕也\Explzh\Explzh.exe /f %1 (pon software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 3D D0 5C 31 E5 CB D0 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F75487-2CC5-4896-BFE6-354465CBF8B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{051DD2AA-6E62-46E9-B156-F32DAF8ADB61}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{060B38F0-9DBF-4AF1-8F30-AF4E1D20029B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{15247CFD-0E1D-4417-B756-3844355B7E4A}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{26387F2E-879B-4E58-92BD-25FECC8A1F97}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{40F40E18-1691-407B-81DF-5049958EBB23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D30FF00-65D0-4ED0-A489-8086F4D8FAE9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A00A70D6-DFB6-4ECC-B887-583815876FCD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B5863E5C-9108-40FA-AAA8-8D7DDA300F1D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5010E0B-2F8D-439B-855B-663D4B1A0CEC}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{D51AB513-D380-45DF-B597-95B53943D018}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D99ED103-1881-4927-82F0-3E4000AF35E4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EA3CF3E0-F1EB-407F-AD07-3DA6BD389956}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FCD60431-D33E-4884-9C1E-98C5F76D2760}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{FF148B6B-A336-4FF5-833E-4A7D4F969ABA}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001292F6-E683-4AFB-A9B5-BEF11D603363}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{00294079-B974-46D2-97F1-A875729E9BC0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{054D5D56-3F4A-43C4-8E44-70F46A1DFF92}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{07443C8A-F251-4092-9B78-ECE8E5957D37}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{09CFF32A-73D7-437D-957C-1735BE67AD96}" = dir=in | name=nerokwik |
"{0C16D656-A9E6-4310-ACBE-1F0FE7C95500}" = dir=in | name=evernote touch |
"{0D345C16-BFF1-4115-BDDC-6962B647A0B7}" = dir=out | name=nerokwik |
"{0E3D9433-3761-4154-8CF1-9375D9C25312}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{0E52DEE8-A505-4553-98F9-7085DA978C81}" = dir=in | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{18C4D841-6CA9-4C04-8619-936664F34E88}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{18FB3D8C-D7A8-4305-8FD8-9278428AC827}" = dir=out | name=zinio |
"{24C67300-A9D8-47C0-B3B8-137FB1E6485B}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{26B66B9A-B8DC-47DE-8CB2-4023AB5FE902}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{29CA7E82-9069-489A-9BB7-B36C9AB21882}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{3016A18C-3D40-4630-9117-284A99F1ECE7}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{30BAC945-298A-4581-8FBA-A9330CF13A5F}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{31FE2129-835C-409F-9116-CD2D5D869E41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{347C479F-36F9-4A87-A00A-FA500E92649A}" = dir=out | name=@{microsoft.bingweather_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{350D8980-ED1A-4F9A-BE65-FA9611B4FA4E}" = dir=out | name=@{microsoft.3dbuilder_10.9.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{3981DF76-2192-4671-B807-FB38DB8D5E31}" = dir=in | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{3A4081B6-C3EA-4AD5-A991-ABF0CC04E99A}" = dir=out | name=microsoft solitaire collection |
"{3C6E9434-E921-46DB-ADAF-9F29895823F4}" = dir=in | name=@{microsoft.microsoftofficehub_17.6314.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{41453CFC-1134-40B6-AF73-C14879A2ADBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4397E8DC-42F4-4ED9-811C-DBD24058BE44}" = dir=in | name=microsoft solitaire collection |
"{4400A33E-3490-4433-A6E1-4B3A74EC1B70}" = dir=in | name=evernote touch |
"{49E8542D-D58D-41A9-B18A-14844C1896C8}" = dir=in | name=mcafee® central for lenovo |
"{4B225E02-0C9A-4EF0-9AB9-8A11A3BB2A33}" = dir=out | name=楽天gateway |
"{4F2A48A9-A9E9-41E1-91D9-D407F497CEB9}" = dir=out | name=@{microsoft.bingfinance_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{503C9FBD-EB2E-483D-A6C0-3C24A8018F8D}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{53081F0E-1B92-4B5D-9873-D32F3E4DE8CB}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5A0C0299-C82B-4A93-B35B-8E8C32A3A5F9}" = dir=in | app=c:\program files\cyberlink\powerdirector10\pdr10.exe |
"{5B820A26-36E2-4EB8-8FFD-EF4711EF4EC4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5DBD685F-1029-4405-9FD4-CB986C5776C1}" = dir=in | name=powerdvd for lenovo idea |
"{5E4476D0-9969-4AA0-A5B7-D6D367E96B83}" = dir=out | name=@{microsoft.windows.photos_15.1026.13580.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{63F855FE-4E2E-4AD2-A340-0DC593E261AA}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{643F951D-8179-45EE-9567-608993BD3526}" = dir=out | name=windows_ie_ac_001 |
"{6656B793-4611-49D8-B4CE-2270A267A5CD}" = dir=out | name=yousendit for lenovo |
"{66745911-7929-447E-8C38-768636F34A4D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{673F1FA5-414C-451A-8F0C-6E4F6FE14992}" = dir=out | name=@{microsoft.bingnews_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{67E0C454-3BCC-4508-85CA-8032FAEFD883}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{6CB5CC06-7939-44C4-B624-A0A92C4D3F48}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{70059A55-BD93-4E2B-B4E7-675F498F648E}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool10\eneasyapp.exe |
"{71A9219E-31FA-4CDE-B348-B3AF7737AAC0}" = dir=out | name=candy crush saga |
"{72187CBC-D563-478A-BC08-F797138357B1}" = dir=out | name=@{26720randomsaladgamesllc.simplesolitaire_4.9.0.29_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} |
"{728D94D1-3C57-4265-9C36-3B89B4B90DE6}" = dir=out | name=camera man |
"{7344AB4E-C9AA-448A-919A-FE4459230ADA}" = dir=out | name=@{microsoft.windowsphone_10.1509.17010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{7B3B27E6-0722-484F-B38D-9268F939A98E}" = dir=out | name=@{microsoft.microsoftofficehub_17.6314.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{7C10D2D8-2F36-4557-86A9-AF6161CCE10A}" = dir=in | name=zinio |
"{7FA3093D-C8E9-4C42-8919-59FDDF176185}" = dir=out | name=@{microsoft.windowsstore_2015.21.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{80E068C1-7E89-455C-9BB6-23145EF96A1F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{819458EB-5B3E-4FC8-B1D1-739397E9E1B9}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{84405B97-E504-4310-9672-FBCC762695C3}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{852BF980-35D5-4209-A8E7-FF42A6258C5F}" = dir=out | name=@{microsoft.windowsmaps_4.1511.3161.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{85D66B29-23D1-42EC-8901-29C176728203}" = dir=out | name=lenovo support |
"{86BE887B-F72E-4862-9267-ED8C061B8317}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\final fantasy xiv - a realm reborn\boot\ffxivlauncher.exe |
"{8C1F8196-444B-4138-B1B6-0BB725A05370}" = protocol=17 | dir=in | app=c:\program files (x86)\squareenix\final fantasy xiv - a realm reborn\boot\ffxivboot.exe |
"{8DCF85CC-8C44-4B92-81B6-1591377C9E8A}" = dir=out | name=powerdvd for lenovo idea |
"{8EEDF477-5FFD-4E7E-8FB3-E15EE5010C46}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{8FE037D9-D543-4A08-A98B-6C92AB4F179E}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{92273B2E-6D31-4F96-A8BC-1CE839C7FC65}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\final fantasy xiv - a realm reborn\boot\ffxivboot.exe |
"{93421996-4424-4289-91B0-3AE0BA3E9BC0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{94F5589D-607D-41FA-9253-067239A6D3B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{956F46DA-EE9E-4C72-A564-109DBF73AA22}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe |
"{98E44FF5-5B57-4E0A-A751-7DBF856C5FC5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9907A778-6D74-44FC-81AE-1806A62C3A0E}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{999CD088-A1E9-4693-95A9-AC12FC154F35}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9BD9DC20-13CB-439A-A29D-76AE07209477}" = protocol=6 | dir=in | app=c:\program files (x86)\squareenix\final fantasy xiv - a realm reborn\boot\ffxivlauncher.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E78385F-5366-4A8A-BDE1-634F0DB6B991}" = dir=out | name=@{microsoft.people_10.0.3030.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{A1CED844-96E9-4420-A68E-D2F2E27F03D0}" = dir=in | name=@{microsoft.windows.photos_15.1026.13580.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A3138602-1F37-4216-9117-CF4BE0829669}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20947_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A56C3A8E-993F-4B69-815E-016B7DE250B2}" = dir=in | name=evernote touch |
"{AAA5C659-1AB1-4C4B-8519-5A157C1DD8A7}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{ADF4B7FF-7934-428C-B3AD-6A7EAFCCD992}" = dir=out | name=@{microsoft.bingsports_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{AE095794-5414-4B73-9FE2-8120B769814D}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{AF1D3D8D-C55D-4E33-8DC1-29E606C50825}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B1E1055F-C6BB-47CD-9474-41F1C3034F8E}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{B233F86B-7C23-46A5-B61B-91F00D446B0B}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{B44651F0-A090-46F3-802E-B08D3F6C2F5C}" = dir=out | name=@{microsoft.zunevideo_3.6.15081.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{B482F1B7-0538-4839-8E4A-1225EE3C4657}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{B4C7E309-90D9-4804-9039-FC393E31A600}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B512A6F1-900F-4558-8028-84486B91A83E}" = dir=out | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{B6B25AE6-A7FF-410A-816B-D516B1BDE68D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\final fantasy xiv - a realm reborn\boot\ffxivboot.exe |
"{B6D8EDF9-85B5-4573-8E8B-A45C8CEB0AD3}" = dir=in | name=xbox |
"{B7F80AE6-829E-42D0-BB76-FA3F4ABFAE98}" = dir=in | app=c:\users\裕也\appdata\local\microsoft\skydrive\skydrive.exe |
"{B97DB43B-0B3E-4828-9C72-CAB5D6749486}" = dir=out | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{BC074BE0-54D0-441E-A3CD-E66DE0492F3E}" = dir=in | name=@{microsoft.windowsstore_2015.21.25.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{BE7A7A2D-989F-47DA-B642-AF1B7296F80B}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{BE7CE819-5DEB-44DD-8E23-880B1B836CA2}" = dir=in | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{BF00DD15-FCC6-4F27-B3ED-D36544A94D78}" = dir=out | name=onenote |
"{C3774BFD-4126-412E-AA0B-221BAB20ED12}" = dir=out | name=windows_ie_ac_001 |
"{C5E72398-4146-4E4E-8252-770EF867FE59}" = dir=out | name=twitter |
"{CC1EA08A-5A3E-4333-83E6-C0EC51CD8160}" = dir=out | name=evernote touch |
"{CD820345-9F27-4447-B4F5-C3014B0B0B95}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CE230BE1-3AE2-448E-998F-9EF9B8AAA022}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{CFDEA971-FBB5-46C3-9B3A-D90BD53983DD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\final fantasy xiv - a realm reborn\boot\ffxivboot.exe |
