悪代官の伏魔殿掲示板

処置終了後
The system requires a reboot to finish removing files.
Click Ok to reboot now.
というメッセージが出たのでOKをクリックし再起動しました

その後、パスワードを入力し「ようこそ」の画面がしばらく出た後に再起動完了
その際に下記のログが出力されました。
以下ログです、よろしくお願いします。

wAll processes killed
========== OTL ==========
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\Triple Y\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData\757db02abb22af21 folder moved successfully.
C:\AdwCleaner\Quarantine\C\ProgramData folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RoboSaaver folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RandomPrrIuce folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\RandomPrrice folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewSAAvEr folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeewSaVer folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NeeettOCoupon folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MinimummPPrice folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MiNimoumPrIcee folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\IsaeveER folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindBBestDeall folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\EEnjuooyCCoupon folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BUyNssave folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\AllCheapPrricoe folder moved successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86) folder moved successfully.
C:\AdwCleaner\Quarantine\C folder moved successfully.
C:\AdwCleaner\Quarantine folder moved successfully.
C:\AdwCleaner folder moved successfully.
========== FILES ==========
c:\yahoo Messenger folder moved successfully.
File\Folder c:\program files (x86)\yahoo!\messenger not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3FF6B1A-3388-46A5-B3A7-1E6207DC48C9}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E564B7AB-94B5-49AE-9156-7F9A61E2F030} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E564B7AB-94B5-49AE-9156-7F9A61E2F030}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4A3E608-B9A4-4DD4-9947-1C124214D85C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F4A3E608-B9A4-4DD4-9947-1C124214D85C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F94D21B9-2677-476A-AE64-BC32C979175B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F94D21B9-2677-476A-AE64-BC32C979175B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2117EC60-3FC5-45E8-8D6A-42F0DC70D27D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{398870F9-E9F8-4D20-865E-8334E6660F51} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{398870F9-E9F8-4D20-865E-8334E6660F51}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Triple Y
->Flash cache emptied: 17817921 bytes

Total Flash Files Cleaned = 17.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Triple Y
->Java cache emptied: 1259912 bytes

Total Java Files Cleaned = 1.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Triple Y
->Temp folder emptied: 17535593 bytes
->Temporary Internet Files folder emptied: 248826111 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 377596685 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 348918412 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42306164 bytes
RecycleBin emptied: 86772377 bytes

Total Files Cleaned = 1,070.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04212015_200955

Files\Folders moved on Reboot...
C:\Users\Triple Y\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Triple Y\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

続いてFirefoxリフレッシュ後のOTLログです。

OTL logfile created on: 2015/04/21 20:07:45 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ryota\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd

7.88 Gb Total Physical Memory | 3.44 Gb Available Physical Memory | 43.68% Memory free
9.13 Gb Paging File | 3.87 Gb Available in Paging File | 42.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.99 Gb Total Space | 35.38 Gb Free Space | 7.74% Space Free | Partition Type: NTFS
Drive F: | 105.28 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: NAMETUKI | User Name: ryota | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
PRC - [2015/02/10 23:04:06 | 002,357,248 | ---- | M] (i-Funbox.com) -- C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
PRC - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/07 14:01:56 | 003,970,920 | ---- | M] (LINE Corporation) -- C:\Program Files (x86)\Naver\LINE\Line.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/24 09:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
PRC - [2013/11/15 09:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/08/30 11:37:00 | 000,860,608 | ---- | M] (Kingsoft Corp. Ltd.) -- C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe
PRC - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/08/07 14:01:50 | 002,108,264 | ---- | M] () -- C:\Program Files (x86)\Naver\LINE\amp_window.dll
MOD - [2014/07/23 17:33:26 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
MOD - [2014/04/24 09:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014/04/24 09:33:12 | 013,692,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014/04/24 09:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/24 09:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014/04/24 09:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014/04/24 09:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/24 09:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/12 20:58:10 | 000,237,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2013/11/15 09:49:56 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/11/15 09:48:30 | 001,861,968 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/09/25 14:40:20 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Consolas\NDC(XP)\DesktopCaptureXP.ax


