当掲示板規約
魏志倭人王IT研究所
ネットセキュリティブログ
bleepingcomputer.com
Malwarebytesフォーラム
Avast 日本語版 サポートフォーラム
SANDBOXIEに関する『新』Forum
マルウェアなんでも雑談掲示板
1085259トロイの木馬? - 泣面蜂
2016/11/08 (Tue) 19:41:16
ESETがトロイの木馬を検知するようになってしまいました。
パソコンを立ち上げたときや、デバイスを接続する時などに検知するようです。
何かアドバイスをお願いします。
ESETログより
日時;スキャナ;オブジェクトの種類;オブジェクト;脅威;アクション;ユーザー;情報;ハッシュ;最初の画面
2016/11/08 19:37:05;HTTP フィルタ;ファイル;http://none-stops.com/wpad.dat?12b33093090f112c16eb332f8f71b90c19573320;JS/ProxyChanger.BW トロイの木馬;接続が切断されました;NT AUTHORITY\SYSTEM;アプリケーションによるウェブへのアクセスにおいて脅威が検出
されました: C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe (29BE332D01DF5E8A71330C986887F2E979912B3D).;CFEEA66F5E6359E20FEBA9C8C987168D89A1D551;
MBAMのlogも貼ります
Malwarebytes Anti-Malware
www.malwarebytes.org
スキャン日付: 2016/11/08
スキャン時刻: 19:10
ログファイル: 20161108.txt
管理者: はい
バージョン: 2.2.1.1043
マルウェアデータベース: v2016.11.08.05
ルートキットデータベース: v2016.10.31.01
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効
OS: Windows 7 Service Pack 1
CPU: x64
ファイルシステム: NTFS
ユーザー: Koki
スキャン形式: 脅威スキャン
結果: 完了しました
スキャンされたオブジェクト数: 339168
経過時間: 20 分, 12 秒
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 有効
ディープルートキットスキャン: 有効
ヒューリスティック: 有効
PUP: 有効
PUM: 有効
プロセス: 0
(なし悪意のある項目を検出)
モジュール: 0
(なし悪意のある項目を検出)
レジストリキー: 0
(なし悪意のある項目を検出)
レジストリ値: 1
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigURL, http://none-stops.com/wpad.dat?12b33093090f112c16eb332f8f71b90c19573320, , [fadb7e3fa5f557df779cf5fa28dce21e]
レジストリデータ: 0
(なし悪意のある項目を検出)
フォルダー: 0
(なし悪意のある項目を検出)
ファイル: 0
(なし悪意のある項目を検出)
物理セクタ: 0
(なし悪意のある項目を検出)
(end)Re: トロイの木馬? - 管理人です
2016/11/08 (Tue) 21:35:40
MBAMのlogありがとうございます
予想した通りですが「すでに」感染しており悪性レジストリが書き込まれているんです。それが原因でPC側からインタネットの向こう側に通信が行われており、その通信(アウトバウンド通信)をESETが検知して、接続を遮断してPCを保護しているという状況です。
❶MBAMで検知されている、その悪性なレジストリを削除しましょう。削除したらPCを再起動してください。ESETの反応を含め、警告がどうなっているかを、教えてください。Re: トロイの木馬? - 管理人です
2016/11/08 (Tue) 21:52:34
Rogue Killerをデスクトップ上にダウンロードしてください
http://www.bleepingcomputer.com/download/roguekiller/Re: トロイの木馬? - 管理人です
2016/11/08 (Tue) 22:31:51
Rogue Killerをインストールする段階で32bitと64bitをインストールするか?と訊かれるはずなので☑をいれて、インストール開始してください。
❶Rogue Killerのインストールが完了したら画面の上をみて「Scan」を選択
❷Start scanをクリックへ
Re: トロイの木馬? - 泣面蜂
2016/11/08 (Tue) 22:49:55
再起動しました。
まだIEを起動しただけですが、ESETは反応してないみたいです。Re: トロイの木馬? - 管理人です
2016/11/08 (Tue) 23:06:42
まだIEを起動しただけですが、ESETは反応してないみたいです。
↑
お疲れ様です。お使いのブラウザを起動させ、あっちこっちアクセスしてみてくださいね
❷さらにRogue Killerでscanしてください。
scanが完了したら写真の赤丸部分をクリックしてください。そうするとlogを採取できるようになります。Re: トロイの木馬? - 管理人です
2016/11/08 (Tue) 23:09:35
画面が変わるので「Export TXT」をクリックへ
つまり検査結果を「メモ帳」で出力するという意味です。
全文をコピペして見せてください。
(まだ削除はしないでくださいよ)
-----------------------------------------------
Rogue Killerで色々と検知されると思いますが、驚かないでください(削除の必要ないモノまで検知される場合が多いからです)。Re: トロイの木馬? - 泣面蜂
2016/11/08 (Tue) 23:35:56
Roguekillerの結果です。
RogueKiller V12.8.0.0 (x64) [Nov 7 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Koki [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 11/08/2016 22:51:51 (Duration : 00:30:53)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 14 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-4261260701-416543501-3130217906-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-4261260701-416543501-3130217906-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : http://www.bing.com -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E8F38DD3-CE76-40E1-83F3-F5FB72A69A1D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\NexonJP\NGM\NGM.exe|Name=Nexon Game Manager| [-] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2F2509A1-E145-40C4-9B33-7BBE69FA8F0D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\NexonJP\NGM\NGM.exe|Name=Nexon Game Manager| [-] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F55674FA-7C72-427E-BBDD-D57FDDD18E10} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe|Name=Norton Removal Tool| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D7AE9355-7BD3-4B4D-9BAA-54C4ABEBDC37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe|Name=Norton Removal Tool| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {67994915-AC14-43FF-A772-98C82C2C661E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe|Name=xlKCSDownload_jp_Engine| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E456BE92-F878-4E14-B644-810B04A00A19} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe|Name=xlKCSDownload_jp_Engine| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E8F38DD3-CE76-40E1-83F3-F5FB72A69A1D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\NexonJP\NGM\NGM.exe|Name=Nexon Game Manager| [-] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2F2509A1-E145-40C4-9B33-7BBE69FA8F0D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\NexonJP\NGM\NGM.exe|Name=Nexon Game Manager| [-] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F55674FA-7C72-427E-BBDD-D57FDDD18E10} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe|Name=Norton Removal Tool| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {D7AE9355-7BD3-4B4D-9BAA-54C4ABEBDC37} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe|Name=Norton Removal Tool| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {67994915-AC14-43FF-A772-98C82C2C661E} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe|Name=xlKCSDownload_jp_Engine| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {E456BE92-F878-4E14-B644-810B04A00A19} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe|Name=xlKCSDownload_jp_Engine| [7] -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 2 ¤¤¤
[PUM.NewTab][Firefox:Config] n0n0p0t1.default : user_pref("browser.newtab.url", "about:newtab"); -> Found
[PUM.HomePage][Chrome:Config] Default : session.startup_urls [http://jp.hao123.com/?tn=incore_pay_hp_01_hao123_jp|http://www.yahoo.co.jp/] -> Found
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD20EFRX-68EUZN0 ATA Device +++++
--- User ---
[MBR] 55785a54602c45fc1e037b0f0e6d5f59
[BSP] 2bebe1f6fa1256ef43f1f1e1c6024cfc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 153767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 315121664 | Size: 1753859 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: I-O DATA HDCS-U +++++
--- User ---
[MBR] d89417b7287aeb462ca1bdcac29eb00c
[BSP] 6edd2ea32a6bb45b823a1018d196e116 : Unknown|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] ????????????????? )
+++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] ???????????????? )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ????????????????? )
+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] ???????????????? )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ????????????????? )
+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] ???????????????? )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ????????????????? )
+++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] ???????????????? )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ????????????????? )
+++++ PhysicalDrive6: BUFFALO HD-PVU2 USB Device +++++
--- User ---
[MBR] 33be34d7aaca0dfb49c0d7d0c1d5c9cb
[BSP] 3710c85845e9ab82119ab2a6b673838b : Empty|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] ????????????????? )Re: トロイの木馬? - 管理人です
2016/11/09 (Wed) 00:45:45
Rogue Killerのlogありがとうございました。PUPにも感染してますね。ええと、またlogの採取をします。良い機会だからPCを解析して不要なPUP類も、全部削除してしまいましょう。心配していた「MBR」感染はしていませんね。Rogue Killerは、そのままプログラムを「X印」をクリックして終了してください(削除は絶対選択せず、削除せずに、そのままRogue Killerを終了させてください)。
***
CCleanerをデスクトップ上にダウンロードへ
http://www.piriform.com/ccleaner/download/standard
C Cleanerを管理者権限で起動
↓
C Cleanerの操作画面の「左側」を見てください。
「ツール」をクリック
↓
「インストール情報」が青色になっているはず。
↓
CCleanerの画面の「右の下」を見てください。「テキストとして保存」があります。それをクリックするとPCにインストールされているsoftware一覧が記録されています。それをコピペして全部見せてください
ーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーーー
さらにCCleanerでlogを採取します
「ツール」を選択し
↓
「スタートアップ」を選択しクリック
↓
するとC Cleanerの「タブ一覧」に→Windowsだとか、スケジュールされたタスクだとか、Internet Explorer(インストールしておればFirefox,Chromeなどのブラウザに関するタブもあるでしょうし)、コンテキストメニューもありますね?そのlogを採取して貼り付けて欲しいわけです
例えばですが、「Windows」を選択し、C Cleanerの「右の下」を見ると「テキストとして保存」という青色部分ありますからそれをクリックするとメモ帳が開き、logが記録されています。その保存先は「デスクトップ」上にして一旦保存してください(デスクトップ上に保存するのが一番簡単なので)。この遣り方で、スケジュールされたタスク、ブラウザに関しては全部、コンテキストメニューに関しても、logを貼り付けてください。
❶インストール情報
❷Windowsに関するlog
❸インストールされているブラウザ(例えばIEだとかChromeなどの意味です)に関するlog
❹スケジュールされたタスクに関するlog
❺コンテキストメニュー
これをすべて見せてください。
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:46:12
インスト情報です
大人のゲームは気にしないでください。
7-Zip 9.20 (x64 edition) Igor Pavlov 2011/12/11 4.53 MB 9.20.00.0
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2016/11/04 225 MB 15.020.20042
Adobe AIR Adobe Systems Incorporated 2015/09/08 18.0.0.144
Adobe Flash Player 23 ActiveX Adobe Systems Incorporated 2016/11/08 4.77 MB 23.0.0.207
Adobe Flash Player 23 NPAPI Adobe Systems Incorporated 2016/11/09 5.35 MB 23.0.0.207
Apple Application Support(32 ビット) Apple Inc. 2016/09/18 117 MB 5.0.1
Apple Application Support(64 ビット) Apple Inc. 2016/09/18 132 MB 5.0.1
Apple Mobile Device Support Apple Inc. 2016/09/18 27.4 MB 10.0.0.18
Apple Software Update Apple Inc. 2016/04/25 2.69 MB 2.2.0.150
Bandisoft MPEG-1 Decoder 2015/11/08
Bonjour Apple Inc. 2015/09/18 2.01 MB 3.1.0.1
BOOK☆WALKER for Windows 株式会社ブックウォーカー 2015/10/19 99.1 MB 1.2.2
BUFFALO AirStation倍速設定ツール(アンインストール) 2011/12/11
BUFFALO クライアントマネージャV BUFFALO INC. 2011/12/11 9.86 MB 1.4.6
BUFFALO ソフトウェアルーター設定ツール 2011/12/11
CCleaner Piriform 2016/11/07 5.23
ChuSingura46+1 インレ 2014/07/10 7.13 GB 1.0.0
ChuSingura46+1 武士の鼓動 インレ 2015/02/01 8.62 GB 1.0.0
Common GameOn 2015/06/19 1529000
Craving Explorer Version 1.6.21 T-Craft 2015/10/22 23.1 MB 1.6.21.0
CubePDF 1.0.0RC6 CubeSoft 2013/09/16 26.1 MB
CyberLink LabelPrint CyberLink Corp. 2011/06/13 31.8 MB 2.5.3624
CyberLink Media Suite CyberLink Corp. 2011/06/13 36.4 MB 8.0.2813
CyberLink MediaShow CyberLink Corp. 2011/06/13 387 MB 5.1.2109n
CyberLink Power2Go CyberLink Corp. 2011/06/13 184 MB 7.0.0.1607
CyberLink PowerBackup CyberLink Corp. 2011/11/30 2.5.6023
CyberLink PowerDirector CyberLink Corp. 2011/06/13 592 MB 8.0.4110
CyberLink PowerDVD 10 CyberLink Corp. 2011/06/13 165 MB 10.0.2731.02
DMM ゲームランチャー 2015/03/14
Dolphin Dolphin Team 2016/11/06 20.4 MB 5.0
DungeonStriker EYEDENTITY GAMES 2015/11/08 2.00.0000
EaseUS Todo Backup Free 8.6 CHENGDU YIWO Tech Development Co., Ltd 2015/09/27 8.6
ELECOM JC-PS101U series 3.0 2015/11/01
ESET Smart Security ESET, spol. s r.o. 2016/03/30 123 MB 9.0.349.19
Gamepot Web実行環境 Gamepot 2011/12/16 940 KB 1.1.0
GIZMO ants Inc. 2012/09/21 8.93 MB 3.24.0000
GIZMO テレビ連携 for PIXELA ants Inc. 2011/06/09 14.0 KB 1.0.0
GIZMO テレビ連携 for PIXELA 2 ants Inc. 2011/06/09 18.0 KB 1.0.0
GIZMO テレビ連携 for Windows Media Center ants Inc. 2011/06/09 6.00 KB 1.1.2
GIZMO テレビ連携 コアコンポーネント ants Inc. 2011/06/09 26.0 KB 1.0.1
Google Chrome Google Inc. 2011/12/11 54.0.2840.71
Google Toolbar for Internet Explorer Google Inc. 2016/05/02 7.5.7619.1252
Google 日本語入力 Google Inc. 2016/10/21 80.6 MB 2.19.2680.0
Hangame 2012/11/25
iCloud Apple Inc. 2015/02/04 90.8 MB 4.0.6.28
Intel(R) Management Engine Components Intel Corporation 2011/11/30 7.0.0.1144
iTunes Apple Inc. 2016/09/18 242 MB 12.5.1.21
Java 8 Update 111 Oracle Corporation 2016/11/06 94.1 MB 8.0.1110.14
JWord プラグイン JWord Inc. 2012/10/16 2.5.5.65
Malwarebytes Anti-Malware バージョン 2.2.1.1043 Malwarebytes 2016/11/07 66.8 MB 2.2.1.1043
Media Go Sony 2015/08/01 150 MB 2.9.406
Media Go Network Downloader Sony 2015/08/01 1.32 MB 1.6.01.0
Media Go Video Playback Engine 2.16.103.12020 Sony 2015/08/01 21.0 MB 2.16.103.12020
Microsoft .NET Framework 4.6.1 Microsoft Corporation 2016/08/16 38.8 MB 4.6.01055
Microsoft .NET Framework 4.6.1 (日本語) Microsoft Corporation 2016/08/21 2.93 MB 4.6.01055
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2014/10/15 1.59 MB 4.0.40804.0
Microsoft Office 365 - ja-jp Microsoft Corporation 2016/10/19 15.0.4867.1003
Microsoft OneDrive Microsoft Corporation 2014/12/30 26.8 MB 17.3.1171.0714
Microsoft Silverlight Microsoft Corporation 2016/10/29 596 MB 5.1.50901.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 2011/06/09 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2012/05/05 298 KB 8.0.61001
Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Corporation 2013/02/25 2.64 MB 8.0.51011
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 2013/10/15 252 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 2012/01/21 784 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 2012/05/05 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 2011/06/09 608 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2011/06/13 586 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 2012/01/21 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2012/05/05 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/12 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2015/02/12 16.5 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 2015/08/01 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2015/04/29 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 Microsoft Corporation 2016/11/06 24.4 MB 14.0.23918.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 2016/10/26 20.7 MB 14.0.23506.0
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2015/02/12 10.0.50903
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 Microsoft Corporation 2015/02/12 10.0.50903
Mozilla Firefox 8.0 (x86 ja) Mozilla 2011/12/11 35.4 MB 8.0
MPC-HC 1.7.8 (64-bit) MPC-HC Team 2015/03/22 39.1 MB 1.7.8
NVIDIA 3D Vision コントローラー ドライバー 347.09 NVIDIA Corporation 2014/12/26 347.09
NVIDIA 3D Vision ドライバー 353.82 NVIDIA Corporation 2015/09/12 353.82
NVIDIA GeForce Experience 2.1.5 NVIDIA Corporation 2014/12/26 2.1.5
NVIDIA HD オーディオ ドライバー 1.3.34.3 NVIDIA Corporation 2015/09/12 1.3.34.3
NVIDIA PhysX システム ソフトウェア 9.14.0702 NVIDIA Corporation 2014/09/20 9.14.0702
NVIDIA グラフィックス ドライバー 353.82 NVIDIA Corporation 2015/09/12 353.82
Onigiri_JP CyberStep, Inc. 2015/11/01 1.00.0000
Paint.NET v3.5.10 dotPDN LLC 2013/08/10 10.6 MB 3.60.0
PCSX2 - Playstation 2 Emulator 2016/10/26
PlayStation(R)Network Downloader Sony Computer Entertainment Inc. 2012/10/19 827 KB 2.07.00849
PlayStation(R)Store Sony Computer Entertainment Inc. 2013/11/24 5.68 MB 4.18.0.15698
Pmangインストールマネージャー GameOn,Pmang 2014/04/14 1.0.1.1
PrimoPDF activePDF 2012/01/11 4.1.0.10
Princess Evangile ~W Happiness~ MOONSTONE 2012/07/06 1.00.0
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.4.0. Cyanide 2013/05/27 310 MB 1.4.0.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2011/11/30 6.0.1.6383
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 2011/11/30 1.22 MB 2.1.16.0
RogueKiller version 12.8.0.0 Adlice Software 2016/11/08 76.5 MB 12.8.0.0
sdrt(5.0, 64bit) パルティオソフト株式会社 2014/02/28 3.93 MB 5.0.3.0
Unity Web Player Unity Technologies ApS 2012/12/28 12.0 MB
Windows Live Essentials Microsoft Corporation 2011/06/09 15.4.3502.0922
Yahoo!ツールバー Yahoo! JAPAN. 2012/11/25 7.3.0.14
『こいなか-小田舎で初恋x中出しセクシャルライフ-』 eRONDO 2014/07/27 3.35 GB 1.00.0000
あっぱれ!天下御免 株式会社ネクストン 2011/12/29 7.93 GB 1.00.0000
あっぱれ!天下御免[祭] 株式会社ネクストン 2012/12/23 5.31 GB 1.00.0000
あなたの事を好きと言わせて WILLPLUS 2012/11/18 1.00.0000
この大空に、翼をひろげて WILLPLUS 2012/05/29 1.00.0000
この大空に、翼をひろげて FLIGHT DIARY WILLPLUS 2013/03/30 1.00.0000
はぴねす! 2012/03/24
はぴねす!りらっくす 2012/03/27
もっと 姉、ちゃんとしようよっ! INTERHEART 2012/03/03 4.88 GB 1.9
もっと 姉、ちゃんとしようよっ!AS INTERHEART 2012/03/14 4.39 GB 1.9
アマカノ 2015/05/24
アマカノ~Second Season~ 2016/01/10
カミカゼ☆エクスプローラー! 2011/12/24
コンテンツ管理アシスタント for PlayStation(R) Sony Computer Entertainment Inc. 2016/02/14 5.01 MB 3.55.7671.0901
テレビNaviガジェット 株式会社プレゼントキャスト 2011/06/09 7.96 MB 1.12.1000
デュエリスト×エンゲージ WILLPLUS 2012/07/03 1.00.0000
トラベリングスターズ HOOKSOFT 2016/05/28
ナマイキデレーション 2014/06/14
ヤキモチストリーム まどそふと 2014/12/25 5.96 GB 1.00
ラヴレッシブ スミレ 2013/04/05 33.9 MB 1.0.0
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) Microsoft Corporation 2011/06/09 5.57 MB 15.4.5722.2
レーシャル・マージ AXL 2014/06/18
ワルキューレロマンツェ Ricotta 2012/04/19
ワルキューレロマンツェ More&More Ricotta 2013/10/25
乙女が奏でる恋のアリア WILLPLUS 2015/04/19 1.00.0000
乙女が紡ぐ恋のキャンバス WILLPLUS 2012/04/04 1.00.0000
乙女が紡ぐ恋のキャンバス 二人のギャラリー WILLPLUS 2012/11/25 1.00.0000
処女(おとめ)はお姉さま(ボク)に恋してるDVD版 の削除 2011/12/22
処女はお姉さまに恋してる ~2人のエルダー 2011/12/16
