悪代官の伏魔殿掲示板
【初心者です】DNSUnlockeのポップアップが出てきます
突然、Google Chromeを使用中にDNSUnlockeのポップアップが出るようになりました。
ほかの方の質問と回答を読んではみたのですが、理解に至らず、相談させていただきました。

最近(こちらのサイトで指示されたもの以外で)アプリなどのインストールは行っておりません。
広告が出てくるサイトは、今のところ特定のサイトのみのようです。

当方パソコンは人並みに使うことはできますが、使えるだけで知識はございません。
何卒よろしくお願い申し上げます。

「はじめに」での作業の結果のログ?を貼り付けておきます。





3D Builder Microsoft Corporation 2016/05/27 11.1.8.0
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 2014/09/03 34.0 MB 11.9.900.170
Adobe Reader Touch Adobe Systems Incorporated 2016/03/14 3.1.8.7675
Adobe Reader XI (11.0.16) - Japanese Adobe Systems Incorporated 2016/05/12 414 MB 11.0.16
AOSBOX Cool_n AOSBOX Cool_n 2016/06/23 16.3 MB 2.1
Apple Application Support(32 ビット) Apple Inc. 2016/04/15 162 MB 4.3
Apple Application Support(64 ビット) Apple Inc. 2016/04/15 180 MB 4.3
Apple Mobile Device Support Apple Inc. 2016/04/15 53.3 MB 9.3.0.15
Apple Software Update Apple Inc. 2016/04/15 5.39 MB 2.2.0.150
ArtOfWords 2016/03/14
Bonjour Apple Inc. 2015/11/08 4.03 MB 3.1.0.1
BUFFALO エアステーション設定ツール BUFFALO INC. 2015/03/28 2.97 MB 2.0.15
BUFFALO クライアントマネージャV をアンインストール BUFFALO INC. 2015/03/28 9.70 MB 1.4.12
BUFFALO パソコン環境表示ツール BUFFALO INC. 2015/03/28 4.20 MB 1.1.0
Candy Crush Saga king.com 2016/06/13 1.770.3.0
Canon Easy-WebPrint EX Canon Inc. 2016/03/25 18.6 MB 1.5.0.0
Canon IJ Network Scanner Selector EX Canon Inc. 2016/03/25 1.51 MB
Canon IJ Network Tool Canon Inc. 2016/03/14 3.3.0
Canon IJ Scan Utility Canon Inc. 2016/03/25 7.21 MB
Canon Inkjet Print Utility Canon Inc. 2016/06/23 2.6.0.5
Canon MG3500 series MP Drivers Canon Inc. 2016/03/14 1.00
Canon MG3500 series On-screen Manual Canon Inc. 2016/03/14 7.6.1
Canon My Image Garden Canon Inc. 2016/03/25 347 MB 3.1.1
Canon My Image Garden Design Files Canon Inc. 2016/03/25 347 MB 3.1.0
Canon Quick Menu Canon Inc. 2016/03/25 19.6 MB 2.2.0
Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム Canon Inc. 2016/03/14 4.0.0
Canon マイ プリンタ Canon Inc. 2016/03/25 11.6 MB 3.2.1
CCleaner Piriform 2016/06/24 5.19
Chrome Remote Desktop Host Google Inc. 2016/06/02 31.0 MB 51.0.2704.7
CLIP STUDIO PAINT CELSYS 2015/09/20 263 MB 1.4.3
Craving Explorer Version 1.7.0 T-Craft 2016/05/14 23.3 MB 1.7.0.0
CyberLink PowerDVD CyberLink Corp. 2014/09/03 115 MB 10.0.6120.52
DiXiM Player for SmartVision DigiOn 2014/09/03 72.3 MB 1.5.2.2
DVD-VR Writer for SmartVision Panasonic Corporation 2014/09/03 6.18 MB 2.3.014
ebi.BookReader4 eBOOK Initiative Japan Co., Ltd. 2014/09/03 113 MB 4.60.11
Facebook Facebook Inc 2016/06/23 58.495.2695.0
Fresh Paint Microsoft Corporation 2016/03/14 3.0.15356.0
G-GUIDE(R) for Windows Panasonic Corporation 2014/09/03 45.9 MB V4.0L006
Google Chrome Google Inc. 2015/03/17 489 MB 51.0.2704.103
Google Earth Google 2016/05/10 278 MB 7.1.5.1557
Groove ミュージック Microsoft Corporation 2016/06/21 3.6.22051.0
iCloud Apple Inc. 2016/01/11 156 MB 5.1.0.34
Intel(R) Management Engine Components Intel Corporation 2014/09/04 9.5.23.1766
Intel(R) Processor Graphics Intel Corporation 2014/09/04 10.18.10.3412
iTunes Apple Inc. 2016/04/15 290 MB 12.3.3.17
LAVIE フォト LENOVO INCORPORATED 2016/03/14 1.7.0.10
LINE LINE Corporation 2016/06/07 5.1.4.0
McAfee Security Scan Plus McAfee, Inc. 2016/03/14 10.2 MB 3.11.292.3
McAfee® Central for NEC .McAfee Inc .. 2016/03/14 4.5.137.1
MediBang Paint Pro 2.0 Medibang 2015/06/23 100 MB 2.0
Microsoft Office Home and Business Premium - ja-jp Microsoft Corporation 2016/06/23 1.59 GB 15.0.4833.1001
Microsoft Solitaire Collection Microsoft Studios 2016/06/03 3.9.5250.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2014/09/03 3.85 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/09/03 7.28 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2014/09/03 7.68 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2014/09/03 1.62 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/09/03 830 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2015/09/28 5.50 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2014/09/03 5.49 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/09/03 4.85 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2016/05/17 18.0 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2016/05/17 19.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation 2016/03/14 11.0.51106.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2016/03/14 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2016/03/14 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2016/03/14 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 2014/09/04 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2016/03/14 17.1 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2016/05/18 1.54 MB 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2016/05/18 1.54 MB 10.0.50903
Microsoft Wi-Fi Microsoft Corporation 2016/04/29 1.1604.4.0
MSN トラベル Microsoft Corporation 2016/03/14 3.0.4.336
MSN フード&レシピ Microsoft Corporation 2016/03/14 3.0.4.336
MSN ヘルスケア Microsoft Corporation 2016/03/14 3.0.4.336
My Time Line NEC繝代・繧ス繝翫Ν繧ウ繝ウ繝斐Η繝シ繧ソ譬ェ蠑丈シ夂、セ 2016/04/22 3.5.0.2
NAVITIME for NEC 譬ェ蠑丈シ夂、セ 繝翫ン繧ソ繧、繝繧ク繝」繝代Φ 2016/05/26 2.0.4.0
NEC PC設定 NEC Personal Computers, Ltd. 2016/03/14 3.1.9.9
NEC PC設定Dependency Package NEC Personal Computers, Ltd. 2014/09/03 10.7 MB 1.0.6.16
Nikon Message Center 2 Nikon 2015/09/28 4.10 MB 2.0.1
OneNote Microsoft Corporation 2016/06/22 17.7070.57611.0
People Microsoft Corporation 2016/04/14 10.0.10811.0
PhotoScape 2016/03/14
PhotoWizard Microsoft 2014/09/03 669 MB 1.6.0
Picture Control Utility Nikon 2015/09/28 44.1 MB 1.2.2
Play.net NEC Personal Computers, Ltd. 2014/09/03 84.5 MB 2.1.6
QuickTime Apple Inc. 2015/09/28 98.4 MB 7.69.80.9
REALTEK Bluetooth Driver REALTEK Semiconductor Corp. 2014/09/03 72.6 MB 3.820.820.071114
Realtek Card Reader Realtek Semiconductor Corp. 2014/09/03 43.6 MB 6.2.9600.21244
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2016/03/25 40.7 MB 6.0.1.7535
Realtek PC Camera Driver Realtek Semiconductor Corp. 2016/03/14 19.5 MB 6.3.9600.11105
REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 2014/09/03 10.2 MB 1.00.243
Roxio Creator LJ Roxio 2016/03/25 5.80 MB 12.2.45.2
SD-Video SDK for SmartVision Panasonic Corporation 2014/09/03 3.66 MB 2.1.007
Skype を手に入れよう Skype 2016/03/14 3.2.1.0
Smart Update NECパーソナルコンピュータ株式会社 2014/09/03 19.3 MB 2.0.2.0
SmartVision NEC Personal Computers, Ltd. 2014/09/03 151 MB 3.17.0.017
SmartVision TVドライバー NEC Personal Computers, Ltd. 2014/09/03 1.19 GB 1.00.0000
Sony Media Library Earth 9.3.00 Sony Corporation 2016/02/12 49.6 MB 9.3.00.09010
SoundEngine Free Coderium 2015/10/13 5.03 MB 5.2.1.1
Sway Microsoft Corporation 2016/06/15 17.7070.45221.0
Update for Japanese Microsoft IME Postal Code Dictionary Microsoft Corporation 2015/03/17 2.30 MB 16.0.1171.1
Update for Japanese Microsoft IME Standard Dictionary Microsoft Corporation 2015/03/17 26.3 MB 16.0.1404.1
Update for Japanese Microsoft IME Trending Words Dictionary Microsoft Corporation 2015/05/29 18.0 KB 16.0.1515.1
UpnpRemoteEnv UpnpRemoteEnv 2014/09/03 1.00.0000
ViewNX 2 Nikon 2015/09/28 118 MB 2.1.2
WebTablet FB Plugin 32 bit Wacom Technology Corp. 2016/03/14 2.1.0.7
WebTablet FB Plugin 64 bit Wacom Technology Corp. 2016/03/14 2.1.0.7
WebTablet IE Plugin Wacom Technology Corp. 2016/03/14 1.1.0.7
WebTablet Netscape Plugin Wacom Technology Corp. 2016/03/14 1.1.0.5
Windows Live Essentials Microsoft Corporation 2014/09/03 16.4.3528.0331
Windows スキャン Microsoft Corporation 2016/03/14 6.3.9654.17133
Windows リーディング リスト Microsoft Corporation 2016/06/18 6.3.9654.21234
x-アプリ 6.0.02 Sony Corporation 2016/02/12 32.4 MB 10.0.02
Xbox Microsoft Corporation 2016/06/18 15.18.14017.0
Yahoo!ツールバー Yahoo! JAPAN. 2016/03/25 3.15 MB 8.0.0.3
おすすめ設定 NEC Personal Computers, Ltd. 2014/09/03 11.7 MB 2.1.7
おてがるバックアップ Roxio 2016/03/25 15.6 MB 4.6
はじめに Microsoft Corporation 2016/04/14 3.5.11.0
アプリ コネクター Microsoft Corporation 2016/03/14 1.3.3.0
アラーム & クロック Microsoft Corporation 2016/06/17 10.1605.1472.0
カスペルスキー インターネット セキュリティ Kaspersky Lab 2016/06/01 85.7 MB 15.0.2.396
カメラ Microsoft Corporation 2016/06/01 2016.404.120.0
シュフーチラシアプリ for NEC TOPPAN PRINTING CO.,LTD. 2016/03/14 1.4.0.0
ストア Microsoft Corporation 2016/05/01 11602.1.26.0
スポーツ Microsoft Corporation 2016/06/03 4.9.76.0
ソフト&サポートナビゲーター NEC Personal Computers, Ltd. 2014/09/03 46.6 MB 2.1.9
ニュース Microsoft Corporation 2016/06/03 4.9.76.0
パソコンのいろは8 NECマネジメントパートナー株式会社 2014/09/03 59.2 MB 2.02.0000
ファイナルパソコンデータ引越し 9 plus for NEC AOS Technologies 2014/09/03 119 MB 7.00.632.0
フォト Microsoft Corporation 2016/06/03 16.526.11220.0
ペイントツールSAI Ver.1 2016/03/14
ホームネットワークサーバー powered by DiXiM DigiOn 2014/09/03 36.0 MB 5.0
ボイス レコーダー Microsoft Corporation 2016/06/16 10.1605.1471.0
マウスの設定 Chicony 2014/09/03 2.06 MB 1.00.004
マップ Microsoft Corporation 2016/06/21 5.1606.1670.0
マネー Microsoft Corporation 2016/06/03 4.9.76.0
メッセージング & Skype Microsoft Corporation 2016/04/19 2.15.20002.0
メール/カレンダー Microsoft Corporation 2016/06/21 17.6965.40901.0
モバイル コンパニオン Microsoft Corporation 2016/03/14 10.1602.3010.0
リモコンユーティリティ NEC Personal Computers, Ltd. 2014/09/03 2.03 MB 9.19.1342
リーダー Microsoft Corporation 2016/06/15 6.4.9926.18339
ワコム Wacom Technology Corp. 2016/03/14 5.3.5-3
ワンタッチスタートボタンの設定 NEC Personal Computers, Ltd. 2014/09/03 3.40 MB 7.20.1345
再セットアップメディア作成ツール NEC Personal Computers, Ltd. 2014/09/03 2.46 MB 6.3.0
動画なび plus 譬ェ蠑丈シ夂、セ繧、繝ウ繝励Ξ繧ケ繧ク繝」繝代Φ 2016/03/14 1.0.0.0
午後のこ~だ 2016/05/14
天気 Microsoft Corporation 2016/06/03 4.9.76.0
彩りの設定 NEC Personal Computers, Ltd. 2016/03/25 1.06 MB
新しい Office を始めよう Microsoft Corporation 2016/06/10 17.7031.23501.0
映画 & テレビ Microsoft Corporation 2016/06/23 3.6.21441.0
楽しもう!Office ライフ Microsoft Corporation 2014/09/03 1.24 MB 1.0.0
筆ぐるめ 21 富士ソフト株式会社 2014/09/03 1.68 GB 21.00.0600
翻訳 Microsoft Corporation 2016/06/15 4.4.0.0
読取革命Lite パナソニック ソリューションテクノロジー株式会社 2015/05/09 49.4 MB 1.16.0000
電卓 Microsoft Corporation 2016/03/14 10.1601.49020.0
電話 Microsoft Corporation 2016/06/03 2.17.27003.0








Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:33:56, on 2016/06/24
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
C:\Program Files (x86)\WheelUtility\HScrollFun.exe
C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
C:\Program Files (x86)\NEC\SmartVision\DtvMw.exe
C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\owner\Documents\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SmartUpdate] "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
O4 - HKLM\..\Run: [USBFuncSwitch] C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
O4 - HKLM\..\Run: [USBHScrollFun] C:\Program Files (x86)\WheelUtility\HScrollFun.exe
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DTCPconnect] C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
O4 - HKLM\..\Run: [SVUPnPManager] C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
O4 - HKLM\..\Run: [SmartVisionScheduler] C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: セキュリティキーボード - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{5cdfad8c-e3ef-4d07-a502-806ebb251c64}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{c99e300d-8c47-44fd-b26f-2d9252f79d7f}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{cfb9e5c3-cd2d-45b6-88a4-9c74232468ca}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX Cool_n Backup Service (AOSBOXCooln Backup Service) - Unknown owner - C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DiXiM Player SDK Service - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe
O23 - Service: DiXiM Player Service Controller - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G-GUIDE(R) Service - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NECPC Settings Service - NEC Personal Computers, Ltd. - C:\Program Files\NECPC\SettingsDependency\SettingsService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SD Device Manager - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SmartVision Admin Service (SVAdminService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision Admin Service 64 (SVAdminService64) - NEC Personal Computers, Ltd. - C:\Program Files\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision MessageManager Service (SVMsgMngService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: upnpRemoteService - Unknown owner - c:\Program Files (x86)\UpnpRemoteEnv\bin\upnpRemoteServer.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRService - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ホームネットワークサーバー powered by DiXiM - Unknown owner - C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe