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015/02/21 08:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2014/10/31 13:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014/10/29 12:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2014/10/29 11:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2014/10/29 11:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2014/10/29 10:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2014/10/29 09:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2014/10/29 09:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2014/10/01 19:54:24 | 000,319,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:[b]64bit:[/b] - [2012/08/14 18:03:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/15 01:48:07 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/03 14:37:50 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/03 15:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/29 12:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/10/29 10:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/10/29 10:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/10/29 09:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/10/01 19:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/08/14 07:30:50 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/04 10:10:14 | 000,122,464 | ---- | M] (株式会社ネットビジョン) [On_Demand | Stopped] -- C:\Program Files (x86)\au Wi-Fi接続ツール\auWifiConnectSvc.exe -- (auWifiConnectSvc)
SRV - [2013/12/18 01:56:16 | 000,754,712 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe -- (GoogleIMEJaCacheService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/17 17:19:50 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/17 17:19:48 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/09/17 17:19:34 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2007/09/05 14:38:28 | 000,174,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Siemens\Common\TangoCoreService.exe -- (TangoCoreService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015/03/04 19:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2015/02/04 08:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2014/12/12 09:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2014/11/13 21:35:31 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2014/10/29 12:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2014/10/29 12:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2014/10/29 12:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2014/10/29 11:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2014/10/29 11:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2014/10/15 17:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2014/10/13 11:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2014/10/08 18:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2014/10/07 15:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2014/10/07 15:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2014/10/01 19:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2014/09/24 16:27:11 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2014/09/24 15:58:01 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2014/09/24 15:57:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2014/09/24 15:29:18 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2014/08/15 09:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2014/08/02 05:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013/08/22 22:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013/08/22 21:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013/08/22 21:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013/08/22 21:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013/08/22 21:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013/08/22 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013/08/22 20:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/08/22 20:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013/08/22 20:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013/08/22 17:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/08/13 08:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013/08/10 09:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013/08/06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2013/07/31 03:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013/07/26 04:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013/06/18 23:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/14 18:03:34 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/19 07:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/08/11 23:51:48 | 001,587,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksaud.sys -- (ksaud)
DRV:[b]64bit:[/b] - [2010/07/05 13:47:00 | 000,565,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GVUSB2.X64.SYS -- (GVUSB2.X64)
DRV - [2012/07/05 10:46:18 | 000,125,544 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Kingsoft\klive\bin\encrypteddisk-x64.sys -- (EncryptedDisk)
DRV - [2007/07/06 15:34:36 | 000,016,800 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\RAWESR.sys -- (RAWESR)
DRV - [2007/07/06 15:34:34 | 000,013,600 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\LOGNT.SYS -- (LOGNT)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\NTSTPL2.SYS -- (NTSTPL2)
DRV - [2007/06/21 11:31:30 | 000,024,376 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\K-Opticom\eo\app\ntstpl1.sys -- (NTSTPL1)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OCustomizeSearch = http://search.jword.jp/jwd_sb_srchcust.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,OSearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.jword.jp/jwd_sb_srchasst.htm?ielang={SUB_RFC1766}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{726DA24E-A4A1-62E5-72EA-44C7886452CB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.kingsoft.jp [binary data]
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\SearchScopes\{502856A1-6DE0-41A4-B5E0-C086F87A22D4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "JP"
FF - prefs.js..browser.search.region: "JP"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamepot.co.jp/GamepotEXeEnvCtrl;version=1: C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\pmang.jp/pmangsupport-1: C:\Users\ryota\Desktop\新しいフォルダー\GameOn\TERA\nppmangsupport_0.dll (gameon)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: c:\program files (x86)\Mozilla Firefox\components [2014/08/30 11:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: c:\program files (x86)\Mozilla Firefox\plugins

[2014/05/16 21:28:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ryota\AppData\Roaming\mozilla\Extensions
[2015/04/04 19:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/04/04 19:25:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google 繝峨く繝･繝｡繝ｳ繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: Google 繝峨Λ繧､繝・ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: YouTube = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: Twitch Stream = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjaicoojlfoococemdcaollmhaiolole\207\
CHR - Extension: Avira Browser Safety = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.6_0\
CHR - Extension: Dropmark sidebar = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\foiapgoppijipmmgkaibacckkhbngfhp\171\
CHR - Extension: BlocKUTubEADi = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\geoafhlnmffijlblgohnpmjfbnpcpadd\3.2_0\
CHR - Extension: Google 繧ｦ繧ｩ繝ｬ繝・ヨ = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\ryota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