"{D1153FB0-E68B-4C06-971B-C080ED61CB17}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{D2CB7A61-438F-4074-B244-A5C92C4DF4D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{D3FA34C9-F66B-40F3-96DA-68FB840E6597}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{D49531CA-4A62-4F04-836D-9F9F5F8A1D8E}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6D19B32-5326-4795-8BC4-7CEB1BD38D32}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{D8A5C1EA-D9EA-4E0D-B57B-4E876CE70807}" = dir=out | name=@{microsoft.bingsports_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB9AD533-75AA-4F98-B7E2-DCAA7D4461DB}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{DDDB385F-0CE7-4F0F-AE7B-1127D6281D8F}" = dir=out | name=evernote touch |
"{DF8AE615-14B8-483A-84DB-9AD5551FF380}" = dir=out | name=@{microsoft.getstarted_2.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{E004B4F4-6D81-4920-A625-127A11AE6581}" = dir=in | name=onenote |
"{E07A4DF6-149D-42BE-BFED-298021A3F6E0}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{E0C2D60E-DA93-48E9-A2FE-B10E46160D23}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{E24EB039-BB72-481C-9303-74B716D4F336}" = dir=out | name=my time line |
"{E4FAF135-3A76-4DDC-91EC-FB932141124A}" = dir=out | name=ヤフオク! (lv) |
"{EAA67210-9E30-46D4-AC7A-4F82DC4D6CAE}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEBB0713-8CC9-4F66-ACB5-1B10AA6C2BA6}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{EF4B9E22-E2DB-4725-8995-B3E4CA956A2C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F2C167B4-2136-4E89-BA14-BEA846607A01}" = dir=out | name=mcafee® central for lenovo |
"{F57A8CED-1FF9-4A83-86D9-693F9D4F4F1A}" = dir=in | name=@{microsoft.bingsports_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD58A867-BC84-442E-9424-6A18F304DCEB}" = dir=out | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{FE4951C6-1AB5-4D0B-A5C9-F6B24EAFB813}" = dir=out | name=xbox |
"{FF89D935-D3F6-4ECD-B997-5066E72A40DF}" = dir=out | name=lenovo companion |
"TCP Query User{6A9A456F-245E-4C80-A7D2-628311C9E2FD}C:\kiss\custommaidonline\ct64.exe" = protocol=6 | dir=in | app=c:\kiss\custommaidonline\ct64.exe |
"TCP Query User{8573E669-156A-4CF8-97BA-5D2374A25668}C:\kiss\custommaidonline\ct64.exe" = protocol=6 | dir=in | app=c:\kiss\custommaidonline\ct64.exe |
"TCP Query User{D430140D-556D-4555-954F-EF9432891060}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"TCP Query User{F1EC60BD-57F7-439F-AF28-B5D58B23FBC0}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{F71C34E9-6255-4CD8-95E6-DB6025C4FBA4}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{3CB73281-F411-4198-8FF9-BEDF65DD906F}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{8ACE68E8-7F4E-46D0-96D6-32FB97F4CE43}C:\kiss\custommaidonline\ct64.exe" = protocol=17 | dir=in | app=c:\kiss\custommaidonline\ct64.exe |
"UDP Query User{FBAF0B33-F84D-4BC4-B843-D6194655BEB3}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"UDP Query User{FC69532D-F35E-4AEF-B409-BCDA8597846C}C:\kiss\custommaidonline\ct64.exe" = protocol=17 | dir=in | app=c:\kiss\custommaidonline\ct64.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020CDFE0-C127-4047-B571-37C82396B662}" = Microsoft SQL Server 2014 Transact-SQL ScriptDom
"{05FF8209-C4F1-4C77-BC28-791653156D20}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{0B6BDD27-3097-4FE1-BDE6-1D5EC7399563}" = Visual Studio 2013 Prerequisites
"{16222DF7-8513-491E-91F0-F489AB2D3CB0}" = Visual Studio 2013 Prerequisites - ENU Language Pack
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}" = Windows App Certification Kit Native Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}" = Microsoft SQL Server 2014 Management Objects (x64)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{3075404F-5657-4f31-A064-FEF98661BDD4}" = パスワードマネージャー
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.1001
"{33B4C199-3463-30E8-B3D2-A0793DAC3607}" = Microsoft Team Foundation Server 2013 Update 4 Object Model Language Pack (x64) - ENU
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}" = Microsoft SQL Server 2012 Management Objects (x64)
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{49055838-1EF5-40BB-89B6-8E3456B3E817}" = Microsoft Visual Studio 2013 Performance Collection Tools - ENU
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}" = Windows Software Development Kit DirectX x64 Remote
"{54C5041B-0E91-4E92-8417-AAA12493C790}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{58FED865-4F13-408D-A5BF-996019C4B936}" = Microsoft SQL Server 2012 Command Line Utilities
"{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}" = Microsoft Web Deploy 3.5
"{6C026A91-640F-4A23-8B68-05D589CC6F18}" = Microsoft SQL Server 2012 Express LocalDB
"{6D7131D1-87E5-4677-BD6A-08DCF2529076}" = Microsoft Visual Studio 2013 Performance Collection Tools
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7818198F-3A26-442D-B34D-1664D3ABC979}" = Microsoft Visual Studio 2013 Diagnostic Tools - amd64
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}" = Dolby Digital Plus Home Theater
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C06D6DB-A391-4686-B050-99CC522A7843}" = Microsoft System CLR Types for SQL Server 2014
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{92124FFB-5113-4D64-A6BA-7D6D362A6265}" = VCRT for DirectPass x64
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{95176218-0F93-3376-912E-B82DACCEA01B}" = Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005
"{96F4525A-470D-F15C-796E-58D9988C3E5F}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{993F6DDC-63F8-4BCD-9B28-D941971A9CAC}" = Windows XP Targeting with C++
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A6BA243E-85A3-4635-A269-32949C98AC7F}" = Microsoft SQL Server 2012 Data-Tier App Framework (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AAFF73AD-3432-3575-ABD1-14E48EF2F4CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}" = Microsoft SQL Server 2014 Express LocalDB
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = ウイルスバスタークラウド
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}" = Dolby Digital Plus Advanced Audio
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{C0DE47ED-AFAF-3B17-8268-D5BFDEC404A8}" = Microsoft Team Foundation Server 2013 Update 4 Object Model (x64)
"{C596D608-3E74-3232-8CA5-DF1DCB9F10DE}" = Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
"{CC1F74DF-058F-406C-BC7D-F14D6E5F7CBD}" = Build Tools - amd64
"{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}" = Microsoft SQL Server 2012 Native Client
"{DB4DA836-82EC-4A96-A6A1-52B39AD19C14}" = Intel(R) Rapid Storage Technology
"{E43BBAEB-4914-44C6-88C0-E7A1DBD20A91}" = Build Tools Language Resources - amd64
"{E92E1FF1-B188-43FE-BECA-2248E227E67D}" = Lenovo Solution Center
"{E9EC941D-16E5-46FD-AB44-928ED7839CCC}" = VCRT for DirectPass x64
"{EAB410E5-3618-4C97-8EEA-450A75F865FD}" = Windows Phone 8.1 SDK - x64
"{F059D68A-2911-4ea7-BA2B-3FBF2DD9D1CB}" = パスワードマネージャー
"{F17662A3-4569-4A61-ABD4-E51B632D3C4D}" = Microsoft Visual Studio 2013 VsGraphics Helper Dependencies
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E" = Windows ドライバパッケージ - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776)
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"6BCA401E9CBEED970D75F55FA5320F60D11984E9" = Windows ドライバパッケージ - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288)
"Beauty Guide Lite_is1" = Beauty Guide Lite 2.2.5
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = Lenovo pointing device
"EPSON EP-803A" = EPSON EP-803A プリンターアンインストール
"GIMP-2_is1" = GIMP 2.8.14
"HomeBusinessRetail - ja-jp" = Microsoft Office Home and Business 2013 - ja-jp
"Pen Tablet Driver" = ワコム
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0274D240-4D1D-4FDA-9A36-09F0BECD288F}" = Adobe AIR
"{0398BFBC-991B-3275-9463-D2BF91B3C80B}" = Microsoft Help Viewer 2.1
"{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}" = Microsoft SQL Server 2012 T-SQL Language Service
"{05F508E8-2DC6-4B12-B6A9-51000536216A}" = Application Insights Tools for Visual Studio 2013
"{0610DFB0-CCEA-6EC0-E3C3-A0160AD7FD98}" = Windows Runtime Intellisense Content - en-us
"{06EEE072-B561-38E5-85D9-485ABCBE8342}" = Visual F# 3.1 SDK
"{070C38AC-05CE-43DF-9A20-141332F6AB2B}" = Microsoft System CLR Types for SQL Server 2012
"{093F1701-E0CB-3506-9366-07B69773A78B}" = Microsoft ASP.NET and Web Tools 2013.4 - Visual Studio 2013
"{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}" = Cisco PEAP Module
"{0B698858-DAB0-4F9E-A10A-125B274EDA06}" = Microsoft Visual C++ x64 Libraries
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0D04A4D2-7CE9-4EC2-970F-4A639D721D46}" = Pixia ver. 6
"{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}" = TypeScript Tools for Microsoft Visual Studio 2013
"{0F4B91C5-4524-02A6-1D9B-5AE52CE2E0F4}" = Bamboo Dock
"{129CE446-6315-3DB0-AEF2-3EE0CA4C31AE}" = Visual Studio 2012 Verification SDK - enu
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{161D2A15-59BD-3B4F-B45F-C54F5D59B6A2}" = Microsoft Visual Studio 2013 Add-in for Windows Phone
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F675EA-CB03-462D-A04B-3832DBAB5318}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205A8E25-7ABE-30AB-929E-80A63A7AFBE3}" = Microsoft Portable Library Multi-Targeting Pack
"{21373064-AD95-48DB-A32E-0D9E08EF7355}" = Prerequisites for SSDT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2386192E-D6DB-4AD2-9564-65586A0AE53E}" = Dotfuscator and Analytics Community Edition
"{26A24AE4-039D-4CA4-87B4-2F83218065F0}" = Java 8 Update 65
"{2774595F-BC2A-4B12-A25B-0C37A37049B0}" = Microsoft SQL Server 2014 Management Objects
"{2881CFB4-71F9-40C7-8228-6395117C0EDA}" = Python Tools Redirection Template
"{28C7344F-E894-4CF5-8D05-EDC7ED71796C}" = Behaviors SDK (Windows) for Visual Studio 2013
"{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}" = FINAL FANTASY XIV - A Realm Reborn
"{2F1FC167-2D88-3E8A-85AE-2D23DA16DFAF}" = Visual Studio 2012 Verification SDK - ita
"{2F7DBBE6-8EBC-495C-9041-46A772F4E311}" = Microsoft SQL Server 2012 Management Objects
"{2F8DE575-AEF9-4E4F-BA30-65B2DFD7A6DA}" = Windows Phone 8.1 Tools for Visual Studio Professionald 2013 - ENU
"{2F8F489A-0476-3129-857B-A553F38B192D}" = Microsoft Visual C++ 2012 Core Libraries
"{30F2491C-9410-4DB1-BE66-77B360B1F484}" = Microsoft Visual C++ x64-arm Cross Compilers
"{3169A65F-9DA5-331A-ACCE-D970F9020404}" = Visual Studio 2012 驗證 SDK - cht
"{31FF5BE9-F816-389E-A95A-7F362878A039}" = Visual Studio 2012 Verification SDK - chs
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}" = Prerequisites for SSDT
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{374E7247-AC4C-4728-8F7E-E7C5BCA93908}" = Microsoft Azure Mobile Services SDK
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EEBFDAA-9AF3-4119-B76F-E3CC628F8202}" = Microsoft Azure Shared Components for Visual Studio 2013 - v1.3
"{3F92C742-08BE-9C7A-DF0C-3E1CD06C46C2}" = Sumo Paint Bamboo 2.2
"{3FBFCF2C-392A-4632-9442-14C305B44D5E}" = AzureTools.Notifications
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44334193-827E-47B4-AB2A-E49F2A102E21}" = VCRT for DirectPass x86
"{46910786-E4AC-41E4-A4A0-C086EA85242D}" = WCF Data Services 5.6.0 Runtime
"{4781443E-204D-4D98-8899-18A123C13B1E}" = Microsoft C++ REST SDK for Visual Studio 2013
"{47D08E7A-92A1-489B-B0BF-415516497BCE}" = Microsoft SQL Server 2014 T-SQL Language Service
"{492498A3-F88C-FE2F-755C-9B1B91724CA5}" = LocalESPC Dev12