--
End of file - 16265 bytes

  • アレクサンドラ
  • 2016/06/24 (Fri) 23:49:42
返信フォームへ 
UpnpRemoteEnv←これの確認から
こんばんは。
ここの管理人の悪代官です。
家老ではなく悪代官です。その証拠に過労です(謎

説明とログを見せてもらいました。
DNSUnlockerでのトラブルですか。

見たところ確かに怪しいものが見えてます。
まず確認ですが、下記アプリはご自身で必要として入れたものですか?
>UpnpRemoteEnv UpnpRemoteEnv 2014/09/03 1.00.0000

ログ上では2014年9月にインストールされたとなってますが、その時期に入れた覚えがあるなら次回レスでそのことを教えてください。
アプリ自体まったく覚えがないならそのことだけ教えてください。
もし覚えもないのに勝手に入っていたとしたら、日付も改ざんしている疑いがあり得ます。

他にもいくつか問題点がありますし、時間はかかってもいいですから落ち着いてひとつずつ確実に作業にかかってください。

まず最初にお伝えしておきます。
見てのとおり現在相談者さん多数のため、相談受けてから皆さんに順番にレスできるまで、毎回1日かそれ以上かかる可能性もあるので、すみませんがご了承ください。

では以下の説明をよく見てから、順番に作業をお願いします。
既に準備した物もあるはずですが、一応説明を再度見ておいてください。

隠しファイルと拡張子を表示設定にしてください(やり方↓)
http://pasofaq.jp/windows/mycomputer/hiddenfile.htm
http://support.microsoft.com/kb/978449/ja

下記のツールをダウンロードして、基本の使い方を把握しておいてください。
ただし、配布サイトで他のアプリをダウンロードしろと勧めてくるような広告も出てきたらそれらは絶対にクリックしないでください。
「GeekUninstaller」(通称:GU)
説明ページ↓
http://www.gigafree.net/system/install/geekuninstaller.html
ダウンロード↓
http://www.geekuninstaller.com/download
「download free」をクリック、保存後、解凍してください。
片付ける時はフォルダごと手動で削除してください。

「CCleaner」(通称:CC)
説明↓
http://www.gigafree.net/system/clean/ccleaner.html
http://note.chiebukuro.yahoo.co.jp/detail/n178757
ダウンロード↓
http://www.piriform.com/ccleaner/download/standard
最新バージョンをダウンロードしてください。なお、インストール時におまけのアプリも勧めてくることがありますが、それらはチェック外してインストールは避けてください。
片付けるときはアンインストールしてください。

ここで重要な注意です。
CCは本来は高い性能を持つメンテナンスソフトですが、間違った使い方すると
【Windowsにダメージを与えてしまうおそれもある】
ので、ここでは解析ツールとしてのみ使います。
説明をしっかり読んで、自分が指示した以外の操作はしないように。

そして下記ページは作業開始前に必ず熟読して、必要な場合が出たらそれに沿って対処してください。この対処が必要な事例が増えています。
http://note.chiebukuro.yahoo.co.jp/detail/n335704

準備できたら作業開始です。
なお、このあとの作業で探しても見つからないものはスルーして進めていいですが、指示した対象外の物は絶対にいじらないようによく見て作業してください。

また、作業のうえで削除指示するものもあるはずですが、ご自身で必要として入れたものがあればそれの削除は保留して、次のレスでその旨を教えてください。

最初にWindowsUpdateの確認して、必要な更新があればそれを全部更新してください。
ですがそこで更新ができないようならこの後に説明する作業はせずに更新失敗の旨をレスで教えてください。
WUが正常にできなくすることで、感染の解析処置を阻害してくる危険なマルウェアが激増しているためです。
Windowsの各種更新(WindowsUpdate)は常に最新に適用しておかないと、それだけで危険な感染はすぐにでも起きますよ。

なお、Windows10への更新はユーザー自身がよほど必要でなければ非推奨です。
http://www.japan-secure.com/entry/Windows_Update_7.html
http://www.japan-secure.com/entry/how_to_suppress_the_free_upgrade_of_Windows_10.html

少なくとも下記のアプリは旧バージョンです。
>Adobe Flash Player 11 Plugin Adobe Systems Incorporated 2014/09/03 34.0 MB 11.9.900.170

各種アプリの更新を怠っただけでも、脆弱性を悪用されて深刻な感染はあっさり起きます。
使うなら最新版に更新してください。使わないアプリならアンインストールが安全です。
他にも旧バージョンないか調べて、あれば同様に更新するか、アンインストールしてください。

>Craving Explorer Version 1.7.0 T-Craft 2016/05/14 23.3 MB 1.7.0.0
ダウンロード支援ツールはできればアンインストールをお勧めします。
DLツールは各社のアンチウイルスソフトでサポート外です。
つまり、これらDLツールを使って危険なサイトやファイルにアクセスすると、マルウェアがあってもブロックできずに感染してしまう危険が高くなります。
ただでさえDLツールを使う人が多い動画サイトは現在、その隙を狙う危険な罠リンクや悪質広告の巣窟に成り果てています。
どうしても使うなら最新版に更新したうえで、これによるいかなトラブルに遭っても自己責任で。

ここでWindowsの標準機能である「システムの復元」での復元ポイントをひとつ、手動で作成しておいてください。
これはこの後の作業で、間違って対象外のものをいじってしまうとそれだけでWindowsに深刻な不具合を起こすこともあるので、万一の際に復元可能にしておくためです。
http://windows.microsoft.com/ja-jp/windows7/create-a-restore-point

GUを使って下記をアンインストールしてください。
>Adobe Reader XI (11.0.16) - Japanese Adobe Systems Incorporated 2016/05/12 414 MB 11.0.16

pdfアプリが必要なら、下記を入れておくといいでしょう。
http://www.forest.impress.co.jp/library/software/pdfxchedit/

今度はPCをセーフモードで起動してください(やり方↓)
http://www.pc-master.jp/sousa/s-safemode.html
Win8の場合は以下を参考に。
http://freesoft.tvbok.com/win8/tips-and-tools/safemode.html

セーフモードでGUを使って、下記をアンインストールしてください。
>McAfee Security Scan Plus McAfee, Inc. 2016/03/14 10.2 MB 3.11.292.3

そして下記も覚えがなければここでアンインストールしてください。
>UpnpRemoteEnv UpnpRemoteEnv 2014/09/03 1.00.0000

HJTを起動させ、スキャンを行ってください。
スキャン結果が表示されましたら、以下の項目にチェックを入れてください。
ただし、特にHJTでの作業は一歩間違えれば簡単にPCが起動しなくなるため、こちらが指示した以外のものは絶対にチェックを入れないでください。
>O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe

>O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe

先の不審アプリ削除したなら下記もfixです。
>O23 - Service: upnpRemoteService - Unknown owner - c:\Program Files (x86)\UpnpRemoteEnv\bin\upnpRemoteServer.exe

必要な項目すべてにチェックが入りましたら、Fix checkedをクリックしてください。
探しても見つからないものはスルーして進めていいです。

ここでPCを通常モードで再起動してから、スタートメニューの「アクセサリ」→「システムツール」から「ディスククリーンアップ」を起動してください。
起動したら対象ドライブでCドライブを選択してスキャンして、表示された中の「ダウンロードされたプログラムファイル」「インターネット一時ファイル」「一時ファイル」の項目だけチェックを入れてから「OK」「ファイルの削除」を押してください。
これを実行すると選択した部分のゴミファイルが掃除されます。

これを実行することで作業時にスキャンで検出される無駄なゴミファイルも減るのでその分かなり時間や解析も楽になるのです。
「ごみ箱」など他の項目にチェックしないのは、間違って正常なファイルを削除しないためと、もし正常なファイルを削除してごみ箱に入れても戻せるようにするための措置です。

続いてCCを起動してください。
起動したら、「ツール」→」「スタートアップ」→「Windows」タブを開いてください。
そこで右下の「テキストとして保存」を押すと、表示の内容がログとして保存できるので、ログをデスクトップにでも保存しておいてください。

次に「スケジュールされたタスク」タブと「コンテキストメニュー」タブのログも同じ要領で保存してください。

続いて今度はCC画面の左側にある「Browser Plugin」の項目から「InternetExplorer」タブ以下の各タブも順番に開いて、そのログもとっておいてください。

CCの各ログをとったらCCは終了してください。

このあとブラウザを起動して、数時間ほどPC状態を様子見したあと、あらたにHJTとCCでのインストール情報ログを取り直してください。

取り直した両ログと、CCの各ログを返信に貼って、状態報告とともにレスください。
それらを見てから続きの作業を指示します。
  • 悪代官
  • 2016/06/25 (Sat) 21:57:39
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
お返事ありがとうございます。
悪代官様の都合のいい時にお返事いただければと思います。

使用ブラウザはGoogle Chromeのみ、
windows10へのアップデートはお知らせが出たころに更新してしまいました。
必要な情報か判断がつかないので記載しておきます。


まず、下記のアプリですが、全く覚えがありません。
今使っているパソコンは2015年2月ごろに購入したものなので、それ以前のものはよくわからないです。
>UpnpRemoteEnv UpnpRemoteEnv 2014/09/03 1.00.0000


以下、作業したことを順を追って記載いたします。
・隠しファイルと拡張子を表示設定
・GeekUninstallerのダウンロード
・CCleanerのダウンロード
・WindowsUpdateの確認
・Adobe Flash Playerを更新
・Craving Exploreのアンインストール
・復元ポイントの作成
・Adobe Reader XIのアンインストール
・Chrome Remote Desktop Hostのアンインストール
・iCloud for Windowsのアンインストール
・午後のこ~だのアンインストール
・PDF-XChange Editorのインストール
・セーフモードで起動
・McAfee Security Scan Plusのアンインストール
・UpnpRemoteEnvのアンインストール
・HJTでのO4-Global Startupの削除
 その他は見つかりませんでした
・ディスククリーンアップ
・CCにてログの保存


一度ここまでのログを載せます。

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:33:56, on 2016/06/24
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
C:\Program Files (x86)\WheelUtility\HScrollFun.exe
C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
C:\Program Files (x86)\NEC\SmartVision\DtvMw.exe
C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\owner\Documents\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SmartUpdate] "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
O4 - HKLM\..\Run: [USBFuncSwitch] C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
O4 - HKLM\..\Run: [USBHScrollFun] C:\Program Files (x86)\WheelUtility\HScrollFun.exe
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DTCPconnect] C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
O4 - HKLM\..\Run: [SVUPnPManager] C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
O4 - HKLM\..\Run: [SmartVisionScheduler] C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: セキュリティキーボード - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{5cdfad8c-e3ef-4d07-a502-806ebb251c64}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{c99e300d-8c47-44fd-b26f-2d9252f79d7f}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{cfb9e5c3-cd2d-45b6-88a4-9c74232468ca}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX Cool_n Backup Service (AOSBOXCooln Backup Service) - Unknown owner - C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: Chrome リモート デスクトップ サービス (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DiXiM Player SDK Service - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe
O23 - Service: DiXiM Player Service Controller - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G-GUIDE(R) Service - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NECPC Settings Service - NEC Personal Computers, Ltd. - C:\Program Files\NECPC\SettingsDependency\SettingsService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SD Device Manager - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SmartVision Admin Service (SVAdminService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision Admin Service 64 (SVAdminService64) - NEC Personal Computers, Ltd. - C:\Program Files\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision MessageManager Service (SVMsgMngService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: upnpRemoteService - Unknown owner - c:\Program Files (x86)\UpnpRemoteEnv\bin\upnpRemoteServer.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRService - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ホームネットワークサーバー powered by DiXiM - Unknown owner - C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe

--
End of file - 16265 bytes


②Windows
有効 HKCU:Run ApplePhotoStreams C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\System32\StikyNot.exe
有効 HKCU:RunOnce Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
有効 HKLM:Run AVDM NEC Personal Computers, Ltd. C:\Program Files\AVDm\AVDm.exe /RESIDENT
有効 HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
有効 HKLM:Run DTCPconnect NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
有効 HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
無効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\NECMFK\necmfk.exe
有効 HKLM:Run NECTVRC NEC Personal Computers, Ltd. C:\Program Files\NECTVRC\tvrc.exe /INITLCD
有効 HKLM:Run Nikon Message Center 2 Nikon Corporation C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
有効 HKLM:Run NPSpeed NEC Personal Computers, Ltd. C:\Program Files\NECPC\EcoMode\NPSpeed.exe
有効 HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RcdSettings NEC Personal Computers, Ltd. "C:\Program Files\NEC\NECRcdSettings\RcdSettings.exe" -autostart
有効 HKLM:Run RemoteControl10 CyberLink Corp. "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run RtsCM RTSCM64.EXE
有効 HKLM:Run SmartUpdate NEC Personal Computers, Ltd. "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
有効 HKLM:Run SmartVisionScheduler NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
有効 HKLM:Run SVUPnPManager NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
有効 HKLM:Run USBFuncSwitch Chicony C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
有効 HKLM:Run USBHScrollFun Chicony C:\Program Files (x86)\WheelUtility\HScrollFun.exe
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnLauncher.exe" "C:\Program Files\AOSBOX Cool_n\AOSBOXCooln.exe" "-Delay"
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe

③スケジュールされたタスク
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d08f8713f8f0d9 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-500

④コンテキストメニュー
有効 Directory Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Drive Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Folder Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll

⑤IE
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll

⑥Google Chrome
有効 App Gmail 8.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Chrome リモート デスクトップ 51.0.2704.53 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\51.0.2704.53_0
有効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension カスペルスキー プラグイン 4.0.9.130 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0



・数時間ブラウザの使用
・HJT、CCでのログの取得

2回目のログを載せます。


①HJT
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:45:45, on 2016/06/26
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
C:\Program Files (x86)\WheelUtility\HScrollFun.exe
C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
C:\Program Files (x86)\NEC\SmartVision\DtvMw.exe
C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
C:\Users\owner\Documents\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SmartUpdate] "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
O4 - HKLM\..\Run: [USBFuncSwitch] C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
O4 - HKLM\..\Run: [USBHScrollFun] C:\Program Files (x86)\WheelUtility\HScrollFun.exe
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DTCPconnect] C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
O4 - HKLM\..\Run: [SVUPnPManager] C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
O4 - HKLM\..\Run: [SmartVisionScheduler] C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: セキュリティキーボード - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{5cdfad8c-e3ef-4d07-a502-806ebb251c64}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{c99e300d-8c47-44fd-b26f-2d9252f79d7f}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\..\{cfb9e5c3-cd2d-45b6-88a4-9c74232468ca}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{4f295bad-bf66-481a-b4e3-1eca6975b4b2}: NameServer = 82.163.142.7 95.211.158.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.142.7 95.211.158.134
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX Cool_n Backup Service (AOSBOXCooln Backup Service) - Unknown owner - C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DiXiM Player SDK Service - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe
O23 - Service: DiXiM Player Service Controller - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G-GUIDE(R) Service - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NECPC Settings Service - NEC Personal Computers, Ltd. - C:\Program Files\NECPC\SettingsDependency\SettingsService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SD Device Manager - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SmartVision Admin Service (SVAdminService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision Admin Service 64 (SVAdminService64) - NEC Personal Computers, Ltd. - C:\Program Files\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision MessageManager Service (SVMsgMngService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRService - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ホームネットワークサーバー powered by DiXiM - Unknown owner - C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe

--
End of file - 14793 bytes


②Windows
有効 HKCU:Run ApplePhotoStreams C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\System32\StikyNot.exe
有効 HKCU:RunOnce Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
有効 HKLM:Run AVDM NEC Personal Computers, Ltd. C:\Program Files\AVDm\AVDm.exe /RESIDENT
有効 HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
有効 HKLM:Run DTCPconnect NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
有効 HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
無効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\NECMFK\necmfk.exe
有効 HKLM:Run NECTVRC NEC Personal Computers, Ltd. C:\Program Files\NECTVRC\tvrc.exe /INITLCD
有効 HKLM:Run Nikon Message Center 2 Nikon Corporation C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
有効 HKLM:Run NPSpeed NEC Personal Computers, Ltd. C:\Program Files\NECPC\EcoMode\NPSpeed.exe
有効 HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RcdSettings NEC Personal Computers, Ltd. "C:\Program Files\NEC\NECRcdSettings\RcdSettings.exe" -autostart
有効 HKLM:Run RemoteControl10 CyberLink Corp. "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run RtsCM RTSCM64.EXE
有効 HKLM:Run SmartUpdate NEC Personal Computers, Ltd. "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
有効 HKLM:Run SmartVisionScheduler NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
有効 HKLM:Run SVUPnPManager NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
有効 HKLM:Run USBFuncSwitch Chicony C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
有効 HKLM:Run USBHScrollFun Chicony C:\Program Files (x86)\WheelUtility\HScrollFun.exe
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnLauncher.exe" "C:\Program Files\AOSBOX Cool_n\AOSBOXCooln.exe" "-Delay"
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe


③スケジュールされたタスク
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d08f8713f8f0d9 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-500


④コンテキストメニュー
有効 Directory Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Drive Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Folder Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll


⑤IE
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll


⑥Google Chrome
有効 App Gmail 8.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Chrome リモート デスクトップ 51.0.2704.53 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\51.0.2704.53_0
有効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension カスペルスキー プラグイン 4.0.9.130 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0



前回「広告が出てくるサイトは、今のところ特定のサイトのみ」と書きましたが、
現在一部のサイト「以外」で出るようになっていました。

何度か広告が出てくるので、その都度消すと3度目ほどでそれ以降は出なくなります。
広告が出た後は以前よりブラウザの動作が重いです。

ブラウザで、文の一部がリンクかのように表示され、矢印を合わせると「DOWNLOAD HERE!」という広告が出てきます。
更新すると直ります。


以上が今の状況です。
  • アレクサンドラ
  • 2016/06/26 (Sun) 15:08:17
返信フォームへ 
今回は巧妙に隠れてますか
作業と報告、ご苦労様です、
先に訊いた内容のお返事もわかりました。
やはりUpnpRemoteEnvも覚えがないようですね。
ではこれは削除しておいていいでしょう。

作業後もまだ異常は続いているようですが、これも予想の範囲内です。
ただ、その解析でもまったく尻尾が見えないですね。
ほとんどの場合は最初の解析作業でCCの各タブのログあたりでなにがしかの尻尾が見つかるのですが、今回はそれも見えません。
どうもかなり巧妙に隠れているみたいです。

では引き続き慎重に調べていきましょうか。
また説明に沿って続きの作業をお願いします。

次は下記のツールを準備してください。
「AdwCleaner」(通称:AC)
http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
ファイル直リンです。アクセスしてファイルをデスクトップにでも保存しておいてください。
片付けるときは起動後に「uninstall」ボタンを押せば自動で削除されます。
使い方は下記サイト様に詳しい説明があるのでサンショウウオ↓
http://www.japan-secure.com/entry/adwcleaner.html

Malwarebytes' Anti-Malware(通称・MBAM)
本家サイト
http://www.malwarebytes.org/

ダウンロード
https://www.malwarebytes.org/mwb-download/thankyou/
ファイル直リンです。保存しておいてください。

使い方の説明サイト
http://www.gigafree.net/security/MalwarebytesAnti-MalwareFree.html

準備できたらMBAMをインストールとアップデートまでしておいてください。
ただし、ここではまだスキャンはしないように。

続いてここで一度ACを起動してください。
起動するとまず定義の更新が行われるはずなので、更新だけしてから、それができたらACは一旦終了してください。
ここではスキャンもしなくていいです。

両ツールのアップデートができたらディスククリーンアップを使ってゴミファイルの掃除したあと、PCをセーフモードで再起動してしてください。

続いてPCをセーフモード起動してから、先に一度起動したACを再度起動してください。
起動したら今度は「スキャン」したあと、そのスキャン終了後に検出されたものがあったら「除去」を押してください。
表示された画面で「はい」を選択すると処置開始されます。

処置完了したらそこでPCを通常モードで再起動してください。

再起動後にACのあらたなログが出るので、それをデスクトップにでも保存しておいてください。
ですが、もし作業後にログが出ないorわからない場合はマイコンピュータのCドライブを開くとその直下に以下のような名前のファイルが作成されているので、それがACのログです。
>AdwCleaner[英数字].txt
同じような名前のログが複数ある時は、作成日時が作業処置時のファイルが対象のログです。

ACでの作業ができたら次はMBAMの作業です。
またセーフモード起動してからMBAM起動してスキャンしてください。
MBAM起動したら「スキャン」タブで「カスタムスキャン」選択後、Cドライブを含む全ドライブを選択してください。
それとルートキットスキャンの項目もチェック入れておいてください。

この形でスキャンすると時間はかかりますができるだけ細かくスキャンするためです。

両ツールのスキャンの順番はどちらからでもいいですが、なにか検出されたらそれを選択して「remove」(隔離)したあと、再起動を促す表示が出たらそこで一度PCを再起動してください。
もし再起動表示が出ないときは手動で再起動してください。

またMBAMスキャン終了後、画面右下にその結果を知らせるメッセージが出るので、それを押すとその結果が表示されるはずです。
そこで「ログを保存」を押すとそのログが保存可能になります。
そのログをデスクトップにでも保存しておいてください。
このログ確認が特に重要なので、忘れないようにお願いします。

このあとしばらくPC状態を様子見後、作業後に保存したACとMBAMのログを返信に貼り付けて、それを状態報告とともにレスで見せてください。

よほどのモノでなければこの2ツールでなにがしかの痕跡は見つかるはずですが、それもまだ断定はできないので、もし作業後に異常が沈静化してもしなくても油断しないでください
  • 悪代官
  • 2016/06/26 (Sun) 20:48:08
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
今回も行ったことを箇条書きで記載していきます。
よろしくお願いします。


・ACのダウンロード
・MBAMのダウンロード、アップデート
・ACの起動
・ディスククリーンアップ
・セーフモードでの起動
・AC起動、スキャン、削除、再起動
・セーフモードで再起動
・MBAMでのスキャン
 一度目:ログの保存に失敗してしまったため、再起動
 二度目:通常の再起動でスキャンしていたことに気付いたため、途中でやめました
 三度目:セーフモードで再起動後スキャン


ではログを載せます。

①AC
# AdwCleaner v5.200 - ログファイルの作成日 26/06/2016 作成時間 23:08:35
# 更新日 14/06/2016 作成元 ToolsLib
# データベース : 2016-06-14.1 [ローカル]
# オペレーティングシステム : Windows 10 Home (X64)
# ユーザー名 : 羽葉 - NEC
# 実行場所 : C:\Users\owner\Desktop\AdwCleaner.exe
# オプション : 削除
# サポート : https://toolslib.net/forum

***** [ サービス ] *****


***** [ フォルダ ] *****

[-] フォルダ 削除済み項目 : C:\ProgramData\3cf8c749-37b3-0
[-] フォルダ 削除済み項目 : C:\ProgramData\3cf8c749-6183-1
[-] フォルダ 削除済み項目 : C:\ProgramData\4f18b30b
[-] フォルダ 削除済み項目 : C:\ProgramData\ea1fd4a0-1ed3-0
[-] フォルダ 削除済み項目 : C:\ProgramData\ea1fd4a0-62a5-0
[-] フォルダ 削除済み項目 : C:\ProgramData\{09e2e032-512c-0}
[-] フォルダ 削除済み項目 : C:\ProgramData\{30d59c7b-412c-1}
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\3cf8c749-37b3-0
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\3cf8c749-6183-1
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\4f18b30b
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\ea1fd4a0-1ed3-0
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\ea1fd4a0-62a5-0
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\{09e2e032-512c-0}
[#] フォルダ 削除済み項目 : C:\ProgramData\Application Data\{30d59c7b-412c-1}

***** [ ファイル ] *****

[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] ファイル 削除済み項目 : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ ショートカット ] *****


***** [ スケジュールタスク ] *****


***** [ レジストリ ] *****

[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4f18b30b}
[-] キー 削除済み項目 : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[-] キー 削除済み項目 : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] キー 削除済み項目 : HKCU\Software\One System Care
[-] キー 削除済み項目 : HKCU\Software\PRODUCTSETUP
[-] キー 削除済み項目 : HKCU\Software\csastats
[-] キー 削除済み項目 : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] 値 削除済み項目 : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7BCEBEA2-0275-434F-AEBC-27D19B3A89DD}]
[-] データ 復元済み項目 : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4f295bad-bf66-481a-b4e3-1eca6975b4b2} [NameServer]
[-] データ 復元済み項目 : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5cdfad8c-e3ef-4d07-a502-806ebb251c64} [NameServer]
[-] データ 復元済み項目 : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{c99e300d-8c47-44fd-b26f-2d9252f79d7f} [NameServer]
[-] データ 復元済み項目 : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{cfb9e5c3-cd2d-45b6-88a4-9c74232468ca} [NameServer]

***** [ Webブラウザ ] *****

[-] [C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] 削除済み項目 : trovi.search

*************************

:: "Tracing"キーは削除します
:: Winsock設定を初期化しました

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4522 バイト] - [26/06/2016 23:08:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [4862 バイト] - [26/06/2016 23:06:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4676 バイト] ##########


②MBAM
Malwarebytes Anti-Malware
www.malwarebytes.org

スキャン日付: 2016/06/27
スキャン時刻: 1:37
ログファイル: MBAM.txt
管理者: はい

バージョン: 2.2.1.1043
マルウェアデータベース: v2016.06.26.03
ルートキットデータベース: v2016.05.27.01
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効

OS: Windows 8
CPU: x64
ファイルシステム: NTFS
ユーザー: 羽葉

スキャン形式: カスタムスキャン
結果: 完了しました
スキャンされたオブジェクト数: 610395
経過時間: 1 時間, 54 分, 12 秒

メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効

プロセス: 0
(なし悪意のある項目を検出)

モジュール: 0
(なし悪意のある項目を検出)

レジストリキー: 0
(なし悪意のある項目を検出)

レジストリ値: 0
(なし悪意のある項目を検出)

レジストリデータ: 0
(なし悪意のある項目を検出)

フォルダー: 0
(なし悪意のある項目を検出)

ファイル: 0
(なし悪意のある項目を検出)

物理セクタ: 0
(なし悪意のある項目を検出)


(end)



MBAMのスキャンは二度目のログです。
三度目のものではだめでしょうか?
一度目はスキャン中に「検出されたオブジェクト」が3つほどありました。


現在の動作としては、再起動後、広告は全く出なくなりました。
広告が出るようになる以前の動作と変わりありません。

  • アレクサンドラ
  • 2016/06/27 (Mon) 04:08:26
返信フォームへ 
ACが仕事してくれたようです
レスが遅くなってすみません。
さっきまで風呂に入ってました(←うちの風呂には由美○おるはいません

>現在の動作としては、再起動後、広告は全く出なくなりました。
>広告が出るようになる以前の動作と変わりありません。

はい、異常は沈静化したようですね。
ログも見ましたがやはりACで隠れていたものがあぶり出されて処置されてます。
赤米系も隠れてましたか。

MBAMは今回のスキャンで検出されたものがないならそこはいいです。

では引き続きの解析しましょう。
異常が沈静化したと見えても、この時点ではまだ解決にはなりませんので。

以下のツールを準備してください。
OTL(OldTimer Listit)
「Download」ボタンからDLしたら保存しておいてください。
http://oldtimer.geekstogo.com/OTL.exe
片付けるときは起動後に「Cleanup」ボタンを押せば自動で削除されます。
ただし、Windows10をお使いの場合は本体ファイルをそのまま削除すればいいです。

他のプログラムを起動しない状態でOTLを起動してください。
起動したら、ウィンドウの上の方にある「Scan All Users」にチェックを入れ、以下のコマンドを「Custom Scan/Fixes」にコピペしてください。

SHOWHIDDEN
%windir%\tasks\*.job
DRIVES
BASESERVICES
%SYSTEMDRIVE%\*.exe
ACTIVEX
CREATERESTOREPOINT

その後、左上の「Run Scan」を押すとスキャン開始されます。
スキャン開始後、PC環境にもよりますが数分ほどすると、「OTL.txt」と「Extras.txt」がOTL.exeと同じ場所に作成されるはずなので、この2つのファイルをデスクトップあたりに保存しておいてください。
なお、Extras.txtは出ないこともありますが、その場合はOTL.txtだけでもいいです。

このあとOTLログを丸ごと返信に貼り付けてレスで見せてください。
ただしOTLログはかなり長くなるため、一度に送信してもfc2の文字数制限で途切れます。
なのでログも適当なところで1万文字以内に分割して、複数回に分けてレス送信してください。
1万文字を越えた投稿はfc2の文字数制限で途切れてしまうためです。
http://www1.odn.ne.jp/megukuma/count.htm

OTLでスキャンしただけでは何も変化は起きません。
この結果を見て、検出されたものを次回以降の作業で処置することになるはずです
  • 悪代官
  • 2016/06/27 (Mon) 21:08:54
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
早速ですがログを貼り付けます。

①OTL

OTL logfile created on: 2016/06/27 23:01:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.92 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.39% Memory free
4.61 Gb Paging File | 2.39 Gb Available in Paging File | 51.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 842.01 Gb Total Space | 759.96 Gb Free Space | 90.26% Space Free | Partition Type: NTFS
Drive D: | 65.19 Gb Total Space | 65.09 Gb Free Space | 99.85% Space Free | Partition Type: NTFS