リフレッシュ後OTLログ２


O1 HOSTS File: ([2013/08/22 22:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Creative SB Monitoring Utility] C:\WINDOWS\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxTray.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [au_WiFi_Connect] C:\Program Files (x86)\au Wi-Fi接続ツール\au_WiFi_Connect.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eochk] File not found
O4 - HKLM..\Run: [Google Japanese Input Prelauncher] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [ApplicationManager] C:\Users\ryota\AppData\Roaming\ApplicationManager\bin\ApplicationManager.exe (Kingsoft Corp. Ltd.)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [iFunBox Fast App Install Handler] C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [Line] C:\Program Files (x86)\Naver\LINE\Line.exe (LINE Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\Run: [OneDrive] C:\Users\ryota\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1488747381-3182991089-3951260014-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} http://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab (HGPluginJP28 Class)
O16 - DPF: {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} http://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab (DMMLauncherAx Control)
O16 - DPF: {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} http://down.hangame.co.jp/jp/installer/HgRunPub.cab (HgRunPub Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://dist.cdnetworks.co.jp/cdndist/neffy/NeffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} http://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab (PubPlugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0693221B-E6F5-43F7-953D-6A2229EB2054}: NameServer = 60.56.0.135 218.251.89.134
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/04/04 12:00:00 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell - "" = AutoRun
O33 - MountPoints2\{2284b339-6b2b-11e4-824f-fed426b625ef}\Shell\AutoRun\command - "" = F:\install.exe -- [2003/04/04 12:00:00 | 000,131,072 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/04/21 20:06:50 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Old Firefox Data
[2015/04/20 21:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
[2015/04/20 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Reason
[2015/04/20 21:57:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:53:24 | 002,873,112 | ---- | C] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:28:00 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/18 19:28:00 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/18 19:22:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 05:26:09 | 000,085,504 | ---- | C] (Radius Inc.) -- C:\WINDOWS\SysWow64\iccvid.dll
[2015/04/15 04:37:56 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/15 04:37:56 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/15 04:37:55 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/15 04:37:55 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/15 04:37:55 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/15 04:37:55 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/15 04:37:55 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/15 04:37:55 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/15 04:37:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/15 04:37:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/15 04:37:48 | 001,385,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2015/04/15 04:37:47 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/15 04:37:42 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/15 04:37:41 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/15 04:37:40 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/15 04:37:39 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/15 04:37:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/15 04:37:39 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/15 04:37:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/15 04:37:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/15 04:37:38 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/15 04:36:49 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/15 04:36:49 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/15 04:36:48 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/15 04:36:48 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/15 04:36:48 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/15 04:36:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/15 04:36:48 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/15 04:36:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/15 04:36:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/15 04:36:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/15 04:36:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/15 04:36:47 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/15 04:36:47 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/15 04:36:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/15 04:36:47 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/15 04:36:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/15 04:36:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/15 04:36:31 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/15 04:36:31 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/15 04:36:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/15 04:36:29 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/15 04:36:29 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/15 04:36:29 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/15 04:36:29 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/15 04:36:29 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/15 04:36:29 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/15 04:36:29 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/15 04:36:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/12 01:37:12 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple Computer
[2015/04/10 17:53:01 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Apple
[2015/04/04 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Malwarebytes
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2015/04/04 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/04/04 21:24:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/04 21:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2015/04/04 21:21:57 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Local\Adobe
[2015/04/04 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\ryota\Tracing
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\GWX
[2015/04/04 18:34:25 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\GWX
[2015/04/04 18:11:11 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\Mario Story (J) [!]
[2015/04/04 18:08:59 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JWord(日本語キーワード)
[2015/04/04 17:31:07 | 000,000,000 | ---D | C] -- C:\Users\ryota\AppData\Roaming\Geek Uninstaller
[2015/04/04 16:36:25 | 000,000,000 | ---D | C] -- C:\Users\ryota\Desktop\geek
[2015/04/04 16:33:36 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/02/02 23:25:12 | 000,782,480 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\AradIns.exe
[2015/02/02 23:24:38 | 000,584,336 | ---- | C] (Neople inc) -- C:\Users\ryota\AppData\Local\NeopleCustomURLStarter.exe
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/04/21 19:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/21 19:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 08:59:00 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 02:02:31 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/21 02:02:13 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/21 02:00:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/04/21 02:00:00 | 2474,680,319 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/20 22:35:30 | 000,000,020 | ---- | M] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2015/04/20 21:58:27 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/20 21:57:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryota\Desktop\OTL.exe
[2015/04/20 21:54:14 | 002,873,112 | ---- | M] (Reason Company Software Inc.) -- C:\Users\ryota\Desktop\herdProtectScan_Setup.exe
[2015/04/18 19:31:33 | 001,496,524 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/04/18 19:31:33 | 000,722,278 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/04/18 19:31:33 | 000,499,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh011.dat
[2015/04/18 19:31:33 | 000,135,458 | ---- | M] () -- C:\WINDOWS\SysNative\perfc011.dat
[2015/04/18 19:31:33 | 000,135,394 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/04/16 05:31:51 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msclmd.dll
[2015/04/16 05:31:51 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msclmd.dll
[2015/04/14 08:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 08:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/04 21:39:57 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/04/04 21:23:16 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ryota\Desktop\mbam-setup-1.75.0.1300.exe
[2015/04/04 19:51:47 | 000,001,098 | ---- | M] () -- C:\Users\ryota\Application Data\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job
[2015/04/04 19:25:29 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/04/04 16:38:09 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/04/04 16:33:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\ryota\Desktop\ATF-Cleaner (1).exe
[2015/03/24 06:59:25 | 001,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/03/24 06:59:25 | 000,360,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/03/24 06:59:00 | 007,476,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/03/23 07:45:41 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/03/23 07:09:23 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/03/23 07:09:22 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/03/23 07:09:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/03/23 07:09:22 | 000,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/03/23 07:09:22 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/03/23 07:09:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/04/20 21:58:27 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\herdProtect.lnk
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/15 04:37:38 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/04 21:24:37 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/03/15 00:01:07 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2015/03/14 23:59:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015/03/02 14:09:57 | 000,000,020 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\appdataFr3.bin
[2014/11/19 17:11:37 | 000,000,242 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/10/01 19:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 19:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 15:58:21 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/02/15 00:25:26 | 000,645,632 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/15 00:25:26 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2014/02/15 00:25:25 | 000,079,360 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2014/02/15 00:25:17 | 000,178,688 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/15 00:25:15 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2014/02/15 00:25:15 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2014/02/15 00:25:15 | 000,001,990 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/10/28 17:28:07 | 000,188,416 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_core.dll
[2013/10/28 17:28:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\SysWow64\utv_vcm.dll
[2013/09/15 16:04:47 | 000,000,189 | ---- | C] () -- C:\Users\ryota\AppData\Roaming\WB.CFG
[2013/08/23 00:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/23 00:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 23:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 16:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 08:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 08:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/12/18 00:56:03 | 001,161,682 | ---- | C] () -- C:\Users\ryota\記録されたゲーム - 17-12-2012 10`00`02.mgx
[2012/12/13 15:28:00 | 012,706,828 | ---- | C] () -- C:\Users\ryota\03 Another Heaven.mp3
[2012/12/13 15:28:00 | 010,296,232 | ---- | C] () -- C:\Users\ryota\06 Ｋａｌｅｉｄｏｓｃｏｐｅ（ｔｒａｎｓｐａｒｅｎｔ　ｍｉｘ｜Ｂｏｎｕｓ　Ｔｒａｃｋ）.mp3
[2012/12/13 15:28:00 | 009,962,152 | ---- | C] () -- C:\Users\ryota\05 ARCADIA-Instrumental-.mp3
[2012/12/13 15:28:00 | 009,877,588 | ---- | C] () -- C:\Users\ryota\02 HORIZON.mp3
[2012/12/13 15:28:00 | 009,842,092 | ---- | C] () -- C:\Users\ryota\01 ARCADIA.mp3
[2012/12/13 15:28:00 | 003,751,396 | ---- | C] () -- C:\Users\ryota\04 ARCADIA-game Ver.-.mp3
[2012/10/31 18:22:16 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2015/04/20 22:45:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 02:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 02:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 10:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 09:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 10:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %windir%\tasks\*.job >[/color]
[2015/04/21 19:48:00 | 000,000,626 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/04/21 08:59:00 | 000,000,702 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/21 19:59:00 | 000,000,706 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/04 19:43:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\Price Meter Updater.job