姉小路直子と銀色の死神 みなとカーニバル 2015/04/18 1.69 GB 1.00
恋する乙女と守護の楯 2012/02/29
恋騎士 Purely☆Kiss エフォルダムソフト 2012/04/20
戦国†恋姫 ~乙女絢爛☆戦国絵巻~ 2016/02/06
戦国†恋姫X ~乙女絢爛☆戦国絵巻~ 2016/06/06
戦極姫5~戦禍断つ覇王の系譜~ unicorn-a 2014/02/12 5.79 GB 1.00.0000
水の都の洋菓子店(パティスリー) すたじお ちゃお 2012/03/30
真・恋姫†英雄譚1 2015/04/24
真・恋姫†英雄譚2 2015/08/28
真・恋姫†英雄譚3 2015/10/30
真剣で私に恋しなさい!S みなとそふと 2012/01/31
祝福のカンパネラ 2014/04/13
舞風のメルト -Where leads to feeling destination- Whirlpool 2012/08/29 1.00
花と乙女に祝福を 2012/03/20
花と乙女に祝福を ロイヤルブーケ 2012/03/23
辻堂さんのバージンロード みなとカーニバル 2013/09/06 2.22 GB 1.00
辻堂さんの純愛ロード みなとカーニバル 2012/09/29 3.07 GB 1.00
LOVELY×C∧TION-もうずっと初恋の日々エディション- hibiki works 2014/03/02 3.32 GB 1.00
LOVELY×C∧TION2 hibiki works 2013/10/06 1.00
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:47:19
windowsのlogです
有効 HKCU:Run AlcoholAutomount Alcohol Soft Development Team "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run Google Update Google Inc. "C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe" /c
無効 HKCU:Run iCloudServices Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
有効 HKCU:Run X-TUNE XTRM CORPORATION D:\x-tune\xtune.exe
有効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
無効 HKLM:Run CLMLServer CyberLink "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
有効 HKLM:Run GIZMO2 ants Inc. "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run IME14 JPN Uninstall Microsoft Corporation C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE /Uninstall /JPN /Log
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run jwdsrch JWord Inc. C:\Program Files (x86)\JWord\Plugin2\jwdsrch.exe
有効 HKLM:Run NUSB3MON Renesas Electronics Corporation "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
無効 HKLM:Run Nvtmru "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
無効 HKLM:Run RemoteControl10 CyberLink Corp. "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 Startup Common クライアントマネージャV.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
有効 Startup Common コンテンツ管理アシスタント for PlayStation(R).lnk Sony Computer Entertainment Inc. C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
有効 Startup Common ソフトウェアルーター設定ツール.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:48:26
IEに関するlogです
有効 Extension JWord プラグイン C:\ProgramData\JWord\plugin2\JwdHelpAbout.html
有効 Extension JWord プラグインの設定... JWord Inc. C:\PROGRA~2\JWord\Plugin2\JwdPH.dll
有効 Extension JWord プラグインの設定... JWord Inc. C:\PROGRA~2\JWord\Plugin2\JwdPH_64.dll
有効 Extension JWord 検索バー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~2.DLL
有効 Extension JWord 検索バー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~1.DLL
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
有効 Extension OneNote Linked Notes Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
有効 Extension Send to OneNote Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
有効 Extension Skype for Business Click to Call Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Extension このコンテンツを引用 Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Helper Google Toolbar Helper Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
無効 Helper Java(tm) Plug-In 2 SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
無効 Helper Java(tm) Plug-In SSV Helper Oracle Corporation C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
無効 Helper JWord スピードダイアル ヘルパー JWord Inc. C:\Program Files (x86)\JWord\Common\SpeedDial\SpeedDial.dll
無効 Helper JWord スピードダイアル ヘルパー JWord Inc. C:\Program Files (x86)\JWord\Common\SpeedDial\SpeedDial_64.dll
無効 Helper JWord プラグイン 拡張ヘルパー JWord Inc. C:\PROGRA~2\JWord\Plugin2\jwdpm.dll
無効 Helper JWord プラグイン 拡張ヘルパー JWord Inc. C:\PROGRA~2\JWord\Plugin2\jwdpm_64.dll
無効 Helper JWord 検索バーヘルパー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~2.DLL
無効 Helper JWord 検索バーヘルパー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~1.DLL
無効 Helper McAfee Phishing Filter c:\progra~1\mcafee\msk\mskapbho.dll
無効 Helper McAfee Phishing Filter c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL
有効 Helper Microsoft SkyDrive Pro Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
無効 Helper Office Document Cache Handler Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
有効 Helper Skype for Business Browser Helper Microsoft Corporation C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
有効 Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
有効 Helper Windows Live ID サインイン ヘルパー Microsoft Corp. C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\YahooToolBar.dll
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
無効 Toolbar Google Toolbar Google Inc. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\YahooToolBar.dll
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:49:39
firefoxに関するlogです
有効 Extension G Data BankGuard 1.1.11222.991 G Data Software AG default Firefox 8.0 C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
無効 Extension Java Console 6.0.35 default Firefox 8.0 C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
無効 Extension Java Console 6.0.37 default Firefox 8.0 C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
無効 Extension Java Console 6.0.39 default Firefox 8.0 C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
有効 Plugin Adobe Acrobat 15.20.20039.7108 Adobe Systems Inc. default Firefox 8.0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
有効 Plugin Google Update 1.3.31.5 Google Inc. default Firefox 8.0 C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll
有効 Plugin Java Deployment Toolkit 6.0.390.4 6.0.390.4 default Firefox 8.0 C:\Windows\SysWOW64\npdeployJava1.dll
有効 Plugin Java(TM) Platform SE 6 U39 6.0.390.4 default Firefox 8.0 C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
有効 Plugin Microsoft Office 2013 15.0.4514.1000 Microsoft Corporation default Firefox 8.0 C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
有効 Plugin Nexon Game Controller 1.0.1.2 Nexon default Firefox 8.0 C:\ProgramData\NexonJP\NGM\npNxGameJP.dll
有効 Plugin NVIDIA 3D Vision 7.17.13.5382 NVIDIA Corporation default Firefox 8.0 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin NVIDIA 3D VISION 7.17.13.5382 NVIDIA Corporation default Firefox 8.0 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
有効 Plugin PlayStation(R)Network Downloader Check Plug-in 1.0.0.0 Sony Computer Entertainment Inc. default Firefox 8.0 C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
有効 Plugin pmangdiagnostic 1.0.0.1 gameon default Firefox 8.0 C:\GameOn\Common files\nppmangdiagnostic.dll
有効 Plugin pmangsupport 1.0.0.1 gameon default Firefox 8.0 C:\GameOn\Common files\nppmangsupport.dll
有効 Plugin Shockwave Flash 23.0.0.205 Adobe Systems Incorporated default Firefox 8.0 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
有効 Plugin Silverlight Plug-In 5.1.50901.0 Microsoft Corporation default Firefox 8.0 C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
有効 Plugin Unity Player 5.0.3.35960 Unity Technologies ApS default Firefox 8.0 C:\Users\Koki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
有効 Plugin Windows LiveEPhoto Gallery 15.4.3502.922 Microsoft Corporation default Firefox 8.0 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:50:55
googleCに関するlogです
無効 Plugin Adobe Acrobat 9.4.0.195 最初のユーザー C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
有効 Plugin Chrome PDF Viewer 最初のユーザー C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\pdf.dll
有効 Plugin Default Plug-in 1 最初のユーザー default_plugin
有効 Plugin Google Update 1.3.21.79 最初のユーザー C:\Users\Koki\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
有効 Plugin Native Client 最初のユーザー C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll
有効 Plugin NVIDIA 3D Vision 7.17.12.8026 最初のユーザー C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
有効 Plugin Remoting Viewer 最初のユーザー internal-remoting-viewer
有効 Plugin Shockwave Flash 10,3,181,14 最初のユーザー C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
有効 Plugin Shockwave Flash 11,1,102,55 最初のユーザー C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\gcswf32.dll
有効 Plugin Silverlight Plug-In 4.0.50401.0 最初のユーザー c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
有効 Plugin Windows Live Photo Gallery 15.4.3502.0922_ship.wlx.w4m4 (ship) 最初のユーザー C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:51:50
タスクです
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore1ce7faffdca8721 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d04146bd7a736 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d0bfaf216f9833 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d0e30ed39ec5fe Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d0f2151f622ef8 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineCore1d12f34b956ae14 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA1ce7a26c5e78091 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1cf6b65ebc22678 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d04146ce3c7f6 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d0935c5c4bce73 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d0bfaf21f746a2 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d0e30ed413696b Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d0f2151fd933c6 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d12f34b9fcdb93 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskMachineUA1d15da1c332f980 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1ce7faf4607ef26 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d04061e59b8141 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d08fe0fc425da5 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0bfae9423696f Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0e178b6b1c4ed Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0ef953bbcb2aa Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d15e387f3d305d Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7ca33067017 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7faf46d3f4b3 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d04061e825b817 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d08fe0fcd39196 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0bfae94b6fec0 Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0e178b74346ff Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0ef953c576c1b Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d12cf9ccdf4c0f Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d15e387febc26b Google Inc. C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task {45E1CA70-FFFF-4EB4-AF34-169C23ABF003} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Windows\PmangDownloader.exe -c /UINSTL=%s,%s
有効 Task {ABC270D2-61A6-436F-B4A2-C93DB38106F9} Microsoft Corporation C:\Windows\system32\pcalua.exe -a I:\GAME\祝福のカンパネラ\uninst.exe -d I:\GAME\祝福のカンパネラ
Re: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:52:34
コンテキストです
有効 Directory 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 Directory Offline Files
有効 Directory SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 Directory SkyDriveEx Microsoft Corporation C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
有効 Drive AlcoholShellEx Alcohol Soft Development Team C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxShlex.dll
有効 Drive AlcoholShellEx64 Alcohol Soft Development Team C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxShlEx64.dll
有効 Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Drive SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 File 7-Zip Igor Pavlov C:\Program Files\7-Zip\7-zip.dll
有効 File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
有効 File SimpleShlExt CHENGDU YIWO Tech Development Co.,Ltd C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
有効 File SkyDriveEx Microsoft Corporation C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll
有効 Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security\shellExt.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 Folder Offline FilesRe: トロイの木馬? - 泣面蜂
2016/11/09 (Wed) 18:54:24
以上です
ブラウザはIE以外ほとんど使っていません。
量が多いですが宜しくお願いします。Re: トロイの木馬? - 管理人です
2016/11/09 (Wed) 23:51:24
CCleanerを利用して以下をアンインストールです(コントロールパネルからのアンインストールでもOKですからね)
JWord プラグイン JWord Inc. 2012/10/16 2.5.5.65
Yahoo!ツールバー Yahoo! JAPAN. 2012/11/25 7.3.0.14
----------------------------------------
CCleanerの「ツール」
↓
「スタートアップ」から「Windows」まで進み
有効 HKLM:Run jwdsrch JWord Inc. C:\Program Files (x86)\JWord\Plugin2\jwdsrch.exe ←これの真上で「右」クリックすると「エントリの削除」があるのでそれをクリックすると削除できます。
---------------------------------------
次はCCleanerで「IE」に巣食っている悪党を削除します
有効 Extension JWord プラグイン C:\ProgramData\JWord\plugin2\JwdHelpAbout.html
有効 Extension JWord プラグインの設定... JWord Inc. C:\PROGRA~2\JWord\Plugin2\JwdPH.dll
有効 Extension JWord プラグインの設定... JWord Inc. C:\PROGRA~2\JWord\Plugin2\JwdPH_64.dll
有効 Extension JWord 検索バー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~2.DLL
有効 Extension JWord 検索バー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~1.DLL
無効 Helper JWord スピードダイアル ヘルパー JWord Inc. C:\Program Files (x86)\JWord\Common\SpeedDial\SpeedDial.dll
無効 Helper JWord スピードダイアル ヘルパー JWord Inc. C:\Program Files (x86)\JWord\Common\SpeedDial\SpeedDial_64.dll
無効 Helper JWord プラグイン 拡張ヘルパー JWord Inc. C:\PROGRA~2\JWord\Plugin2\jwdpm.dll
無効 Helper JWord プラグイン 拡張ヘルパー JWord Inc. C:\PROGRA~2\JWord\Plugin2\jwdpm_64.dll
無効 Helper JWord 検索バーヘルパー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~2.DLL
無効 Helper JWord 検索バーヘルパー JWord C:\PROGRA~2\JWord\Plugin2\COMPON~1\JWDEXP~1\JWDEXP~1.DLL
無効 Helper McAfee Phishing Filter c:\progra~1\mcafee\msk\mskapbho.dll
無効 Helper McAfee Phishing Filter c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL
無効 Helper Yahoo!ツールバーフィッシング警告 Yahoo Japan Corporation. C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\ypho.dll
無効 Helper Yahoo!ツールバーヘルパー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\YahooToolBar.dll
無効 Toolbar Yahoo!ツールバー Yahoo! JAPAN C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_14\Modules\YahooToolBar.dll
ーーーーーーーーーーーーーーーーーーー
とりあえず、上記をCCleanerを利用してアンインストール、あるいは削除を行い完了したらPCを再起動させてください。
❷その後、お手数ですが「もう一度」Adwを起動し「スキャン」→「ログファイル」と進みlogを採取して、全部、見せてください。宜しくお願いします。
Re: トロイの木馬? - 管理人です
2016/11/09 (Wed) 23:54:54
Chrome、Firefoxなどは、あとで纏めてブラウザ初期化をしようと考えています
❷ところでIEですけどhome page設定が「書き換えられて」いませんかね?Jwordがひょっこり顔を出したり、希望しているhome page画面にならないなどなど不愉快な現象は、この間、発生しておりませんでしたか?Re: トロイの木馬? - 泣面蜂
2016/11/10 (Thu) 17:42:34
IEを起動したときにhome page画面にならないことはありました。設定を見るといつも通りなのですが。
IE起動→ESET検知→見知らぬ検索サイト
といった感じです。Re: トロイの木馬? - 管理人です
2016/11/10 (Thu) 18:38:32
IE起動→ESET検知→見知らぬ検索サイト
↑
現時点で「見知らぬ検索サイト」が表示されているという意味ですね?
❷では、その「見知らぬ検索サイト」のURLを、教えていただけますか?Re: トロイの木馬? - 泣面蜂
2016/11/10 (Thu) 19:05:39
今はもうyahoo!japanが表示されます。
一応表示されてたページのURLです。
http://web-start.org/
AdwとはAdwCleanerのことですか?Re: トロイの木馬? - 管理人です
2016/11/10 (Thu) 21:59:30
了解です。
じゃあですね、FRST.exeで最終的検査を行いますね。
「ほむさん」のスレッドですが http://ore-sama123.bbs.fc2.com/?act=reply&tid=5501144
↑
「2016/11/10 (Thu) 21:25:36。*.zaq.ne.jp」 ここからFRST.exeに関する作業指示を出しているので、参考にしながらlogを全部見せてください。
泣面蜂さんはWindows7の「64bit」なのでFRST.exeも64bitバージョンをダウンロードしてください。Re: トロイの木馬? - 泣面蜂
2016/11/10 (Thu) 22:14:40
FRST txtです
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by Koki (administrator) on KOKI-PC (10-11-2016 22:11:06)
Running from C:\Users\Koki\Desktop
Loaded Profiles: Koki (Available Profiles: Koki)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Paltiosoft Inc.) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(XTRM CORPORATION) D:\x-tune\xtune.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
() C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ants Inc.) C:\Program Files (x86)\GIZMO2\GIZMO.exe
(ants Inc.) C:\Users\Koki\AppData\Local\GIZMO2\Data\deck\basic\basic.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(ants Inc.) C:\Users\Koki\AppData\Local\GIZMO2\Data\deck\basic\lib\FPInstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [IME14 JPN Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2824504 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM-x32\...\Run: [GIZMO2] => C:\Program Files (x86)\GIZMO2\GIZMO.exe [137048 2011-01-21] (ants Inc.)
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1752528 2016-10-12] (Google Inc.)