Computer Name: NEC | User Name: 羽葉 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2016/06/27 23:00:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
PRC - [2016/05/18 22:15:41 | 000,554,184 | ---- | M] (Microsoft Corporation) -- C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2016/04/19 21:25:34 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
PRC - [2015/11/09 11:11:12 | 000,169,272 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
PRC - [2015/06/27 23:51:04 | 000,194,000 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
PRC - [2015/06/27 23:51:04 | 000,192,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
PRC - [2014/08/07 08:58:10 | 001,485,088 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
PRC - [2014/07/24 08:58:52 | 000,340,800 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
PRC - [2014/07/23 16:03:56 | 000,028,488 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
PRC - [2014/07/09 09:17:36 | 000,115,520 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files\NEC\SmartVision\SVAdmin.exe
PRC - [2014/07/09 09:15:52 | 000,123,200 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
PRC - [2014/07/08 18:07:44 | 000,885,592 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
PRC - [2014/07/02 15:16:04 | 000,235,840 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
PRC - [2014/06/13 04:02:00 | 000,024,776 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2014/05/26 11:24:38 | 001,570,152 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
PRC - [2014/02/13 11:48:06 | 003,757,568 | ---- | M] (Chicony) -- C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
PRC - [2014/01/23 14:43:44 | 000,041,368 | ---- | M] (DigiOn, Inc.) -- C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
PRC - [2013/12/10 09:27:38 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/12/10 09:27:36 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013/12/05 14:30:16 | 000,067,920 | ---- | M] (Chicony) -- C:\Program Files (x86)\WheelUtility\HScrollFun.exe
PRC - [2013/08/06 09:00:02 | 000,063,856 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
PRC - [2013/06/06 08:54:54 | 000,128,360 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\SVAdRsv.exe
PRC - [2013/05/24 09:13:34 | 000,728,424 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
PRC - [2013/05/08 10:42:04 | 000,098,672 | ---- | M] (NEC Personal Computers, Ltd.) -- c:\Windows\SysWOW64\NTMETER.exe
PRC - [2013/04/02 13:14:18 | 000,989,800 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2013/04/02 13:13:36 | 001,088,088 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2013/04/02 13:13:32 | 001,282,632 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2013/03/03 13:35:56 | 000,070,504 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\DTVMW.exe
PRC - [2013/02/19 16:38:58 | 000,453,736 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2012/10/09 08:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/08/24 09:49:00 | 000,139,696 | ---- | M] (NEC Personal Computers, Ltd.) -- C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
PRC - [2012/03/28 21:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/07/14 22:00:50 | 000,209,784 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
PRC - [2011/07/14 22:00:50 | 000,126,328 | ---- | M] (BUFFALO INC.) -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
PRC - [2010/11/18 18:12:42 | 000,065,536 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
PRC - [2010/06/30 17:57:54 | 000,185,752 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016/05/18 22:15:39 | 000,679,624 | ---- | M] () -- C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
MOD - [2016/04/19 21:25:34 | 022,284,800 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
MOD - [2016/04/19 21:25:34 | 000,144,384 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
MOD - [2016/04/19 21:25:34 | 000,141,312 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
MOD - [2014/07/20 23:35:58 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dixim_upnp.dll
MOD - [2014/06/06 18:06:52 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\HttpHelper.dll
MOD - [2014/05/22 11:55:04 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dixim_av.dll
MOD - [2014/05/22 11:55:04 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dixim_char_util.dll
MOD - [2014/05/22 11:55:02 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dixim_util.dll
MOD - [2014/03/25 17:00:00 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\dixim_av.dll
MOD - [2014/03/25 16:59:50 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\dixim_upnp.dll
MOD - [2014/03/25 16:50:04 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\dixim_char_util.dll
MOD - [2014/03/25 16:50:02 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\dixim_util.dll
MOD - [2014/03/05 20:41:30 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\libxml2.dll
MOD - [2014/03/05 20:41:30 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\onig.dll
MOD - [2014/03/05 20:41:30 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\uchardet.dll
MOD - [2014/03/05 20:41:30 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\libexpat.dll
MOD - [2014/02/25 16:59:02 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\libxml2.dll
MOD - [2014/02/25 16:59:02 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\onig.dll
MOD - [2014/02/25 16:59:02 | 000,131,584 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\libexpat.dll
MOD - [2014/02/25 16:58:58 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\uchardet.dll
MOD - [2010/09/15 14:38:04 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\CrCT.dll
MOD - [2007/09/10 17:04:10 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\NEC\SmartVision\SVEditTs\aacenc.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/05/28 14:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2016/05/28 13:24:38 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2016/05/28 13:22:46 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2016/05/28 13:22:06 | 000,163,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2016/05/28 13:21:09 | 000,207,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2016/05/28 13:18:23 | 000,380,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2016/05/28 13:17:50 | 000,278,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2016/05/28 13:16:00 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:[b]64bit:[/b] - [2016/05/28 13:13:48 | 000,587,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2016/05/28 13:09:51 | 001,073,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2016/05/28 13:00:13 | 002,168,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2016/05/27 03:19:02 | 003,009,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:[b]64bit:[/b] - [2016/05/06 13:03:20 | 000,649,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2016/05/06 12:49:14 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2016/04/23 14:24:13 | 000,754,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2016/04/23 13:20:58 | 000,606,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2016/03/29 16:51:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2016/03/29 16:27:45 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2016/03/29 16:20:21 | 000,948,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2016/03/29 15:32:15 | 001,098,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2016/03/29 14:45:48 | 000,338,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2016/03/14 18:05:05 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 001,035,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 000,749,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 000,591,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:45 | 001,139,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:45 | 000,912,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:45 | 000,163,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:41 | 002,057,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:41 | 000,847,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2016/03/06 23:13:10 | 000,373,160 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:[b]64bit:[/b] - [2016/02/24 18:34:50 | 001,613,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2016/02/24 18:28:35 | 003,449,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2016/02/24 17:43:01 | 000,625,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2016/02/24 16:19:10 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2016/02/24 16:07:53 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2016/02/24 15:59:32 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2016/02/24 15:40:53 | 001,224,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2016/02/24 15:18:37 | 001,490,432 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:26 | 000,497,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:46 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:43 | 001,872,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:41 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:19 | 001,297,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:18 | 000,729,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,081,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 002,745,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:59 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:58 | 000,287,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_31875)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_219b210)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_31875)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_219b210)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_31875)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_219b210)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_31875)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_219b210)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_31875)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 000,043,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_219b210)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,444,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:47 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,364,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:35 | 000,511,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/12/29 17:25:46 | 002,788,104 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- C:\Program Files\NECPC\SettingsDependency\SettingsService.exe -- (NECPC Settings Service)
SRV:[b]64bit:[/b] - [2014/08/20 04:12:17 | 000,656,664 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:[b]64bit:[/b] - [2014/08/13 16:44:28 | 000,465,528 | ---- | M] () [Auto | Running] -- C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe -- (AOSBOXCooln Backup Service)
SRV:[b]64bit:[/b] - [2014/07/09 09:17:36 | 000,115,520 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- C:\Program Files\NEC\SmartVision\SVAdmin.exe -- (SVAdminService64)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013/08/27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2016/06/26 01:39:39 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/28 14:49:54 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016/05/28 13:14:46 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2016/04/23 12:45:56 | 000,461,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2016/03/06 23:13:11 | 000,300,968 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016/02/24 15:07:45 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015/10/30 16:18:31 | 002,179,584 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015/10/30 16:18:31 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015/10/30 16:18:23 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015/09/01 15:22:16 | 000,131,584 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe -- (SonicStage Back-End Service2)
SRV - [2015/09/01 00:51:12 | 000,167,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2015/06/27 23:51:04 | 000,194,000 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe -- (AVP15.0.2)
SRV - [2014/08/04 23:18:40 | 000,151,552 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe -- (ホームネットワークサーバー powered by DiXiM)
SRV - [2014/07/09 09:15:52 | 000,123,200 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe -- (SVAdminService)
SRV - [2014/06/13 04:02:00 | 000,024,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2014/01/23 14:43:44 | 000,041,368 | ---- | M] (DigiOn, Inc.) [Auto | Running] -- C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe -- (DiXiM Player Service Controller)
SRV - [2014/01/21 20:45:16 | 000,048,520 | ---- | M] (DigiOn, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe -- (DiXiM Player SDK Service)
SRV - [2013/12/10 09:27:38 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/12/10 09:27:36 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/05/24 09:13:34 | 000,728,424 | ---- | M] (Panasonic Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe -- (G-GUIDE(R)
SRV - [2013/05/08 10:42:04 | 000,098,672 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- c:\Windows\SysWOW64\NTMETER.exe -- (NT Meter)
SRV - [2012/08/24 09:49:00 | 000,139,696 | ---- | M] (NEC Personal Computers, Ltd.) [Auto | Running] -- C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe -- (SVMsgMngService)
SRV - [2012/03/28 21:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011/07/14 22:00:50 | 000,126,328 | ---- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe -- (BWH32S)
SRV - [2010/11/18 18:12:42 | 000,065,536 | ---- | M] (Panasonic Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe -- (SD Device Manager)
SRV - [2010/06/30 17:57:54 | 000,185,752 | ---- | M] (Panasonic Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe -- (VRService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/05/28 14:22:08 | 000,211,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2016/05/28 14:08:25 | 000,258,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2016/05/28 13:24:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2016/05/27 00:31:55 | 000,064,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2016/05/24 21:22:57 | 000,049,240 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2016/05/24 21:22:56 | 000,834,992 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2016/05/24 21:22:24 | 000,238,000 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2016/04/23 14:24:37 | 000,099,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2016/04/23 14:11:14 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2016/04/23 13:56:52 | 000,534,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2016/04/23 13:34:19 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2016/04/23 13:33:59 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2016/04/23 13:29:32 | 000,087,552 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2016/03/29 19:23:38 | 000,277,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2016/03/29 17:21:40 | 000,378,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2016/03/29 17:16:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2016/03/29 16:49:53 | 000,245,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2016/03/29 16:23:41 | 000,694,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2016/03/22 10:17:12 | 000,089,272 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2016/03/22 10:17:11 | 000,077,680 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwfp.sys -- (klwfp)
DRV:[b]64bit:[/b] - [2016/03/22 10:17:09 | 000,478,392 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2016/03/22 10:15:17 | 000,048,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2016/03/22 10:15:16 | 000,049,008 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2016/03/14 18:04:40 | 000,238,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2016/03/14 18:04:40 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:[b]64bit:[/b] - [2016/03/14 18:04:40 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2016/03/06 23:13:18 | 000,618,256 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtkBtfilter.sys -- (RtkBtFilter)
DRV:[b]64bit:[/b] - [2016/03/06 23:13:06 | 007,858,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:33 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2015/10/31 03:23:26 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2015/10/30 16:19:39 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:42 | 000,052,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,930,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:09 | 000,385,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:08 | 000,218,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,200,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,078,848 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:[b]64bit:[/b] - [2015/10/30 16:18:01 | 000,154,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:57 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,074,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:50 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:42 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,293,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,209,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:26 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,046,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:25 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,532,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,034,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:23 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:22 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:19 | 003,445,248 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,165,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2015/10/30 16:17:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2015/10/06 22:28:06 | 000,190,648 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2015/09/17 18:23:26 | 003,068,160 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:[b]64bit:[/b] - [2015/06/27 23:51:04 | 000,024,944 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2015/06/27 23:51:02 | 000,159,960 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2015/06/27 23:51:00 | 000,247,016 | ---- | M] (Kaspersky Lab UK Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km_w.sys -- (cm_km_w)
DRV:[b]64bit:[/b] - [2015/06/17 17:04:24 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2015/06/15 07:53:36 | 000,761,600 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,102,200 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:[b]64bit:[/b] - [2014/08/07 03:15:50 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:[b]64bit:[/b] - [2014/06/17 21:14:10 | 000,873,688 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2014/05/23 03:56:10 | 000,059,608 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtkAvrcp.sys -- (RtkAvrcp)
DRV:[b]64bit:[/b] - [2013/12/27 08:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2013/12/27 08:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2013/12/10 09:27:36 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2013/10/24 20:22:50 | 000,248,320 | ---- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xc3bdax64v83.sys -- (xcbdaNtsc)
DRV:[b]64bit:[/b] - [2013/07/24 01:00:00 | 000,028,304 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:[b]64bit:[/b] - [2013/07/24 01:00:00 | 000,027,792 | ---- | M] (Corel Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:[b]64bit:[/b] - [2013/07/24 01:00:00 | 000,020,112 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:[b]64bit:[/b] - [2013/07/19 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2013/06/21 15:38:50 | 000,026,448 | ---- | M] (NEC Personal Computers, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\necextif.sys -- (necextif)
DRV:[b]64bit:[/b] - [2013/06/21 07:44:06 | 000,069,848 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtkAvrcpCtrlr.sys -- (RtkAvrcpCtrlr)
DRV:[b]64bit:[/b] - [2012/10/03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/09/07 08:38:38 | 000,019,296 | ---- | M] (DigiOn, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\diximdd.sys -- (DiximDd)
DRV:[b]64bit:[/b] - [2012/07/27 17:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\klelam.sys -- (klelam)
DRV:[b]64bit:[/b] - [2011/07/14 22:00:50 | 000,018,944 | ---- | M] (BUFFALO INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bufeap64.sys -- (Bufeap)
DRV:[b]64bit:[/b] - [2009/09/19 15:00:24 | 000,013,384 | ---- | M] (NEC Corporation, NEC Personal Products, Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\timerset.sys -- (TIMERSET)
DRV - [2015/10/30 16:17:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys -- (CompositeBus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.fooooo.com/
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_663BE8: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2016/05/24 21:23:11 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_08806E: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2016/05/24 21:23:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_074028: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016/05/24 21:23:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)