"{492FCC0B-45E1-383A-A2CF-9E7F305AC200}" = Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE57014-05C4-4864-A13D-86517A7E1BA4}" = Microsoft .NET Framework 4.5 SDK
"{4AEB505C-95E1-4964-9B64-8D27F3186D30}" = Microsoft System CLR Types for SQL Server 2014
"{4E7BB653-2585-4138-95F3-3455FCA04354}" = Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU
"{5411060C-8F8C-393D-8D3B-26AF2C92FABB}" = Microsoft Visual Studio 2013 Shell (Minimum)
"{5481F163-B9E5-30A8-8441-4DBBB87D6AA2}" = Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries
"{54F76D6C-0EC3-43D9-8BCC-73E31AB0BF06}" = Memory Profiler
"{55762F9A-FCE3-45d5-817B-051218658423}" = CyberLink MediaStory
"{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}" = EPSON Scan OCR コンポーネント
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}" = Behaviors SDK (Windows Phone) for Visual Studio 2013
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}" = WCF RIA Services V1.0 SP2
"{605FFCBB-EC5A-485C-B27E-189F1C8A96E5}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{6098D454-CB7B-44C2-8615-D869FD9655C7}" = TypeScript Power Tool
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6321F2D4-366B-3AE4-877A-8E539EC3331A}" = Visual F# 3.1 VS
"{64297226-2B81-4588-89BD-76440BC0BCFC}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6621F198-7F26-43F9-81E8-9457797B2CBA}" = Microsoft Azure Mobile Services Tools for Visual Studio - v1.3
"{66FFC445-6EB0-3D02-95D7-925E3050FFB8}" = Microsoft Visual Studio 2013 XAML UI Designer - ENU
"{6781FF9B-E87D-4A03-9373-A55A288B83FA}" = Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
"{678800C0-D94E-4513-89CB-478F2B781A0B}" = Microsoft Visual C++ 2013 x86-x64 Compilers
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype(TM) 7.12
"{6A0C6700-EA93-372C-8871-DCCF13D160A4}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{6AB13C21-C3EC-46E1-8009-6FD5EBEE515B}" = Microsoft Advertising SDK for Windows 8.1 - ENU
"{6AC81125-8485-463D-9352-3F35A2508C11}" = Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU
"{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040}" = Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
"{73629F80-9DFE-421A-908B-C71FBD243E5A}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{77A85707-C1BA-44DA-915D-CE68AE058A78}" = Microsoft Visual Studio 2013 Profiling Tools
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{7AC97190-67DC-4D68-B743-43F7E1FC393A}" = Windows Phone 8.1 SDK - ARM
"{7AE61976-6FE2-4B65-9E1C-4DE44288772B}" = Visual Studio Extensions for Windows Library for JavaScript
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84D88F57-4130-30FE-A0B6-1E04428FE1F6}" = Microsoft Visual C++ 2013 Core Libraries
"{85253F13-EE42-4850-A3A5-79B90E92D7AC}" = Entity Framework 6.1.1 Tools for Visual Studio 2013
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3862F9-F587-3DFA-AAFC-C1F0E116F05C}" = Kit SDK de vérification de Visual Studio 2012 - fra
"{8BD11F34-C26A-4E92-B2A2-4FFF5FC3FE67}" = Microsoft Visual Studio 2013 Diagnostic Tools - x86
"{8F6DB54B-8CB9-4928-896D-312BFE833131}" = Microsoft Visual Studio 2013 Preparation
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0411-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90EF884E-5253-324C-9C11-63C9DA16BF0C}" = SDK de comprobación de Visual Studio 2012 - esn
"{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}" = PreEmptive Analytics Visual Studio Components
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96563105-F726-4865-8C32-416753ECA5F1}" = Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources
"{96a8b90c-0a91-4e76-ab34-730c23923d11}" = Microsoft Visual Studio Community 2013 with Update 4
"{976C3D92-0DEC-37A6-A870-FF4FC18CD029}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps
"{977CABC5-7B4B-3AE4-8E1B-56C673C1D638}" = Пакет Visual Studio 2012 Verification SDK - rus
"{979C7495-FB42-484E-92EA-7F2A59DD7718}" = Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{985EF141-95DD-3934-8F23-7C2C4C61E5F7}" = Microsoft Visual Studio 2013 Shell (Minimum) Resources
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9C593464-7F2F-37B3-89F8-7E894E3B09EA}" = Microsoft Visual Studio Professional 2013
"{9D3D8C60-A5EF-4123-B2B9-172095903AB}" = REALTEK Bluetooth Driver
"{9DAABC60-A5EF-41FF-B2B9-17329590CD5}" = REALTEK Wireless LAN Driver
"{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}" = Blend for Visual Studio 2013 ENU resources
"{9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}" = VS Update core components
"{9FB31124-1FD5-314B-8B91-E4ECC431E1D7}" = Visual Studio 2012-Verifizierungs-SDK - deu
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A1D06677-1103-32DE-AA74-6EE44DCF7F81}" = Microsoft Visual C++ 2013 Extended Libraries
"{A223B446-EC3D-3031-828D-5188800AB782}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU)
"{A35D7103-E0AE-4421-98E9-3F5EEEED3B7D}" = Windows Phone 8.1 Tools for Visual Studio 2013 - ENU
"{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077}" = Microsoft Visual C++ x86 Libraries
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E87388-3512-4D9C-9BBA-284C3577CBE9}" = Microsoft Visual C++ 2012 Compilers
"{A8229A09-E570-412B-8D18-E78985673E34}" = Microsoft Visual C++ ARM Libraries
"{A88AEB8B-A6C5-41BC-8F71-F704DD1E0D00}" = Memory Profiler
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC768037-7079-4658-AC24-2897650E0ABE}" = Energy Manager
"{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}" = Microsoft SQL Server Data Tools - enu (12.0.41012.0)
"{AE937DBA-FEFD-3BFE-9860-0591C0F91D61}" = Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
"{AEBB5873-1DF6-4190-98D8-D9FC5144EB3B}" = Windows Phone 8.1 SDK - Desktop
"{AF312B06-5C5C-468E-89B3-BE6DE2645722}" = Cisco LEAP Module
"{AFF89951-EFF1-3543-92CE-BE535855A3A7}" = Microsoft NuGet - Visual Studio 2013
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B1C38F27-D377-8C98-D98D-29B67C0B978D}" = LocalESPCui for en-us Dev12
"{B255880F-8C5E-4FAF-8F9C-7DBA635B2615}" = Build Tools - x86
"{B3C98C29-A2BE-455F-9285-13B745282271}" = Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources
"{B503082D-B4CD-32E5-A97C-AB10D2E9111A}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{B536762B-1047-4B51-8ECF-46D5686E5416}" = Microsoft ASP.NET Web Pages 2 Runtime
"{B6A0A174-33E0-3D42-92EA-547D318CB149}" = Microsoft Visual Studio 2013 Devenv
"{B90F9678-82C0-32A3-996B-98AA7EA5D8F4}" = Microsoft Visual Studio 2013 XAML UI Designer
"{BB0D9EE5-F7B1-4986-AF62-DB3BED9A83BC}" = Microsoft Visual C++ x64 Native Compilers - ENU Resources
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BF3E2194-F89B-44FB-A801-464BF787599F}" = WCF Data Services Tools for Microsoft Visual Studio 2013
"{C1D0E508-ECAF-45AA-A549-1E26B9ECE0FB}" = Microsoft Visual C++ x64-x86 Cross Compilers
"{C26C1495-8EBE-3F71-BDA1-7DE2010840D8}" = Microsoft Visual Studio 2013 Devenv Resources
"{C47A1D4C-13B1-3E81-A367-83FB8F4FBF8E}" = Visual Studio 2012 Verification SDK - jpn
"{C4CAE1DE-77C8-32A7-A347-52DB738F0DE1}" = Visual Studio 2012 Verification SDK
"{C4DD6A7C-DD73-36C4-BBBF-B699644A37B8}" = Microsoft Visual Studio Community 2013
"{C629CD13-3E1A-33A2-9515-23F7BF4C5D06}" = Microsoft Visual Studio 2013 Add-in for Windows Phone - ENU Language Pack
"{C7B84BB5-B871-4020-9C0D-CB08D9B77526}" = Windows Phone 8.1 Tools for Visual Studio Professional 2013
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{C9E7751E-88ED-36CF-B610-71A1D262E906}" = Team Explorer for Microsoft Visual Studio 2013
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D3517C62-68A5-37CF-92F7-93C029A89681}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
"{D35B579C-E1ED-437A-96E2-CD81E3C4ADCD}" = Windows Phone 8.1 Tools for Visual Studio 2013
"{D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}" = Build Tools Language Resources - x86
"{D3A828A9-FD4A-4463-9CB0-9673C682A0C7}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{D42681AA-BC16-3C84-949E-45F05D2AA997}" = Microsoft Visual C++ 2013 Core Libraries
"{D8DEAAC1-A503-4C97-90F7-EF1E58A3E509}" = Microsoft C++ Azure Mobile SDK for Visual Studio 2013
"{DB5600F1-DE83-46DE-B162-5FC4400EAF5B}" = Microsoft Visual C++ 2013 Compilers
"{DC8FA8B0-9EBA-38F2-934D-001BD21EACB6}" = Windows Phone SDK 8.0 Assemblies
"{DE0E8FAF-9758-4BFD-A16E-009DB4B8C912}" = Microsoft Visual C++ x64 Native Compilers
"{DEBF18DD-F351-3FC3-9BF4-8B20AC2EF5EF}" = Visual Studio 2012 유효성 검사 SDK - kor
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Lenovo EasyCamera
"{E5C1C342-5E78-4D91-85BE-40C716B09391}" = コンテンツ管理アシスタント for PlayStation(R)
"{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}" = Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
"{E6F3851E-CEEB-4ECB-A6FA-337C8F662E3D}" = Microsoft Visual C++ 2013 Compilers - ENU Resources
"{E9674444-9491-3961-873C-017D8912185E}" = Microsoft Visual Studio Professional 2013 - ENU
"{EB25848D-AADC-40D7-914E-CB2E25AB5E59}" = Microsoft ASP.NET MVC 4 Runtime
"{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}" = Blend for Visual Studio 2013
"{EBD9DB6D-180B-4C59-9622-B75CC4B32C94}" = Microsoft Advertising Service Extension for Visual Studio
"{ED8DFB38-C87B-42B3-A33E-B20DF935C055}" = PowreShellIntegration.Notifications
"{EDB1632D-FE4B-4F5B-A234-91DA81B03C41}" = Windows Phone 8.1 SDK - x86
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = ユーザーマニュアル
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}" = Windows App Certification Kit x64
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FD45B178-B1C1-4D2A-B8C8-CD7B4F687F1C}" = VCRT for DirectPass x86
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"Adobe AIR" = Adobe AIR
"Algodoo_is1" = Algodoo v2.1.0
"Bamboo Dock" = Bamboo Dock 3.3
"com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1" = Sumo Paint Bamboo 2.2
"CoolSoft VirtualMIDISynth" = CoolSoft VirtualMIDISynth 1.13.0
"EPSON EP-803A Manual" = EPSON EP-803A ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ
"EPSON EP-803A Network Guide" = EPSON EP-803A ﾈｯﾄﾜｰｸｶﾞｲﾄﾞ
"EPSON Scanner" = EPSON Scan
"Explzh" = Explzh for Windows
"ExpressZip" = Express Zip ファイル圧縮ソフト
"Google Chrome" = Google Chrome
"http://pso2.jp/appid/release_is1" = PHANTASY STAR ONLINE 2
"ins_beat" = BEAT!MusicPlayer
"InstallShield_{0D04A4D2-7CE9-4EC2-970F-4A639D721D46}" = Pixia ver. 6
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}" = CyberLink MediaStory
"InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}" = Energy Manager
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = User Manuals
"Kingsoft Office" = Kingsoft Office 2013 (9.1.0.4057)
"LINE" = LINE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 1.75.0.1300
"Microsoft Help Viewer 2.1" = Microsoft Help Viewer 2.1
"PaintToolSAI" = ペイントツールSAI Ver.1
"PhotoPad" = PhotoPad 写真編集ソフト
"Pixillion" = Pixillion 画像ファイル変換ソフト
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"ripaudicof" = Rip!AudiCO FREE Ver 4.03
"RPGVXAce_J_is1" = RPGツクールVX Ace
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"sakura editor_is1" = sakura editor(サクラエディタ)
"SoATrial" = 剣の街の異邦人白の王宮体験版
"Steam" = Steam
"Steam App 301520" = Robocraft
"Steam App 312060" = FINAL FANTASY XIV: A Realm Reborn Free Trial
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinGimp-2.0_is1" = GIMP 2.6.11
"Wrye Bash" = Wrye Bash
"カスタムメイド3D 2 Edit体験版" = カスタムメイド3D 2 Edit体験版
"カスタムメイドオンライン" = カスタムメイドオンライン