HKLM-x32\...\Run: [IME14 JPN Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [3229696 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2972672 2016-08-29] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 0
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoRun] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [Google Update] => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [X-TUNE] => D:\x-tune\xtune.exe [196608 2007-10-09] (XTRM CORPORATION)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-29] (Piriform Ltd)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\MountPoints2: {7e78c8c0-2464-11e1-906f-806e6f6e6963} - K:\Setup.exe
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Providers\Internet Print Provider: C:\Windows\SYSTEM32\inetpp.dll [166400 2016-06-26] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\SYSTEM32\win32spl.dll [756736 2016-06-26] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [K7BkOLIExcluded] -> {4143799A-96D3-41DE-9C26-D1B638AD9B9A} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [K7BkOLINotBacked] -> {5DE40518-4F5F-4608-8E71-AA04AD942FC2} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [K7BkOverlayIcon] -> {695C4C7E-8140-4CF1-A586-870C5945E1C7} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll [2012-01-04] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\クライアントマネージャV.lnk [2016-11-07]
ShortcutTarget: クライアントマネージャV.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (BUFFALO INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\コンテンツ管理アシスタント for PlayStation(R).lnk [2016-11-07]
ShortcutTarget: コンテンツ管理アシスタント for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ソフトウェアルーター設定ツール.lnk [2016-11-07]
ShortcutTarget: ソフトウェアルーター設定ツール.lnk -> C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe ()
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C38C8ED5-3FA1-48E4-B0DB-DDA263C0A1DB}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.co.jp/
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch_64.dll (JWord Inc.)
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch.dll (JWord Inc.)
SearchScopes: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 -> {DDEB2F82-8BD6-4C43-B35A-197CDEAB1931} URL = hxxp://search.jword.jp/cns.dll?type=jwd&fm=10&agent=&bypass=2&partner=AP&lang=utf8&name={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-06] (Oracle Corporation)
BHO-x32: Windows Live ID サインイン ヘルパー -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-06] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
DPF: HKLM-x32 {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} hxxp://sample3.dmm.co.jp/downloader5/DMMDownloader.cab
DPF: HKLM-x32 {134DD8EF-7716-4538-A430-EFEB7517E6E7} hxxp://ch.icarus.gamecom.jp/Common/cab/WebLauncher.cab
DPF: HKLM-x32 {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} hxxp://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
DPF: HKLM-x32 {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} hxxp://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
DPF: HKLM-x32 {3DFE2FF1-B53D-418D-A630-F162DA1843A8} hxxp://item.koramgame.co.jp/login/hbs/AxLauncher.dll
DPF: HKLM-x32 {414ABA36-99AD-4BEC-8E93-AEDC1A08D352} hxxp://storage.capcom-networks.jp/member/contents/analyze/Fversion/MHReport.cab
DPF: HKLM-x32 {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} hxxp://down.hangame.co.jp/jp/installer/HgRunPub.cab
DPF: HKLM-x32 {7216BF69-1FB3-438C-9A51-9DA82B676BC0} hxxp://userimg.arario.jp/activeX/AraGameStarterW6.cab
DPF: HKLM-x32 {8C2E6E01-D1F6-4A94-B314-7C5DF4EE1853} hxxp://down.hangame.co.jp/jp/dist/hgstart/HGReport.cab
DPF: HKLM-x32 {C8F5F737-2683-40B8-BFB6-47B15AC20A79} hxxps://gash.gamania.co.jp/acxauth/cab/2.0.1/lcjggame.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F8160836-0C11-4CA4-AD87-944542C7BCBD} hxxp://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default [2016-11-10]
FF NetworkProxy: Mozilla\Firefox\Profiles\n0n0p0t1.default -> type", 0
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\n0n0p0t1.default -> Google
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\n0n0p0t1.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\n0n0p0t1.default -> hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\n0n0p0t1.default -> Google
FF Keyword.URL: Mozilla\Firefox\Profiles\n0n0p0t1.default -> hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Homepage: Mozilla\Firefox\Profiles\n0n0p0t1.default -> hxxp://www.google.com/firefox
FF NewTab: Mozilla\Firefox\Profiles\n0n0p0t1.default -> about:newtab
FF Extension: (G Data BankGuard) - C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2012-06-10] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-08] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-24] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\oshiete-goo.xml [2011-11-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\rakuten.xml [2011-11-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-jp-auctions.xml [2011-11-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @gamepot.co.jp/GamepotEXeEnvCtrl;version=1 -> C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-06] (Oracle Corporation)
FF Plugin-x32: @kunlun.com/Launcher -> C:\Windows\system32\npLauncher.dll [2012-02-24] (Kalends)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nexon.co.jp/NxGame -> C:\ProgramData\NexonJP\NGM\npNxGameJP.dll [2011-12-12] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic.dll [2015-05-22] (gameon)
FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport.dll [2015-05-22] (gameon)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Koki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-23] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://jp.hao123.com/?tn=incore_pay_hp_01_hao123_jp","hxxp://www.yahoo.co.jp/"
CHR Plugin: (Shockwave Flash) - C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Native Client) - C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Koki\AppData\Local\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Koki\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default [2016-11-08]
CHR Extension: (Chrome ウェブストア決済) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-16]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - <no Path/update_url>
StartMenuInternet: Google Chrome - C:\Users\Koki\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [126328 2009-07-09] (BUFFALO INC.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3037424 2016-10-04] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2778624 2016-08-03] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [946640 2016-10-12] (Google Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3464624 2015-04-21] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-09-15] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVF2PBDA; C:\Windows\System32\drivers\AVF2PBDA_x64.sys [594688 2009-08-24] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVF2ST; C:\Windows\System32\drivers\AVF2ST_x64.sys [595968 2010-06-11] (AVerMedia TECHNOLOGIES, Inc.)
S3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2010-07-05] (BUFFALO INC.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-03] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197288 2016-08-03] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153248 2016-08-03] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208552 2016-08-03] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61608 2016-08-03] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84640 2016-08-03] (ESET)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S2 Htsysm; C:\Windows\SysWOW64\HtsysmNT.sys [2304 2005-07-18] () [File not signed]
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216 2016-11-08] (Malwarebytes)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-12-12] () [File not signed]
S3 ucgnm2x; C:\Windows\System32\DRIVERS\ucgnm2x.sys [1590784 2011-06-20] (Ralink Technology Corp.)
U3 ahh7cnjv; C:\Windows\System32\Drivers\ahh7cnjv.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz134; \??\D:\sysinfo\pcwiz_x64.sys [X]
S3 dump_wmimmc; \??\D:\eternalcity3\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
U2 TMAgent; no ImagePath
S3 wyqk; \??\D:\Vector\FNOnline\avital\wyqk64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-10 22:11 - 2016-11-10 22:12 - 00029348 _____ C:\Users\Koki\Desktop\FRST.txt
2016-11-10 22:10 - 2016-11-10 22:11 - 00000000 ____D C:\FRST
2016-11-10 22:08 - 2016-11-10 22:08 - 02410496 _____ (Farbar) C:\Users\Koki\Desktop\FRST64.exe
2016-11-10 19:00 - 2016-11-10 19:00 - 03910208 _____ C:\Users\Koki\Desktop\adwcleaner_6.030.exe
2016-11-08 22:51 - 2016-11-08 22:51 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-11-08 22:51 - 2016-11-08 22:51 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-11-08 22:51 - 2016-11-08 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-11-08 22:51 - 2016-11-08 22:51 - 00000000 ____D C:\Program Files\RogueKiller
2016-11-08 22:50 - 2016-11-09 18:38 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-08 20:31 - 2016-11-08 20:32 - 00000000 ____D C:\Users\Koki\AppData\Local\CrashDumps
2016-11-08 19:31 - 2016-11-08 19:31 - 00001315 _____ C:\Users\Koki\Desktop\20161108.txt
2016-11-07 21:20 - 2016-11-07 22:31 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-07 21:20 - 2016-11-07 21:20 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\Program Files\CCleaner
2016-11-07 20:51 - 2016-11-08 22:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-07 20:49 - 2016-11-07 22:31 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-07 20:49 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-07 20:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-07 20:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-07 19:02 - 2016-11-10 19:02 - 00000000 ____D C:\AdwCleaner
2016-11-06 21:39 - 2016-11-06 21:39 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\Users\Koki\AppData\Roaming\Sun
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\ProgramData\Oracle
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-06 21:20 - 2016-11-06 21:33 - 00000000 ____D C:\Users\Koki\AppData\Local\NPE
2016-11-06 18:58 - 2016-11-06 18:58 - 00000000 ____D C:\Users\Koki\Documents\Dolphin Emulator
2016-11-06 18:55 - 2016-11-07 22:31 - 00000542 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-11-06 18:55 - 2016-11-06 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-11-05 19:22 - 2016-11-05 19:22 - 00743085 _____ C:\Users\Koki\Desktop\CPA2.62.zip
2016-11-04 21:36 - 2016-11-04 21:36 - 41843208 _____ C:\Users\Koki\Documents\[和六里ハル] 大妹.pdf
2016-11-04 21:34 - 2016-11-04 21:37 - 00000000 ____D C:\Users\Koki\Downloads\[和六里ハル] 大妹
2016-11-04 21:33 - 2016-11-04 21:33 - 41588914 _____ C:\Users\Koki\Documents\[昇龍亭圓楽] ママごと.pdf
2016-11-04 21:31 - 2016-11-04 21:33 - 00000000 ____D C:\Users\Koki\Downloads\[昇龍亭圓楽] ママごと
2016-11-04 19:01 - 2016-11-04 19:01 - 60736601 _____ C:\Users\Koki\Documents\[和六里ハル] 新婚姉妹.pdf
2016-11-04 18:59 - 2016-11-04 19:00 - 00000000 ____D C:\Users\Koki\Downloads\[和六里ハル] 新婚姉妹
2016-10-30 15:58 - 2016-10-30 15:58 - 10154871 _____ C:\Users\Koki\Downloads\mario_tennis_advance_(japan).zip
2016-10-30 15:56 - 2016-10-30 15:57 - 06600533 _____ C:\Users\Koki\Downloads\mario_and_luigi_rpg_(japan).zip
2016-10-29 21:52 - 2016-10-29 21:52 - 03666552 _____ C:\Users\Koki\Downloads\rockman_zero_(japan).zip
2016-10-29 21:47 - 2016-10-29 21:47 - 04374718 _____ C:\Users\Koki\Downloads\guranbo_(japan).zip
2016-10-29 21:40 - 2016-10-29 21:40 - 04399013 _____ C:\Users\Koki\Downloads\rockman_zero_2_(japan).zip
2016-10-29 20:51 - 2016-10-29 20:51 - 08078561 _____ C:\Users\Koki\Downloads\sen_kau.zip
2016-10-29 17:47 - 2016-10-01 00:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-29 17:47 - 2016-09-30 16:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-29 17:47 - 2016-09-30 15:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-29 17:47 - 2016-09-30 15:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-29 17:47 - 2016-09-30 14:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-29 17:47 - 2016-09-30 14:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-29 17:47 - 2016-09-30 14:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-29 17:47 - 2016-09-30 14:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-29 17:47 - 2016-09-30 14:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-29 17:47 - 2016-09-30 14:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-29 17:47 - 2016-09-30 14:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-29 17:47 - 2016-09-30 14:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-29 17:47 - 2016-09-30 13:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-29 17:47 - 2016-09-30 13:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-29 17:47 - 2016-09-13 06:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-29 17:47 - 2016-09-11 01:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-29 17:47 - 2016-08-13 02:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-29 17:47 - 2016-08-13 01:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-29 17:47 - 2016-08-13 01:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-29 17:47 - 2016-08-07 00:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-29 17:47 - 2016-08-07 00:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-29 17:47 - 2016-06-15 02:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-29 17:47 - 2016-06-15 00:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-29 17:46 - 2016-10-01 05:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-29 17:46 - 2016-10-01 04:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-29 17:46 - 2016-10-01 00:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-29 17:46 - 2016-10-01 00:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-29 17:46 - 2016-09-30 15:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-29 17:46 - 2016-09-30 15:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-29 17:46 - 2016-09-30 15:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-29 17:46 - 2016-09-30 15:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-29 17:46 - 2016-09-30 15:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-29 17:46 - 2016-09-30 15:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-29 17:46 - 2016-09-30 15:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-29 17:46 - 2016-09-30 15:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-29 17:46 - 2016-09-30 15:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-29 17:46 - 2016-09-30 15:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-29 17:46 - 2016-09-30 15:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-29 17:46 - 2016-09-30 15:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-29 17:46 - 2016-09-30 15:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-29 17:46 - 2016-09-30 15:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-29 17:46 - 2016-09-30 15:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-29 17:46 - 2016-09-30 15:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-29 17:46 - 2016-09-30 14:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-29 17:46 - 2016-09-30 14:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-29 17:46 - 2016-09-30 14:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-29 17:46 - 2016-09-30 14:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-29 17:46 - 2016-09-30 14:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-29 17:46 - 2016-09-30 14:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-29 17:46 - 2016-09-30 14:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-29 17:46 - 2016-09-30 14:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-29 17:46 - 2016-09-30 14:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-29 17:46 - 2016-09-30 14:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-29 17:46 - 2016-09-30 14:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-29 17:46 - 2016-09-30 14:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-29 17:46 - 2016-09-30 14:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-29 17:46 - 2016-09-30 14:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-29 17:46 - 2016-09-30 14:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-29 17:46 - 2016-09-30 14:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-29 17:46 - 2016-09-30 14:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-29 17:46 - 2016-09-30 14:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-29 17:46 - 2016-09-30 14:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-29 17:46 - 2016-09-30 14:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-29 17:46 - 2016-09-30 14:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-29 17:46 - 2016-09-30 14:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-29 17:46 - 2016-09-30 14:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-29 17:46 - 2016-09-30 14:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-29 17:46 - 2016-09-30 14:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-29 17:46 - 2016-09-30 14:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-29 17:46 - 2016-09-30 14:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-29 17:46 - 2016-09-30 14:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-29 17:46 - 2016-09-30 14:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-29 17:46 - 2016-09-30 14:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-29 17:46 - 2016-09-30 14:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-29 17:46 - 2016-09-30 14:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-29 17:46 - 2016-09-30 14:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-29 17:46 - 2016-09-30 13:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-29 17:46 - 2016-09-30 13:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-29 17:46 - 2016-09-16 00:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-29 17:46 - 2016-09-16 00:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-29 17:46 - 2016-09-16 00:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-29 17:46 - 2016-09-16 00:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-29 17:46 - 2016-09-13 06:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-29 17:46 - 2016-09-13 06:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-29 17:46 - 2016-09-13 06:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-29 17:46 - 2016-09-13 06:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-29 17:46 - 2016-09-13 06:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-29 17:46 - 2016-09-13 05:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-29 17:46 - 2016-09-13 05:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-29 17:46 - 2016-09-13 05:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-29 17:46 - 2016-09-13 05:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-29 17:46 - 2016-09-13 05:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-29 17:46 - 2016-09-13 05:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-29 17:46 - 2016-09-13 05:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-29 17:46 - 2016-09-13 05:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-29 17:46 - 2016-09-13 05:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-29 17:46 - 2016-09-13 04:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-29 17:46 - 2016-09-13 03:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-29 17:46 - 2016-09-13 03:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-29 17:46 - 2016-09-11 00:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-29 17:46 - 2016-09-10 03:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-29 17:46 - 2016-09-10 03:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-29 17:46 - 2016-09-10 03:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 03:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-29 17:46 - 2016-09-10 03:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-29 17:46 - 2016-09-10 03:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-29 17:46 - 2016-09-10 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-29 17:46 - 2016-09-10 03:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-29 17:46 - 2016-09-10 02:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-29 17:46 - 2016-09-10 02:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-29 17:46 - 2016-09-10 02:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-29 17:46 - 2016-09-10 02:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-29 17:46 - 2016-09-10 02:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-29 17:46 - 2016-09-10 02:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-29 17:46 - 2016-09-10 02:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-29 17:46 - 2016-09-10 02:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-29 17:46 - 2016-09-10 02:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-29 17:46 - 2016-09-10 02:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 02:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-29 17:46 - 2016-09-10 00:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-29 17:46 - 2016-09-09 05:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-29 17:46 - 2016-09-09 05:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-29 17:46 - 2016-09-09 05:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-29 17:46 - 2016-09-09 05:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-29 17:46 - 2016-09-08 23:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-29 17:46 - 2016-09-08 23:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-29 17:46 - 2016-08-13 02:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-29 17:46 - 2016-08-13 02:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-29 17:46 - 2016-08-13 02:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-29 17:46 - 2016-08-13 02:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-29 17:46 - 2016-08-13 01:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-29 17:46 - 2016-08-13 01:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-29 17:46 - 2016-08-13 01:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-29 17:46 - 2016-08-13 01:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-29 17:46 - 2016-08-07 00:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-29 17:46 - 2016-08-07 00:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-29 17:46 - 2016-08-07 00:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-29 17:46 - 2016-08-07 00:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-29 17:46 - 2016-08-07 00:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-29 17:46 - 2016-08-07 00:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-29 17:46 - 2016-08-07 00:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-29 17:46 - 2016-08-07 00:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-29 17:46 - 2016-08-07 00:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-29 17:46 - 2016-08-07 00:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-29 17:46 - 2016-08-07 00:01 - 00013824 _____ (Microsoft Corporation) C:\WindoRe: トロイの木馬? - 泣面蜂
2016/11/10 (Thu) 22:15:32
Additon txtです
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Koki (10-11-2016 22:12:18)
Running from C:\Users\Koki\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-11 06:41:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4261260701-416543501-3130217906-500 - Administrator - Disabled)
Guest (S-1-5-21-4261260701-416543501-3130217906-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4261260701-416543501-3130217906-1002 - Limited - Enabled)
Koki (S-1-5-21-4261260701-416543501-3130217906-1000 - Administrator - Enabled) => C:\Users\Koki
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: ESET Smart Security 9.0.396.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESETパーソナルファイアウォール (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
FLIGHT DIARY (x32 Version: 1.00.0000 - WILLPLUS) Hidden
『こいなか-小田舎で初恋x中出しセクシャルライフ-』 (HKLM-x32\...\{DAC21033-F3ED-4BD2-9340-C8798B73D1C5}) (Version: 1.00.0000 - eRONDO)
× (x32 Version: 1.00.0000 - WILLPLUS) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Apple Application Support(32 ビット) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOOK☆WALKER for Windows (HKLM-x32\...\{3D32F7EC-63D3-48D1-9974-AB17645B1E30}) (Version: 1.2.2 - 株式会社ブックウォーカー)
BUFFALO AirStation倍速設定ツール(アンインストール) (HKLM-x32\...\UN900120) (Version: - )
BUFFALO クライアントマネージャV (HKLM-x32\...\UN900119_is1) (Version: 1.4.6 - BUFFALO INC.)