F
  • アレクサンドラ
  • 2016/06/27 (Mon) 23:41:59
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
[2016/06/26 01:35:23 | 000,129,216 | ---- | C] (Tracker Software Products (Canada) Ltd.) -- C:\WINDOWS\SysNative\pxcpm5L.dll
[2016/06/26 01:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
[2016/06/26 01:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2016/06/26 01:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2016/06/26 01:06:00 | 000,000,000 | ---D | C] -- C:\Users\owner\音声
[2016/06/25 10:39:03 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\MicrosoftEdge
[2016/06/24 23:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2016/06/24 23:33:00 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\owner\Desktop\HijackThis.exe
[2016/06/24 22:52:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2016/06/24 22:51:29 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Geek Uninstaller
[2016/06/23 13:03:09 | 000,000,000 | ---D | C] -- C:\Users\owner\Videos
[2016/06/15 22:35:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2016/06/15 22:35:13 | 000,045,568 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2016/06/15 22:35:12 | 001,594,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2016/06/15 22:35:09 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016/06/15 22:35:08 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016/06/15 22:35:08 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016/06/15 22:35:08 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosHostClient.dll
[2016/06/15 22:35:07 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016/06/15 22:35:07 | 000,853,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016/06/15 22:35:07 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016/06/15 22:35:02 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016/06/15 22:35:01 | 007,200,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016/06/15 22:35:01 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016/06/15 22:35:00 | 005,205,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016/06/15 22:35:00 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016/06/15 22:34:59 | 006,295,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016/06/15 22:34:59 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016/06/15 22:34:58 | 007,977,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016/06/15 22:34:58 | 000,939,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016/06/15 22:34:57 | 001,996,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActiveSyncProvider.dll
[2016/06/15 22:34:57 | 001,707,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
[2016/06/15 22:34:57 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MessagingDataModel2.dll
[2016/06/15 22:34:56 | 022,379,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016/06/15 22:34:56 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MessagingDataModel2.dll
[2016/06/15 22:34:45 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016/06/15 22:34:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsCSP.dll
[2016/06/15 22:34:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosHostClient.dll
[2016/06/15 22:34:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mapsupdatetask.dll
[2016/06/15 22:34:44 | 002,609,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016/06/15 22:34:44 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016/06/15 22:34:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdlrecover.exe
[2016/06/15 22:34:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016/06/15 22:34:44 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016/06/15 22:34:42 | 001,401,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016/06/15 22:34:42 | 000,046,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2016/06/15 22:34:41 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2016/06/15 22:34:40 | 006,973,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2016/06/15 22:34:40 | 000,379,232 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2016/06/15 22:34:40 | 000,316,256 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2016/06/15 22:34:39 | 000,808,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2016/06/15 22:34:39 | 000,703,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2016/06/15 22:34:39 | 000,636,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2016/06/15 22:34:39 | 000,546,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2016/06/15 22:34:36 | 003,585,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016/06/15 22:34:35 | 011,545,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016/06/15 22:34:32 | 007,832,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016/06/15 22:34:28 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MBMediaManager.dll
[2016/06/15 22:34:25 | 002,168,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016/06/15 22:34:25 | 000,037,376 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2016/06/15 22:34:24 | 018,674,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016/06/15 22:34:21 | 003,994,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016/06/15 22:34:20 | 005,660,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016/06/15 22:34:19 | 009,918,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016/06/15 22:34:19 | 001,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2016/06/15 22:34:18 | 004,896,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016/06/15 22:34:16 | 005,323,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2016/06/15 22:34:16 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2016/06/15 22:34:15 | 002,582,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016/06/15 22:34:14 | 001,322,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016/06/15 22:34:13 | 003,590,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016/06/15 22:34:13 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationFramework.dll
[2016/06/15 22:34:13 | 000,693,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2016/06/15 22:34:12 | 007,474,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016/06/15 22:34:12 | 002,548,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2016/06/15 22:34:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsdport.sys
[2016/06/15 22:34:11 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016/06/15 22:34:11 | 000,890,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2016/06/15 22:34:11 | 000,784,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2016/06/15 22:34:11 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tileobjserver.dll
[2016/06/15 22:34:10 | 001,797,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2016/06/15 22:34:10 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppContracts.dll
[2016/06/15 22:34:10 | 000,290,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2016/06/15 22:34:09 | 000,649,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2016/06/15 22:34:09 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdlrecover.exe
[2016/06/15 22:34:08 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2016/06/15 22:34:08 | 002,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016/06/15 22:34:08 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2016/06/15 22:34:07 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2016/06/15 22:34:06 | 004,515,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016/06/15 22:34:06 | 001,582,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2016/06/15 22:34:06 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll
[2016/06/15 22:34:05 | 000,990,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2016/06/15 22:34:04 | 000,730,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2016/06/15 22:34:04 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEEventDispatcher.dll
[2016/06/15 22:34:04 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2016/06/15 22:34:03 | 001,390,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016/06/15 22:34:03 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2016/06/15 22:34:03 | 000,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ws2_32.dll
[2016/06/15 22:34:02 | 004,387,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2016/06/15 22:34:02 | 000,610,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2016/06/15 22:34:02 | 000,501,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2016/06/15 22:34:01 | 000,965,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016/06/15 22:34:01 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2016/06/15 22:34:01 | 000,303,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppHost.exe
[2016/06/15 22:34:01 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016/06/15 22:34:00 | 004,074,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2016/06/15 22:34:00 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016/06/15 22:33:59 | 001,445,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRHInproc.dll
[2016/06/15 22:33:59 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2016/06/15 22:33:59 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrokerLib.dll
[2016/06/15 22:33:58 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2016/06/15 22:33:58 | 000,254,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppHost.exe
[2016/06/15 22:33:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2016/06/15 22:33:58 | 000,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016/06/15 22:33:57 | 001,073,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016/06/15 22:33:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2016/06/15 22:33:54 | 000,591,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2016/06/15 22:33:54 | 000,431,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2016/06/15 22:33:52 | 000,577,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016/06/15 22:33:52 | 000,428,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2016/06/15 22:33:52 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016/06/15 22:33:51 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\polstore.dll
[2016/06/15 22:33:51 | 000,211,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2016/06/15 22:33:51 | 000,097,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2016/06/15 22:33:47 | 000,111,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2016/06/15 22:33:46 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
[2016/06/15 22:33:46 | 000,131,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2016/06/15 22:33:45 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2016/06/15 22:33:45 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016/06/15 22:33:45 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Privacy.dll
[2016/06/15 22:33:44 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2016/06/15 22:33:44 | 000,693,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\internetmail.dll
[2016/06/15 22:33:44 | 000,514,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2016/06/15 22:33:44 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncController.dll
[2016/06/15 22:33:44 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2016/06/15 22:33:44 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GnssAdapter.dll
[2016/06/15 22:33:43 | 001,184,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2016/06/15 22:33:43 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016/06/15 22:33:43 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2016/06/15 22:33:43 | 000,258,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufx01000.sys
[2016/06/15 22:33:43 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2016/06/15 22:33:43 | 000,170,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkUXBroker.exe
[2016/06/15 22:33:43 | 000,026,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2016/06/15 22:33:42 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2016/06/15 22:33:42 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2016/06/15 22:33:42 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\polstore.dll
[2016/06/15 22:33:42 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016/06/15 22:33:42 | 000,115,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupApi.dll
[2016/06/15 22:33:42 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2016/06/15 22:33:42 | 000,084,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupApi.dll
[2016/06/15 22:33:41 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016/06/15 22:33:41 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016/06/15 22:33:41 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys
[2016/06/15 22:33:41 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2016/06/15 22:33:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll
[2016/06/15 22:33:40 | 001,387,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016/06/15 22:33:40 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2016/06/15 22:33:39 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2016/06/15 22:33:39 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2016/06/15 22:33:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2016/06/15 22:33:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll
[2016/06/15 22:33:38 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2016/06/15 22:33:38 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2016/06/15 22:33:38 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016/06/15 22:33:38 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2016/06/15 22:33:38 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FwRemoteSvr.dll
[2016/06/15 22:33:38 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2016/06/15 22:33:38 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FwRemoteSvr.dll
[2016/06/15 22:33:37 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2016/06/15 22:33:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016/06/15 22:33:37 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016/06/15 22:33:37 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016/06/15 22:33:36 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2016/06/15 22:33:36 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016/06/15 22:33:36 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016/06/15 22:33:36 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016/06/15 22:33:35 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/06/27 23:00:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2016/06/27 22:48:33 | 000,078,772 | ---- | M] () -- C:\Users\owner\キャプチャ.JPG
[2016/06/27 22:31:20 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/06/27 22:19:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/06/27 22:05:27 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d08f8713f8f0d9.job
[2016/06/27 22:05:27 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/06/27 22:05:05 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016/06/27 22:03:48 | 1683,021,824 | -HS- | M] () -- C:\hiberfil.sys
[2016/06/27 22:03:47 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/06/27 08:58:34 | 000,118,775 | ---- | M] () -- C:\Users\owner\11回目・解答例.pdf
[2016/06/27 05:29:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/06/27 04:06:05 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2016/06/27 01:36:40 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/06/26 22:49:47 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/06/26 22:45:40 | 003,703,360 | ---- | M] () -- C:\Users\owner\Desktop\AdwCleaner.exe
[2016/06/26 02:01:56 | 000,000,828 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2016/06/26 00:38:45 | 000,002,353 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/06/24 23:35:04 | 000,000,874 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/06/24 23:33:31 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\owner\Desktop\HijackThis.exe
[2016/06/23 13:03:42 | 008,097,172 | ---- | M] () -- C:\Users\owner\02 ECHO(カバー).m4a
[2016/06/22 22:28:20 | 000,522,660 | ---- | M] () -- C:\Users\owner\目次の作りかた.pdf
[2016/06/22 22:25:41 | 000,001,270 | ---- | M] () -- C:\Users\owner\Desktop\日本の方言レポート - ショートカット.lnk
[2016/06/16 21:45:43 | 000,462,664 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016/06/15 03:33:01 | 000,828,408 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016/06/15 03:33:01 | 000,176,632 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016/06/13 23:34:32 | 000,000,086 | ---- | M] () -- C:\Users\owner\Desktop\刀剣乱舞-ONLINE- - オンラインゲーム - DMM.com.url
[2016/06/05 13:11:04 | 001,531,668 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2016/06/05 13:11:04 | 000,734,296 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2016/06/05 13:11:04 | 000,516,466 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2016/06/05 13:11:04 | 000,138,900 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2016/06/05 13:11:04 | 000,138,836 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[1 C:\*.tmp files -> C:\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/06/27 22:48:32 | 000,078,772 | ---- | C] () -- C:\Users\owner\キャプチャ.JPG
[2016/06/27 08:58:32 | 000,118,775 | ---- | C] () -- C:\Users\owner\11回目・解答例.pdf
[2016/06/26 22:49:47 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016/06/26 22:44:56 | 003,703,360 | ---- | C] () -- C:\Users\owner\Desktop\AdwCleaner.exe
[2016/06/26 01:53:59 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/06/25 10:40:42 | 000,002,353 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016/06/25 10:40:42 | 000,002,341 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2016/06/24 23:10:08 | 000,000,874 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/06/23 13:03:49 | 008,097,172 | ---- | C] () -- C:\Users\owner\02 ECHO(カバー).m4a
[2016/06/22 22:28:20 | 000,522,660 | ---- | C] () -- C:\Users\owner\目次の作りかた.pdf
[2016/06/22 22:25:41 | 000,001,270 | ---- | C] () -- C:\Users\owner\Desktop\日本の方言レポート - ショートカット.lnk
[2016/06/13 23:34:32 | 000,000,086 | ---- | C] () -- C:\Users\owner\Desktop\刀剣乱舞-ONLINE- - オンラインゲーム - DMM.com.url
[2016/04/13 22:31:04 | 001,862,008 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016/04/13 22:29:52 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016/03/14 18:14:14 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016/03/14 18:12:05 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/03/06 23:13:19 | 000,052,892 | ---- | C] () -- C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll
[2016/03/06 23:13:19 | 000,049,660 | ---- | C] () -- C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll
[2016/03/06 23:13:19 | 000,049,580 | ---- | C] () -- C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll
[2016/03/06 23:13:19 | 000,047,376 | ---- | C] () -- C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll
[2016/03/06 23:13:19 | 000,037,148 | ---- | C] () -- C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll
[2016/03/06 23:13:18 | 000,050,588 | ---- | C] () -- C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
[2016/03/06 23:13:18 | 000,050,536 | ---- | C] () -- C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll
[2016/03/06 23:13:18 | 000,037,244 | ---- | C] () -- C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll
[2015/10/30 16:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015/10/30 16:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015/10/30 16:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015/10/30 16:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015/10/30 16:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/10/30 16:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015/10/30 16:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015/10/30 16:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015/10/30 16:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015/10/30 16:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015/10/30 16:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015/10/30 16:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015/10/30 16:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015/10/30 16:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Gems
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Galaxy Swirl
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Galactic Static
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\Users\owner\AppData\Roaming\Fruit
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\Users\owner\AppData\Roaming\Frameworks
[2015/09/28 19:58:04 | 000,000,268 | RH-- | C] () -- C:\Users\owner\AppData\Roaming\Framework
[2015/09/28 19:58:04 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2015/09/28 19:58:04 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2015/09/28 19:58:04 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2015/09/28 19:58:04 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Horn Section
[2015/09/28 19:58:04 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Home
[2015/09/28 19:58:04 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Helper Scripts
[2015/03/28 14:39:20 | 000,000,993 | ---- | C] () -- C:\WINDOWS\UN900119.INI
[2015/03/22 17:22:16 | 000,003,072 | -H-- | C] () -- C:\Users\owner\photothumb.db
[2014/09/03 11:19:10 | 000,249,856 | R--- | C] () -- C:\WINDOWS\SysWow64\PasoGuide.dll
[2014/09/03 10:59:54 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2014/09/03 10:59:54 | 000,048,856 | ---- | C] () -- C:\WINDOWS\runSW.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016/04/23 14:08:45 | 006,605,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016/04/23 14:09:27 | 005,240,960 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015/10/30 16:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015/10/30 16:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015/10/30 16:17:45 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]
[2015/04/18 20:29:49 | 000,000,000 | -H-D | M] -- C:\kleaner.tmp
[2015/05/04 16:31:25 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2016/06/26 23:08:38 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2015/03/14 19:09:39 | 000,000,000 | -H-D | M] -- C:\SV Video DataBase
[2013/12/16 22:40:00 | 005,151,600 | -H-- | M] (富士ソフト株式会社) -- C:\APSETUP\FUDEGRM\FgwW.exe
[2016/06/26 02:09:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/09/03 10:55:52 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2014/07/07 14:13:54 | 001,865,328 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe
[2012/12/10 15:20:30 | 000,421,032 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\MAINT.exe
[2012/12/10 15:16:50 | 000,421,032 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe
[2014/01/14 19:16:00 | 001,862,744 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\My Image Garden\uninst.exe
[2014/01/14 19:16:00 | 001,862,744 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.exe
[2012/11/21 15:39:10 | 001,852,576 | -H-- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\uninst.exe
[2016/02/12 19:08:35 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OMGRIGHT
[2015/05/09 00:44:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2016/06/26 22:52:29 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps
[2014/01/14 19:16:00 | 001,862,744 | -H-- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\uninst.exe
[2015/05/09 00:44:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ\CanonIJ Uninstaller Information
[2015/04/27 07:10:12 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ\IJPrinter
[2015/05/09 00:44:13 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series
[2015/05/09 01:12:03 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ\IJPrinter\Canon MG3500 series
[2015/04/27 07:15:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2015/05/09 01:06:43 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEGV
[2015/04/27 07:06:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJETV
[2015/05/09 01:24:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMIG
[2015/04/27 11:00:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJQuickMenu
[2015/05/09 01:22:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan
[2015/03/14 19:09:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\NEC
[2016/04/15 00:53:27 | 000,000,000 | -H-D | M] -- C:\ProgramData\Apple Computer\iTunes\SC Info
[2015/04/27 07:15:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ\IJPrinter
[2015/05/09 01:12:32 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS
[2016/05/07 00:22:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon MG3500 series Printer
[2015/05/09 01:12:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon MG3500 series Printer XPS
[2015/05/09 01:21:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan\MG3500 series
[2016/05/17 22:33:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser
[2016/05/17 23:19:39 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD10.exe
[2015/03/19 14:35:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2015/03/19 14:35:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\CLUpdater\PowerDVD\10.0
[2015/03/19 14:35:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\CyberLink\EvoParser\PowerDVD\10.0
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc
[2016/03/14 23:33:21 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/31 03:23:42 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\DMProfiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\WwanSvc\Profiles
[2014/09/03 11:04:37 | 000,000,000 | -H-D | M] -- C:\ProgramData\NEC\NECPC Settings
[2016/03/14 18:46:56 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2015/04/27 07:15:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2015/05/09 01:06:43 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2015/04/27 07:06:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJETV
[2015/05/09 01:24:34 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMIG
[2015/04/27 11:00:28 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJQuickMenu
[2015/05/09 01:22:22 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJScan
[2015/03/14 19:09:20 | 000,000,000 | -H-D | M] -- C:\Users\All Users\NEC
[2016/04/15 00:53:27 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Apple Computer\iTunes\SC Info
[2015/04/27 07:15:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ\IJPrinter
[2015/05/09 01:12:32 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ\IJPrinter\CNMWINDOWS
[2016/05/07 00:22:03 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ\IJPrinter\CNMWINDOWS\Canon MG3500 series Printer
[2015/05/09 01:12:34 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ\IJPrinter\CNMWINDOWS\Canon MG3500 series Printer XPS
[2015/05/09 01:21:03 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJScan\MG3500 series
[2016/05/17 22:33:05 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser
[2016/05/17 23:19:39 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\PowerDVD10.exe
[2015/03/19 14:35:31 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CBE\D8D760AC-ACA2-493e-9623-61E9D47DE89C\ToGo
[2015/03/19 14:35:35 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\CLUpdater\PowerDVD\10.0
[2015/03/19 14:35:33 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CyberLink\EvoParser\PowerDVD\10.0
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc
[2016/03/14 23:33:21 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads
[2015/10/31 03:23:42 | 000,000,000 | RH-D | M] -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\DMProfiles
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Microsoft\WwanSvc\Profiles
[2014/09/03 11:04:37 | 000,000,000 | -H-D | M] -- C:\Users\All Users\NEC\NECPC Settings
[2015/10/30 16:24:24 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2016/03/14 18:35:32 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData
[2015/04/27 20:56:40 | 000,000,000 | -H-D | M] -- C:\Users\owner\*Ⅳペイント\Pictures\NEC
[2015/03/15 17:28:03 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
[2016/06/24 23:53:44 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
[2016/05/14 12:22:28 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Media Player\アート キャッシュ
[2016/03/14 18:55:30 | 000,000,000 | RH-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\Burn\Burn
[2016/06/27 08:59:37 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\Content.MSO
[2016/06/27 08:14:40 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\Content.Word
[2016/03/15 21:13:25 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\Virtualized
[2015/08/07 01:40:19 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCookies\DNTException\Low
[2015/08/07 01:40:19 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Microsoft\Windows\INetCookies\PrivacIE\Low
[2016/06/26 02:18:08 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\TempState\Content.MSO
[2015/04/27 20:55:02 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Pictures\NEC
[2016/05/14 12:10:45 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\Temp\FreemakeVideoConverterTemp
[2015/09/25 00:42:02 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Local\VirtualStore\ProgramData
[2015/04/27 20:54:41 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Pictures\NEC
[2016/03/14 18:36:11 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015/04/27 20:55:10 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Pictures\NEC
[2015/04/27 20:55:35 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Pictures\NEC
[2016/03/14 18:20:22 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Pictures\NEC
[2015/04/27 20:54:47 | 000,000,000 | -H-D | M] -- C:\Users\owner\AppData\Roaming\Pictures\NEC
[2015/04/27 20:54:57 | 000,000,000 | -H-D | M] -- C:\Users\owner\Documents\Pictures\NEC
[2016/03/14 18:35:38 | 000,000,000 | -H-D | M] -- C:\Users\owner\Favorites\Pictures\NEC
[2016/06/16 21:47:53 | 000,000,000 | RH-D | M] -- C:\Users\Public\AccountPictures
[2016/06/26 22:49:47 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2016/03/14 18:37:19 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2015/03/18 14:13:41 | 000,000,000 | -H-D | M] -- C:\Users\Public\Music\Sony MediaPlayerX\Shared\Fringe
[2015/03/28 22:33:22 | 000,000,000 | -H-D | M] -- C:\Users\Public\Pictures\Sony MediaPlayerX\Fringe
[2016/03/14 18:22:03 | 000,000,000 | -H-D | M] -- C:\Windows\ELAMBKUP
[2016/03/14 18:22:10 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData
[2016/03/14 18:22:11 | 000,000,000 | -H-D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2016/06/27 23:19:02 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/06/27 01:36:40 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2016/06/27 22:05:27 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/06/27 23:31:01 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d08f8713f8f0d9.job
[2016/06/27 23:31:01 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST1000DM003-1ER162
Partitions: 5
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 1.00GB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 260.00MB
Starting Offset: 1573912576
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 842.00GB
Starting Offset: 1980760064
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 65.00GB
Starting Offset: 906087104512
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 22.00GB
Starting Offset: 976086892544
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
No service found with a name of AeLookupSvc
SRV:[b]64bit:[/b] - [2015/10/30 16:17:52 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 001,144,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2016/03/29 14:27:28 | 000,794,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2015/10/30 16:18:26 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2015/10/30 16:18:25 | 000,345,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2016/03/29 16:46:28 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2016/05/28 13:22:43 | 000,079,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,904,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2016/05/28 13:19:15 | 000,355,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2016/05/28 13:15:54 | 000,293,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2016/03/29 16:34:51 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:41 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,036,864 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2015/10/30 16:18:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 000,456,704 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2016/05/28 13:18:04 | 000,392,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2015/10/30 16:17:46 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
No service found with a name of MMCSS
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,547,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:25 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:48 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 000,755,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:40 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:51 | 000,904,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2016/02/24 16:19:56 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:03 | 000,057,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2016/05/28 13:21:27 | 000,190,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,283,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:16 | 000,608,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2015/10/30 16:18:38 | 000,559,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2016/03/14 18:04:45 | 000,997,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:10 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2015/10/30 16:18:36 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2015/10/30 16:18:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2016/03/29 16:30:49 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:49 | 001,465,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2016/04/02 12:19:00 | 001,054,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2016/03/14 18:05:05 | 000,275,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:25 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:37 | 000,024,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 001,743,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2016/04/23 13:14:30 | 000,870,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:19:28 | 000,643,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:43 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2015/10/30 16:18:21 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:45 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2016/05/28 12:57:22 | 002,281,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:39 | 000,264,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2016/03/14 18:04:49 | 002,295,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2015/10/30 16:17:53 | 000,274,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