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD5000AAKX-00ERMA0
Partitions: 5
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 300.00MB
Starting Offset: 1048576
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: GPT: System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 315621376
Hidden sectors: 0


DeviceID: Disk #0, Partition #2
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 8.00GB
Starting Offset: 554696704
Hidden sectors: 0


DeviceID: Disk #0, Partition #3
PartitionType: GPT: Basic Data
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 457.00GB
Starting Offset: 8943304704
Hidden sectors: 0


DeviceID: Disk #0, Partition #4
PartitionType: GPT: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 456.00MB
Starting Offset: 499629686784
Hidden sectors: 0


[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2014/10/29 11:42:20 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:33 | 000,110,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2014/10/29 10:21:02 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2014/10/29 10:43:34 | 000,933,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:40 | 000,845,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2014/10/29 10:01:27 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2014/10/29 10:12:28 | 000,516,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2014/10/29 09:55:10 | 000,367,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:50 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2014/10/29 10:27:24 | 000,131,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:06 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2014/10/29 10:05:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:41 | 000,252,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2014/10/29 10:14:35 | 000,110,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2014/10/29 11:44:23 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2014/10/29 10:59:46 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:07:58 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2014/10/29 10:08:58 | 000,397,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2014/10/29 10:01:45 | 000,706,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2014/10/29 10:22:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2014/10/29 09:51:03 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2014/12/06 10:41:58 | 000,391,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:29:16 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2014/10/29 11:45:24 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2014/10/29 09:54:15 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2014/10/29 11:34:42 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:21 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2014/10/29 10:19:29 | 000,817,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2014/10/29 11:42:25 | 000,031,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2014/10/29 12:51:48 | 000,047,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2014/10/29 09:56:06 | 000,146,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:49 | 000,329,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2014/10/29 10:04:06 | 000,640,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2014/10/29 09:49:09 | 000,576,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2014/10/29 09:52:52 | 001,265,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2014/10/29 11:12:14 | 000,313,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2014/10/29 10:34:59 | 000,254,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2014/10/29 10:26:29 | 000,059,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2014/12/09 10:50:34 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2014/10/29 09:59:28 | 001,454,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:48 | 000,911,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2014/12/06 10:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
No service found with a name of SDRSVC
SRV:[b]64bit:[/b] - [2015/02/04 08:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2014/10/29 10:16:27 | 001,696,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2014/10/29 10:02:44 | 000,880,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:59:24 | 000,670,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2014/10/29 11:35:14 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV - [2014/10/29 10:52:53 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2014/10/29 10:18:13 | 000,230,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2015/03/14 09:22:58 | 003,678,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2014/10/29 10:53:17 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2014/10/29 10:03:56 | 001,547,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2014/10/29 10:24:29 | 000,289,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/20 23:08:08 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/07/08 01:11:00 | 000,183,296 | R--- | M] (I-O DATA DEVICE,INC.) -- C:\IOOCI.EXE

[color=#E56717]========== Files - Unicode (All) ==========[/color]
(C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游??器 3) -- C:\Users\ryota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\傲游浏览器 3