BUFFALO ソフトウェアルーター設定ツール (HKLM-x32\...\BUFFALO SoftAP) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
ChuSingura46+1 (HKLM-x32\...\ChuSingura46+1_is1) (Version: 1.0.0 - インレ)
ChuSingura46+1 武士の鼓動 (HKLM-x32\...\ChuSingura46+1 武士の鼓動_is1) (Version: 1.0.0 - インレ)
Common (HKLM-x32\...\Pmang_common) (Version: 1529000 - GameOn)
Craving Explorer Version 1.6.21 (HKLM-x32\...\CravingExplorer_is1) (Version: 1.6.21.0 - T-Craft)
CubePDF 1.0.0RC6 (HKLM-x32\...\{6BBF4252-CB6B-4E0B-9E5B-1719B7934917}_is1) (Version: - CubeSoft)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2813 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2109n - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1607 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4110 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMM ゲームランチャー (HKLM-x32\...\DMMGamesLauncher) (Version: - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
DungeonStriker (HKLM-x32\...\{6DB9EB27-FD5A-47A1-BE8B-78CA11975BA5}) (Version: 2.00.0000 - EYEDENTITY GAMES)
EaseUS Todo Backup Free 8.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.6 - CHENGDU YIWO Tech Development Co., Ltd)
ELECOM JC-PS101U series 3.0 (HKLM-x32\...\ELECOM JC-PS101U series_is1) (Version: - )
ESET Smart Security (HKLM\...\{205CC3F8-B7B9-46D2-BD5D-F5083FDCDF27}) (Version: 9.0.349.19 - ESET, spol. s r.o.)
Gamepot Web実行環境 (HKLM-x32\...\{9864624D-FE15-422F-BDBB-5DC0D9AA904A}) (Version: 1.1.0 - Gamepot)
GIZMO (HKLM-x32\...\{AC75041A-BCDA-4606-A6C7-DFE3760D29AF}) (Version: 3.24.0000 - ants Inc.)
GIZMO テレビ連携 for PIXELA (HKLM-x32\...\{2F92D7A4-701A-45EB-95C6-CF610E7B6D45}) (Version: 1.0.0 - ants Inc.)
GIZMO テレビ連携 for PIXELA 2 (HKLM-x32\...\{1976F816-F838-4C2D-AC91-AF688351DD56}) (Version: 1.0.0 - ants Inc.)
GIZMO テレビ連携 for Windows Media Center (HKLM-x32\...\{42B44AE0-E0C3-4346-8FCC-A3E091CA41AF}) (Version: 1.1.2 - ants Inc.)
GIZMO テレビ連携 コアコンポーネント (HKLM-x32\...\{F03FB836-F44A-4AF1-A55B-087ECAAC0FA0}) (Version: 1.0.1 - ants Inc.)
Google Chrome (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{FE76ABFF-A677-4EED-8D50-3FC2F1E34852}) (Version: 2.19.2680.0 - Google Inc.)
Hangame (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Hangame.com) (Version: - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JWord プラグイン (HKLM-x32\...\JWord プラグイン) (Version: 2.5.5.65 - JWord Inc.)
LOVELY×C∧TION2 (HKLM-x32\...\LOVELY×C∧TION2_is1) (Version: 1.00 - hibiki works)
LOVELY×C∧TION-もうずっと初恋の日々エディション- (HKLM-x32\...\LOVELY×C∧TION-もうずっと初恋の日々ミA6A2F3DB_is1) (Version: 1.00 - hibiki works)
Malwarebytes Anti-Malware バージョン 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.103.12020 (HKLM-x32\...\{C38180CE-9165-E800-FAD3-F1AC427836B9}) (Version: 2.16.103.12020 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - ja-jp (HKLM\...\O365HomePremRetail - ja-jp) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{17b12e02-9e0f-435b-a641-6fa68bb60b6d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 8.0 (x86 ja) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 ja)) (Version: 8.0 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
NVIDIA 3D Vision コントローラー ドライバー 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision ドライバー 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD オーディオ ドライバー 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX システム ソフトウェア 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA グラフィックス ドライバー 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Onigiri_JP (HKLM-x32\...\{4CB31D60-8069-4581-B919-F68012327725}) (Version: 1.00.0000 - CyberStep, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang)
PrimoPDF (HKLM-x32\...\PrimoPDF4.1.0.10) (Version: 4.1.0.10 - activePDF)
Princess Evangile ~W Happiness~ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{1BF2BFDC-8C12-4C3D-ACD0-2CD7A639C828}) (Version: 1.00.0 - MOONSTONE)
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.4.0. (HKLM-x32\...\Pro Cycling Manager 2012_is1) (Version: 1.4.0.0 - Cyanide)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RogueKiller version 12.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.0.0 - Adlice Software)
sdrt(5.0, 64bit) (HKLM\...\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}) (Version: 5.0.3.0 - パルティオソフト株式会社)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Yahoo!ツールバー (HKLM-x32\...\Yahoo!Jツールバー) (Version: 7.3.0.14 - Yahoo! JAPAN.)
あっぱれ!天下御免 (HKLM-x32\...\{4C2A44AE-1EA9-48DF-A34F-6DDF54C1AA61}) (Version: 1.00.0000 - 株式会社ネクストン)
あっぱれ!天下御免[祭] (HKLM-x32\...\{7CB7F8D8-618E-4130-BB88-32034EF62AF9}) (Version: 1.00.0000 - 株式会社ネクストン)
あなたの事を好きと言わせて (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{647680A6-862A-439F-A585-BD83593BC4FE}) (Version: 1.00.0000 - WILLPLUS)
アマカノ (HKLM-x32\...\nxt_amakano) (Version: - )
アマカノ~Second Season~ (HKLM-x32\...\amakano2s) (Version: - )
カミカゼ☆エクスプローラー! (HKLM-x32\...\cl_kamikaze) (Version: - )
この大空に、翼をひろげて (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{20ADC9A3-55B0-4A63-8E17-5AC2C57E58C7}) (Version: 1.00.0000 - WILLPLUS)
この大空に、翼をひろげて FLIGHT DIARY (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{0A3E9ABF-9365-4B44-BA12-1D156EFD9545}) (Version: 1.00.0000 - WILLPLUS)
コンテンツ管理アシスタント for PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
デュエリスト×エンゲージ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{2BE1866A-8824-4BA8-AA82-A4A93BB9E219}) (Version: 1.00.0000 - WILLPLUS)
テレビNaviガジェット (HKLM-x32\...\{CB7EFD74-FD3A-4791-BDB9-A865C44EDE6E}) (Version: 1.12.1000 - 株式会社プレゼントキャスト)
テレビNaviガジェット (x32 Version: 1.12.1000 - 株式会社プレゼントキャスト) Hidden
トラベリングスターズ (HKLM-x32\...\トラベリングスターズ) (Version: - HOOKSOFT)
ナマイキデレーション (HKLM-x32\...\ナマイキデレーション) (Version: - )
はぴねす! (HKLM-x32\...\happiness) (Version: - )
はぴねす!りらっくす (HKLM-x32\...\HapiRelucks) (Version: - )
もっと 姉、ちゃんとしようよっ! (HKLM-x32\...\もっと 姉、ちゃんとしようよっ!) (Version: 1.9 - INTERHEART)
もっと 姉、ちゃんとしようよっ!AS (HKLM-x32\...\もっと 姉、ちゃんとしようよっ!AS) (Version: 1.9 - INTERHEART)
ヤキモチストリーム (HKLM-x32\...\http://madosoft.net/yakimochi/_is1) (Version: 1.00 - まどそふと)
ラヴレッシブ (HKLM-x32\...\{89F673F2-6FD8-4E4E-A20A-AB295518417B}) (Version: 1.0.0 - スミレ)
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) (HKLM-x32\...\{BAF0CA91-4642-46C8-9BCD-C93B61508701}) (Version: 15.4.5722.2 - Microsoft Corporation)
レーシャル・マージ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{49490C93-CDE5-4740-B015-79D894062415}) (Version: - AXL)
ワルキューレロマンツェ (HKLM-x32\...\Ricotta_Walkure001) (Version: - Ricotta)
ワルキューレロマンツェ More&More (HKLM-x32\...\Ricotta_WalkureRomanzeMoreMore001) (Version: - Ricotta)
乙女が奏でる恋のアリア (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{F056A851-D783-4F7A-A7EC-CBCA928F9748}) (Version: 1.00.0000 - WILLPLUS)
乙女が紡ぐ恋のキャンバス (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{D4461EDB-4577-468C-9AE4-5E3C32B23755}) (Version: 1.00.0000 - WILLPLUS)
乙女が紡ぐ恋のキャンバス 二人のギャラリー (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{1B63232A-20DD-4444-8854-E55A64149BFA}) (Version: 1.00.0000 - WILLPLUS)
花と乙女に祝福を (HKLM-x32\...\花と乙女に祝福を) (Version: - )
花と乙女に祝福を ロイヤルブーケ (HKLM-x32\...\花と乙女に祝福を ロイヤルブーケ) (Version: - )
姉小路直子と銀色の死神 (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\姉小路直子と銀色の死神_is1) (Version: 1.00 - みなとカーニバル)
祝福のカンパネラ (HKLM-x32\...\wm_cp) (Version: - )
処女(おとめ)はお姉さま(ボク)に恋してるDVD版 の削除 (HKLM-x32\...\OTOBOKU) (Version: - )
処女はお姉さまに恋してる ~2人のエルダー (HKLM-x32\...\OTBK2) (Version: - )
真・恋姫†英雄譚1 (HKLM-x32\...\KoihimeEiyuutan01) (Version: - )
真・恋姫†英雄譚2 (HKLM-x32\...\KoihimeEiyuutan02) (Version: - )
真・恋姫†英雄譚3 (HKLM-x32\...\KoihimeEiyuutan03) (Version: - )
真剣で私に恋しなさい!S (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Majikoi_S) (Version: - みなとそふと)
水の都の洋菓子店(パティスリー) (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{F6B051A4-4902-4704-897E-EEE730C01644}) (Version: - すたじお ちゃお)
戦極姫5~戦禍断つ覇王の系譜~ (HKLM-x32\...\{360ED2EA-B894-4F27-A9A1-030D90523A72}) (Version: 1.00.0000 - unicorn-a)
戦国†恋姫 ~乙女絢爛☆戦国絵巻~ (HKLM-x32\...\baseson_sengoku) (Version: - )
戦国†恋姫X ~乙女絢爛☆戦国絵巻~ (HKLM-x32\...\nxt_sengokux) (Version: - )
辻堂さんのバージンロード (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\辻堂さんのバージンロード_is1) (Version: 1.00 - みなとカーニバル)
辻堂さんの純愛ロード (HKLM-x32\...\辻堂さんの純愛ロード_is1) (Version: 1.00 - みなとカーニバル)
舞風のメルト -Where leads to feeling destination- (HKLM-x32\...\maikaze) (Version: 1.00 - Whirlpool)
恋する乙女と守護の楯 (HKLM-x32\...\恋する乙女と守護の楯) (Version: - )
恋騎士 Purely☆Kiss (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{2709704B-30C8-49B0-A91B-B6E785099610}) (Version: - エフォルダムソフト)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {083F7EAB-94E3-476D-8520-EAF65AE720E3} - System32\Tasks\GoogleUpdateTaskMachineUA1d15da1c332f980 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0B95221C-EEE7-4793-8514-317107232D74} - System32\Tasks\GoogleUpdateTaskMachineUA1ce7a26c5e78091 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13A25AB7-859F-4C1C-ABE4-76F0812B876F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {149C9CCE-BE70-4796-8CE7-DDCBBA47A475} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f2151f622ef8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {14F1F064-9AF5-487C-AEF2-04641F24DF80} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f2151fd933c6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {16901233-F3A3-4745-8767-0BF640D6CA9D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0935c5c4bce73 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2152E0F8-AAF0-4AF8-9C85-B69E42B35CD2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7ca33067017 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {21CC5770-E818-4DC4-815F-3FE4288B857E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d15e387f3d305d => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {229AF31C-E4FD-4D39-BC86-618EA8CD1212} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0ef953bbcb2aa => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {23921E03-B69D-4B1F-954E-299A5B7ECF16} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1ce7faf4607ef26 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2F8F0860-8502-45B9-AB13-56EA32EF5895} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4261260701-416543501-3130217906-1000
Task: {33DF24CC-792C-4CB1-A632-97E9F24FF6DE} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfaf21f746a2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {38BE21E2-F36F-4764-AA5C-064F4F2397A4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d08fe0fcd39196 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {45806902-9F32-48AD-BA9D-A886081C218E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {4DBE0D97-AFD3-49E1-A6BD-548C6EC9895A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e30ed413696b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4F0066B9-9FCE-4890-B166-0C8AD64E4162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d12cf9ccdf4c0f => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {505B5884-DB68-48DD-A3F6-0FFE8DE33EA2} - System32\Tasks\GoogleUpdateTaskMachineCore1d04146bd7a736 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {56196429-804F-47EC-99AA-73D353593154} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0bfae94b6fec0 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {57D1070B-D01F-4F27-92A9-209F03BFA708} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {586058BA-03B3-4B83-A7E7-E200C1D11B4F} - System32\Tasks\GoogleUpdateTaskMachineUA1d04146ce3c7f6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {63EFF2A2-0A5B-4C00-86B1-8C10989B874A} - System32\Tasks\{ABC270D2-61A6-436F-B4A2-C93DB38106F9} => pcalua.exe -a I:\GAME\祝福のカンパネラ\uninst.exe -d I:\GAME\祝福のカンパネラ
Task: {6BD68A52-0971-46B4-BFFE-02AFEB652D4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d04061e825b817 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {70F444FD-7998-43FE-B19F-9DC9AA56AFB3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0ef953c576c1b => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7A7704A3-FE07-4BA1-A6C3-30889B9E1578} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e30ed39ec5fe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {800127FB-6A83-493C-8333-8957A4B1F5F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfaf216f9833 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {80F24B89-43B6-40CB-BCC9-A20B44CA88BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d15e387febc26b => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E98BF69-1C6A-44F3-B938-38FDDA6CFB5F} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7faffdca8721 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {924226DB-5277-4EAD-B732-E76432C8B5FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7faf46d3f4b3 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {938D181B-3B72-4CF5-9784-4E9F424332E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-29] (Piriform Ltd)
Task: {990DD5F7-55E3-41FC-9E3A-BBE19AE12B61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {AA35B986-2CFD-4612-B89F-C14DB068AF35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0e178b6b1c4ed => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AB318D9F-F721-44A8-8972-F5B32EED7ADE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {B285135B-307B-448F-AEE9-6D58CAB81FBB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0e178b74346ff => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C9C4AFF1-4B71-4E96-9ED5-6C7B72383FC8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6b65ebc22678 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CB5957D7-9D0A-4A6B-8096-30EA05D38773} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0bfae9423696f => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CD7DE52D-7EC2-4606-83FC-7BBA8C49ABEF} - System32\Tasks\GoogleUpdateTaskMachineCore1d12f34b956ae14 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D94616BF-DDA1-411B-968A-A2FEE29ABDCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {DF5C3D17-BCEE-463C-817B-CCA52EAD25FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d04061e59b8141 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E475BBAE-A0D8-494E-9621-8EBFD27B322F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d08fe0fc425da5 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4A04D06-A8DA-4822-A9BB-97A58736E58D} - System32\Tasks\GoogleUpdateTaskMachineUA1d12f34b9fcdb93 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E6AD9486-5BC6-4934-A715-2CBB2BBF386B} - System32\Tasks\{45E1CA70-FFFF-4EB4-AF34-169C23ABF003} => pcalua.exe -a C:\Windows\PmangDownloader.exe -c /UINSTL=%s,%s
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faffdca8721.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04146bd7a736.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfaf216f9833.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e30ed39ec5fe.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f2151f622ef8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f34b956ae14.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7a26c5e78091.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b65ebc22678.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04146ce3c7f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0935c5c4bce73.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfaf21f746a2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e30ed413696b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f2151fd933c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12f34b9fcdb93.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15da1c332f980.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1ce7faf4607ef26.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d04061e59b8141.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d08fe0fc425da5.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0bfae9423696f.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0e178b6b1c4ed.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0ef953bbcb2aa.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d15e387f3d305d.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7ca33067017.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7faf46d3f4b3.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d04061e825b817.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d08fe0fcd39196.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0bfae94b6fec0.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0e178b74346ff.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0ef953c576c1b.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d12cf9ccdf4c0f.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d15e387febc26b.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-01-11 17:42 - 2006-11-07 08:55 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2012-11-18 20:01 - 2015-08-07 09:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-30 15:14 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-06-13 13:04 - 2010-09-15 17:50 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-16 15:01 - 2012-07-16 15:01 - 00070184 _____ () C:\Windows\system32\bdmpega64.acm
2011-07-01 09:39 - 2011-07-01 09:39 - 03629128 _____ () C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
2016-09-29 01:26 - 2016-09-29 01:26 - 00032768 _____ () C:\Program Files\CCleaner\lang\lang-1041.dll
2015-09-27 11:39 - 2015-06-23 01:08 - 00245800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2015-09-27 11:38 - 2014-12-15 00:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00186920 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-09-27 11:39 - 2015-08-01 15:10 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-09-27 11:38 - 2015-03-14 11:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-09-27 11:38 - 2015-03-14 11:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-09-27 11:39 - 2015-03-14 11:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-09-27 11:39 - 2015-06-23 00:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-09-27 11:39 - 2015-06-23 00:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2011-01-20 20:14 - 2011-01-20 20:14 - 00871424 _____ () C:\Program Files (x86)\GIZMO2\js32.dll