< End of report >







②Extras

OTL Extras logfile created on: 2016/06/27 23:01:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.92 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.39% Memory free
4.61 Gb Paging File | 2.39 Gb Available in Paging File | 51.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 842.01 Gb Total Space | 759.96 Gb Free Space | 90.26% Space Free | Partition Type: NTFS
Drive D: | 65.19 Gb Total Space | 65.09 Gb Free Space | 99.85% Space Free | Partition Type: NTFS

Computer Name: NEC | User Name: 羽葉 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 86 2D 76 6A D6 7D D1 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4AF5215C-89FE-4471-99F5-9747F5466EB3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{5EE3B8AF-5E49-4586-900F-A840F83096D8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0129E45F-01DD-4D03-B284-70272390E90C}" = dir=out | name=動画なび plus |
"{02D57318-F9CA-4764-8BC7-1A3CF1A8D580}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{02DD8A2A-5ACC-45C1-BC76-7BF1C4F0FE28}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{06DF1849-2328-460D-A84E-813FD3884842}" = dir=out | name=microsoft solitaire collection |
"{0A223F50-0C85-4D4B-B579-C7FFCC42ED04}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{100674E9-84FF-4477-96FC-1DA12E0169F8}" = dir=out | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{153B0FD0-DCED-47F7-9003-72BFF0B3BEC7}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{17E6FBB9-8388-4277-8AFD-287C9C11547D}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{1BA9C6E7-1729-485B-BBB2-32178FBD6271}" = dir=in | name=mcafee® central for nec |
"{1C94EAFD-3A9B-4178-85CE-4810E06CFB91}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{1DF25FC3-C05F-4892-8243-913BCC814D0A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{20D897CC-CBBA-4DAD-8805-1FECD2C48EC1}" = dir=out | name=navitime for nec |
"{2109A73A-8490-4E76-9EC6-13D18F278803}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{24F5A914-531D-4A88-9A1A-2A6F75B731B5}" = dir=out | name=fresh paint |
"{2F517DD4-5205-4B29-B882-9F141A7DBFC2}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{332F7B1D-2B9B-4081-859B-40E1D5C1B2FB}" = dir=in | name=@{microsoft.bingweather_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{38FBC6C4-0378-46DC-8804-A29A3804E8EB}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{43916E47-48F8-49FD-A661-1F8A0D56F4D3}" = dir=out | name=sway |
"{44681514-60B7-4B51-B353-12A1487887C8}" = dir=out | name=xbox |
"{44D851AC-445B-4167-860A-BCF8D170F95B}" = dir=in | name=microsoft solitaire collection |
"{45E7A37E-3121-4E55-9875-A4A0BC65DA39}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4BAC7FCB-2458-4376-8A33-933EC4EEC9C8}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{4CC18350-F3B1-4D45-B765-05074DDA4ABC}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{4CC29F43-BBC2-4AFB-B737-E1AA46328517}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{50A3B9F7-5F2A-42D7-9BAA-9B968B8E18EB}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{554B1DFD-5F68-42AF-9AF0-249B34A07D1B}" = dir=out | name=@{microsoft.getstarted_3.10.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{60CC296D-EDE9-4690-8C5B-0D0BE5245A35}" = dir=out | name=@{microsoft.windowsphone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{60E3B919-6715-4B32-A238-D0AE6CD7AD9D}" = dir=out | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{620FACFF-98DD-42AE-9572-2118D8DAA6DA}" = dir=in | name=@{microsoft.bingsports_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{64055932-1C81-40C9-9372-4C53DED73C9E}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{680AF70C-3E08-4E84-A91E-C5751C2BDEBD}" = dir=in | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{6877662F-C0A3-464F-82BB-F125458D19D5}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/a
  • アレクサンドラ
  • 2016/06/27 (Mon) 23:45:10
返信フォームへ 
Extraのログが途切れてますね
おはようございます。
OTLのスキャンログを見せてもらいましたが、fc2の文字数制限でログが途切れてますね。

OTL.txtのほうはいいので、Extra.txtのほうだけ再度全文をレスで見せてください。
1万文字以内に収まるように分割して複数回に分けてレスされればいいです。
http://www1.odn.ne.jp/megukuma/count.htm
  • 悪代官
  • 2016/06/28 (Tue) 07:39:28
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
大変失礼いたしました。
Extraのみあげなおします。



OTL Extras logfile created on: 2016/06/27 23:01:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

3.92 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.39% Memory free
4.61 Gb Paging File | 2.39 Gb Available in Paging File | 51.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 842.01 Gb Total Space | 759.96 Gb Free Space | 90.26% Space Free | Partition Type: NTFS
Drive D: | 65.19 Gb Total Space | 65.09 Gb Free Space | 99.85% Space Free | Partition Type: NTFS