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/11/16 6:45:17 | Computer Name = rugirugi | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: SearchUI.exe、バージョン: 10.0.10240.16515、タイムスタンプ:
0x55fa5578 障害が発生しているモジュール名: CortanaApi.dll、バージョン: 0.0.0.0、タイムスタンプ: 0x55fa5354 例外コード:
0x80000003 障害オフセット: 0x0000000000151a73 障害が発生しているプロセス ID: 0x300 障害が発生しているアプリケーションの開始時刻:
0x01d1205bdf5f68f3 障害が発生しているアプリケーションパス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
障害が発生しているモジュール
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
レポート
ID: 705270f1-aaa2-46ad-9b80-7daf1675d36e 障害が発生しているパッケージの完全な名前: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
障害が発生しているパッケージに関連するアプリケーション
ID: CortanaUI

Error - 2015/11/16 6:45:19 | Computer Name = rugirugi | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2147023170。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/11/16 6:45:25 | Computer Name = rugirugi | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Getstarted_2.5.6.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca
のライセンス認証がエラーで失敗しました: -2144927149。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/11/16 10:04:48 | Computer Name = rugirugi | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = アプリ Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI
は、割り当てられた時間内に起動しませんでした。

Error - 2015/11/16 10:05:40 | Computer Name = rugirugi | Source = Application Hang | ID = 1002
Description = プログラム SearchUI.exe バージョン 10.0.10240.16515 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、セキュリティとメンテナンス
コントロールパネルで、問題の履歴を参照してください。プロセス ID: bd0 開始時刻: 01d12077b77bf7fe 終了時刻: 4294967295 アプリケーション
パス: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe レポート
ID: 000913ea-8c6b-11e5-83c9-90489ac99b9a 障害が発生しているパッケージのフルネーム: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

障害が発生しているパッケージに関連するアプリケーション
ID: CortanaUI

Error - 2015/11/16 11:06:25 | Computer Name = rugirugi | Source = Application Hang | ID = 1002
Description = プログラム SystemSettings.exe バージョン 10.0.10240.16384 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、セキュリティとメンテナンス
コントロールパネルで、問題の履歴を参照してください。プロセス ID: 22b4 開始時刻: 01d120804475fc97 終了時刻: 4294967295 アプリケーション
パス: C:\Windows\ImmersiveControlPanel\SystemSettings.exe レポート ID: 8cae4010-8c73-11e5-83c9-90489ac99b9a

障害が発生しているパッケージのフル
ネーム: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy 障害が発生しているパッケージに関連するアプリケーション
ID: microsoft.windows.immersivecontrolpanel

Error - 2015/11/16 11:06:25 | Computer Name = rugirugi | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
のライセンス認証がエラーで失敗しました: -2144927142。詳しくは、Microsoft-Windows-TWinUI/Operational ログをご覧ください。

Error - 2015/11/16 11:47:41 | Computer Name = rugirugi | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = アプリ Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI のライセンス認証がエラーで失敗しました:
-2144927141。詳しくは、Microsoft-W