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform\dump folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu folder moved successfully.
C:\ProgramData\baidu\update\download folder moved successfully.
C:\ProgramData\baidu\update folder moved successfully.
C:\ProgramData\baidu folder moved successfully.
C:\Program Files (x86)\Baidu\update\x64 folder moved successfully.
C:\Program Files (x86)\Baidu\update folder moved successfully.
C:\Program Files (x86)\Baidu folder moved successfully.
C:\ProgramData\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\ProgramData\Ascentive folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive folder moved successfully.
C:\Program Files (x86)\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\Program Files (x86)\Ascentive folder moved successfully.
C:\Windows\Tasks\WeatherTool_start_schedule_task.job moved successfully.
C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job moved successfully.
File rity] not found.
File sethosts] not found.
File ptyflash] not found.
File ptyjava] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.
========== FILES ==========
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\~rnsetup\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetup folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1 folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0 folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FECF0658-4BBC-40CD-8A59-B24DFFC22DC9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FEB26979-08BA-4E1E-913C-306D3E34C4EA} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FD8839A0-6585-4ABC-81D2-8CDC68299B37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB29B863-F12F-49DD-B629-7BDB157F9ED8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB162EF0-17FB-472E-B305-6B815B0E64D1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F9D2EF8D-D3A3-4105-AF36-05376D92A56E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{f3a57af6-88ca-45b1-b7cc-1107dc9937cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F1080F62-CEA0-4616-B995-2F63084FE80F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EF50CB82-FE8B-4661-8F82-A8058C860628} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECFC06F1-2167-4BEF-A7BA-DBEF7A6A221D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECF3F358-7CC7-45FF-8850-6310823007F7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EB64DF0B-C974-48F6-95B4-9B3742018EFD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EA82548E-17B1-41BF-8F86-DCCE18B58942} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E9855083-8996-4917-9FEC-1929962F6934} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{e81d90f8-71f7-4a99-a081-41ad48b5e85f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E769DE67-5447-49AA-87A9-F6028F44E2D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E1FD021D-9458-4FF7-93CA-F0B7636AD1D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{DA23E86A-2DC1-403E-9CE6-B2A5AB30C82F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D92FD6F0-896D-46DD-B1C3-4B5B494E311E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3BF339E-BFCE-4D0D-9EFE-55C1C6254545} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3350011-66BD-4E65-B639-17ABDD2DCD15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D1660D3E-7EFF-4663-B69A-09AA6007ECB8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C6775D51-2F41-4C81-9EDB-5F36FD9335FD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C32F0596-2B3D-42BD-BCAB-063413C5743D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B98A6BE5-7A69-4304-99C5-B397FD36517B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B86E6AE8-7F76-4096-91CE-9E3981DAB7C4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B60ADAA0-34B5-4DE7-B8E1-E707C52D704B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B51C9C7C-FCF6-4850-BBF9-94A4EE84DC86} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF}\{C9639F28-F548-4B40-B716-4D71FB951F31} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3281854-FBF3-46A9-B9AC-65EEF06BD46D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{b052aa6e-8087-47f0-8192-e766e97fba15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A6C25CCB-471A-49BC-B1A1-0A5AF4A4C4CB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{a0da6614-57b9-4624-a02c-da37f8f3988d} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A0C4B64E-43C9-4A97-8C86-68D7E31BF45A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9FBF712D-C4EF-4E25-B6FD-2CD84A5BB60C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9F6DFDE1-AF28-4F16-B7BE-B290E305BC76} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9DA1F377-A82A-447D-AA82-28D1BF76856E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9D196C56-F5F5-4FBA-9536-D4141F1CD023} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9A1CFD40-80D1-416C-83CE-08053121624F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98CF6048-BE22-4BE4-A2D8-2419CA942AFE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98C45147-525F-4CE6-9E86-818DF0271ABC} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{937CF2D5-327F-41BB-8307-D53539D68690} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{93583C5F-F708-40FD-BDA7-62490C525827} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{929501f1-4af7-48fa-9263-6a787b69b93e} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{918D9962-DBFC-48B9-B4D5-6F319FEC2A0D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{90C55D2C-DC8B-4F15-9FCA-A3A7EBB3D4B8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DC99E7D-F2C2-49E8-96AC-412F35255C40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DA1B4EB-DD13-444A-BB8A-FE59A18B2B4B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0}\{43AAE145-83CF-4C96-9A5E-756CEFCE879F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