2016-11-09 18:37 - 2016-11-09 18:37 - 19640512 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 11:34 - 2009-06-11 06:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Koki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C61C1C91-B4FD-4CCD-9567-3A74B6F9EFC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D5691D4C-958F-4310-B736-E4F6080039ED}] => (Allow) LPort=2869
FirewallRules: [{F6A813EC-E765-4DEC-94F3-C2770C0B30E5}] => (Allow) LPort=1900
FirewallRules: [{588F0AD9-2F93-4FAA-A614-76066B1FB5B1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{52A72728-FB09-4FBD-AF10-B28C8F73678C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E28296DE-A076-48E1-847A-A4D6B45E39BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{7D7C8060-7972-49E1-9947-68020E4F0F72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F41544ED-1EC2-456E-B775-B59EEE8FA2C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{183D1FB3-D12F-441D-94E5-4F06368E7622}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2451FDBE-3949-413A-B286-15B259E38982}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E25FC6A6-0C11-44B2-9837-9CFCD75F2DC1}] => (Allow) C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
FirewallRules: [{E8F38DD3-CE76-40E1-83F3-F5FB72A69A1D}] => (Allow) C:\ProgramData\NexonJP\NGM\NGM.exe
FirewallRules: [{2F2509A1-E145-40C4-9B33-7BBE69FA8F0D}] => (Allow) C:\ProgramData\NexonJP\NGM\NGM.exe
FirewallRules: [{15A601D4-9EF4-47CD-AE86-2DEF4670471C}] => (Allow) D:\Vector\FNOnline\Launcher.exe
FirewallRules: [{59D0C37D-818E-4EE4-82A0-9093048C1A79}] => (Allow) D:\Vector\FNOnline\Launcher.exe
FirewallRules: [{8F7B2D7A-63F9-4275-9037-E806E291B464}] => (Allow) D:\Vector\FNOnline\_Launcher.exe
FirewallRules: [{D8A2FF37-0F42-4C83-B14D-D230ADA39D16}] => (Allow) D:\Vector\FNOnline\_Launcher.exe
FirewallRules: [{D5A787B6-089B-45FB-9675-C935A9DA5368}] => (Allow) D:\¼Torrent\uTorrent.exe
FirewallRules: [{77E99738-2796-41AC-A631-5FBF36F65360}] => (Allow) D:\¼Torrent\uTorrent.exe
FirewallRules: [{921A0C96-B79C-48DA-9594-5A6645676C00}] => (Allow) D:\Vector\harezora\_Launcher.exe
FirewallRules: [{D74EBB7F-4413-42D1-BB7A-9C28B32D2FBD}] => (Allow) D:\Vector\harezora\_Launcher.exe
FirewallRules: [{76485A0D-89DC-448C-83C4-175AEEB344C6}] => (Allow) D:\DNEST\DragonNest.exe
FirewallRules: [{FFCA2B8A-96F5-4AE2-83A0-3D3B4EF11888}] => (Allow) D:\DNEST\DragonNest.exe
FirewallRules: [TCP Query User{40E8C79A-ED56-40E6-9A4F-434961FC83D3}D:\μtorrent\utorrent.exe] => (Block) D:\μtorrent\utorrent.exe
FirewallRules: [UDP Query User{AB72C52A-0238-4B0F-A2E5-F7DFC38FD787}D:\μtorrent\utorrent.exe] => (Block) D:\μtorrent\utorrent.exe
FirewallRules: [{F55674FA-7C72-427E-BBDD-D57FDDD18E10}] => (Allow) C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe
FirewallRules: [{D7AE9355-7BD3-4B4D-9BAA-54C4ABEBDC37}] => (Allow) C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe
FirewallRules: [{C3A09410-6072-423C-9818-4682D552C687}] => (Allow) C:\HanPurple\DNEST\DragonNest.exe
FirewallRules: [{DBE70640-CA4F-4653-87EA-3C003318CFBB}] => (Allow) C:\HanPurple\DNEST\DragonNest.exe
FirewallRules: [TCP Query User{64F6BDC9-3982-4693-95B4-9241B22AEDF6}C:\windows\downloaded program files\reactor.exe] => (Allow) C:\windows\downloaded program files\reactor.exe
FirewallRules: [UDP Query User{978EB629-B106-4364-948F-E74B10599F07}C:\windows\downloaded program files\reactor.exe] => (Allow) C:\windows\downloaded program files\reactor.exe
FirewallRules: [{D1E39886-683E-413B-B53F-BC7C46364B5A}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\PCM.exe
FirewallRules: [{05F110F9-5749-4D7D-A352-3245E37F5F83}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\PCM.exe
FirewallRules: [{86A2C01D-CEB9-4754-90B3-82E286594EFE}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\Autorun\Exe\Autorun.exe
FirewallRules: [{FC7F2859-94C2-412B-AD10-FD45F44F4CA1}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\Autorun\Exe\Autorun.exe
FirewallRules: [{4EBADBF4-3182-42E4-83DB-BD78D33E62CB}] => (Allow) C:\GameOn\archeage\bin32\patcher.exe
FirewallRules: [{67994915-AC14-43FF-A772-98C82C2C661E}] => (Allow) C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe
FirewallRules: [{E456BE92-F878-4E14-B644-810B04A00A19}] => (Allow) C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe
FirewallRules: [{6A748278-2C8A-4293-8211-E6A50D0924C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3E6E57BE-0135-4595-A198-72255AF7F25D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73B3B57A-7DAC-4898-B0CF-893FD18BB6F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CE90758D-ACBD-4EC3-BD9C-85DA32B8D885}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{021D20DB-1FE3-4C72-A6A5-FF6305412485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC70FFCB-E44C-4907-815D-DFD89CA67161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4395CD13-9091-48B6-A41B-9F977AAA7602}] => (Allow) C:\GameOn\archeage\Bin32\patcher.exe
FirewallRules: [{39C18C7B-47B9-4592-A625-5350A1100CA5}] => (Allow) C:\Gamepot\MIRROR WAR\MWSClient.exe
FirewallRules: [{9BE63AD6-1D6C-488D-8495-CA8065C1F023}] => (Allow) C:\Gamepot\MIRROR WAR\MWSClient.exe
FirewallRules: [{87337724-4DF0-4289-AF8B-1FF0DE96EA0B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3A17C012-9D0B-4291-889C-9B1BA0AB6E60}] => (Allow) C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{407CC8E6-3FA1-46E4-B255-2846CBB016F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A14988F5-CE5D-46CF-BD12-367270083712}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD5AE993-5997-4C1B-AB9B-33B916B94E59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2CEEB4E-E1D9-4F84-8439-DDA4A8754309}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1B2D06BA-5718-4661-8379-7AA0E0DBE568}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{094B3F3D-0C3B-4DC0-845E-29EAC81E240F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{C8E773A6-389A-401F-B86D-26F33BBDC8F6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{BB8E86E7-5613-4110-BD1F-EDE306F59562}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{A8C2C96F-60F4-4D1E-A7E3-2BECE1363FB2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D8131FCA-0ABD-4478-B574-F06B712BB91E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{EC0EC309-A2F1-4B3F-A3AC-494CB33B61B5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D9A056B1-F74A-4AFB-B243-19C16480D876}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{DE2B56EA-7322-4C13-A8BC-A5357F383128}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
10-11-2016 19:33:01 スケジュールされたチェックポイント
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2016 06:53:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 05:43:11 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/10/2016 05:34:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/09/2016 06:47:24 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/09/2016 06:39:12 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/08/2016 10:46:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/08/2016 08:32:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: Dolphin.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x576cf5f6
障害が発生しているモジュール名: KERNELBASE.dll、バージョン: 6.1.7601.23543、タイム スタンプ: 0x57d2fe27
例外コード: 0x80000003
障害オフセット: 0x00000000000331f2
障害が発生しているプロセス ID: 0x830
障害が発生しているアプリケーションの開始時刻: 0x01d239b3b6e4d9f8
障害が発生しているアプリケーション パス: D:\Dolphin\Dolphin.exe
障害が発生しているモジュール パス: C:\Windows\system32\KERNELBASE.dll
レポート ID: 141157cd-a5a7-11e6-a64d-1078d22a1601
Error: (11/08/2016 08:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: Dolphin.exe、バージョン: 0.0.0.0、タイム スタンプ: 0x576cf5f6
障害が発生しているモジュール名: KERNELBASE.dll、バージョン: 6.1.7601.23543、タイム スタンプ: 0x57d2fe27
例外コード: 0x80000003
障害オフセット: 0x00000000000331f2
障害が発生しているプロセス ID: 0x16e0
障害が発生しているアプリケーションの開始時刻: 0x01d239b36d377504
障害が発生しているアプリケーション パス: D:\Dolphin\Dolphin.exe
障害が発生しているモジュール パス: C:\Windows\system32\KERNELBASE.dll
レポート ID: dd85f8ca-a5a6-11e6-a64d-1078d22a1601
Error: (11/08/2016 07:02:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/08/2016 06:53:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
System errors:
=============
Error: (11/10/2016 07:26:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: デバイス \Device\Harddisk1\DR1 に不良ブロックがあります。
Error: (11/10/2016 06:52:13 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/10/2016 06:52:13 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/10/2016 06:52:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm サービスを、次のエラーが原因で開始できませんでした:
指定されたファイルが見つかりません。
Error: (11/10/2016 05:33:44 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/10/2016 05:33:44 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/10/2016 05:33:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm サービスを、次のエラーが原因で開始できませんでした:
指定されたファイルが見つかりません。
Error: (11/09/2016 08:12:45 PM) (Source: volsnap) (EventID: 36) (User: )
Description: ユーザーが設定した制限値のためにシャドウ コピーの記憶域を拡張できなかったためにボリューム C: のシャドウ コピーが中止しました。
Error: (11/09/2016 07:57:02 PM) (Source: Disk) (EventID: 7) (User: )
Description: デバイス \Device\Harddisk1\DR1 に不良ブロックがあります。
Error: (11/08/2016 10:45:08 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
CodeIntegrity:
===================================
Date: 2015-11-14 19:39:03.947
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET Smart Security 6.0\upgrade.exe のイメージの整合性を検証できません。
Date: 2015-11-12 19:06:44.937
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET Smart Security 6.0\upgrade.exe のイメージの整合性を検証できません。
Date: 2015-01-24 18:27:42.595
Description: ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。
Date: 2015-01-24 18:27:42.548
Description: ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。
Date: 2012-12-26 21:29:03.808
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HardRe: トロイの木馬? - 泣面蜂
2016/11/10 (Thu) 22:18:43
まことに申し訳ないんですが、金、土と泊まりなので返信できません。
帰ってから続きをお願いします。Re: トロイの木馬? - 管理人です
2016/11/10 (Thu) 22:31:43
はいはい、ご心配なく。泣面蜂さんは、ほんとにすごいがんばり屋さんだなあと思っていました。それはゆきぃさんも、ほむさんも全く同じでして。皆さんPUP類に感染してました。今回、良い機会となりました。順調に問題解決できています。あとすこし、頑張りましょうネ
では、良い週末を。Re: トロイの木馬? - 管理人です
2016/11/10 (Thu) 23:40:36
泣面蜂さんへ
FRST.exeのlogありがとうございました。興味深いlogですね。
❶ええと確認させてください。ESETのfirewallは有効になってますよね。
マイクロソフト純正のwindows純正firewallも「有効」になってませんか?
ESETのfirewallが有効になっていることを確認の上、windows純正firewallは「無効」にしてください。
http://faq.buffalo.jp/app/answers/detail/a_id/306
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=011761
❷
まずIEの「お気に入り」をバックアップして、USBメモリか、あるいは空のDVD-RにIE「お気に入り」をバックアップしてください。「お気に入り」のバックアップは、一旦、デスクトップ上に保存してください(あとで見つけるのが楽ちんだからです)。デスクトップに保存してから、USBメモリ、あるいは空のDVD-Rに保存してください。
❸
同じく、Chromeなどの「お気に入り(Bookmark)」も必要であればバックアップしてください。
❹Firefoxのお気に入り(Bookmark)もバックアップし空のDVD-RまたはUSBメモリにバックアップしてください
----------------------
IE
Firefox
Chrome
ブラウザを初期化します。haoなどが食い込んでいるので、良い機会だから初期化しブラウザを綺麗に掃除します。
初期化後の設定も必要となります(広告ブロッカーのアドオンなども必要となりますね)
まずはブラウザの「お気に入り(Bookmark)」をバックアップ(保存)してください。
Re: トロイの木馬? - 管理人です
2016/11/10 (Thu) 23:48:56
修復ディスクとシステム復元に関して
http://ore-sama123.bbs.fc2.com/?act=reply&tid=5501652 熟読してメモをしておいてください。これは「万が一」のトラブル発生に対処する方法です。万が一OSの状態が悪化して起動が不安定となった場合は
修復ディスクをDVDドライブに入れ、PCを再起動します(ただし再起動後、DVDを一番最優先に読みこんでくれる設定になっていることが必要)。
↓
修復ディスクが読み込まれてブート開始できれば、「システム回復オプション」画面に到達します。「システムの復元」を選択し、事前に自作しておいた「復元ポイント」を選択すればトラブル発生前のOS状態に復帰することができます。Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 02:31:44
ええとですね?
windows純正firewallが「有効」になっていませんか?確認お願いします。ESETのfirewallが有効になってますから、windows純正firewallは不要です。無効設定にしてください。
Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 02:43:04
FirewallRules: [TCP Query User{40E8C79A-ED56-40E6-9A4F-434961FC83D3}D:\μtorrent\utorrent.exe] => (Block) D:\μtorrent
\utorrent.exe
---------------------------------------
↑
D:\μtorrent\utorrent.exe ←これはどのような目的で使用されてますか?もしも「お宝ファイルをダウンロードしたくて」使っているのなら、速やかにアンインストールへ。P2PでのMalware感染は致命傷となりますのでね。
Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 03:53:02
隠しフォルダを表示する設定をしてください(必須)
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=012986
*
拡張子を表示する設定してください(必須)
https://121ware.com/qasearch/1007/app/servlet/qadoc?QID=013547
-----------------------------------------------
ブラウザを初期化します
「ゆきぃ」さんのhttp://ore-sama123.bbs.fc2.com/?act=reply&tid=5499756スレッドの「2016/11/12 (Sat) 01:30:09*.zaq.ne.jp」から以降の記事を熟読してください。Zoek.exeを使いブラウザ初期化します。
Zoek.exeのダウンロードは→ http://download.bleepingcomputer.com/smeenk/
「Zoek.exe」をダウンロードしてください。ESETがダウンロードを阻止する場合、一旦ESETを停止させダウンロードへ。ESETが妨害する場合はZoek.exeを「安全なソフトだ」とESETに記憶させてください。
❷Zoek.exeを管理者権限で起動すること。
More Optionsをクリック
↓
☑Empty Temp
☑IE Defaults
この2つに「✔」を入れること
❸さらに指示を出すので次の投稿を読むこと(まだまだ作業指示は続きます、すこし時間くださいね)。Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 17:15:19
Zoek.exeの作業指示続編
貼付写真を参考に
Zoek.exeの空欄(赤丸部分。そこはscriptやコマンドを書き込むスペースである)に以下のコマンドをコピペしてほしい
-----------------------(この破線は含まない)------------------------------
createsrpoint;
ffdefaults;
chrdefaults;
-----------------------(この破線は含まない)------------------------------
Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 17:22:52
「Run Script」をクリックする。
Re: トロイの木馬? - 管理人です
2016/11/13 (Sun) 17:29:59
Zoek.exeでブラウザなどの修復作業をする時、ブラウザは全部閉じてください。ESETがZoek.exeを妨害するようならESETを一時停止へ。
Zoek.exeの作業は時間がかかる場合がある。じっと我慢、我慢。
Zoek.exeの作業が完了するとPCを再起動せよという趣旨のメッセージが表示されるので再起動へ。
❷PC再起動後、IEを起動してください。IEから「不明なプログラムがホームページをhttp,,,,,,,,,,,」と警告してくるので「変更」をクリックしてください。するとIEのホームページは「MSN(これがデフォルト設定)」にセッティングされます(貼付写真を参考に)。
IEを終了させ、次Firefoxを起動させ「デフォルト(初期)設定」にされているか確認。Chromeも同じく確認へ。
IE
Firefox
Chrome
初期化完了しているか、教えてください。
Re: トロイの木馬? - 泣面蜂
2016/11/14 (Mon) 19:30:50
お疲れ様です。
帰ってまいりました。
余計なソフトの削除、Zoekの作業完了しました。
ブラウザの初期化完了していると思いますが、お気に入りなどが以前のまま残っていても問題ないでしょうか?Re: トロイの木馬? - 管理人です
2016/11/14 (Mon) 19:37:47
【お気に入りなどが以前のまま残っていても問題ないでしょうか?】
↑
ええとですね「ざっくり」とIEのお気に入りを眺めて「あれ?こんなお気に入りはしていない」というものがなければ、OKです。
❷ゆきぃ、さんの http://ore-sama123.bbs.fc2.com/?act=reply&tid=5499756
「2016/11/12 (Sat) 01:51:33。*.zaq.ne.jp」記事を読み、Zoek.exeのlogを全文見せてください。
❸さらに「もう一度」FRST.exeを使ってlogを2個採取し、全文見せてください。
そこで異変がなければ、作業完了にしたいと考えています(あと少しです)
Re: トロイの木馬? - 管理人です
2016/11/14 (Mon) 19:56:40
書き忘れ
広告ブロッカーを組み込んでおいてください
❶IE
http://www.japan-secure.com/entry/blog-entry-387.html
❷Firefox
https://addons.mozilla.org/ja/firefox/addon/adblocker-ultimate/
❸Chrome
https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=ja
ublock-originを組み込みへ。Re: トロイの木馬? - 泣面蜂
2016/11/14 (Mon) 20:37:26
Zoekのlogです
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Koki on 2016/11/14 at 19:17:53.04.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Koki\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]
==== System Restore Info ======================
2016/11/14 19:18:37 Zoek.exe System Restore Point Created Successfully.
==== FireFox Fix ======================
Deleted from C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com/firefox");
user_pref("browser.search.defaulturl", "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
Added to C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default
- G Data BankGuard - C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- G Data BankGuard - %AppDir%\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
==== Firefox Plugins ======================
Profilepath: C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default
3EE8AE0ECFE5D79DE1737A855AD1E84C - C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll - Google Update
EF3CA2A515FEC970E22D2C424A42401E - C:\Users\Koki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
E4FED37B5A56609AEFD70D3349F66D3E - C:\GameOn\Common files\nppmangsupport.dll - pmangsupport
0049AFE00F51711307C72E94FD5C9463 - C:\GameOn\Common files\nppmangdiagnostic.dll - pmangdiagnostic
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
2B29A51C342AD3B0C186DCBB9DE468F4 - C:\ProgramData\NexonJP\NGM\npNxGameJP.dll - Nexon Game Controller
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft? Windows? Operating System
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.yahoo.co.jp/"
"Search Bar"="http://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
HKCU\SearchScopes\{DDEB2F82-8BD6-4C43-B35A-197CDEAB1931} - http://search.jword.jp/cns.dll?type=jwd&fm=10&agent=&bypass=2&partner=AP&lang=utf8&name={searchTerms}
==== Reset Google Chrome ======================
C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Koki\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koki\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koki\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Koki\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Koki\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 2016/11/14 at 19:21:36.66 ======================
Re: トロイの木馬? - 泣面蜂
2016/11/14 (Mon) 20:43:40
FRSTのAdditionalのlogです
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Koki (14-11-2016 20:41:20)
Running from C:\Users\Koki\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-11 06:41:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4261260701-416543501-3130217906-500 - Administrator - Disabled)
Guest (S-1-5-21-4261260701-416543501-3130217906-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4261260701-416543501-3130217906-1002 - Limited - Enabled)
Koki (S-1-5-21-4261260701-416543501-3130217906-1000 - Administrator - Enabled) => C:\Users\Koki
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: ESET Smart Security 9.0.396.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESETパーソナルファイアウォール (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
(x32 Version: 1.00.0000 - WILLPLUS) Hidden
FLIGHT DIARY (x32 Version: 1.00.0000 - WILLPLUS) Hidden
『こいなか-小田舎で初恋x中出しセクシャルライフ-』 (HKLM-x32\...\{DAC21033-F3ED-4BD2-9340-C8798B73D1C5}) (Version: 1.00.0000 - eRONDO)
× (x32 Version: 1.00.0000 - WILLPLUS) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{00BBECAB-CFA1-41CA-8285-1335D41C990A}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Apple Application Support(32 ビット) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOOK☆WALKER for Windows (HKLM-x32\...\{3D32F7EC-63D3-48D1-9974-AB17645B1E30}) (Version: 1.2.2 - 株式会社ブックウォーカー)
BUFFALO AirStation倍速設定ツール(アンインストール) (HKLM-x32\...\UN900120) (Version: - )
BUFFALO クライアントマネージャV (HKLM-x32\...\UN900119_is1) (Version: 1.4.6 - BUFFALO INC.)