Computer Name: NEC | User Name: 羽葉 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 86 2D 76 6A D6 7D D1 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4AF5215C-89FE-4471-99F5-9747F5466EB3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{5EE3B8AF-5E49-4586-900F-A840F83096D8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0129E45F-01DD-4D03-B284-70272390E90C}" = dir=out | name=動画なび plus |
"{02D57318-F9CA-4764-8BC7-1A3CF1A8D580}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{02DD8A2A-5ACC-45C1-BC76-7BF1C4F0FE28}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{06DF1849-2328-460D-A84E-813FD3884842}" = dir=out | name=microsoft solitaire collection |
"{0A223F50-0C85-4D4B-B579-C7FFCC42ED04}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{100674E9-84FF-4477-96FC-1DA12E0169F8}" = dir=out | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{153B0FD0-DCED-47F7-9003-72BFF0B3BEC7}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{17E6FBB9-8388-4277-8AFD-287C9C11547D}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{1BA9C6E7-1729-485B-BBB2-32178FBD6271}" = dir=in | name=mcafee® central for nec |
"{1C94EAFD-3A9B-4178-85CE-4810E06CFB91}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{1DF25FC3-C05F-4892-8243-913BCC814D0A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{20D897CC-CBBA-4DAD-8805-1FECD2C48EC1}" = dir=out | name=navitime for nec |
"{2109A73A-8490-4E76-9EC6-13D18F278803}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{24F5A914-531D-4A88-9A1A-2A6F75B731B5}" = dir=out | name=fresh paint |
"{2F517DD4-5205-4B29-B882-9F141A7DBFC2}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
  • アレクサンドラ
  • 2016/06/28 (Tue) 21:28:45
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
"{332F7B1D-2B9B-4081-859B-40E1D5C1B2FB}" = dir=in | name=@{microsoft.bingweather_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{38FBC6C4-0378-46DC-8804-A29A3804E8EB}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{43916E47-48F8-49FD-A661-1F8A0D56F4D3}" = dir=out | name=sway |
"{44681514-60B7-4B51-B353-12A1487887C8}" = dir=out | name=xbox |
"{44D851AC-445B-4167-860A-BCF8D170F95B}" = dir=in | name=microsoft solitaire collection |
"{45E7A37E-3121-4E55-9875-A4A0BC65DA39}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4BAC7FCB-2458-4376-8A33-933EC4EEC9C8}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{4CC18350-F3B1-4D45-B765-05074DDA4ABC}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{4CC29F43-BBC2-4AFB-B737-E1AA46328517}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{50A3B9F7-5F2A-42D7-9BAA-9B968B8E18EB}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{554B1DFD-5F68-42AF-9AF0-249B34A07D1B}" = dir=out | name=@{microsoft.getstarted_3.10.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{60CC296D-EDE9-4690-8C5B-0D0BE5245A35}" = dir=out | name=@{microsoft.windowsphone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{60E3B919-6715-4B32-A238-D0AE6CD7AD9D}" = dir=out | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{620FACFF-98DD-42AE-9572-2118D8DAA6DA}" = dir=in | name=@{microsoft.bingsports_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{64055932-1C81-40C9-9372-4C53DED73C9E}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{680AF70C-3E08-4E84-A91E-C5751C2BDEBD}" = dir=in | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{6877662F-C0A3-464F-82BB-F125458D19D5}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{6B3A5A29-9454-4339-80A5-70ACBF6A77EC}" = dir=out | name=シュフーチラシアプリ for nec |
"{6C9FA5B4-162E-4800-ABBD-16DBA939C1AC}" = dir=out | name=@{microsoft.bingfinance_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{6DC5F4B2-FC14-44C2-9448-6A89B8364676}" = dir=out | name=line |
"{6E8C99AF-4B48-4CF7-9CD0-3BACB22DF5A0}" = dir=in | name=@{microsoft.bingnews_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{6EF40BB2-BA21-4D2B-8750-7380D56EA0B5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{7090F4F5-9EDF-4667-9BF2-45399A449A84}" = dir=out | name=@{microsoft.bingtranslator_4.4.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{74318C39-6C51-4ECE-96B7-697F6E95D931}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{7566D1D6-9641-402E-B302-2B3DA5ED17BF}" = dir=in | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{75DC34D3-33FD-42A7-A229-C14D25A3D549}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{7B809C9D-CC1C-4396-8780-B21DC1BB7961}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{8740D2A5-5A8E-457E-936E-5CD780285F27}" = dir=out | name=@{microsoft.bingsports_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{8A10E888-1BA0-4C4E-8A9B-F9EA0B581528}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8A8F3D6E-2ACE-4EB8-A77B-8C5A72CA7BE9}" = dir=out | name=my time line |
"{8ADBDC22-D59C-45BD-B733-5B77D37721FD}" = dir=out | name=@{microsoft.bingnews_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{8C0573FF-E5FA-470C-B3A9-A4A98AD6BA74}" = dir=out | name=@{microsoft.people_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{98945001-4DB1-49E7-9E9B-0A9E4C18F0DA}" = dir=out | name=candy crush saga |
"{9B7FDD72-ADE7-4AA4-82DF-40D70CA57257}" = dir=out | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{9C22BE4A-6851-454B-83CC-E59F2467C976}" = dir=out | name=canon inkjet print utility |
"{9E8113E4-17CE-464F-A208-B6D409DB3F0A}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{A34EEC9C-A6CA-45C8-9AB6-092CA182ECEB}" = dir=in | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A5947E99-C699-4DE1-A6AA-76C671F07712}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{AD21A0E8-191A-4469-87C6-181E48D425A2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AF8484D1-57E3-44D6-89E0-62F97ECE15D1}" = dir=out | name=@{microsoft.zunemusic_3.6.22051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B179FE3B-D2C2-4BD2-85D2-C623A0064A0C}" = dir=out | name=@{microsoft.bingweather_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{BB725722-6F81-4053-9E2E-337A3058BE3D}" = dir=in | name=@{microsoft.zunevideo_3.6.21441.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{BBC2C39B-678B-425E-9123-0263309F6EA4}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{BC633C2B-AF8A-4673-9099-1012514CE77B}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{BEC604EE-D12B-4FC5-9E02-A788EB8FB263}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{BEDCA8AB-ACB6-4301-877E-AC4B4193E7E2}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{BF6467F0-17A8-4F3D-9EFF-DF22ADA6D857}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C2093FFC-BE84-4ED0-9CE9-4280E42524EC}" = dir=in | name=@{microsoft.bingfinance_4.9.76.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{C670B25C-E945-4CB3-BAB1-D39A318C2B57}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{C68C975B-F6F2-4120-BE29-29F4FF2FF388}" = dir=out | name=facebook |
"{C80AA06E-D108-4E66-95C2-DECEFDDA3A7A}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{C8292749-AE4A-40AD-99CE-F4AC5C798BB8}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{CC659878-5C3E-4870-96EB-A983DCDF2097}" = dir=in | name=@{e0469642.2164478cd4c7b_1.7.0.10_x86__9t6e0p3002swr?ms-resource://e0469642.2164478cd4c7b/resources/app/name} |
"{CCB96526-3C82-4A1F-B5AA-8177A5C0C23E}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{CE88926D-20BE-475A-AAC0-E487CFD9B12A}" = dir=in | name=sway |
"{D5945129-DE30-4404-BF93-5B25F5E0E566}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{D7275CD8-B8BE-4573-B2C7-39B50B04B6A9}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{DA671EA7-CF0B-4468-ABA9-1686A4A50032}" = dir=in | name=line |
"{DDEBB691-D89E-4D56-8BE3-62ECE5548612}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{DE64D05B-3EBA-4BE9-AFA5-AE48F7B72B6F}" = dir=out | name=windows_ie_ac_001 |
"{E013830F-5B67-4D6B-BF9F-4E5B57D7D4F5}" = dir=in | name=onenote |
  • アレクサンドラ
  • 2016/06/28 (Tue) 21:31:02
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
"{E2F47804-5259-4570-8698-B157491AC8A7}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{E324512E-562E-4A10-AA8A-BBA92C69FF97}" = dir=in | name=canon inkjet print utility |
"{E445C17A-A9C4-4F0A-9B24-3C9EF571D932}" = dir=out | name=@{microsoft.3dbuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{E598BB64-C6C0-4F9E-B087-5F9B89E5CA5B}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{E6928A77-1F42-4004-AD0C-9C2814AA69B0}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{E932527E-2635-444E-A06E-2DCB28A012F6}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{F03DE66B-B9F0-43EC-980F-9545BFE02286}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F8A80849-15E0-4BAF-BEAC-FC4DA779A771}" = dir=out | name=onenote |
"{FB022B07-9A8F-4BF1-8E6D-E5E360212E78}" = dir=in | name=xbox |
"{FF12106E-C11E-4DF5-A7A3-EEF80077412C}" = dir=out | name=mcafee® central for nec |
"{FF6366CC-1081-4A51-BB30-E4B7ACC56BF0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{75555A9B-1009-45B9-B932-CEEF9A252BB1}C:\program files (x86)\nec\smartvision\svupnpmn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nec\smartvision\svupnpmn.exe |
"UDP Query User{CD72852B-C6E7-4670-9E1A-64325ECB06DD}C:\program files (x86)\nec\smartvision\svupnpmn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nec\smartvision\svupnpmn.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0295BE13-D098-4C68-A085-C694406C2026}" = リモコンユーティリティ
"{0D89385A-FD47-45B7-B303-37E252BCCC6B}" = ワンタッチスタートボタンの設定
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series" = Canon MG3500 series MP Drivers
"{15001252-1501-495B-B51F-3B6FE8A9996D}_is1" = NEC PC設定Dependency Package
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1BF33DB3-42E8-4E07-9995-9D0F13B3AC4C}_is1" = NECPC Settings Plugins
"{1C9E61B0-4043-45C9-889C-119A4793CD93}" = ワンタッチスタートボタンの設定(8.19.1345)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2937FD88-C9D6-4B82-B539-37CD0A572F42}" = Apple Application Support(64 ビット)
"{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1" = NECPC Settings UMDF driver
"{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}" = Apple Mobile Device Support
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4329A4B8-82F4-42A1-81C0-8F062A04757D}_is1" = NECPC Settings Service
"{47192BE7-0E40-4E32-A2C8-6DACB2D3F6E7}" = SmartVision
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{50E1D8B9-26E5-4755-B8BB-73167F17C466}" = 彩りの設定
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60581F80-4D01-47F1-90D6-B3E2B91E5052}" = PDF-XChange Editor
"{61558C29-0C3A-442B-A43C-C883B94E8929}" = おすすめ設定
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A31C5565-90D9-4615-AE13-94D86C3836C7}" = iTunes
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D2837730-4960-3B35-8088-201387FD3BDB}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN
"{E6E6C0FA-F0D5-4E28-AAB8-F9CFAF4C9C08}_is1" = YamahaAE UMDF driver
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F3F11FF1-4EF7-4012-A0D7-BC89442FCA4F}" = Update for Japanese Microsoft IME Trending Words Dictionary
"AVDm" = 彩りの設定
"CCleaner" = CCleaner
"HomeBusinessPipcRetail - ja-jp" = Microsoft Office Home and Business Premium - ja-jp
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語
"Pen Tablet Driver" = ワコム
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{024D6C9E-4775-421D-B0D0-D4F123687778}" = Windows Live Essentials
"{02FECEE0-16B2-43DB-BC3B-C844477FC142}" = カスペルスキー インターネット セキュリティ
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{0FBC4D50-F28B-445B-8A7F-669C886E91A7}" = 筆ぐるめ 21
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{157C8082-2627-4236-A6CC-B797CF91D576}" = 再セットアップメディア作成ツール
"{19D082E3-1FB4-44EA-99C0-B8FB748BA79E}" = Sony Media Library Earth 9.3.00
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{221b44d2-6cf5-4f09-990c-7b41a7b6bd79}" = PDF-XChange Editor
"{223469C7-3B3F-4D18-AB4A-4F4B298D0DB2}" = x-APPLICATION Components
"{2749c485-3a8b-4533-92ff-7cf6e8221cff}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{31704E73-FB79-4C79-A4CE-4E6477EFA383}" =
"{349A906C-C3F1-47AB-96B6-E91A955434C1}" = 読取革命Lite
"{34ffd2d4-8e73-410f-ac90-23aece7068e3}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}" = PhotoWizard
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{43B98F6F-B841-4DBB-A888-668481F43EF8}" = ebi.BookReader4
"{4B0AD476-DE95-4293-B437-BE2511DE74B6}" = CLIP STUDIO PAINT
"{52568089-E0B2-4033-8140-F229EBFD610A}" = SD-Video SDK for SmartVision
"{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5C567565-F5E6-4BB9-8B1F-C5910350F0AB}" = USB Mouse Wheel Utility
"{5E848897-1113-49FE-8FCE-D4BF39EDE254}" = Windows Live UX Platform Language Pack
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{619133A5-48DE-4A54-AE4E-9CD480E4D2D7}" = 楽しもう!Office ライフ
"{63C71256-358F-4557-B12F-599604B76C85}" = SmartVision TVドライバー
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator LJ
"{76DA2850-D68D-47A6-AA53-D38F3C3CEBB2}" = DVD-VR Writer for SmartVision
"{7A5D09F9-8E44-482F-849E-8D203D78BD33}" = Roxio Creator LJ
"{7eaaa6c0-a745-427c-bd6f-bbc33d651540}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{82181AFC-F1AC-4F18-8039-C6CA5B7F4726}" = ファイナルパソコンデータ引越し 9 plus for NEC
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator LJ
"{8AF94405-08BB-4CF6-8856-84C88EAA7ECA}" = ソフト&サポートナビゲーター
"{8CE3D78F-7B81-46F5-977A-12DBA2CB5B9A}" = Play.net
"{8D3447EE-A34C-438C-815B-178F771B1556}" = ホームネットワークサーバー powered by DiXiM
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0411-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}" = Movie Maker
"{98DF1E0A-B2C1-4D47-A0F8-D47AF1B23CAD}" = x-アプリ
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A5EF-4123-B2B9-172095903AB}" = REALTEK Bluetooth Driver
"{9DAABC60-A5EF-41FF-B2B9-17329590CD5}" = REALTEK Wireless LAN Driver
"{AD2DAD95-2A19-4A7B-91C5-52FEAFBD5206}" = パソコンのいろは8
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B998F909-2F6B-46EF-B4CD-730AF38A376C}" = DiXiM Player for SmartVision
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
  • アレクサンドラ
  • 2016/06/28 (Tue) 21:32:10
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{d07b0db5-8dad-40e1-be90-88026298a46b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}" = フォト ギャラリー
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Realtek PC Camera Driver
"{E9FFDC38-0D29-40C7-81A4-2AA733F9397B}" = G-GUIDE(R) for Windows
"{EA65772D-1999-462B-BFC0-480A9515ABCC}" = Smart Update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F353F974-64FF-44F5-AE2D-D079964C5685}" = おてがるバックアップ
"{F3BB7E2D-62E0-4008-8727-588EDC274C25}" = Photo Common
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}" = Apple Application Support(32 ビット)
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"ArtOfWords" = ArtOfWords
"BUFFALO_AirSet2_is1" = BUFFALO エアステーション設定ツール
"BUFFALO_BPCEnv_is1" = BUFFALO パソコン環境表示ツール
"Canon MG3500 series On-screen Manual" = Canon MG3500 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム
"CanonMyPrinter" = Canon マイ プリンタ
"CanonQuickMenu" = Canon Quick Menu
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"InstallShield_{19D082E3-1FB4-44EA-99C0-B8FB748BA79E}" = Sony Media Library Earth 9.3.00
"InstallShield_{31704E73-FB79-4C79-A4CE-4E6477EFA383}" =
"InstallShield_{5C567565-F5E6-4BB9-8B1F-C5910350F0AB}" = マウスの設定
"InstallShield_{98DF1E0A-B2C1-4D47-A0F8-D47AF1B23CAD}" = x-アプリ 6.0.02
"InstallShield_{AD2DAD95-2A19-4A7B-91C5-52FEAFBD5206}" = パソコンのいろは8
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}" = カスペルスキー インターネット セキュリティ
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 2.2.1.1043
"MediBang Paint Pro_is1" = MediBang Paint Pro 2.0
"PaintToolSAI" = ペイントツールSAI Ver.1
"PhotoScape" = PhotoScape
"UN900119" = BUFFALO クライアントマネージャV
"UN900119_is1" = BUFFALO クライアントマネージャV をアンインストール
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite" = Windows Live Essentials
"Yahoo!Jツールバー" = Yahoo!ツールバー
"Zoolz2" = AOSBOX Cool_n

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2016/06/26 18:57:44 | Computer Name = NEC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 696141

Error - 2016/06/26 18:57:44 | Computer Name = NEC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 696141

Error - 2016/06/27 9:13:43 | Computer Name = NEC | Source = Perflib | ID = 1008
Description =

Error - 2016/06/27 9:13:43 | Computer Name = NEC | Source = Perflib | ID = 1008
Description =

Error - 2016/06/27 9:13:43 | Computer Name = NEC | Source = Perflib | ID = 1008
Description =

Error - 2016/06/27 9:13:43 | Computer Name = NEC | Source = Perflib | ID = 1008
Description =

Error - 2016/06/27 9:13:43 | Computer Name = NEC | Source = PerfNet | ID = 2004
Description =

Error - 2016/06/27 9:13:44 | Computer Name = NEC | Source = Perflib | ID = 1023
Description =

Error - 2016/06/27 9:13:44 | Computer Name = NEC | Source = Perflib | ID = 1008
Description =

Error - 2016/06/27 10:05:55 | Computer Name = NEC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = 暗号化サービスで、システム ライター オブジェクトで OnIdentity() の呼び出しを処理中にエラーが発生しました。 Details:
AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: アクセスが拒否されました。 。

[ System Events ]
Error - 2016/06/26 16:29:34 | Computer Name = NEC | Source = MEIx64 | ID = 458755
Description = Intel(R) Management Engine Interface driver has failed to perform
handshake with the Firmware.

Error - 2016/06/26 16:31:58 | Computer Name = NEC | Source = Service Control Manager | ID = 7009
Description = ホームネットワークサーバー powered by DiXiM サービスの接続を待機中にタイムアウト (30000 ミリ秒) になりました。

Error - 2016/06/26 16:31:58 | Computer Name = NEC | Source = Service Control Manager | ID = 7000
Description = ホームネットワークサーバー powered by DiXiM サービスを、次のエラーが原因で開始できませんでした: %%1053

Error - 2016/06/26 16:33:01 | Computer Name = NEC | Source = DCOM | ID = 10010
Description =

Error - 2016/06/26 20:09:28 | Computer Name = NEC | Source = DCOM | ID = 10016
Description =

Error - 2016/06/26 20:09:33 | Computer Name = NEC | Source = Service Control Manager | ID = 7031
Description = ホストの同期_34ce6 サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が 10000
ミリ秒以内に実行されます: サービスの再開。

Error - 2016/06/26 20:09:33 | Computer Name = NEC | Source = Service Control Manager | ID = 7031
Description = Contact Data_34ce6 サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が
10000 ミリ秒以内に実行されます: サービスの再開。

Error - 2016/06/26 20:09:33 | Computer Name = NEC | Source = Service Control Manager | ID = 7031
Description = User Data Storage_34ce6 サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が
10000 ミリ秒以内に実行されます: サービスの再開。

Error - 2016/06/26 20:09:33 | Computer Name = NEC | Source = Service Control Manager | ID = 7031
Description = User Data Access_34ce6 サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が
10000 ミリ秒以内に実行されます: サービスの再開。

Error - 2016/06/27 9:08:06 | Computer Name = NEC | Source = DCOM | ID = 10010
Description =


< End of report >
  • アレクサンドラ
  • 2016/06/28 (Tue) 21:32:52
返信フォームへ 
今度はOTLでゴミ掃除を
今夜もレスが遅くなってすみません。
こうやって敵を焦らしてから隙を突いて倒すのが悪代官の策略です(←いったい何と戦ってるんだ

Extraのログも見せてもらいました。
では早速次の作業にかかりますか。

今度はOTLスキャンで見つかったものをOTLで掃除します。と言ってもゴミ程度なので心配しなくていいです。

このレスの最後にスクリプトを貼っておくので、それを丸ごとコピーして、それをWindowsのメモ帳ファイルに貼り付けて保存しておいてください。

用意できたらPCをまたセーフモードで再起動してOTL起動してください。
起動したらOTLのウインドウ下部にスクリプトを貼り付けて、今度は「Run fix」(赤字のボタン)を押してください。
これでOTLでの処置が開始されます。

しばらく待って処置ができたらPCを通常モードで再起動すると、またOTLのログが出るはずなので、それを保存してから、しばらく様子見の後、OTLのログとともに状態報告をレスください。
OTLのスクリプトは以下になります。破線(-----)を含まない箇所を丸ごとコピーして、それをOTLに貼って作業してください
------------------------------------------
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKLM\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}
IE - HKLM\..\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKU\S-1-5-21-4221638486-1287037831-385173349-1001\..\SearchScopes,DefaultScope = {6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}

:Files

:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
[reboot]
------------------------------------------
  • 悪代官
  • 2016/06/29 (Wed) 20:22:40
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
こんばんは。

早速ですがログを載せます。


All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FCDED3C-A71F-4C57-824B-E9F8A2CD5451}\ not found.
HKEY_USERS\S-1-5-21-4221638486-1287037831-385173349-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== FILES ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: owner
->Temp folder emptied: 597121397 bytes
->Temporary Internet Files folder emptied: 5436783 bytes
->Java cache emptied: 48344 bytes
->Google Chrome cache emptied: 366848866 bytes
->Flash cache emptied: 523 bytes

User: Public

User: USER

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 64207557 bytes
RecycleBin emptied: 348046 bytes

Total Files Cleaned = 986.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 06292016_215526

Files\Folders moved on Reboot...
File move failed. C:\Users\owner\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



動作は特に問題ないです。
  • アレクサンドラ
  • 2016/06/29 (Wed) 22:35:18
返信フォームへ 
ここで全体の見直しを
作業と報告、ご苦労様です。

>動作は特に問題ないです

はい、異常は現在出てないみたいですね。
ログも見せてもらいましたがOTLでの処置もできたようです。
OTLは導入時の説明に沿って片付けていいです。

ではここで全体の状態を各ログから見直します。
お手数ですがまたHJTログと、CCでインストール情報と各タブのログも取り直して、それらを見せてください。
なにか取りこぼしがないかを含めて全体を洗い直します
  • 悪代官
  • 2016/06/30 (Thu) 08:43:38
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
こんにちは。