{86f47482-f86d-4249-a5a3-a389c7e78fec} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{85CFD056-0A45-459D-A407-EBF17DAF3AD9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{82094C23-211E-4A8A-9AFA-E11D53B44BF0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7D5F0495-D5F6-4A75-8B94-32F16DED1FCD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7b341aa3-370d-486b-8758-cc86f11ff9cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{78A0294D-523A-443F-B4FC-4C2497BEECD0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{77E542C5-3174-4FC6-89FD-AE95D4CDAFD6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7113C11E-898C-4363-A489-E96943235917} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6E3A21D6-9D6C-42C4-89C5-AFF995671EE1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6A4ADE93-8F24-4D1E-9B10-1A40566A7AA7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{67B22EFA-DC04-4B79-B6FA-7967F534E4FF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65FF1BDB-8C8B-4E1B-B40B-04D00DD5689A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65F96BE2-CB10-4851-91C9-C8978AFD3706} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{64772E8D-BE96-4B50-9D9C-82B7EF594066} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{63D225A2-392F-4884-85FE-25CC50085EA8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6237D6A3-F905-445A-B01F-4B8136F9B1A5} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{60794be6-786a-4e52-8770-5adf90686703} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5E1E3537-5309-49A6-AA60-9303BB3C09DB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{52B91CAB-6CC0-4D3F-9E5D-06565B3CF652} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5142CA7F-6E8B-41E0-A028-307A81D96060} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4C912254-A084-4DBD-9BD1-2BB899E91C5A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4AFFC2ED-B67E-43F7-86F8-1AB83D70C77A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\ja-jp folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\en-us folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{434F56A5-4B35-4124-B380-9BF467744EE8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3FCAC424-C048-4027-854A-7B0CBE74F360} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3294DB96-CA18-4940-BCA0-841FB2E55E35} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{32669C70-7122-46B0-83E6-C6D0ACB0B57F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{2519463B-6823-4E36-89C3-B9FEBFA97C4E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{24B14CF4-8D52-4C9E-9182-801D3432FC51} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{210AD32E-A39A-4BD4-A844-511878933E3D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1EC61463-13DC-426C-8B39-A7B4CADA1D57} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1AFED947-C4DF-4821-A411-47EA8939EF6D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1084ee1e-2cbe-498a-bd5e-64100582a08f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{107DFCD7-1527-4943-9730-7168A50453DE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{0E0AE565-809C-4297-B071-63371E44BCE6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{07C19D99-4F2B-4FCB-8D91-2D6E90ACAA6B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{05A804ED-F751-4B9D-8B92-A3920AE3496C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{04A99291-D5B2-4FB7-A533-279C78660C37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{02E0D29D-F95C-4DC8-B55D-A2E0AF50A201} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{007F778D-F15C-4EAB-AE92-071D21FAF632} folder moved successfully.
C:\Users\mina\appdata\local\Temp\YontooLayers folder moved successfully.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\Temp1_geek.zip folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164\CRX_INSTALL folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164 folder moved successfully.
C:\Users\mina\appdata\local\Temp\nspA7A5.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\nskB626.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\15DA51D2_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\049AE7E3_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038 folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
C:\Users\mina\appdata\local\Temp\AdobeDownload folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
C:\Users\mina\downloads\FileOpenerSetup (1).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (2).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (3).exe moved successfully.
C:\Users\mina\downloads\File_Extractor_4.exe moved successfully.
C:\Users\mina\downloads\GOMENCODERSETUP_JPN.EXE moved successfully.
C:\Users\mina\downloads\GOMPLAYERJPSETUP.EXE moved successfully.
C:\Users\mina\downloads\ImageResizerSetup.exe moved successfully.
File/Folder C:\Users\mina\setupdvddecrypter_3.5.4.0.exe not found.
C:\Users\mina\downloads\Woopie_Video_DeskTop_3.6.3.exe moved successfully.
C:\Users\mina\downloads\A-Downloader701 folder moved successfully.
C:\Users\mina\desktop\CPRMDecrypter folder moved successfully.
C:\Users\mina\desktop\新しいフォルダー\ともちん動画ラジオ\ｈｅｒｏｅ\VidPlayaSetup_v2.exe moved successfully.
c:\windows\syswow64\AscTaskScheduler.dll moved successfully.
c:\program files\chorokuf\jword_plugin.exe moved successfully.
File/Folder C:\Users\mina\appdata\local\akamai not found.
File\Folder C:\program files (x86)\orbitdownloader not found.
File/Folder C:\Users\mina\Desktop\ＨＥＲＯＥ\SoftonicDownloader_for_jpeg-to-pdf.exe not found.
File\Folder :Commands not found.
File\Folder [purity] not found.
File\Folder [resethosts] not found.
File\Folder [emptyflash] not found.
File\Folder [emptyjava] not found.
File\Folder [emptytemp] not found.
File\Folder [createrestorepoint] not found.
File\Folder [reboot] not found.