BUFFALO ソフトウェアルーター設定ツール (HKLM-x32\...\BUFFALO SoftAP) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
ChuSingura46+1 (HKLM-x32\...\ChuSingura46+1_is1) (Version: 1.0.0 - インレ)
ChuSingura46+1 武士の鼓動 (HKLM-x32\...\ChuSingura46+1 武士の鼓動_is1) (Version: 1.0.0 - インレ)
Common (HKLM-x32\...\Pmang_common) (Version: 1529000 - GameOn)
Craving Explorer Version 1.6.21 (HKLM-x32\...\CravingExplorer_is1) (Version: 1.6.21.0 - T-Craft)
CubePDF 1.0.0RC6 (HKLM-x32\...\{6BBF4252-CB6B-4E0B-9E5B-1719B7934917}_is1) (Version: - CubeSoft)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2813 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2109n - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1607 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4110 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2731.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMM ゲームランチャー (HKLM-x32\...\DMMGamesLauncher) (Version: - )
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
DungeonStriker (HKLM-x32\...\{6DB9EB27-FD5A-47A1-BE8B-78CA11975BA5}) (Version: 2.00.0000 - EYEDENTITY GAMES)
EaseUS Todo Backup Free 8.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.6 - CHENGDU YIWO Tech Development Co., Ltd)
ELECOM JC-PS101U series 3.0 (HKLM-x32\...\ELECOM JC-PS101U series_is1) (Version: - )
ESET Smart Security (HKLM\...\{205CC3F8-B7B9-46D2-BD5D-F5083FDCDF27}) (Version: 9.0.349.19 - ESET, spol. s r.o.)
Gamepot Web実行環境 (HKLM-x32\...\{9864624D-FE15-422F-BDBB-5DC0D9AA904A}) (Version: 1.1.0 - Gamepot)
GIZMO (HKLM-x32\...\{AC75041A-BCDA-4606-A6C7-DFE3760D29AF}) (Version: 3.24.0000 - ants Inc.)
GIZMO テレビ連携 for PIXELA (HKLM-x32\...\{2F92D7A4-701A-45EB-95C6-CF610E7B6D45}) (Version: 1.0.0 - ants Inc.)
GIZMO テレビ連携 for PIXELA 2 (HKLM-x32\...\{1976F816-F838-4C2D-AC91-AF688351DD56}) (Version: 1.0.0 - ants Inc.)
GIZMO テレビ連携 for Windows Media Center (HKLM-x32\...\{42B44AE0-E0C3-4346-8FCC-A3E091CA41AF}) (Version: 1.1.2 - ants Inc.)
GIZMO テレビ連携 コアコンポーネント (HKLM-x32\...\{F03FB836-F44A-4AF1-A55B-087ECAAC0FA0}) (Version: 1.0.1 - ants Inc.)
Google Chrome (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{FE76ABFF-A677-4EED-8D50-3FC2F1E34852}) (Version: 2.19.2680.0 - Google Inc.)
Hangame (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Hangame.com) (Version: - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JWord プラグイン (HKLM-x32\...\JWord プラグイン) (Version: 2.5.5.65 - JWord Inc.)
LOVELY×C∧TION2 (HKLM-x32\...\LOVELY×C∧TION2_is1) (Version: 1.00 - hibiki works)
LOVELY×C∧TION-もうずっと初恋の日々エディション- (HKLM-x32\...\LOVELY×C∧TION-もうずっと初恋の日々ミA6A2F3DB_is1) (Version: 1.00 - hibiki works)
Malwarebytes Anti-Malware バージョン 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.103.12020 (HKLM-x32\...\{C38180CE-9165-E800-FAD3-F1AC427836B9}) (Version: 2.16.103.12020 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - ja-jp (HKLM\...\O365HomePremRetail - ja-jp) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{17b12e02-9e0f-435b-a641-6fa68bb60b6d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 8.0 (x86 ja) (HKLM-x32\...\Mozilla Firefox 8.0 (x86 ja)) (Version: 8.0 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
NVIDIA 3D Vision コントローラー ドライバー 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision ドライバー 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA HD オーディオ ドライバー 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX システム ソフトウェア 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA グラフィックス ドライバー 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Onigiri_JP (HKLM-x32\...\{4CB31D60-8069-4581-B919-F68012327725}) (Version: 1.00.0000 - CyberStep, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang)
PrimoPDF (HKLM-x32\...\PrimoPDF4.1.0.10) (Version: 4.1.0.10 - activePDF)
Princess Evangile ~W Happiness~ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{1BF2BFDC-8C12-4C3D-ACD0-2CD7A639C828}) (Version: 1.00.0 - MOONSTONE)
Pro Cycling Manager - La Vuelta - Temporada 2012 versión 1.4.0. (HKLM-x32\...\Pro Cycling Manager 2012_is1) (Version: 1.4.0.0 - Cyanide)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RogueKiller version 12.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.8.0.0 - Adlice Software)
sdrt(5.0, 64bit) (HKLM\...\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}) (Version: 5.0.3.0 - パルティオソフト株式会社)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Yahoo!ツールバー (HKLM-x32\...\Yahoo!Jツールバー) (Version: 7.3.0.14 - Yahoo! JAPAN.)
あっぱれ!天下御免 (HKLM-x32\...\{4C2A44AE-1EA9-48DF-A34F-6DDF54C1AA61}) (Version: 1.00.0000 - 株式会社ネクストン)
あっぱれ!天下御免[祭] (HKLM-x32\...\{7CB7F8D8-618E-4130-BB88-32034EF62AF9}) (Version: 1.00.0000 - 株式会社ネクストン)
あなたの事を好きと言わせて (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{647680A6-862A-439F-A585-BD83593BC4FE}) (Version: 1.00.0000 - WILLPLUS)
アマカノ (HKLM-x32\...\nxt_amakano) (Version: - )
アマカノ~Second Season~ (HKLM-x32\...\amakano2s) (Version: - )
カミカゼ☆エクスプローラー! (HKLM-x32\...\cl_kamikaze) (Version: - )
この大空に、翼をひろげて (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{20ADC9A3-55B0-4A63-8E17-5AC2C57E58C7}) (Version: 1.00.0000 - WILLPLUS)
この大空に、翼をひろげて FLIGHT DIARY (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{0A3E9ABF-9365-4B44-BA12-1D156EFD9545}) (Version: 1.00.0000 - WILLPLUS)
コンテンツ管理アシスタント for PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
デュエリスト×エンゲージ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{2BE1866A-8824-4BA8-AA82-A4A93BB9E219}) (Version: 1.00.0000 - WILLPLUS)
テレビNaviガジェット (HKLM-x32\...\{CB7EFD74-FD3A-4791-BDB9-A865C44EDE6E}) (Version: 1.12.1000 - 株式会社プレゼントキャスト)
テレビNaviガジェット (x32 Version: 1.12.1000 - 株式会社プレゼントキャスト) Hidden
トラベリングスターズ (HKLM-x32\...\トラベリングスターズ) (Version: - HOOKSOFT)
ナマイキデレーション (HKLM-x32\...\ナマイキデレーション) (Version: - )
はぴねす! (HKLM-x32\...\happiness) (Version: - )
はぴねす!りらっくす (HKLM-x32\...\HapiRelucks) (Version: - )
もっと 姉、ちゃんとしようよっ! (HKLM-x32\...\もっと 姉、ちゃんとしようよっ!) (Version: 1.9 - INTERHEART)
もっと 姉、ちゃんとしようよっ!AS (HKLM-x32\...\もっと 姉、ちゃんとしようよっ!AS) (Version: 1.9 - INTERHEART)
ヤキモチストリーム (HKLM-x32\...\http://madosoft.net/yakimochi/_is1) (Version: 1.00 - まどそふと)
ラヴレッシブ (HKLM-x32\...\{89F673F2-6FD8-4E4E-A20A-AB295518417B}) (Version: 1.0.0 - スミレ)
リモート接続用の Windows Live Mesh ActiveX コントロール (日本語) (HKLM-x32\...\{BAF0CA91-4642-46C8-9BCD-C93B61508701}) (Version: 15.4.5722.2 - Microsoft Corporation)
レーシャル・マージ (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{49490C93-CDE5-4740-B015-79D894062415}) (Version: - AXL)
ワルキューレロマンツェ (HKLM-x32\...\Ricotta_Walkure001) (Version: - Ricotta)
ワルキューレロマンツェ More&More (HKLM-x32\...\Ricotta_WalkureRomanzeMoreMore001) (Version: - Ricotta)
乙女が奏でる恋のアリア (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{F056A851-D783-4F7A-A7EC-CBCA928F9748}) (Version: 1.00.0000 - WILLPLUS)
乙女が紡ぐ恋のキャンバス (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{D4461EDB-4577-468C-9AE4-5E3C32B23755}) (Version: 1.00.0000 - WILLPLUS)
乙女が紡ぐ恋のキャンバス 二人のギャラリー (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{1B63232A-20DD-4444-8854-E55A64149BFA}) (Version: 1.00.0000 - WILLPLUS)
花と乙女に祝福を (HKLM-x32\...\花と乙女に祝福を) (Version: - )
花と乙女に祝福を ロイヤルブーケ (HKLM-x32\...\花と乙女に祝福を ロイヤルブーケ) (Version: - )
姉小路直子と銀色の死神 (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\姉小路直子と銀色の死神_is1) (Version: 1.00 - みなとカーニバル)
祝福のカンパネラ (HKLM-x32\...\wm_cp) (Version: - )
処女(おとめ)はお姉さま(ボク)に恋してるDVD版 の削除 (HKLM-x32\...\OTOBOKU) (Version: - )
処女はお姉さまに恋してる ~2人のエルダー (HKLM-x32\...\OTBK2) (Version: - )
真・恋姫†英雄譚1 (HKLM-x32\...\KoihimeEiyuutan01) (Version: - )
真・恋姫†英雄譚2 (HKLM-x32\...\KoihimeEiyuutan02) (Version: - )
真・恋姫†英雄譚3 (HKLM-x32\...\KoihimeEiyuutan03) (Version: - )
真剣で私に恋しなさい!S (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Majikoi_S) (Version: - みなとそふと)
水の都の洋菓子店(パティスリー) (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{F6B051A4-4902-4704-897E-EEE730C01644}) (Version: - すたじお ちゃお)
戦極姫5~戦禍断つ覇王の系譜~ (HKLM-x32\...\{360ED2EA-B894-4F27-A9A1-030D90523A72}) (Version: 1.00.0000 - unicorn-a)
戦国†恋姫 ~乙女絢爛☆戦国絵巻~ (HKLM-x32\...\baseson_sengoku) (Version: - )
戦国†恋姫X ~乙女絢爛☆戦国絵巻~ (HKLM-x32\...\nxt_sengokux) (Version: - )
辻堂さんのバージンロード (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\辻堂さんのバージンロード_is1) (Version: 1.00 - みなとカーニバル)
辻堂さんの純愛ロード (HKLM-x32\...\辻堂さんの純愛ロード_is1) (Version: 1.00 - みなとカーニバル)
舞風のメルト -Where leads to feeling destination- (HKLM-x32\...\maikaze) (Version: 1.00 - Whirlpool)
恋する乙女と守護の楯 (HKLM-x32\...\恋する乙女と守護の楯) (Version: - )
恋騎士 Purely☆Kiss (HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\{2709704B-30C8-49B0-A91B-B6E785099610}) (Version: - エフォルダムソフト)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4261260701-416543501-3130217906-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {083F7EAB-94E3-476D-8520-EAF65AE720E3} - System32\Tasks\GoogleUpdateTaskMachineUA1d15da1c332f980 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0B95221C-EEE7-4793-8514-317107232D74} - System32\Tasks\GoogleUpdateTaskMachineUA1ce7a26c5e78091 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13A25AB7-859F-4C1C-ABE4-76F0812B876F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {149C9CCE-BE70-4796-8CE7-DDCBBA47A475} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f2151f622ef8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {14F1F064-9AF5-487C-AEF2-04641F24DF80} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f2151fd933c6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {16901233-F3A3-4745-8767-0BF640D6CA9D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0935c5c4bce73 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2152E0F8-AAF0-4AF8-9C85-B69E42B35CD2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7ca33067017 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {21CC5770-E818-4DC4-815F-3FE4288B857E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d15e387f3d305d => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {229AF31C-E4FD-4D39-BC86-618EA8CD1212} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0ef953bbcb2aa => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {23921E03-B69D-4B1F-954E-299A5B7ECF16} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1ce7faf4607ef26 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2F8F0860-8502-45B9-AB13-56EA32EF5895} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4261260701-416543501-3130217906-1000
Task: {33DF24CC-792C-4CB1-A632-97E9F24FF6DE} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfaf21f746a2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {38BE21E2-F36F-4764-AA5C-064F4F2397A4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d08fe0fcd39196 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {45806902-9F32-48AD-BA9D-A886081C218E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {4DBE0D97-AFD3-49E1-A6BD-548C6EC9895A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e30ed413696b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4F0066B9-9FCE-4890-B166-0C8AD64E4162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d12cf9ccdf4c0f => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {505B5884-DB68-48DD-A3F6-0FFE8DE33EA2} - System32\Tasks\GoogleUpdateTaskMachineCore1d04146bd7a736 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {56196429-804F-47EC-99AA-73D353593154} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0bfae94b6fec0 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {57D1070B-D01F-4F27-92A9-209F03BFA708} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {586058BA-03B3-4B83-A7E7-E200C1D11B4F} - System32\Tasks\GoogleUpdateTaskMachineUA1d04146ce3c7f6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {63EFF2A2-0A5B-4C00-86B1-8C10989B874A} - System32\Tasks\{ABC270D2-61A6-436F-B4A2-C93DB38106F9} => pcalua.exe -a I:\GAME\祝福のカンパネラ\uninst.exe -d I:\GAME\祝福のカンパネラ
Task: {6BD68A52-0971-46B4-BFFE-02AFEB652D4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d04061e825b817 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {70F444FD-7998-43FE-B19F-9DC9AA56AFB3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0ef953c576c1b => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7A7704A3-FE07-4BA1-A6C3-30889B9E1578} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e30ed39ec5fe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {800127FB-6A83-493C-8333-8957A4B1F5F4} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfaf216f9833 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {80F24B89-43B6-40CB-BCC9-A20B44CA88BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d15e387febc26b => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E98BF69-1C6A-44F3-B938-38FDDA6CFB5F} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7faffdca8721 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {924226DB-5277-4EAD-B732-E76432C8B5FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7faf46d3f4b3 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {938D181B-3B72-4CF5-9784-4E9F424332E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-29] (Piriform Ltd)
Task: {990DD5F7-55E3-41FC-9E3A-BBE19AE12B61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {AA35B986-2CFD-4612-B89F-C14DB068AF35} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0e178b6b1c4ed => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AB318D9F-F721-44A8-8972-F5B32EED7ADE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-10-04] (Microsoft Corporation)
Task: {B285135B-307B-448F-AEE9-6D58CAB81FBB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0e178b74346ff => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C9C4AFF1-4B71-4E96-9ED5-6C7B72383FC8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6b65ebc22678 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CB5957D7-9D0A-4A6B-8096-30EA05D38773} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0bfae9423696f => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CD7DE52D-7EC2-4606-83FC-7BBA8C49ABEF} - System32\Tasks\GoogleUpdateTaskMachineCore1d12f34b956ae14 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D94616BF-DDA1-411B-968A-A2FEE29ABDCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {DF5C3D17-BCEE-463C-817B-CCA52EAD25FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d04061e59b8141 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E475BBAE-A0D8-494E-9621-8EBFD27B322F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d08fe0fc425da5 => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4A04D06-A8DA-4822-A9BB-97A58736E58D} - System32\Tasks\GoogleUpdateTaskMachineUA1d12f34b9fcdb93 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E6AD9486-5BC6-4934-A715-2CBB2BBF386B} - System32\Tasks\{45E1CA70-FFFF-4EB4-AF34-169C23ABF003} => pcalua.exe -a C:\Windows\PmangDownloader.exe -c /UINSTL=%s,%s
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faffdca8721.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04146bd7a736.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfaf216f9833.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e30ed39ec5fe.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f2151f622ef8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f34b956ae14.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7a26c5e78091.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b65ebc22678.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04146ce3c7f6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0935c5c4bce73.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfaf21f746a2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e30ed413696b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f2151fd933c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12f34b9fcdb93.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15da1c332f980.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1ce7faf4607ef26.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d04061e59b8141.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d08fe0fc425da5.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0bfae9423696f.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0e178b6b1c4ed.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d0ef953bbcb2aa.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000Core1d15e387f3d305d.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7ca33067017.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1ce7faf46d3f4b3.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d04061e825b817.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d08fe0fcd39196.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0bfae94b6fec0.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0e178b74346ff.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d0ef953c576c1b.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d12cf9ccdf4c0f.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4261260701-416543501-3130217906-1000UA1d15e387febc26b.job => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-01-11 17:42 - 2006-11-07 08:55 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2012-11-18 20:01 - 2015-08-07 09:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-30 15:14 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-06-13 13:04 - 2010-09-15 17:50 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-16 15:01 - 2012-07-16 15:01 - 00070184 _____ () C:\Windows\system32\bdmpega64.acm
2015-09-27 11:39 - 2015-06-23 01:08 - 00245800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2011-07-01 09:39 - 2011-07-01 09:39 - 03629128 _____ () C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
2016-09-29 01:26 - 2016-09-29 01:26 - 00032768 _____ () C:\Program Files\CCleaner\lang\lang-1041.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00186920 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-09-27 11:39 - 2015-08-01 15:10 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-09-27 11:38 - 2015-03-14 11:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-09-27 11:38 - 2015-03-14 11:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-09-27 11:39 - 2015-03-14 11:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-09-27 11:39 - 2015-06-23 00:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-09-27 11:38 - 2015-08-01 15:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-09-27 11:39 - 2015-06-23 00:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-09-27 11:38 - 2015-06-23 00:58 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-09-27 11:38 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-09-27 11:39 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2011-01-20 20:14 - 2011-01-20 20:14 - 00871424 _____ () C:\Program Files (x86)\GIZMO2\js32.dll