いするぎ
MAIL
2015/11/17 (Tue) 23:28:45

返信フォームへ

OTLで処置します

作業と報告、ご苦労様です。
OTLのスキャンログを見せてもらいました。
では早速次の作業しましょう。
今度は見つかったものをOTLで処置にかかります。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」（赤字のボタン）を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
IE - HKLM\..\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
CHR - Extension: 譛蛻昴・繝ｦ繝ｼ繧ｶ繝ｼ = C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\

:Files
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------

悪代官
2015/11/18 (Wed) 21:29:34

返信フォームへ

Re: マルウェアに感染したようです

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93E45EF3-2587-4743-8F49-656B3E62E228}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93E45EF3-2587-4743-8F49-656B3E62E228}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93E45EF3-2587-4743-8F49-656B3E62E228}\ not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKU\S-1-5-21-3583450532-2804974510-3264961352-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_metadata folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales\zh_TW folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales\ja folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales\fr folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales\en folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales\de folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\_locales folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0\plugins folder moved successfully.
C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0 folder moved successfully.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11232015_215150

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

現状はホームページが空白のページにされるのが収まりましたかな、まだ潜んでるかもわかりませんが

いするぎ
MAIL
2015/11/23 (Mon) 22:12:21

返信フォームへ

では今度は全体の洗い直しを

作業と報告、ご苦労様です。

>現状はホームページが空白のページにされるのが収まりましたかな、まだ潜んでるかもわかりませんが

はい、異常は治まっているとのことですね。
ログを見ても処置対象はOTLで掃除できたみたいです。

ではここで全体の状況を再確認します。
お手数ですが再度CCで各タブのログとインストール情報ログ、それとHJTログを取り直して、それらをレスで見せてください。
まだ隠れている物や取りこぼしがないかを含めて全体を洗い直します。

そういうわけで、次回は「あらいぐま悪代官」のIDでレスにきます（←森に帰れ

悪代官
2015/11/24 (Tue) 22:04:56

返信フォームへ

Re: マルウェアに感染したようです

近頃多忙だったため検査が遅れました、すみません

インストール履歴
3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
Adobe AIR Adobe Systems Incorporated 2015/11/14 19.0.0.213
Algodoo v2.1.0 Algoryx 2015/05/09 91.8 MB
Bamboo Dock 3.3 Wacom Co., Ltd. 2015/08/01 3.3
BEAT!MusicPlayer 2015/08/01
Beauty Guide Lite 2.2.5 Tint Guide 2015/05/27 8.86 MB 2.2.5
Camera Man LENOVO INC 2015/08/01 1.0.1929.30229
Candy Crush Saga king.com 2015/12/01 1.652.0.0
CCleaner Piriform 2015/11/08 5.11
Cisco EAP-FAST Module Cisco Systems, Inc. 2014/06/17 1.53 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 2014/06/17 632 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 2014/06/17 1.22 MB 1.1.6
Conexant HD Audio Conexant 2015/09/05 8.66.16.50
CoolSoft VirtualMIDISynth 1.13.0 CoolSoft 2015/08/01 1.13.0.0
CyberLink MediaStory CyberLink Corp. 2014/06/17 474 MB 1.0.1314
CyberLink PhotoDirector 3 CyberLink Corp. 2014/06/17 226 MB 3.0.1.4107
CyberLink PowerDirector 10 CyberLink Corp. 2015/08/01 293 MB 10.0.0.2810
Dolby Digital Plus Advanced Audio Dolby Laboratories Inc 2014/06/17 2.75 MB 7.5.1.1
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2015/09/05 33.7 MB 7.6.5.1
Energy Manager Lenovo 2014/06/17 47.8 MB 1.0.0.35
Entity Framework 6.1.1 Tools for Visual Studio 2013 Microsoft Corporation 2015/06/04 145 MB 12.0.30610.0
EPSON EP-803A プリンターアンインストール SEIKO EPSON Corporation 2015/08/01
EPSON EP-803A ﾈｯﾄﾜｰｸｶﾞｲﾄﾞ 2015/08/01
EPSON EP-803A ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ 2015/08/01
EPSON Scan Seiko Epson Corporation 2015/08/01
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/11/20 1.10.0000
EpsonNet Print SEIKO EPSON CORPORATION 2014/11/20 2.4i
EpsonNet Setup 3.3 SEIKO EPSON CORPORATION 2014/11/20 3.3a
Evernote Touch Evernote 2015/11/03 3.2.2.96
Explzh for Windows pon software 2015/09/19 7.2.9.0
Express Zip ファイル圧縮ソフト NCH Software 2015/09/26 2.29
FINAL FANTASY XIV - A Realm Reborn SQUARE ENIX CO., LTD. 2015/10/15 1.0.0000
FINAL FANTASY XIV: A Realm Reborn Free Trial SQUARE ENIX 2015/10/10
GIMP 2.6.11 The GIMP Team 2015/03/24 107 MB 2.6.11
GIMP 2.8.14 The GIMP Team 2015/03/24 268 MB 2.8.14
Google Chrome Google Inc. 2014/11/23 47.0.2526.73
Google Toolbar for Internet Explorer Google Inc. 2015/09/21 7.5.6904.2028
Groove ミュージック Microsoft Corporation 2015/11/11 3.6.15131.0
IIS 8.0 Express Microsoft Corporation 2015/06/05 36.3 MB 8.0.1557
IIS Express Application Compatibility Database for x64 2015/08/01
IIS Express Application Compatibility Database for x86 2015/08/01
Intel(R) Management Engine Components Intel Corporation 9.5.15.1730
Intel(R) Processor Graphics Intel Corporation 10.18.10.3379
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/17 13.0.0.1098
Java 8 Update 65 Oracle Corporation 2015/11/11 21.0 MB 8.0.650.17
Kingsoft Office 2013 (9.1.0.4057) Kingsoft Corp. 2015/08/01 9.1.0.4057
Lenovo Companion Lenovo, INC. 2015/12/03 3.37.0.0
Lenovo EasyCamera Realtek Semiconductor Corp. 2015/08/01 6.3.9600.11105
Lenovo EasyCamera Realtek Semiconductor Corp. 2014/06/17 13.6 MB 6.2.9200.10249
Lenovo OneKey Recovery CyberLink Corp. 2015/08/01 8.0.0.2105
Lenovo pointing device ELAN Microelectronic Corp. 2015/08/19 11.4.69.4
Lenovo PowerDVD10 CyberLink Corp. 2014/06/17 203 MB 10.0.5630.52
Lenovo Solution Center Lenovo Group Limited 2015/11/14 38.4 MB 2.8.005.00
Lenovo Support Lenovo, INC. 2015/08/01 2.0.5.0
LINE LINE Corporation 2015/11/11 4.2.1.678
Live TV FilmOn TV Inc. 2015/08/01 1.3.6.115
Malwarebytes Anti-Malware バージョン 1.75.0.1300 Malwarebytes Corporation 2015/11/15 19.3 MB 1.75.0.1300
McAfee® Central for Lenovo McAfee_Inc 2015/08/01 4.5.141.1
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 2015/06/04 41.8 MB 4.5.50710
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 2015/06/04 18.5 MB 4.5.50710
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 2015/06/04 49.3 MB 4.5.50932
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 2015/06/04 75.2 MB 4.5.50932
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 2015/06/04 19.4 MB 4.5.51641
Microsoft Help Viewer 2.1 Microsoft Corporation 2015/08/01 12.1 MB 2.1.21005
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2015/11/25 15.0.4771.1004
Microsoft Silverlight Microsoft Corporation 2015/06/04 35.4 MB 5.1.20513.0
Microsoft Silverlight 5 SDK Microsoft Corporation 2015/06/04 77.5 MB 5.0.61118.0
Microsoft Solitaire Collection Microsoft Studios 2015/11/10 3.5.11021.0
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 2015/06/04 876 KB 11.1.3000.0
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 2015/06/04 158 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 2015/06/04 23.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects (x64) Microsoft Corporation 2015/06/04 16.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Native Client Microsoft Corporation 2015/06/04 7.19 MB 11.1.3000.0
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 2015/06/04 6.14 MB 11.1.3000.0
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 4.53 MB 11.1.3000.0
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 2015/06/04 227 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 2015/06/04 23.1 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects (x64) Microsoft Corporation 2015/06/04 15.1 MB 12.0.2000.8
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 2015/06/04 6.65 MB 12.0.2000.8
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 6.17 MB 12.0.2000.8
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 2015/06/04 18.1 MB 4.0.8876.1
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 2015/06/04 29.1 MB 12.0.41012.0
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 2015/06/04 2.15 MB 12.0.30919.1
Microsoft SQL Server System CLR Types Microsoft Corporation 2015/06/04 2.53 MB 10.50.1600.1
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 2015/06/04 3.13 MB 10.50.1600.1
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 2015/06/04 1.75 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 2015/06/04 1.62 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 2015/06/04 5.30 MB 12.0.2000.8
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/06/17 4.89 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/06/17 12.4 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2014/06/17 13.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/17 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/06/17 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2015/08/01 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2015/08/01 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/08/01 17.3 MB 11.0.61030.0
Microsoft Visual Studio Community 2013 with Update 4 Microsoft Corporation 2015/08/01 8.92 GB 12.0.31101
Microsoft Web Deploy 3.5 Microsoft Corporation 2015/06/04 11.8 MB 3.1237.1763
MotioninJoy Gamepad tool 0.7.1001 www.motioninjoy.com 2015/08/22 3.89 MB 0.7.1001
MSN トラベル Microsoft Corporation 2015/08/01 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/08/01 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/08/01 3.0.4.336
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2015/10/15 3.3.1.0
NeroKwik Nero Inc. 2015/08/01 1.2.30.0
Nexus Mod Manager Black Tree Gaming 2015/06/21 23.1 MB 0.55.6
OneKey Recovery CyberLink Corp. 8.0.0.2105
OneNote Microsoft Corporation 2015/12/03 17.6366.15651.0
People Microsoft Corporation 2015/12/03 10.0.3350.0
PHANTASY STAR ONLINE 2 SEGA 2014/11/22 7.24 MB
PhotoPad 写真編集ソフト NCH Software 2015/08/01 2.70
Pixia ver. 6 Isao Maruoka 2014/12/30 31.1 MB 6.01.0160