了解です。OTLは処理してしまいます。

では早速ログを載せます。


①HJT
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:29:38, on 2016/06/30
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
C:\Program Files (x86)\WheelUtility\HScrollFun.exe
C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
C:\Program Files (x86)\NEC\SmartVision\DtvMw.exe
C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
C:\Users\owner\Desktop\HijackThis.exe

O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SmartUpdate] "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
O4 - HKLM\..\Run: [USBFuncSwitch] C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
O4 - HKLM\..\Run: [USBHScrollFun] C:\Program Files (x86)\WheelUtility\HScrollFun.exe
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DTCPconnect] C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
O4 - HKLM\..\Run: [SVUPnPManager] C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
O4 - HKLM\..\Run: [SmartVisionScheduler] C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: セキュリティキーボード - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX Cool_n Backup Service (AOSBOXCooln Backup Service) - Unknown owner - C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DiXiM Player SDK Service - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe
O23 - Service: DiXiM Player Service Controller - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G-GUIDE(R) Service - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NECPC Settings Service - NEC Personal Computers, Ltd. - C:\Program Files\NECPC\SettingsDependency\SettingsService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SD Device Manager - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SmartVision Admin Service (SVAdminService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision Admin Service 64 (SVAdminService64) - NEC Personal Computers, Ltd. - C:\Program Files\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision MessageManager Service (SVMsgMngService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRService - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ホームネットワークサーバー powered by DiXiM - Unknown owner - C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe

--
End of file - 14102 bytes


②Windows
有効 HKCU:Run ApplePhotoStreams C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:RunOnce Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
有効 HKLM:Run AVDM NEC Personal Computers, Ltd. C:\Program Files\AVDm\AVDm.exe /RESIDENT
有効 HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
有効 HKLM:Run DTCPconnect NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
有効 HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
無効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\NECMFK\necmfk.exe
有効 HKLM:Run NECTVRC NEC Personal Computers, Ltd. C:\Program Files\NECTVRC\tvrc.exe /INITLCD
有効 HKLM:Run Nikon Message Center 2 Nikon Corporation C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
有効 HKLM:Run NPSpeed NEC Personal Computers, Ltd. C:\Program Files\NECPC\EcoMode\NPSpeed.exe
有効 HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RcdSettings NEC Personal Computers, Ltd. "C:\Program Files\NEC\NECRcdSettings\RcdSettings.exe" -autostart
有効 HKLM:Run RemoteControl10 CyberLink Corp. "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run RtsCM RTSCM64.EXE
有効 HKLM:Run SmartUpdate NEC Personal Computers, Ltd. "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
有効 HKLM:Run SmartVisionScheduler NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
有効 HKLM:Run SVUPnPManager NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
有効 HKLM:Run USBFuncSwitch Chicony C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
有効 HKLM:Run USBHScrollFun Chicony C:\Program Files (x86)\WheelUtility\HScrollFun.exe
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnLauncher.exe" "C:\Program Files\AOSBOX Cool_n\AOSBOXCooln.exe" "-Delay"
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe


③コンテキストメニュー
有効 Directory Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Drive Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 Folder Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll


④スケジュールされたタスク
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d08f8713f8f0d9 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-500


⑤IE
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll


⑥Google Chrome
有効 App Gmail 8.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Chrome リモート デスクトップ 51.0.2704.53 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\51.0.2704.53_0
有効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension カスペルスキー プラグイン 4.0.9.130 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0


よろしくお願いします。
  • アレクサンドラ
  • 2016/06/30 (Thu) 11:38:28
返信フォームへ 
洗い直しに来ました
作業と報告、ご苦労様です。
状態の洗い直しに来た「あらいぐま悪代官」です(←森に帰れ

現在の各ログを見せてもらいました。

見たところ不審な痕跡はなさそうですね。
異常も出てないなら、あとは様子見に入りましょう。

普通にPCを使いながらでいいので1週間様子見してください。

1週間後にまた今回と同じHJTとCCの各ログを取り直して、それらを様子見中の状態報告とともにレスください。

この時点でログにも状態にも異常が完全に消えて復活もしてなければヤマも越えられるはずですが、何か異常見えたら1週間待たずにいいのでそこで報告ください
  • あらいぐま悪代官
  • 2016/06/30 (Thu) 18:04:03
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
お久しぶりです。


この1週間ネットを使い続けましたが、特に問題はありませんでした。

早速ですがログを載せます。


①HJT

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:05:39, on 2016/07/07
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
C:\Program Files (x86)\WheelUtility\HScrollFun.exe
C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\NEC\SmartVision\SvPowMan.exe
C:\Program Files (x86)\NEC\SmartVision\SvFrmUI.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\NEC\SmartVision\DtvMw.exe
C:\Program Files (x86)\NEC\SmartVision\DtnCtl.exe
C:\Program Files (x86)\NEC\SmartVision\SvUI.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\ProgramData\SmartUpdate\SUMAIN\SmartUpdate.exe
C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE
C:\Users\owner\Desktop\HijackThis.exe

O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SmartUpdate] "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
O4 - HKLM\..\Run: [USBFuncSwitch] C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
O4 - HKLM\..\Run: [USBHScrollFun] C:\Program Files (x86)\WheelUtility\HScrollFun.exe
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [DTCPconnect] C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
O4 - HKLM\..\Run: [SVUPnPManager] C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
O4 - HKLM\..\Run: [SmartVisionScheduler] C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
O4 - Global Startup: クライアントマネージャV.lnk = C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: セキュリティキーボード - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AOSBOX Cool_n Backup Service (AOSBOXCooln Backup Service) - Unknown owner - C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BWH32S - BUFFALO INC. - C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DiXiM Player SDK Service - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCService.exe
O23 - Service: DiXiM Player Service Controller - DigiOn, Inc. - C:\Program Files (x86)\NEC\SmartVision\DiXiM Player\Service\DoDMCServicecControl.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G-GUIDE(R) Service - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\G-GUIDE(R) Service\GGS.exe
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon インクジェットプリンタ/スキャナ/ファクス使用状況調査プログラム (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NECPC Settings Service - NEC Personal Computers, Ltd. - C:\Program Files\NECPC\SettingsDependency\SettingsService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT Meter - NEC Personal Computers, Ltd. - c:\Windows\SysWOW64\NTMETER.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SD Device Manager - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\SDApf2\SDDevMgr.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SonicStage Back-End Service2 - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeService2.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SmartVision Admin Service (SVAdminService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision Admin Service 64 (SVAdminService64) - NEC Personal Computers, Ltd. - C:\Program Files\NEC\SmartVision\SVAdmin.exe
O23 - Service: SmartVision MessageManager Service (SVMsgMngService) - NEC Personal Computers, Ltd. - C:\Program Files (x86)\NEC\SmartVision\SVMsgMng.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRService - Panasonic Corporation - C:\Program Files (x86)\Common Files\Panasonic\VrSDK\VRService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ホームネットワークサーバー powered by DiXiM - Unknown owner - C:\Program Files (x86)\DigiOn\DiXiM Media Server for NEC PC\dms_sync_svc.exe

--
End of file - 14241 bytes



②Windows

有効 HKCU:Run ApplePhotoStreams C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run iCloudServices C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run OneDrive Microsoft Corporation "C:\Users\owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
有効 HKCU:Run RESTART_STICKY_NOTES Microsoft Corporation C:\Windows\System32\StikyNot.exe
有効 HKCU:RunOnce Uninstall C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
有効 HKLM:Run AVDM NEC Personal Computers, Ltd. C:\Program Files\AVDm\AVDm.exe /RESIDENT
有効 HKLM:Run CanonQuickMenu CANON INC. C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
有効 HKLM:Run DTCPconnect NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\DTCPconnect.exe
有効 HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
無効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NECMFK NEC Personal Computers, Ltd. C:\Program Files\NECMFK\necmfk.exe
有効 HKLM:Run NECTVRC NEC Personal Computers, Ltd. C:\Program Files\NECTVRC\tvrc.exe /INITLCD
有効 HKLM:Run Nikon Message Center 2 Nikon Corporation C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
有効 HKLM:Run NPSpeed NEC Personal Computers, Ltd. C:\Program Files\NECPC\EcoMode\NPSpeed.exe
有効 HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
有効 HKLM:Run RcdSettings NEC Personal Computers, Ltd. "C:\Program Files\NEC\NECRcdSettings\RcdSettings.exe" -autostart
有効 HKLM:Run RemoteControl10 CyberLink Corp. "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
有効 HKLM:Run RtsCM RTSCM64.EXE
有効 HKLM:Run SmartUpdate NEC Personal Computers, Ltd. "C:\Program Files (x86)\NEC\SmartUpdate\reservesu.exe"
有効 HKLM:Run SmartVisionScheduler NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SvSche.exe
有効 HKLM:Run SVUPnPManager NEC Personal Computers, Ltd. C:\Program Files (x86)\NEC\SmartVision\SVUPnPMn.exe
有効 HKLM:Run USBFuncSwitch Chicony C:\Program Files (x86)\WheelUtility\FuncSwitch.exe
有効 HKLM:Run USBHScrollFun Chicony C:\Program Files (x86)\WheelUtility\HScrollFun.exe
有効 HKLM:Run Zoolz Tray AOS Technologies, Inc. "C:\Program Files\AOSBOX Cool_n\AOSBOXCoolnLauncher.exe" "C:\Program Files\AOSBOX Cool_n\AOSBOXCooln.exe" "-Delay"
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe


③スケジュールされたタスク

有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d08f8713f8f0d9 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
無効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-1001
有効 Task Optimize Start Menu Cache Files-S-1-5-21-4221638486-1287037831-385173349-500


④コンテキストメニュー

有効 Directory Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Drive Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 Folder Kaspersky Anti-Virus 15.0.2 Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\shellex.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll


⑤IE

有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
無効 Helper Canon Easy-WebPrint EX BHO CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Content Blocker Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Safe Money Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
有効 Helper Virtual Keyboard Plugin Kaspersky Lab ZAO C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Canon Easy-WebPrint EX CANON INC. C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files\Yahoo!J\Toolbar64\8_0_0_3\Modules\YahooToolBar.dll


⑥Google Chrome

有効 App Gmail 8.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
有効 App Google Search 0.0.0.60 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
有効 App Google ドライブ 14.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
有効 App YouTube 4.2.8 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
有効 Extension Chrome リモート デスクトップ 51.0.2704.53 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\51.0.2704.53_0
有効 Extension Google オフライン ドキュメント 1.4 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
有効 Extension Google スプレッドシート 1.1 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
有効 Extension Google スライド 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0
有効 Extension Google ドキュメント 0.9 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
無効 Extension カスペルスキー プラグイン 4.0.9.130 最初のユーザー C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0


  • アレクサンドラ
  • 2016/07/07 (Thu) 23:16:15
返信フォームへ 
以後の再被害に対する自衛もお忘れないよう
こんばんは。
様子見後の報告ですね。

>この1週間ネットを使い続けましたが、特に問題はありませんでした。

はい、状態は落ち着いているようですね。
ログも見せてもらいましたが、特に怪しいところもなさそうですね。

それでは本題の相談は終了でいいでしょう。
作業に使った各ツールは導入時の説明に沿って片付けていいです。

異常は消えても以後の再被害を防ぐための自衛はここからがスタートラインであると思って、油断しないでください。
ブラウザの設定を少し固めるだけでも、セキュリティ上の効果を高めることが可能です。
「インターネットオプション」→「プライバシー」→「詳細設定」と開いて、「自動cookie処理」と「サードパーティのcookieをブロック」にチェックして「適用」して「OK」。
これをやっておくと、多くの危険サイトからの保護にかなり有効です。
が、これもすべての危険サイトに有効でもないし、本物の危険サイトではこの程度ではまったく太刀打ちできないので、過信はしないこと。
また、「すべてのcookieをブロックする」設定にすると、プロバイダのメールボックスなどログイン必要なページに入れなくなる弊害も出るので、これは状況を考えて使い分けるといいでしょう。
安全なサイトでもcookieブロックだと閲覧や投稿ができなくなるところもあるのでこれも注意。

次に、アンチウイルスやファイアウォール等のセキュリティソフトの使い方も注意してください。
セキュリティソフトはただ入れてさえいればそれだけでフル機能を発揮するものではありません。
設定と機能をできるだけ把握して、正しく使うことが重要です。
間違った使い方すると、本来ならブロックできた感染でもあっさりスルーします。

また、いくら高性能なセキュリティソフトがあっても、ユーザーが自分から危険なサイトやファイルにアクセスしてたらまったく保護もできません。
セキュリティソフトは使い方次第でその性能を、倍にも半にも無にも変動させます。

そして百聞は一見にしかず。
現在この掲示板で継続中や解決済みの他スレもできるだけ見ておくことをおすすめします。
同様、類似、別種含めて参考になる部分は多いでしょう。

おさらいですが、今回見つけて処置したモノのうち、特に気になるのは下記ですね。
>UpnpRemoteEnv UpnpRemoteEnv 2014/09/03 1.00.0000

先にもレスしたように、2014年9月にインストールされたとなってますが、本当に2年も前に入って気づかないままだったというのは少し疑問です。
悪意のプログラムは処置逃れ狙いで、インストールされた日付を偽装するものも存在します。
普通のアプリならWindowsの記録を改ざんしてまでインストール日をごまかすような真似はしないorできないはずですが、現実には当掲示板であり得ない日付にインストールされたアプリの記録がログ上に出ていたことが何度となくありました。
例としてはWindows7のPCに、2000年頃の日付でインストールされたアプリがあったり、逆に数年先の日付がインストール日として記録されていたこともあります。
Win7がリリースされてもいない日時をインストール日として表示するとは、嘘でユーザーの目をごまかしたつもりがかえって馬脚を現したという結果です。
たとえユーザーの目はごまかせてもお天道様はお見通しです(←それ悪代官のセリフじゃないから

そしてWindowsの記録を改ざんしてまで日付をごまかすようなアプリの場合は、本来安全優先の意味でリカバリ推奨と思ってください。
普通は改ざんできないWindowsの記録を改ざんするということは、並みの迷惑プログラム程度ではない恐れが大です。

今回何とか処置ができたとしても、できれば早いうちに一度リカバリをお勧めしておきます。
お時間ができたらリカバリしてから、きれいになったPC状態から仕切り直しするわけです。

また、そのPCで入力したことのある各種パスワード等の個人情報も可能なら全部変更しておいてください。

DNSUnlockerは処置するにもかなり面倒ですが、処置が成功した場合でも気が抜けません。
これはまだはっきりした性質や挙動がわかっていない部分も多いからです。
DNSがPC内の個人情報を盗み取る性質を持つかどうかも含めて完全にはわかっていないので、その恐れも頭に入れておくに越したことはありません。

PCセキュリティの上では覚えておくべきことは山ほどありますが、最初から全部頭に詰め込む必要はありません。
わかる範囲から一つずつでもいいのでPC環境とセキュリティ意識を再構築していってください。
欲張って一度に10人前の食べ物を口に入れても消化しきれずお腹を壊すだけです。
自らのペースで地道に身につけましょう。

慣れない作業を長期間頑張ってくれてお疲れ様でした。
以後は安全で快適なPCライフを
  • 悪代官
  • 2016/07/08 (Fri) 21:08:38
返信フォームへ 
Re: 【初心者です】DNSUnlockeのポップアップが出てきます
こんばんは。お返事遅れました。

リカバリはまだ踏ん切りがつきませんが、まとまった休みが取れたら行おうと思います。
アドバイス、ありがとうございます。
またここに投稿することがないよう、少しずつ知識を得られればと思います。

約2週間ありがとうございました。
  • アレクサンドラ
  • 2016/07/09 (Sat) 23:56:04
返信フォームへ 

返信フォーム
プレビュー (投稿前に内容を確認)
  
Template by  マシマロック