2016-11-09 18:37 - 2016-11-09 18:37 - 19640512 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 11:34 - 2009-06-11 06:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Koki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C61C1C91-B4FD-4CCD-9567-3A74B6F9EFC6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D5691D4C-958F-4310-B736-E4F6080039ED}] => (Allow) LPort=2869
FirewallRules: [{F6A813EC-E765-4DEC-94F3-C2770C0B30E5}] => (Allow) LPort=1900
FirewallRules: [{588F0AD9-2F93-4FAA-A614-76066B1FB5B1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{52A72728-FB09-4FBD-AF10-B28C8F73678C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E28296DE-A076-48E1-847A-A4D6B45E39BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{7D7C8060-7972-49E1-9947-68020E4F0F72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F41544ED-1EC2-456E-B775-B59EEE8FA2C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{183D1FB3-D12F-441D-94E5-4F06368E7622}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2451FDBE-3949-413A-B286-15B259E38982}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E25FC6A6-0C11-44B2-9837-9CFCD75F2DC1}] => (Allow) C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
FirewallRules: [{E8F38DD3-CE76-40E1-83F3-F5FB72A69A1D}] => (Allow) C:\ProgramData\NexonJP\NGM\NGM.exe
FirewallRules: [{2F2509A1-E145-40C4-9B33-7BBE69FA8F0D}] => (Allow) C:\ProgramData\NexonJP\NGM\NGM.exe
FirewallRules: [{15A601D4-9EF4-47CD-AE86-2DEF4670471C}] => (Allow) D:\Vector\FNOnline\Launcher.exe
FirewallRules: [{59D0C37D-818E-4EE4-82A0-9093048C1A79}] => (Allow) D:\Vector\FNOnline\Launcher.exe
FirewallRules: [{8F7B2D7A-63F9-4275-9037-E806E291B464}] => (Allow) D:\Vector\FNOnline\_Launcher.exe
FirewallRules: [{D8A2FF37-0F42-4C83-B14D-D230ADA39D16}] => (Allow) D:\Vector\FNOnline\_Launcher.exe
FirewallRules: [{D5A787B6-089B-45FB-9675-C935A9DA5368}] => (Allow) D:\¼Torrent\uTorrent.exe
FirewallRules: [{77E99738-2796-41AC-A631-5FBF36F65360}] => (Allow) D:\¼Torrent\uTorrent.exe
FirewallRules: [{921A0C96-B79C-48DA-9594-5A6645676C00}] => (Allow) D:\Vector\harezora\_Launcher.exe
FirewallRules: [{D74EBB7F-4413-42D1-BB7A-9C28B32D2FBD}] => (Allow) D:\Vector\harezora\_Launcher.exe
FirewallRules: [{76485A0D-89DC-448C-83C4-175AEEB344C6}] => (Allow) D:\DNEST\DragonNest.exe
FirewallRules: [{FFCA2B8A-96F5-4AE2-83A0-3D3B4EF11888}] => (Allow) D:\DNEST\DragonNest.exe
FirewallRules: [TCP Query User{40E8C79A-ED56-40E6-9A4F-434961FC83D3}D:\μtorrent\utorrent.exe] => (Block) D:\μtorrent\utorrent.exe
FirewallRules: [UDP Query User{AB72C52A-0238-4B0F-A2E5-F7DFC38FD787}D:\μtorrent\utorrent.exe] => (Block) D:\μtorrent\utorrent.exe
FirewallRules: [{F55674FA-7C72-427E-BBDD-D57FDDD18E10}] => (Allow) C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe
FirewallRules: [{D7AE9355-7BD3-4B4D-9BAA-54C4ABEBDC37}] => (Allow) C:\Users\Koki\AppData\Local\Temp\7zS1A14.tmp\SymNRT.exe
FirewallRules: [{C3A09410-6072-423C-9818-4682D552C687}] => (Allow) C:\HanPurple\DNEST\DragonNest.exe
FirewallRules: [{DBE70640-CA4F-4653-87EA-3C003318CFBB}] => (Allow) C:\HanPurple\DNEST\DragonNest.exe
FirewallRules: [TCP Query User{64F6BDC9-3982-4693-95B4-9241B22AEDF6}C:\windows\downloaded program files\reactor.exe] => (Allow) C:\windows\downloaded program files\reactor.exe
FirewallRules: [UDP Query User{978EB629-B106-4364-948F-E74B10599F07}C:\windows\downloaded program files\reactor.exe] => (Allow) C:\windows\downloaded program files\reactor.exe
FirewallRules: [{D1E39886-683E-413B-B53F-BC7C46364B5A}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\PCM.exe
FirewallRules: [{05F110F9-5749-4D7D-A352-3245E37F5F83}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\PCM.exe
FirewallRules: [{86A2C01D-CEB9-4754-90B3-82E286594EFE}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\Autorun\Exe\Autorun.exe
FirewallRules: [{FC7F2859-94C2-412B-AD10-FD45F44F4CA1}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2012\Autorun\Exe\Autorun.exe
FirewallRules: [{4EBADBF4-3182-42E4-83DB-BD78D33E62CB}] => (Allow) C:\GameOn\archeage\bin32\patcher.exe
FirewallRules: [{67994915-AC14-43FF-A772-98C82C2C661E}] => (Allow) C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe
FirewallRules: [{E456BE92-F878-4E14-B644-810B04A00A19}] => (Allow) C:\Users\Koki\AppData\Roaming\xlgames\xlKCSDownload_JP\xlKCSDownload_JP.exe
FirewallRules: [{6A748278-2C8A-4293-8211-E6A50D0924C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3E6E57BE-0135-4595-A198-72255AF7F25D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{73B3B57A-7DAC-4898-B0CF-893FD18BB6F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CE90758D-ACBD-4EC3-BD9C-85DA32B8D885}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{021D20DB-1FE3-4C72-A6A5-FF6305412485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC70FFCB-E44C-4907-815D-DFD89CA67161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4395CD13-9091-48B6-A41B-9F977AAA7602}] => (Allow) C:\GameOn\archeage\Bin32\patcher.exe
FirewallRules: [{39C18C7B-47B9-4592-A625-5350A1100CA5}] => (Allow) C:\Gamepot\MIRROR WAR\MWSClient.exe
FirewallRules: [{9BE63AD6-1D6C-488D-8495-CA8065C1F023}] => (Allow) C:\Gamepot\MIRROR WAR\MWSClient.exe
FirewallRules: [{87337724-4DF0-4289-AF8B-1FF0DE96EA0B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3A17C012-9D0B-4291-889C-9B1BA0AB6E60}] => (Allow) C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{407CC8E6-3FA1-46E4-B255-2846CBB016F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A14988F5-CE5D-46CF-BD12-367270083712}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD5AE993-5997-4C1B-AB9B-33B916B94E59}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2CEEB4E-E1D9-4F84-8439-DDA4A8754309}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1B2D06BA-5718-4661-8379-7AA0E0DBE568}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{094B3F3D-0C3B-4DC0-845E-29EAC81E240F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{C8E773A6-389A-401F-B86D-26F33BBDC8F6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{BB8E86E7-5613-4110-BD1F-EDE306F59562}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{A8C2C96F-60F4-4D1E-A7E3-2BECE1363FB2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D8131FCA-0ABD-4478-B574-F06B712BB91E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{EC0EC309-A2F1-4B3F-A3AC-494CB33B61B5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D9A056B1-F74A-4AFB-B243-19C16480D876}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{F58E878F-3FEF-44A5-AD07-30C611D46F78}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
14-11-2016 19:03:50 ブラウザ初期化
14-11-2016 19:18:31 zoek.exe restore point
14-11-2016 20:24:56 Installed Adblock Plus for IE (32-bit and 64-bit)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/14/2016 07:22:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/14/2016 07:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/14/2016 07:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/14/2016 07:21:13 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/14/2016 06:59:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/14/2016 06:49:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/14/2016 06:48:42 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/14/2016 06:48:42 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/14/2016 06:48:42 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: Event-ID 2001
Error: (11/13/2016 01:04:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
System errors:
=============
Error: (11/14/2016 07:21:22 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/14/2016 07:21:22 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: 490@01010004
Error: (11/14/2016 07:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm サービスを、次のエラーが原因で開始できませんでした:
指定されたファイルが見つかりません。
Error: (11/14/2016 06:49:16 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
Error: (11/14/2016 06:49:16 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
Error: (11/14/2016 06:49:16 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
Error: (11/14/2016 06:49:16 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
Error: (11/14/2016 06:48:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Htsysm サービスを、次のエラーが原因で開始できませんでした:
指定されたファイルが見つかりません。
Error: (11/13/2016 01:04:22 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
Error: (11/13/2016 01:04:22 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: 予期しないエラーが発生しました。エラー コード: D@01010004
CodeIntegrity:
===================================
Date: 2015-11-14 19:39:03.947
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET Smart Security 6.0\upgrade.exe のイメージの整合性を検証できません。
Date: 2015-11-12 19:06:44.937
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET Smart Security 6.0\upgrade.exe のイメージの整合性を検証できません。
Date: 2015-01-24 18:27:42.595
Description: ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。
Date: 2015-01-24 18:27:42.548
Description: ファイル ハッシュをシステム上で検出できなかったため、Windows ではファイル \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys のイメージの整合性を検証できません。最近のハードウェアまたはソフトウェアの更新によって、正しく署名されていないファイルや壊れているファイル、または不明なソースからの悪意のあるソフトウェアであるファイルがインストールされた可能性があります。
Date: 2012-12-26 21:29:03.808
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys のイメージの整合性を検証できません。
Date: 2012-12-26 21:29:03.807
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys のイメージの整合性を検証できません。
Date: 2012-12-26 21:29:03.804
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys のイメージの整合性を検証できません。
Date: 2012-12-26 21:29:03.794
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys のイメージの整合性を検証できません。
Date: 2012-12-26 21:29:03.792
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys のイメージの整合性を検証できません。
Date: 2012-12-26 21:29:03.790
Description: ページごとのイメージ ハッシュ セットをシステム上で検出できなかったため、コードの整合性ではファイル \Device\HarddiskVolume2\Program Files (x86)\Kaspersky LRe: トロイの木馬? - 泣面蜂
2016/11/14 (Mon) 20:44:31
もうひとつのlogです
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Koki (administrator) on KOKI-PC (14-11-2016 20:40:46)
Running from C:\Users\Koki\Desktop
Loaded Profiles: Koki (Available Profiles: Koki)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(Paltiosoft Inc.) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(XTRM CORPORATION) D:\x-tune\xtune.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(ants Inc.) C:\Program Files (x86)\GIZMO2\GIZMO.exe
(ants Inc.) C:\Users\Koki\AppData\Local\GIZMO2\Data\deck\basic\basic.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ants Inc.) C:\Users\Koki\AppData\Local\GIZMO2\Data\deck\basic\lib\FPInstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-31] (Realtek Semiconductor)
HKLM\...\Run: [IME14 JPN Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [GIZMO2] => C:\Program Files (x86)\GIZMO2\GIZMO.exe [137048 2011-01-21] (ants Inc.)
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1752528 2016-10-12] (Google Inc.)
HKLM-x32\...\Run: [IME14 JPN Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81200 2012-03-14] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [3229696 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2972672 2016-08-29] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 0
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoRun] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [Google Update] => C:\Users\Koki\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [X-TUNE] => D:\x-tune\xtune.exe [196608 2007-10-09] (XTRM CORPORATION)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-29] (Piriform Ltd)
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\...\MountPoints2: {7e78c8c0-2464-11e1-906f-806e6f6e6963} - K:\Setup.exe
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Providers\Internet Print Provider: C:\Windows\SYSTEM32\inetpp.dll [166400 2016-06-26] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\SYSTEM32\win32spl.dll [756736 2016-09-10] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [K7BkOLIExcluded] -> {4143799A-96D3-41DE-9C26-D1B638AD9B9A} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [K7BkOLINotBacked] -> {5DE40518-4F5F-4608-8E71-AA04AD942FC2} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [K7BkOverlayIcon] -> {695C4C7E-8140-4CF1-A586-870C5945E1C7} => C:\Program Files (x86)\K7 Computing\K7TSecurity\K7BkOLI64.dll No File
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Koki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll [2014-12-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll [2012-01-04] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\クライアントマネージャV.lnk [2016-11-07]
ShortcutTarget: クライアントマネージャV.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (BUFFALO INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\コンテンツ管理アシスタント for PlayStation(R).lnk [2016-11-07]
ShortcutTarget: コンテンツ管理アシスタント for PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ソフトウェアルーター設定ツール.lnk [2016-11-07]
ShortcutTarget: ソフトウェアルーター設定ツール.lnk -> C:\Program Files (x86)\BUFFALO\SoftAP\SoftAP.exe ()
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C38C8ED5-3FA1-48E4-B0DB-DDA263C0A1DB}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-4261260701-416543501-3130217906-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.co.jp/
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch_64.dll (JWord Inc.)
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch.dll (JWord Inc.)
SearchScopes: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 -> {DDEB2F82-8BD6-4C43-B35A-197CDEAB1931} URL = hxxp://search.jword.jp/cns.dll?type=jwd&fm=10&agent=&bypass=2&partner=AP&lang=utf8&name={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-06] (Oracle Corporation)
BHO-x32: Windows Live ID サインイン ヘルパー -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-06] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
DPF: HKLM-x32 {0725D9DE-4CB8-4BC3-8219-3E74C0D544F7} hxxp://sample3.dmm.co.jp/downloader5/DMMDownloader.cab
DPF: HKLM-x32 {134DD8EF-7716-4538-A430-EFEB7517E6E7} hxxp://ch.icarus.gamecom.jp/Common/cab/WebLauncher.cab
DPF: HKLM-x32 {1DC420F0-D89A-40D0-B5CC-92B9AD19A1AC} hxxp://down.hangame.co.jp/jp/dist/hgstart/HGPluginJP28.cab
DPF: HKLM-x32 {255A2E53-D2E3-42DA-9C1D-36B289B8E18B} hxxp://dl.app-netgame.dmm.com/launcher/DMMLauncherAx_32.cab
DPF: HKLM-x32 {3DFE2FF1-B53D-418D-A630-F162DA1843A8} hxxp://item.koramgame.co.jp/login/hbs/AxLauncher.dll
DPF: HKLM-x32 {414ABA36-99AD-4BEC-8E93-AEDC1A08D352} hxxp://storage.capcom-networks.jp/member/contents/analyze/Fversion/MHReport.cab
DPF: HKLM-x32 {5082D9B5-5538-4C50-BDB1-C5F44BFB98CC} hxxp://down.hangame.co.jp/jp/installer/HgRunPub.cab
DPF: HKLM-x32 {7216BF69-1FB3-438C-9A51-9DA82B676BC0} hxxp://userimg.arario.jp/activeX/AraGameStarterW6.cab
DPF: HKLM-x32 {8C2E6E01-D1F6-4A94-B314-7C5DF4EE1853} hxxp://down.hangame.co.jp/jp/dist/hgstart/HGReport.cab
DPF: HKLM-x32 {C8F5F737-2683-40B8-BFB6-47B15AC20A79} hxxps://gash.gamania.co.jp/acxauth/cab/2.0.1/lcjggame.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F8160836-0C11-4CA4-AD87-944542C7BCBD} hxxp://down.hangame.co.jp/jp/purple/launcher/PubPlugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Koki\AppData\Roaming\Mozilla\Firefox\Profiles\n0n0p0t1.default [2016-11-14]
FF Extension: (G Data BankGuard) - C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2012-06-10] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-08] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-24] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\oshiete-goo.xml [2011-11-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\rakuten.xml [2011-11-05]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-jp-auctions.xml [2011-11-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-09] ()
FF Plugin-x32: @gamepot.co.jp/GamepotEXeEnvCtrl;version=1 -> C:\Program Files (x86)\Gamepot\GPEXE\\npGPEXE.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-06] (Oracle Corporation)
FF Plugin-x32: @kunlun.com/Launcher -> C:\Windows\system32\npLauncher.dll [2012-02-24] (Kalends)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @nexon.co.jp/NxGame -> C:\ProgramData\NexonJP\NGM\npNxGameJP.dll [2011-12-12] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic.dll [2015-05-22] (gameon)
FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport.dll [2015-05-22] (gameon)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Koki\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-4261260701-416543501-3130217906-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Koki\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-23] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default [2016-11-14]
CHR Extension: (Google スライド) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-14]
CHR Extension: (Google ドキュメント) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-14]
CHR Extension: (Google ドライブ) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-14]
CHR Extension: (YouTube) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-14]
CHR Extension: (Google スプレッドシート) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-14]
CHR Extension: (Google オフライン ドキュメント) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-14]
CHR Extension: (Chrome ウェブストア決済) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-14]
CHR Extension: (Gmail) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-14]
CHR Extension: (Chrome Media Router) - C:\Users\Koki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-14]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - <no Path/update_url>
StartMenuInternet: Google Chrome - C:\Users\Koki\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [126328 2009-07-09] (BUFFALO INC.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3037424 2016-10-04] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2778624 2016-08-03] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [946640 2016-10-12] (Google Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3464624 2015-04-21] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-09-15] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-24] (StarWind Software) [File not signed]
R2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVF2PBDA; C:\Windows\System32\drivers\AVF2PBDA_x64.sys [594688 2009-08-24] (AVerMedia TECHNOLOGIES, Inc.)
S3 AVF2ST; C:\Windows\System32\drivers\AVF2ST_x64.sys [595968 2010-06-11] (AVerMedia TECHNOLOGIES, Inc.)