エクスプローラ
3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
Adobe AIR Adobe Systems Incorporated 2015/11/14 19.0.0.213
Algodoo v2.1.0 Algoryx 2015/05/09 91.8 MB
Bamboo Dock 3.3 Wacom Co., Ltd. 2015/08/01 3.3
BEAT!MusicPlayer 2015/08/01
Beauty Guide Lite 2.2.5 Tint Guide 2015/05/27 8.86 MB 2.2.5
Camera Man LENOVO INC 2015/08/01 1.0.1929.30229
Candy Crush Saga king.com 2015/12/01 1.652.0.0
CCleaner Piriform 2015/11/08 5.11
Cisco EAP-FAST Module Cisco Systems, Inc. 2014/06/17 1.53 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 2014/06/17 632 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 2014/06/17 1.22 MB 1.1.6
Conexant HD Audio Conexant 2015/09/05 8.66.16.50
CoolSoft VirtualMIDISynth 1.13.0 CoolSoft 2015/08/01 1.13.0.0
CyberLink MediaStory CyberLink Corp. 2014/06/17 474 MB 1.0.1314
CyberLink PhotoDirector 3 CyberLink Corp. 2014/06/17 226 MB 3.0.1.4107
CyberLink PowerDirector 10 CyberLink Corp. 2015/08/01 293 MB 10.0.0.2810
Dolby Digital Plus Advanced Audio Dolby Laboratories Inc 2014/06/17 2.75 MB 7.5.1.1
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2015/09/05 33.7 MB 7.6.5.1
Energy Manager Lenovo 2014/06/17 47.8 MB 1.0.0.35
Entity Framework 6.1.1 Tools for Visual Studio 2013 Microsoft Corporation 2015/06/04 145 MB 12.0.30610.0
EPSON EP-803A プリンターアンインストール SEIKO EPSON Corporation 2015/08/01
EPSON EP-803A ﾈｯﾄﾜｰｸｶﾞｲﾄﾞ 2015/08/01
EPSON EP-803A ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ 2015/08/01
EPSON Scan Seiko Epson Corporation 2015/08/01
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/11/20 1.10.0000
EpsonNet Print SEIKO EPSON CORPORATION 2014/11/20 2.4i
EpsonNet Setup 3.3 SEIKO EPSON CORPORATION 2014/11/20 3.3a
Evernote Touch Evernote 2015/11/03 3.2.2.96
Explzh for Windows pon software 2015/09/19 7.2.9.0
Express Zip ファイル圧縮ソフト NCH Software 2015/09/26 2.29
FINAL FANTASY XIV - A Realm Reborn SQUARE ENIX CO., LTD. 2015/10/15 1.0.0000
FINAL FANTASY XIV: A Realm Reborn Free Trial SQUARE ENIX 2015/10/10
GIMP 2.6.11 The GIMP Team 2015/03/24 107 MB 2.6.11
GIMP 2.8.14 The GIMP Team 2015/03/24 268 MB 2.8.14
Google Chrome Google Inc. 2014/11/23 47.0.2526.73
Google Toolbar for Internet Explorer Google Inc. 2015/09/21 7.5.6904.2028
Groove ミュージック Microsoft Corporation 2015/11/11 3.6.15131.0
IIS 8.0 Express Microsoft Corporation 2015/06/05 36.3 MB 8.0.1557
IIS Express Application Compatibility Database for x64 2015/08/01
IIS Express Application Compatibility Database for x86 2015/08/01
Intel(R) Management Engine Components Intel Corporation 9.5.15.1730
Intel(R) Processor Graphics Intel Corporation 10.18.10.3379
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/17 13.0.0.1098
Java 8 Update 65 Oracle Corporation 2015/11/11 21.0 MB 8.0.650.17
Kingsoft Office 2013 (9.1.0.4057) Kingsoft Corp. 2015/08/01 9.1.0.4057
Lenovo Companion Lenovo, INC. 2015/12/03 3.37.0.0
Lenovo EasyCamera Realtek Semiconductor Corp. 2015/08/01 6.3.9600.11105
Lenovo EasyCamera Realtek Semiconductor Corp. 2014/06/17 13.6 MB 6.2.9200.10249
Lenovo OneKey Recovery CyberLink Corp. 2015/08/01 8.0.0.2105
Lenovo pointing device ELAN Microelectronic Corp. 2015/08/19 11.4.69.4
Lenovo PowerDVD10 CyberLink Corp. 2014/06/17 203 MB 10.0.5630.52
Lenovo Solution Center Lenovo Group Limited 2015/11/14 38.4 MB 2.8.005.00
Lenovo Support Lenovo, INC. 2015/08/01 2.0.5.0
LINE LINE Corporation 2015/11/11 4.2.1.678
Live TV FilmOn TV Inc. 2015/08/01 1.3.6.115
Malwarebytes Anti-Malware バージョン 1.75.0.1300 Malwarebytes Corporation 2015/11/15 19.3 MB 1.75.0.1300
McAfee® Central for Lenovo McAfee_Inc 2015/08/01 4.5.141.1
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 2015/06/04 41.8 MB 4.5.50710
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 2015/06/04 18.5 MB 4.5.50710
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 2015/06/04 49.3 MB 4.5.50932
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 2015/06/04 75.2 MB 4.5.50932
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 2015/06/04 19.4 MB 4.5.51641
Microsoft Help Viewer 2.1 Microsoft Corporation 2015/08/01 12.1 MB 2.1.21005
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 2015/11/25 15.0.4771.1004
Microsoft Silverlight Microsoft Corporation 2015/06/04 35.4 MB 5.1.20513.0
Microsoft Silverlight 5 SDK Microsoft Corporation 2015/06/04 77.5 MB 5.0.61118.0
Microsoft Solitaire Collection Microsoft Studios 2015/11/10 3.5.11021.0
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 2015/06/04 876 KB 11.1.3000.0
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 2015/06/04 158 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 2015/06/04 23.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects (x64) Microsoft Corporation 2015/06/04 16.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Native Client Microsoft Corporation 2015/06/04 7.19 MB 11.1.3000.0
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 2015/06/04 6.14 MB 11.1.3000.0
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 4.53 MB 11.1.3000.0
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 2015/06/04 227 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 2015/06/04 23.1 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects (x64) Microsoft Corporation 2015/06/04 15.1 MB 12.0.2000.8
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 2015/06/04 6.65 MB 12.0.2000.8
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 6.17 MB 12.0.2000.8
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 2015/06/04 18.1 MB 4.0.8876.1
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 2015/06/04 29.1 MB 12.0.41012.0
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 2015/06/04 2.15 MB 12.0.30919.1
Microsoft SQL Server System CLR Types Microsoft Corporation 2015/06/04 2.53 MB 10.50.1600.1
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 2015/06/04 3.13 MB 10.50.1600.1
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 2015/06/04 1.75 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 2015/06/04 1.62 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 2015/06/04 5.30 MB 12.0.2000.8
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/06/17 4.89 MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/06/17 12.4 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2014/06/17 13.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/17 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/06/17 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 2015/08/01 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 2015/08/01 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2015/08/01 17.3 MB 11.0.61030.0
Microsoft Visual Studio Community 2013 with Update 4 Microsoft Corporation 2015/08/01 8.92 GB 12.0.31101
Microsoft Web Deploy 3.5 Microsoft Corporation 2015/06/04 11.8 MB 3.1237.1763
MotioninJoy Gamepad tool 0.7.1001 www.motioninjoy.com 2015/08/22 3.89 MB 0.7.1001
MSN トラベル Microsoft Corporation 2015/08/01 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2015/08/01 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/08/01 3.0.4.336
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2015/10/15 3.3.1.0
NeroKwik Nero Inc. 2015/08/01 1.2.30.0
Nexus Mod Manager Black Tree Gaming 2015/06/21 23.1 MB 0.55.6
OneKey Recovery CyberLink Corp. 8.0.0.2105
OneNote Microsoft Corporation 2015/12/03 17.6366.15651.0
People Microsoft Corporation 2015/12/03 10.0.3350.0
PHANTASY STAR ONLINE 2 SEGA 2014/11/22 7.24 MB
PhotoPad 写真編集ソフト NCH Software 2015/08/01 2.70
Pixia ver. 6 Isao Maruoka 2014/12/30 31.1 MB 6.01.0160

ウィンドウズ
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run EP-803A(ネットワーク) SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S6EF6.tmp" /EF "HKCU"
有効 HKCU:Run EPSON94D431 (EP-803A) SEIKO EPSON CORPORATION C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S4D45.tmp" /EF "HKCU"
有効 HKCU:Run Line LINE Corporation "C:\Users\裕也\Documents\LINE\Line.exe" --booting
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
有効 HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
有効 HKCU:Run swg Google Inc. "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
有効 HKLM:Run BambooCore Wacom Europe GmbH C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
有効 HKLM:Run cAudioFilterAgent Conexant Systems, Inc. "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
有効 HKLM:Run Energy Manager Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
有効 HKLM:Run ETDCtrl ELAN Microelectronics Corp. %ProgramFiles%\Elantech\ETDCtrl.exe
有効 HKLM:Run ForteConfig Fortemedia Inc "C:\Program Files\Conexant\ForteConfig\fmapp.exe"
有効 HKLM:Run HotKeysCmds "C:\WINDOWS\system32\hkcmd.exe"
有効 HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
有効 HKLM:Run IgfxTray Intel Corporation - pGFX "C:\WINDOWS\system32\igfxtray.exe"
有効 HKLM:Run Lenovo Utility Lenovo(beijing) Limited C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
有効 HKLM:Run Persistence "C:\WINDOWS\system32\igfxpers.exe"
有効 HKLM:Run Platinum Trend Micro Inc. "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
有効 HKLM:Run PwmConsole.exe Trend Micro Inc. "C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe" -s
有効 HKLM:Run RtsFT Realtek semiconductor RTFTrack.exe
有効 HKLM:Run SmartAudio Conexant Systems, Inc. "C:\Program Files\CONEXANT\SAII\SACpl.exe" /t
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run Trend Micro Client Framework Trend Micro Inc. "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
有効 HKLM:Run UpdateP2GShortCut CyberLink Corp. "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
有効 Startup Common コンテンツ管理アシスタント for PlayStation(R).lnk Sony Computer Entertainment Inc. C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
有効 Startup User OneNote に送る.lnk Microsoft Corporation C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe