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OCustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\OSearchAssistant| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Users\mina\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Users\mina\Desktop\mbam-setup-2-0-1-1004.exe moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform\dump folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu\UpdatePlatform folder moved successfully.
C:\Users\mina\AppData\Roaming\Baidu folder moved successfully.
C:\ProgramData\baidu\update\download folder moved successfully.
C:\ProgramData\baidu\update folder moved successfully.
C:\ProgramData\baidu folder moved successfully.
C:\Program Files (x86)\Baidu\update\x64 folder moved successfully.
C:\Program Files (x86)\Baidu\update folder moved successfully.
C:\Program Files (x86)\Baidu folder moved successfully.
C:\ProgramData\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\ProgramData\Ascentive folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ascentive folder moved successfully.
C:\Program Files (x86)\Ascentive\PC SpeedScan Pro folder moved successfully.
C:\Program Files (x86)\Ascentive folder moved successfully.
C:\Windows\Tasks\WeatherTool_start_schedule_task.job moved successfully.
C:\Windows\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job moved successfully.
File rity] not found.
File sethosts] not found.
File ptyflash] not found.
File ptyjava] not found.
File ptytemp] not found.
File eaterestorepoint] not found.
File boot] not found.
========== FILES ==========
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\~rnsetup\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetup folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu1 folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0\GEMSETUP folder moved successfully.
C:\Users\mina\appdata\local\Temp\~rnsetu0 folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FECF0658-4BBC-40CD-8A59-B24DFFC22DC9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FEB26979-08BA-4E1E-913C-306D3E34C4EA} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FD8839A0-6585-4ABC-81D2-8CDC68299B37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB29B863-F12F-49DD-B629-7BDB157F9ED8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{FB162EF0-17FB-472E-B305-6B815B0E64D1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F9D2EF8D-D3A3-4105-AF36-05376D92A56E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{f3a57af6-88ca-45b1-b7cc-1107dc9937cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{F1080F62-CEA0-4616-B995-2F63084FE80F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EF50CB82-FE8B-4661-8F82-A8058C860628} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECFC06F1-2167-4BEF-A7BA-DBEF7A6A221D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{ECF3F358-7CC7-45FF-8850-6310823007F7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EB64DF0B-C974-48F6-95B4-9B3742018EFD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{EA82548E-17B1-41BF-8F86-DCCE18B58942} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E9855083-8996-4917-9FEC-1929962F6934} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{e81d90f8-71f7-4a99-a081-41ad48b5e85f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E769DE67-5447-49AA-87A9-F6028F44E2D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{E1FD021D-9458-4FF7-93CA-F0B7636AD1D4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{DA23E86A-2DC1-403E-9CE6-B2A5AB30C82F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D92FD6F0-896D-46DD-B1C3-4B5B494E311E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3BF339E-BFCE-4D0D-9EFE-55C1C6254545} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D3350011-66BD-4E65-B639-17ABDD2DCD15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{D1660D3E-7EFF-4663-B69A-09AA6007ECB8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C6775D51-2F41-4C81-9EDB-5F36FD9335FD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{C32F0596-2B3D-42BD-BCAB-063413C5743D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B98A6BE5-7A69-4304-99C5-B397FD36517B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B86E6AE8-7F76-4096-91CE-9E3981DAB7C4} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B60ADAA0-34B5-4DE7-B8E1-E707C52D704B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B51C9C7C-FCF6-4850-BBF9-94A4EE84DC86} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF}\{C9639F28-F548-4B40-B716-4D71FB951F31} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3FE42A2-E725-405D-A19D-0361F47737AF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{B3281854-FBF3-46A9-B9AC-65EEF06BD46D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{b052aa6e-8087-47f0-8192-e766e97fba15} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A6C25CCB-471A-49BC-B1A1-0A5AF4A4C4CB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{a0da6614-57b9-4624-a02c-da37f8f3988d} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{A0C4B64E-43C9-4A97-8C86-68D7E31BF45A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9FBF712D-C4EF-4E25-B6FD-2CD84A5BB60C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9F6DFDE1-AF28-4F16-B7BE-B290E305BC76} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9DA1F377-A82A-447D-AA82-28D1BF76856E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9D196C56-F5F5-4FBA-9536-D4141F1CD023} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{9A1CFD40-80D1-416C-83CE-08053121624F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98CF6048-BE22-4BE4-A2D8-2419CA942AFE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{98C45147-525F-4CE6-9E86-818DF0271ABC} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{937CF2D5-327F-41BB-8307-D53539D68690} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{93583C5F-F708-40FD-BDA7-62490C525827} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{929501f1-4af7-48fa-9263-6a787b69b93e} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{918D9962-DBFC-48B9-B4D5-6F319FEC2A0D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{90C55D2C-DC8B-4F15-9FCA-A3A7EBB3D4B8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DC99E7D-F2C2-49E8-96AC-412F35255C40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{8DA1B4EB-DD13-444A-BB8A-FE59A18B2B4B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0}\{43AAE145-83CF-4C96-9A5E-756CEFCE879F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{894A352C-1D77-494A-90DF-F8D2058CA5C0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{86f47482-f86d-4249-a5a3-a389c7e78fec} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{85CFD056-0A45-459D-A407-EBF17DAF3AD9} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{82094C23-211E-4A8A-9AFA-E11D53B44BF0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7D5F0495-D5F6-4A75-8B94-32F16DED1FCD} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7b341aa3-370d-486b-8758-cc86f11ff9cf} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{78A0294D-523A-443F-B4FC-4C2497BEECD0} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{77E542C5-3174-4FC6-89FD-AE95D4CDAFD6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{7113C11E-898C-4363-A489-E96943235917} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6E3A21D6-9D6C-42C4-89C5-AFF995671EE1} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6A4ADE93-8F24-4D1E-9B10-1A40566A7AA7} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{67B22EFA-DC04-4B79-B6FA-7967F534E4FF} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65FF1BDB-8C8B-4E1B-B40B-04D00DD5689A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{65F96BE2-CB10-4851-91C9-C8978AFD3706} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{64772E8D-BE96-4B50-9D9C-82B7EF594066} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{63D225A2-392F-4884-85FE-25CC50085EA8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{6237D6A3-F905-445A-B01F-4B8136F9B1A5} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{60794be6-786a-4e52-8770-5adf90686703} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5E1E3537-5309-49A6-AA60-9303BB3C09DB} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{52B91CAB-6CC0-4D3F-9E5D-06565B3CF652} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{5142CA7F-6E8B-41E0-A028-307A81D96060} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4C912254-A084-4DBD-9BD1-2BB899E91C5A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4AFFC2ED-B67E-43F7-86F8-1AB83D70C77A} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\ja-jp folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3}\en-us folder moved successfully.