S3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2010-07-05] (BUFFALO INC.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-03] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197288 2016-08-03] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153248 2016-08-03] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208552 2016-08-03] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61608 2016-08-03] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84640 2016-08-03] (ESET)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S2 Htsysm; C:\Windows\SysWOW64\HtsysmNT.sys [2304 2005-07-18] () [File not signed]
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216 2016-11-08] (Malwarebytes)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-12-12] () [File not signed]
S3 ucgnm2x; C:\Windows\System32\DRIVERS\ucgnm2x.sys [1590784 2011-06-20] (Ralink Technology Corp.)
U3 aavdbqjl; C:\Windows\System32\Drivers\aavdbqjl.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz134; \??\D:\sysinfo\pcwiz_x64.sys [X]
S3 dump_wmimmc; \??\D:\eternalcity3\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
U2 TMAgent; no ImagePath
S3 wyqk; \??\D:\Vector\FNOnline\avital\wyqk64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-14 20:40 - 2016-11-14 20:41 - 00028906 _____ C:\Users\Koki\Desktop\FRST.txt
2016-11-14 20:25 - 2016-11-14 20:29 - 00000000 ____D C:\Users\Koki\AppData\LocalLow\Adblock Plus for IE
2016-11-14 20:25 - 2016-11-14 20:28 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-11-14 19:16 - 2016-11-14 19:16 - 00000000 ____D C:\zoek_backup
2016-11-14 19:09 - 2016-11-14 19:09 - 01309184 _____ C:\Users\Koki\Desktop\zoek.exe
2016-11-13 12:29 - 2016-11-03 00:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-13 12:29 - 2016-11-03 00:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-13 12:29 - 2016-11-03 00:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-13 12:29 - 2016-11-03 00:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-13 12:29 - 2016-11-03 00:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-13 12:29 - 2016-11-03 00:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-13 12:29 - 2016-11-03 00:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-13 12:29 - 2016-11-03 00:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-13 12:29 - 2016-11-03 00:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-13 12:29 - 2016-11-02 23:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-13 12:29 - 2016-10-28 12:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-13 12:29 - 2016-10-28 12:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-13 12:29 - 2016-10-28 04:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-13 12:29 - 2016-10-28 04:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-13 12:29 - 2016-10-28 03:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-13 12:29 - 2016-10-28 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-13 12:29 - 2016-10-28 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-13 12:29 - 2016-10-28 03:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-13 12:29 - 2016-10-28 03:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-13 12:29 - 2016-10-28 03:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-13 12:29 - 2016-10-28 03:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-13 12:29 - 2016-10-28 03:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-13 12:29 - 2016-10-28 03:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-13 12:29 - 2016-10-28 03:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-13 12:29 - 2016-10-28 03:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-13 12:29 - 2016-10-28 03:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-13 12:29 - 2016-10-28 03:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-13 12:29 - 2016-10-28 03:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-13 12:29 - 2016-10-28 03:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-13 12:29 - 2016-10-28 03:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-13 12:29 - 2016-10-28 03:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-13 12:29 - 2016-10-28 03:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-13 12:29 - 2016-10-28 03:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-13 12:29 - 2016-10-28 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-13 12:29 - 2016-10-28 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-13 12:29 - 2016-10-28 03:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-13 12:29 - 2016-10-28 03:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-13 12:29 - 2016-10-28 02:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-13 12:29 - 2016-10-28 02:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-13 12:29 - 2016-10-28 02:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-13 12:29 - 2016-10-28 02:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-13 12:29 - 2016-10-28 02:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-13 12:29 - 2016-10-28 02:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-13 12:29 - 2016-10-28 02:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-13 12:29 - 2016-10-28 02:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-13 12:29 - 2016-10-28 01:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-13 12:29 - 2016-10-28 00:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-13 12:29 - 2016-10-26 00:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-13 12:29 - 2016-10-23 02:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-13 12:29 - 2016-10-23 02:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-13 12:29 - 2016-10-23 02:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-13 12:29 - 2016-10-23 02:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-13 12:29 - 2016-10-23 02:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-13 12:29 - 2016-10-23 02:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-13 12:29 - 2016-10-23 02:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-13 12:29 - 2016-10-23 02:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-13 12:29 - 2016-10-23 02:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-13 12:29 - 2016-10-23 02:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-13 12:29 - 2016-10-23 02:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-13 12:29 - 2016-10-23 02:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-13 12:29 - 2016-10-23 02:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-13 12:29 - 2016-10-23 02:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-13 12:29 - 2016-10-23 02:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-13 12:29 - 2016-10-23 02:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-13 12:29 - 2016-10-23 01:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-13 12:29 - 2016-10-23 01:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-13 12:29 - 2016-10-23 01:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-13 12:29 - 2016-10-23 01:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-13 12:29 - 2016-10-23 01:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-13 12:29 - 2016-10-23 01:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-13 12:29 - 2016-10-23 01:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-13 12:29 - 2016-10-23 01:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-13 12:29 - 2016-10-23 01:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-13 12:29 - 2016-10-23 01:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-13 12:29 - 2016-10-23 01:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-13 12:29 - 2016-10-23 01:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-13 12:29 - 2016-10-23 01:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-13 12:29 - 2016-10-16 00:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-13 12:29 - 2016-10-16 00:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-13 12:29 - 2016-10-16 00:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-13 12:29 - 2016-10-16 00:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-13 12:29 - 2016-10-12 00:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-13 12:29 - 2016-10-12 00:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-13 12:29 - 2016-10-12 00:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-13 12:29 - 2016-10-12 00:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-13 12:29 - 2016-10-12 00:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-13 12:29 - 2016-10-12 00:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-13 12:29 - 2016-10-12 00:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-13 12:29 - 2016-10-12 00:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-13 12:29 - 2016-10-12 00:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-13 12:29 - 2016-10-12 00:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-13 12:29 - 2016-10-12 00:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-13 12:29 - 2016-10-12 00:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-13 12:29 - 2016-10-11 22:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-13 12:29 - 2016-10-11 22:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-13 12:29 - 2016-10-11 00:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-13 12:29 - 2016-10-11 00:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-13 12:29 - 2016-10-11 00:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-13 12:29 - 2016-10-11 00:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-13 12:29 - 2016-10-11 00:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-13 12:29 - 2016-10-11 00:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-13 12:29 - 2016-10-11 00:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-13 12:29 - 2016-10-11 00:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-13 12:29 - 2016-10-11 00:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-13 12:29 - 2016-10-10 23:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-13 12:29 - 2016-10-10 23:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-13 12:29 - 2016-10-10 23:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-13 12:29 - 2016-10-10 23:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-13 12:29 - 2016-10-10 23:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-13 12:29 - 2016-10-10 23:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-13 12:29 - 2016-10-08 00:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-13 12:29 - 2016-10-08 00:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-13 12:29 - 2016-10-08 00:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-13 12:29 - 2016-10-08 00:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-13 12:29 - 2016-10-08 00:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-13 12:29 - 2016-10-08 00:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-13 12:29 - 2016-10-08 00:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-13 12:29 - 2016-10-08 00:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-13 12:29 - 2016-10-08 00:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-13 12:29 - 2016-10-08 00:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-13 12:29 - 2016-10-08 00:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-13 12:29 - 2016-10-07 23:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-13 12:29 - 2016-10-07 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-13 12:29 - 2016-10-07 23:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-13 12:29 - 2016-10-07 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-13 12:29 - 2016-10-07 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-13 12:29 - 2016-10-07 23:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-13 12:29 - 2016-10-07 23:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-13 12:29 - 2016-10-07 23:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-13 12:29 - 2016-10-07 23:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-13 12:29 - 2016-10-05 23:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-13 12:29 - 2016-09-15 23:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-13 12:29 - 2016-09-14 00:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-13 12:29 - 2016-09-14 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-13 12:29 - 2016-09-10 03:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-13 12:29 - 2016-09-10 03:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-13 12:29 - 2016-08-23 01:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-13 12:28 - 2015-12-17 03:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-13 12:28 - 2015-12-17 03:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-11-13 12:28 - 2015-12-17 03:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-11-13 12:28 - 2015-12-17 03:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-11-13 12:28 - 2015-12-17 03:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-11-13 12:28 - 2015-12-17 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-11-13 12:28 - 2015-12-17 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-11-13 12:28 - 2015-12-17 03:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-13 12:28 - 2015-08-06 02:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-11-13 12:28 - 2015-08-06 02:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-11-13 12:20 - 2016-11-13 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-13 12:20 - 2016-11-13 12:20 - 00000000 ____D C:\Program Files\iTunes
2016-11-13 12:20 - 2016-11-13 12:20 - 00000000 ____D C:\Program Files\iPod
2016-11-12 22:23 - 2016-11-07 21:32 - 00007220 _____ C:\Users\Koki\Desktop\bookmark.htm
2016-11-10 22:10 - 2016-11-14 20:40 - 00000000 ____D C:\FRST
2016-11-10 22:08 - 2016-11-14 20:37 - 02411520 _____ (Farbar) C:\Users\Koki\Desktop\FRST64.exe
2016-11-10 19:00 - 2016-11-10 19:00 - 03910208 _____ C:\Users\Koki\Desktop\adwcleaner_6.030.exe
2016-11-08 22:51 - 2016-11-08 22:51 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-11-08 22:51 - 2016-11-08 22:51 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-11-08 22:51 - 2016-11-08 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-11-08 22:51 - 2016-11-08 22:51 - 00000000 ____D C:\Program Files\RogueKiller
2016-11-08 22:50 - 2016-11-09 18:38 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-08 20:31 - 2016-11-08 20:32 - 00000000 ____D C:\Users\Koki\AppData\Local\CrashDumps
2016-11-07 21:20 - 2016-11-07 22:31 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-07 21:20 - 2016-11-07 21:20 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-07 21:20 - 2016-11-07 21:20 - 00000000 ____D C:\Program Files\CCleaner
2016-11-07 20:51 - 2016-11-08 22:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-07 20:49 - 2016-11-07 22:31 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-07 20:49 - 2016-11-07 20:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-07 20:49 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-07 20:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-07 20:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-07 19:02 - 2016-11-10 19:02 - 00000000 ____D C:\AdwCleaner
2016-11-06 21:39 - 2016-11-06 21:39 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\Users\Koki\AppData\Roaming\Sun
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\ProgramData\Oracle
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-06 21:39 - 2016-11-06 21:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-06 21:20 - 2016-11-06 21:33 - 00000000 ____D C:\Users\Koki\AppData\Local\NPE
2016-11-06 18:58 - 2016-11-06 18:58 - 00000000 ____D C:\Users\Koki\Documents\Dolphin Emulator
2016-11-06 18:55 - 2016-11-07 22:31 - 00000542 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-11-06 18:55 - 2016-11-06 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-11-05 19:22 - 2016-11-05 19:22 - 00743085 _____ C:\Users\Koki\Desktop\CPA2.62.zip
2016-11-04 21:36 - 2016-11-04 21:36 - 41843208 _____ C:\Users\Koki\Documents\[和六里ハル] 大妹.pdf
2016-11-04 21:34 - 2016-11-04 21:37 - 00000000 ____D C:\Users\Koki\Downloads\[和六里ハル] 大妹
2016-11-04 21:33 - 2016-11-04 21:33 - 41588914 _____ C:\Users\Koki\Documents\[昇龍亭圓楽] ママごと.pdf
2016-11-04 21:31 - 2016-11-04 21:33 - 00000000 ____D C:\Users\Koki\Downloads\[昇龍亭圓楽] ママごと
2016-11-04 19:01 - 2016-11-04 19:01 - 60736601 _____ C:\Users\Koki\Documents\[和六里ハル] 新婚姉妹.pdf
2016-11-04 18:59 - 2016-11-04 19:00 - 00000000 ____D C:\Users\Koki\Downloads\[和六里ハル] 新婚姉妹
2016-10-30 15:58 - 2016-10-30 15:58 - 10154871 _____ C:\Users\Koki\Downloads\mario_tennis_advance_(japan).zip
2016-10-30 15:56 - 2016-10-30 15:57 - 06600533 _____ C:\Users\Koki\Downloads\mario_and_luigi_rpg_(japan).zip
2016-10-29 21:52 - 2016-10-29 21:52 - 03666552 _____ C:\Users\Koki\Downloads\rockman_zero_(japan).zip
2016-10-29 21:47 - 2016-10-29 21:47 - 04374718 _____ C:\Users\Koki\Downloads\guranbo_(japan).zip
2016-10-29 21:40 - 2016-10-29 21:40 - 04399013 _____ C:\Users\Koki\Downloads\rockman_zero_2_Re: トロイの木馬? - 泣面蜂
2016/11/14 (Mon) 20:46:30
ブラウザの初期化は成功してるみたいです。
Re: トロイの木馬? - 管理人です
2016/11/14 (Mon) 23:01:31
泣面蜂さんへブラウザの初期化に成功しているんですが、マイクロソフト「謹製」とやらのIEは、出来損ないなんですね。ええとね、IEのレジストリ部分に「JWord」が食い込んでいるんですね。これは除去しておきたいと思うんです。これをみてください
↓
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch_64.dll (JWord Inc.)
URLSearchHook: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 - MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\Program Files (x86)\JWord\Plugin2\jwdsrch.dll (JWord Inc.)
SearchScopes: HKU\S-1-5-21-4261260701-416543501-3130217906-1000 -> {DDEB2F82-8BD6-4C43-B35A-197CDEAB1931} URL = hxxp://search.jword.jp/cns.dll?
このJWordってのは「ワンクリウエア駆除ツール」などに同梱されている迷惑な検索エンジンPUPでして一旦インストールすると、その除去は非常に粘着性を帯び、厄介なPUPなんです。この際だからFRST.exeを使い取り除きたいと思います。
❷そこで念のために、現在のPCの状態を「丸ごと」外付けHDDにバックアップ保存をしたいと思います(安全策のために)。逆質問ですが外付けHDDは、あと「どれくらい(つまり100GBとか1テラバイトとか)」空白部分が残ってますかね?
管理人のmouse computerはHDDが500GBの大きさでですがHDD全部を外付けHDDにバックアップした場合、外付けHDDには250GBのバックアップイメージが作成されていました(圧縮率はノーマルの場合)。
❸泣面蜂さんが愛用しているバックアップsoftwareがあれば、それを使ってHDD全体のイメージをバックアップしてください。
愛用のバックアッパーsoftwareが無いという場合は、以下
EaseUS Todo Backup Freeを使います
http://forest.watch.impress.co.jp/library/software/easeustodobu/
http://www.japan-secure.com/entry/blog-entry-295.html
http://hobby.under.jp/software/backup/EaseUSTodoBackupFree9.2imagemake.html
「ディスク/パーティションバックアップ」を選択してください。
ミルク王子さんの解説を熟読してバックアップ開始してください。
ポイントは「ブータブル(起動)Disk」は必ず自作するということです。必須作業。ブータブルディスクを自作してから、バックアップイメージ作成+保存にすすんでください。
ブータブルDiskの作り方は
http://home.e02.itscom.net/shouji/raku/kouza/easeus/easeus.html (Windows PEを選ぶ)
空のDVD-Rで自作願います
外付けHDDのドライブレターは、それぞれ異なりますからね。泣面蜂さんの場合、外付けHDDを接続し「コンピュータ」にて、どのように表示されているか?管理人の場合はドライブレターが「Z」で表示されますので(外付けHDDは)、Ease US todo backup freeで作成したHDD丸ごとのバックアップイメージは「Z」ドライブ(これが管理人の場合の外付けHDDのドライブ)に保存することになります
外付けHDDに、泣面蜂さんのHDD全部のバックアップイメージを保存願います。
(それが完了したらFRST.exeで除去作業に着手しますね)
バックアップ作業で不明点あれば、質問してください。Re: トロイの木馬? - 泣面蜂
2016/11/17 (Thu) 18:41:06
ちょうど外付けHDDが寿命の時期なので、新しいHDDを用意してから作業をしようと思います。
週末までお待ちください。Re: トロイの木馬? - 管理人です
2016/11/17 (Thu) 22:45:40
はい、泣面蜂さんの都合が最優先です。慌てず、じっくりと作戦をすすめてください。
ええとですね、外付けHDDですが若竹亭さんが「BUFFALO」の外付けHDDだけは「できるなら」選択せず旧日立の(HGST)、Western Digital社製HDDを内蔵している外付けHDDが望ましいとコメントしています。
http://ore-sama123.bbs.fc2.com/?act=reply&tid=5341348なども参考に。
***
実は裸のHDDを購入し、さらにこれを組み合わせると
https://www.amazon.co.jp/Logitec-USB3-0%E6%8E%A5%E7%B6%9A-HDD%E3%82%B3%E3%83%94%E3%83%BC%E6%A9%9F%E8%83%BD%E4%BB%98%E3%81%8D-LHR-2BDPU3-%E3%83%95%E3%83%A9%E3%82%B9%E3%83%88%E3%83%AC%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E3%83%95%E3%83%AA%E3%83%BC%E3%83%91%E3%83%83%E3%82%B1%E3%83%BC%E3%82%B8/dp/B00HD4513C/ref=sr_1_1?s=computers&ie=UTF8&qid=1459290265&sr=1-1&keywords=USB+HDD+copy
着脱と管理の簡単な外付けHDDが完成しますよね(といってもフォーマット作業必要になり、それが面倒だというuserは駄目なんですが)。メリットはHDDをとっかえひっかえできることや、裸HDDになるので放熱の点で優れているという点。しかしデメリットは、HDDが密着しているわけじゃないので、ちょっとだけ「グラグラ」する場合がある点や埃をかぶる、冬場、静電気帯電した手や指でうっかりさわるとHDDがクラッシュ?するリスクもあるかもしれないなどなど。
*
管理人の場合は裸のWestern DigitalのHDDを購入し+3.5インチHDDケースを購入(Groovy社製 HDDケース)して自作+フォーマットをする、です。
http://kakaku.com/item/05393010823/
SATA規格のHDDケースが必要です(間違ってもIDE規格は使いません)。
でも、手間暇かかりますからね(苦笑)。
*
NTT-Xストアって、知ってますか?
意外な掘り出し物があり、便利です
http://nttxstore.jp/_ngxm_01_08_01
ナイトセールになると割引券発行するなどお買い得もあります。
焦らず良い外付けHDDを研究されてください。
(書き忘れ)
大きな声では言えませんがHDDは「Seagate社製のHDD」は、回避したいということなんです。勿論HDDですから当たりハズレもあります。そうなのですが「でも」データを見れば、残念なことに「Seagate社製」HDDの故障発生率は「ちょっと高め」であることも事実なんです。Seagateには、より一層「丈夫な」HDDを製造販売してくれることを期待しつつも、消費者である我々の立場からは、当面Seagateは回避する、と当掲示板は考えているという意味なのです)。
Copyright © 1999- FC2, inc All Rights Reserved.