クローム
有効 App Gmail 7 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
有効 App Google ドライブ 6.3 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
有効 App Google 検索 0.0.0.20 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
有効 App YouTube 4.2.6 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
有効 Extension Google スプレッドシート 1.0 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0
有効 Extension Google スライド 0.8 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0
有効 Extension Google ドキュメント 0.7 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0
無効 Extension Trend ツールバー 8.0.0.1184 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf\8.0.0.1184_0
無効 Extension パスワードマネージャー 1.9.0.1129 最初のユーザー C:\Users\裕也\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg\1.9.0.1129_0

オペラ（空白）

スケジュールされたタスク
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task Opera scheduled Autoupdate 1446827017 C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3583450532-2804974510-3264961352-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-3583450532-2804974510-3264961352-500
有効 Task PDVDServ Task CyberLink Corp. C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
有効 Task WpsUpdateTask_Administrator Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task WpsUpdateTask_裕也 Zhuhai Kingsoft Office Software Co.,Ltd C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe -from=task
有効 Task {F7ABDAE1-3565-4B7B-BB22-851F40ACB302} Microsoft Corporation "c:\windows\system32\launchwinapp.exe" http://ui.skype.com/ui/0/7.13.0.101.607/ja/go/help.faq.installer?LastError=1618

コンテキストメニュー
有効 Directory ShExplzh pon software C:\WINDOWS\SysWow64\ShExplzh.dll
有効 Directory ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Directory 書庫内検索(I)... pon software C:\Users\裕也\Explzh\Explzh.exe /f %1
有効 Drive ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Drive 書庫内検索(I)... pon software C:\Users\裕也\Explzh\Explzh.exe /f %1
有効 File ExpressZip C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
有効 File MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 File ShExplzh pon software C:\WINDOWS\SysWow64\ShExplzh.dll
有効 File ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 File {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll
有効 Folder ExpressZip C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
有効 Folder MBAMShlExt Malwarebytes Corporation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
有効 Folder ShExplzh64 pon software C:\WINDOWS\system32\shexplzh.dll
有効 Folder {48F45200-91E6-11CE-8A4F-0080C81A28D4} Trend Micro Inc. C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll

HJTログ
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:07:53, on 2015/12/06
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

Boot mode: Normal

Running processes:
C:\Users\裕也\Documents\LINE\Line.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Users\裕也\Documents\LINE\LinePlayer\LinePlayer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\裕也\Desktop\HijackThis.exe

O2 - BHO: ???????? ??????????? BHO - {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll
O2 - BHO: トレンドマイクロネットワークフィルタプラグイン - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: トレンドマイクロIEプロテクション - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll
O3 - Toolbar: パスワードマネージャーツールバー - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend ツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S4D45.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EP-803A(ネットワーク)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S6EF6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Line] "C:\Users\裕也\Documents\LINE\Line.exe" --booting
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\裕也\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON94D431 (EP-803A)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGYJ.EXE /FU "C:\WINDOWS\TEMP\E_S1B6F.tmp" /EF "HKCU" (User 'Default user')
O4 - Global Startup: コンテンツ管理アシスタント for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O8 - Extra context menu item: Cube : WEB 検索 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/search.html
O8 - Extra context menu item: Cube : リンク文字列を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/anchor.html
O8 - Extra context menu item: Cube : 選択範囲を翻訳 - res://C:\Program Files (x86)\CubeToolBar\ToolBar.dll/translation.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Platinum Host Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
O23 - Service: パスワードマネージャー管理サービス (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 12890 bytes

いするぎ
MAIL
2015/12/06 (Sun) 01:18:17

返信フォームへ

Javaも更新か削除を

おはようございます。
現在のログを見せてもらいました。

下記がまだ最新になってないので、これは使うなら更新必須です。不要ならアンインストールが安全です。
Java 8 Update 65 Oracle Corporation 2015/11/11 21.0 MB 8.0.650.17

他には異常なさそうですが、再度インストール情報ログだけ取り直して、それをまた見せてください

悪代官
2015/12/06 (Sun) 08:07:13

返信フォームへ

Re: マルウェアに感染したようです

気になっていたフリーゲームと同じ名前の海外サイトを押してしまったので、もしかしたらまたなにかあるかもしれません
ダウンロードするか、のメッセージは拒否したのですが、その直後に音声付きの別のサイトに移動したので不安です