C:\Users\mina\appdata\local\Temp\{4A6EA53D-2D42-418D-A7D5-5B876B5CD9A3} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{434F56A5-4B35-4124-B380-9BF467744EE8} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3FCAC424-C048-4027-854A-7B0CBE74F360} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{3294DB96-CA18-4940-BCA0-841FB2E55E35} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{32669C70-7122-46B0-83E6-C6D0ACB0B57F} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{2519463B-6823-4E36-89C3-B9FEBFA97C4E} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{24B14CF4-8D52-4C9E-9182-801D3432FC51} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{210AD32E-A39A-4BD4-A844-511878933E3D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1EC61463-13DC-426C-8B39-A7B4CADA1D57} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1AFED947-C4DF-4821-A411-47EA8939EF6D} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{1084ee1e-2cbe-498a-bd5e-64100582a08f} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{107DFCD7-1527-4943-9730-7168A50453DE} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{0E0AE565-809C-4297-B071-63371E44BCE6} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{07C19D99-4F2B-4FCB-8D91-2D6E90ACAA6B} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{05A804ED-F751-4B9D-8B92-A3920AE3496C} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{04A99291-D5B2-4FB7-A533-279C78660C37} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{02E0D29D-F95C-4DC8-B55D-A2E0AF50A201} folder moved successfully.
C:\Users\mina\appdata\local\Temp\{007F778D-F15C-4EAB-AE92-071D21FAF632} folder moved successfully.
C:\Users\mina\appdata\local\Temp\YontooLayers folder moved successfully.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\Temp1_geek.zip folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164\CRX_INSTALL folder moved successfully.
C:\Users\mina\appdata\local\Temp\scoped_dir_4192_16164 folder moved successfully.
C:\Users\mina\appdata\local\Temp\nspA7A5.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\nskB626.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\15DA51D2_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038\049AE7E3_stp folder moved successfully.
C:\Users\mina\appdata\local\Temp\is765589038 folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
C:\Users\mina\appdata\local\Temp\AdobeDownload folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
C:\Users\mina\downloads\FileOpenerSetup (1).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (2).exe moved successfully.
C:\Users\mina\downloads\FileOpenerSetup (3).exe moved successfully.
C:\Users\mina\downloads\File_Extractor_4.exe moved successfully.
C:\Users\mina\downloads\GOMENCODERSETUP_JPN.EXE moved successfully.
C:\Users\mina\downloads\GOMPLAYERJPSETUP.EXE moved successfully.
C:\Users\mina\downloads\ImageResizerSetup.exe moved successfully.
File/Folder C:\Users\mina\setupdvddecrypter_3.5.4.0.exe not found.
C:\Users\mina\downloads\Woopie_Video_DeskTop_3.6.3.exe moved successfully.
C:\Users\mina\downloads\A-Downloader701 folder moved successfully.
C:\Users\mina\desktop\CPRMDecrypter folder moved successfully.
C:\Users\mina\desktop\新しいフォルダー\ともちん動画ラジオ\ｈｅｒｏｅ\VidPlayaSetup_v2.exe moved successfully.
c:\windows\syswow64\AscTaskScheduler.dll moved successfully.
c:\program files\chorokuf\jword_plugin.exe moved successfully.
File/Folder C:\Users\mina\appdata\local\akamai not found.
File\Folder C:\program files (x86)\orbitdownloader not found.
File/Folder C:\Users\mina\Desktop\ＨＥＲＯＥ\SoftonicDownloader_for_jpeg-to-pdf.exe not found.
File\Folder :Commands not found.
File\Folder [purity] not found.
File\Folder [resethosts] not found.
File\Folder [emptyflash] not found.
File\Folder [emptyjava] not found.
File\Folder [emptytemp] not found.
File\Folder [createrestorepoint] not found.
File\Folder [reboot] not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3994451D-7208-4EDF-A767-0F46DB922636} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3994451D-7208-4EDF-A767-0F46DB922636}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C06E65E3-A057-49F8-9519-BBBEAE67D05B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C06E65E3-A057-49F8-9519-BBBEAE67D05B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{071BAC78-1802-40E4-B754-1F3D3AD5B841} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{071BAC78-1802-40E4-B754-1F3D3AD5B841}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74448CA8-6F92-45AB-A436-DA340627AC99} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74448CA8-6F92-45AB-A436-DA340627AC99}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1A5F86C-2371-42B3-B6B6-069D57AF4DAB}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15518E2A-8B0D-436F-A3C6-DFB533D67904} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15518E2A-8B0D-436F-A3C6-DFB533D67904}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FA6D572-07BA-4D47-AF00-B61440EE50B0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FA6D572-07BA-4D47-AF00-B61440EE50B0}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFC0C1E4-7832-4452-8708-AD5F6E1B3321} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFC0C1E4-7832-4452-8708-AD5F6E1B3321}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C8E4506-6A6E-454E-81A4-466ED98959AA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C8E4506-6A6E-454E-81A4-466ED98959AA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8DBD45DE-CD23-473F-B00F-A713BE8E3A16} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8DBD45DE-CD23-473F-B00F-A713BE8E3A16}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAC9563B-849E-44A9-B304-9243D72E82F1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FAC9563B-849E-44A9-B304-9243D72E82F1}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 396 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: mina
->Flash cache emptied: 19110234 bytes

User: Public

Total Flash Files Cleaned = 18.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: mina
->Java cache emptied: 707066 bytes

User: Public

Total Java Files Cleaned = 1.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mina
->Temp folder emptied: 112558174 bytes
->Temporary Internet Files folder emptied: 5971447446 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 129650125 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51699548 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42312094 bytes
RecycleBin emptied: 10914075 bytes

Total Files Cleaned = 6,026.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04212015_210211
Files\Folders moved on Reboot...
Folder move failed. c:\program files\shopperz scheduled to be moved on reboot.
C:\Users\mina\appdata\local\Temp\WPDNSE folder moved successfully.
C:\Users\mina\appdata\local\Temp\nsfD911.tmp folder moved successfully.
C:\Users\mina\appdata\local\Temp\Low folder moved successfully.
C:\Users\mina\appdata\local\Temp\clear.fiClient folder moved successfully.
Folder move failed. C:\Users\mina\appdata\local\Temp scheduled to be moved on reboot.
File move failed. C:\Users\mina\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Users\mina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...