Microsoft Solitaire Collection Microsoft Studios 2015/12/19 3.6.12153.0
People Microsoft Corporation 2015/12/19 10.0.3450.0
電卓 Microsoft Corporation 2015/12/18 10.1512.17020.0
Twitter Twitter Inc. 2015/12/18 4.3.3.0
メール/カレンダー Microsoft Corporation 2015/12/17 17.6515.64021.0
ストア Microsoft Corporation 2015/12/17 2015.25.5.0
マップ Microsoft Corporation 2015/12/16 4.1512.3450.0
カメラ Microsoft Corporation 2015/12/16 2015.1211.10.0
ソリティア Random Salad Games LLC 2015/12/16 5.0.0.31
Candy Crush Saga king.com 2015/12/15 1.668.0.0
My Time Line NEC繝代・繧ｽ繝翫Ν繧ｳ繝ｳ繝斐Η繝ｼ繧ｿ譬ｪ蠑丈ｼ夂､ｾ 2015/12/14 3.4.0.1
フォト Microsoft Corporation 2015/12/14 15.1208.10480.0
OneNote Microsoft Corporation 2015/12/10 17.6366.15841.0
Xbox Microsoft Corporation 2015/12/10 11.12.9011.0
新しい Office を始めよう Microsoft Corporation 2015/12/10 17.6508.23761.0
映画 & テレビ Microsoft Corporation 2015/12/10 3.6.15731.0
McAfee® Central for Lenovo McAfee_Inc 2015/12/10 5.0.110.1
Java 8 Update 66 Oracle Corporation 2015/12/07 21.1 MB 8.0.660.18
Lenovo Companion Lenovo, INC. 2015/12/03 3.37.0.0
スポーツ Microsoft Corporation 2015/11/25 4.7.130.0
モバイルコンパニオン Microsoft Corporation 2015/11/21 10.1511.18010.0
ボイスレコーダー Microsoft Corporation 2015/11/20 10.1511.17110.0
Skype(TM) 7.14 Skype Technologies S.A. 2015/11/20 78.4 MB 7.14.106
アラーム & クロック Microsoft Corporation 2015/11/18 10.1511.61020.0
天気 Microsoft Corporation 2015/11/17 4.7.118.0
ニュース Microsoft Corporation 2015/11/17 4.7.118.0
マネー Microsoft Corporation 2015/11/17 4.7.118.0
Malwarebytes Anti-Malware バージョン 1.75.0.1300 Malwarebytes Corporation 2015/11/15 1.75.0.1300
Lenovo Solution Center Lenovo Group Limited 2015/11/14 38.4 MB 2.8.005.00
Adobe AIR Adobe Systems Incorporated 2015/11/14 19.0.0.213
Groove ミュージック Microsoft Corporation 2015/11/11 3.6.15131.0
はじめに Microsoft Corporation 2015/11/10 2.5.6.0
ウイルスバスタークラウドトレンドマイクロ株式会社 2015/11/08 10.0
Evernote Touch Evernote 2015/11/03 3.2.2.96
FINAL FANTASY XIV - A Realm Reborn SQUARE ENIX CO., LTD. 2015/10/15 1.0.0000
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2015/10/11 5.01 MB 3.55.7671.0901
楽天gateway 讌ｽ螟ｩ譬ｪ蠑丈ｼ夂､ｾ 2015/10/02 2.2.2.3
3D Builder Microsoft Corporation 2015/09/16 10.9.6.0
Dolby Digital Plus Home Theater Dolby Laboratories Inc 2015/09/05 33.7 MB 7.6.5.1
Windows リーディングリスト Microsoft Corporation 2015/08/22 6.3.9654.20947
MotioninJoy Gamepad tool 0.7.1001 www.motioninjoy.com 2015/08/22 0.7.1001
RGSS-RTP Standard Enterbrain 2015/08/10 1.03
NeroKwik Nero Inc. 2015/08/01 1.2.30.0
PowerDVD for Lenovo Idea CYBERLINK COM CORPORATION 2015/08/01 1.1.2618.24808
Lenovo Support Lenovo, INC. 2015/08/01 2.0.5.0
Camera Man LENOVO INC 2015/08/01 1.0.1929.30229
Live TV FilmOn TV Inc. 2015/08/01 1.3.6.115
アプリコネクター Microsoft Corporation 2015/08/01 1.3.3.0
MSN フード&レシピ Microsoft Corporation 2015/08/01 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2015/08/01 3.0.4.336
リーダー Microsoft Corporation 2015/08/01 6.4.9926.17994
Windows スキャン Microsoft Corporation 2015/08/01 6.3.9654.17133
ヤフオク! (lv) Yahoo JAPAN 2015/08/01 2.2.0.1
YouSendIt for Lenovo YouSendIt 2015/08/01 1.0.5.1412
Zinio Reader Zinio LLC 2015/08/01 2.1.0.317
MSN トラベル Microsoft Corporation 2015/08/01 3.0.4.336
Skype を手に入れよう Skype 2015/08/01 3.2.1.0
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/06/28 9.00 KB 16.0.1515.1
Nexus Mod Manager Black Tree Gaming 2015/06/21 0.55.6
IIS 8.0 Express Microsoft Corporation 2015/06/05 36.3 MB 8.0.1557
WCF RIA Services V1.0 SP2 Microsoft Corporation 2015/06/04 9.60 MB 4.1.62812.0
Prerequisites for SSDT Microsoft Corporation 2015/06/04 6.94 MB 12.0.2000.8
Microsoft Web Deploy 3.5 Microsoft Corporation 2015/06/04 11.8 MB 3.1237.1763
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 2015/06/04 5.59 MB 12.0.2000.8
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 2015/06/04 1.62 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 2015/06/04 1.75 MB 11.1.3366.16
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 2015/06/04 3.13 MB 10.50.1600.1
Microsoft SQL Server System CLR Types Microsoft Corporation 2015/06/04 2.53 MB 10.50.1600.1
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 2015/06/04 2.15 MB 12.0.30919.1
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 2015/06/04 29.1 MB 12.0.41012.0
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 2015/06/04 18.1 MB 4.0.8876.1
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 6.17 MB 12.0.2000.8
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 2015/06/04 6.65 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects (x64) Microsoft Corporation 2015/06/04 15.1 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 2015/06/04 23.1 MB 12.0.2000.8
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 2015/06/04 227 MB 12.0.2000.8
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 2015/06/04 4.53 MB 11.1.3000.0
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 2015/06/04 6.14 MB 11.1.3000.0
Microsoft SQL Server 2012 Native Client Microsoft Corporation 2015/06/04 7.19 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects (x64) Microsoft Corporation 2015/06/04 16.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 2015/06/04 23.8 MB 11.1.3000.0
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 2015/06/04 158 MB 11.1.3000.0
Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 2015/06/04 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 2015/06/04 876 KB 11.1.3000.0
Microsoft Silverlight 5 SDK Microsoft Corporation 2015/06/04 77.5 MB 5.0.61118.0
Microsoft Silverlight Microsoft Corporation 2015/06/04 35.4 MB 5.1.20513.0
Microsoft Help Viewer 2.1 Microsoft Corporation 2015/06/04 2.1.21005
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 2015/06/04 19.4 MB 4.5.51641
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 2015/06/04 75.2 MB 4.5.50932
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 2015/06/04 49.3 MB 4.5.50932
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 2015/06/04 18.5 MB 4.5.50710
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 2015/06/04 41.8 MB 4.5.50710
Entity Framework 6.1.1 Tools for Visual Studio 2013 Microsoft Corporation 2015/06/04 145 MB 12.0.30610.0
Beauty Guide Lite 2.2.5 Tint Guide 2015/05/27 2.2.5
Algodoo v2.1.0 Algoryx 2015/05/09
sakura editor(サクラエディタ) サクラエディタ開発チーム 2015/03/26
GIMP 2.8.14 The GIMP Team 2015/03/24 2.8.14
GIMP 2.6.11 The GIMP Team 2015/03/24 2.6.11
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/03/17 34.9 MB 16.0.1404.1
Sumo Paint Bamboo 2.2 UNKNOWN 2015/01/12 v2.2
Pixia ver. 6 Isao Maruoka 2014/12/30 6.01.0160
Google Toolbar for Internet Explorer Google Inc. 2014/11/23 7.5.6904.2028
Google Chrome Google Inc. 2014/11/23 47.0.2526.106
パスワードマネージャー Trend Micro Incorporated 2014/11/22 1.9.1189
PHANTASY STAR ONLINE 2 SEGA 2014/11/22
EpsonNet Setup 3.3 SEIKO EPSON CORPORATION 2014/11/20 3.3a
EpsonNet Print SEIKO EPSON CORPORATION 2014/11/20 2.4i
EPSON Scan OCR コンポーネント SEIKO EPSON Corp. 2014/11/20 1.10.0000
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2014/11/17 4.54 MB 16.0.1171.1
RPGツクールVX Ace RTP Enterbrain 2014/11/16 1.00
RPGツクールVX Ace Enterbrain 2014/11/16 1.02a
User Manuals Lenovo 2014/06/17 3.0.0.3
REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 2014/06/17 1.00.0238
Realtek Ethernet Controller Driver Realtek 2014/06/17 8.20.815.2013
Realtek Card Reader Realtek Semiconductor Corp. 2014/06/17 6.2.9200.39052
REALTEK Bluetooth Driver REALTEK Semiconductor Corp. 2014/06/17 3.810.810.032714
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 11.1 MB 10.0.40219
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/06/17 13.8 MB 10.0.40219
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/06/17 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/06/17 9.63 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2014/06/17 13.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2014/06/17 12.4 MB 9.0.30729
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/06/17 4.89 MB 8.0.59193
Lenovo PowerDVD10 CyberLink Corp. 2014/06/17 10.0.5630.52
Lenovo EasyCamera Realtek Semiconductor Corp. 2014/06/17 6.2.9200.10249
Intel(R) Rapid Storage Technology Intel Corporation 2014/06/17 13.0.0.1098
Energy Manager Lenovo 2014/06/17 1.0.0.35
Dolby Digital Plus Advanced Audio Dolby Laboratories Inc 2014/06/17 2.75 MB 7.5.1.1
CyberLink PhotoDirector 3 CyberLink Corp. 2014/06/17 3.0.1.4107
CyberLink MediaStory CyberLink Corp. 2014/06/17 1.0.1314
Cisco PEAP Module Cisco Systems, Inc. 2014/06/17 1.22 MB 1.1.6
Cisco LEAP Module Cisco Systems, Inc. 2014/06/17 632 KB 1.0.19
Cisco EAP-FAST Module Cisco Systems, Inc. 2014/06/17 1.53 MB 2.2.14
剣の街の異邦人白の王宮体験版株式会社エクスペリエンス
ワコム Wacom Technology Corp. 5.3.5-3
ペイントツールSAI Ver.1
カスタムメイドオンライン KISS
カスタムメイド3D 2 Edit体験版 KISS
Wrye Bash Wrye & Wrye Bash Development Team 0.3.0.5
Windows ドライバパッケージ - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) Lenovo 07/25/2013 10.30.0.288
Windows ドライバパッケージ - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) Lenovo 02/17/2013 9.52.0.776
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2.1.0.7
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2.1.0.7
Unity Web Player Unity Technologies ApS 5.0.0f4
The Elder Scrolls V: Skyrim Bethesda Game Studios
Steam Valve Corporation 2.10.91.91
RPGﾂｸｰﾙ2003 ﾗﾝﾀｲﾑﾊﾟｯｹｰｼﾞ
RPGツクール2000 ランタイムパッケージ
Robocraft Freejam
Rip!AudiCO FREE Ver 4.03
PowerDirector CyberLink Corp. 293 MB 10.0.0.2810
Power2Go CyberLink Corp. 5.6.0.10525
Pixillion 画像ファイル変換ソフト NCH Software 2.68
PhotoPad 写真編集ソフト NCH Software 2.70
OneKey Recovery CyberLink Corp. 8.0.0.2105
Microsoft Visual Studio Community 2013 with Update 4 Microsoft Corporation 12.0.31101
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 11.0.60610.1
Microsoft Office Home and Business 2013 - ja-jp Microsoft Corporation 15.0.4779.1002
LINE LINE Corporation 4.3.0.724
Lenovo pointing device ELAN Microelectronic Corp. 11.4.69.4
Lenovo OneKey Recovery CyberLink Corp. 8.0.0.2105
Lenovo EasyCamera Realtek Semiconductor Corp. 6.3.9600.11105
Kingsoft Office 2013 (9.1.0.4057) Kingsoft Corp. 9.1.0.4057
Intel(R) Processor Graphics Intel Corporation 10.18.10.3379
Intel(R) Management Engine Components Intel Corporation 9.5.15.1730
IIS Express Application Compatibility Database for x86
IIS Express Application Compatibility Database for x64
FINAL FANTASY XIV: A Realm Reborn Free Trial SQUARE ENIX
Express Zip ファイル圧縮ソフト NCH Software 2.29
Explzh for Windows pon software 7.2.9.0
EPSON Scan Seiko Epson Corporation
EPSON EP-803A ﾕｰｻﾞｰｽﾞｶﾞｲﾄﾞ
EPSON EP-803A ﾈｯﾄﾜｰｸｶﾞｲﾄﾞ
EPSON EP-803A プリンターアンインストール SEIKO EPSON Corporation
CyberLink PowerDirector 10 CyberLink Corp. 10.0.0.2810
CoolSoft VirtualMIDISynth 1.13.0 CoolSoft 1.13.0.0
Conexant HD Audio Conexant 8.66.16.50
CCleaner Piriform 5.11
BEAT!MusicPlayer
Bamboo Dock 3.3 Wacom Co., Ltd. 3.3

いするぎ
MAIL
2015/12/19 (Sat) 21:24:49

返信フォームへ

他のログも見せてもらえますか

こんばんは。

>気になっていたフリーゲームと同じ名前の海外サイトを押してしまったので、もしかしたらまたなにかあるかもしれません
>ダウンロードするか、のメッセージは拒否したのですが、その直後に音声付きの別のサイトに移動したので不安です

はい、ログも見せてもらいました。
インストール情報では特に不審なものは見えませんが、何か入り込まれたとしたら全体を見直したほうがいいですね。
追加でCCの各タブのログとHJTログもとってから、それをまた見せてもらえますか

悪代官
2015/12/19 (Sat) 22:00:39

返信フォームへ

返信フォーム

Template by マシマロック