当掲示板規約
魏志倭人王IT研究所
ネットセキュリティブログ
bleepingcomputer.com
Malwarebytesフォーラム
Avast 日本語版 サポートフォーラム
SANDBOXIEに関する『新』Forum
マルウェアなんでも雑談掲示板
1085471BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/09 (Wed) 19:37:24
昨日の夜の八時くらいからかWindows Defenderが検知して自分と症状が似てる方がいたので、
相談させてもらいたくて書き込ませてもらいます。
自分の場合は検地されてからネットの接続を切って駆除を何回かやっても無理で削除を選択したところ検地されなくなりました
検地されたのは3つあってあわててたのでキャプしてなかったので・・しっかりは覚えてないのですがresoureceをみたところクランチとグーグル?あとはVulkanRT(検地されたりされなかったり駆除ボタンを押したら他の2つは消えてこれだけ残ってて検地されませんでしたと出てていつのまにか勝手に消えたりと)最終的に削除を選択したらWindows Defenderが検地しないようになりました。
MBAMでスキャンしたところ何も検地されませんでした。
今朝方マイクロソフトから更新プログラムがきてたのですがまだ更新してないです。使ってるセキュリティソフトは無料のアバストです
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/09 (Wed) 19:53:37
# AdwCleaner v6.030 - ログファイルの作成日 09/11/2016 作成時間 18:46:58
# Malwarebytesによる 19/10/2016 の更新日
# データベース : 2016-10-18.1 [ローカル]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (X64)
# ユーザー名 : zxc - ZXC-PC
# 実行場所 : C:\Users\zxc\Desktop\adwcleaner_6.030.exe
# モード:スキャン
# サポート : https://www.malwarebytes.com/support
***** [ サービス ] *****
悪意あるサービスを検出しませんでした。
***** [ フォルダ ] *****
検出済みフォルダ: C:\Users\zxc\AppData\Local\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Roaming\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Roaming\OpenCandy
検出済みフォルダ: C:\Users\zxc\Documents\PC Speed Maximizer
検出済みフォルダ: C:\ProgramData\Babylon
検出済みフォルダ: C:\ProgramData\Application Data\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd
検出済みフォルダ: C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lajondecmobodlejlcjllhojikagldgd
***** [ ファイル ] *****
検出済みファイル: C:\END
検出済みファイル: C:\Windows\uninstaller.exe
***** [ DLL ] *****
悪意あるDLLsファイルを検出しませんでした。
***** [ WMI ] *****
悪意あるキーを検出しませんでした。
***** [ ショートカット ] *****
改ざん済みショートカットを検出しませんでした。
***** [ スケジュール済みタスク ] *****
検出済みタスク: ThunderMaster
***** [ レジストリ ] *****
検出済みキー: HKLM\SOFTWARE\Classes\Prod.cap
検出済みキー: [x64] HKLM\SOFTWARE\Classes\Prod.cap
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Conduit_Search_Protect
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Optimizer Pro
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Softonic
検出済みキー: HKCU\Software\Conduit_Search_Protect
検出済みキー: HKCU\Software\Optimizer Pro
検出済みキー: HKCU\Software\Softonic
検出済みキー: [x64] HKCU\Software\Conduit_Search_Protect
検出済みキー: [x64] HKCU\Software\Optimizer Pro
検出済みキー: [x64] HKCU\Software\Softonic
検出済みデータ: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-
検出済みデータ: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-01C83FD5A732&SearchSource=55&CUI=&UM=5&UP=SP
検出済みデータ: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-01C83FD5A732&SearchSource=55&CUI=&UM=5&UP=
***** [ Webブラウザ ] *****
悪意あるFirefoxベースの要素を検出しませんでした。
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - booedmolknjekdopkepjjeckmjkdpfgl
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - flpcjncodpafbgdpnkljologafpionhb
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - lajondecmobodlejlcjllhojikagldgd
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [3785 バイト] - [09/11/2016 18:46:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3862 バイト] ##########
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/09 (Wed) 21:47:08
ほむさんへ。
Windows Defenderに関しては「おそらく」誤検知であろうと見ています。しかしAdwが良い仕事をしてくれました。ほむさんは「PUP」という「迷惑的で不愉快動作をするプログラム」感染していますね。PUP感染ですから、良い機会と考えて問題解決をしましょう。
❶まずWindows Defenderを「無効」にしましょう。必要がないからです。
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=011978
❷Adwですが、検知されているものは一切削除せず、Adw自体を一旦「X印」をクリックしてプログラム終了させてください。
❸CCleanerを使います。デスクトップ上に一旦ダウンロードしてください。
http://www.piriform.com/ccleaner/download/standardRe: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/09 (Wed) 22:07:17
CCleanerを「管理者権限で」起動してください。
写真を見てください
CCleaner画面の「左」に「ツール」があるからクリック
↓
「インストール情報」が青色になっていることを確認へ
↓
CCleaner画面の「左」したを見てください。「テキストとして保存」があるのでクリックし「インストール情報logその1」と名付けし、デスクトップ上に保存し、その全文を見せてください。
❷さらにCCleanerでlogを採ります。
CCleaner画面の「左」のツールをクリックし
↓
今度は「スタートアップ」を選択し
↓
タブの中から「Wndows」を選択し、CCleaner画面の「左」の下の「テキストとして保存」をクリックの上、「Windowsのlog」と名付けデスクトップ上に保存し、全文見せてください。
同じ作業を
*IEなどのブラウザ(Firefox、Chromeもインストールしているのなら全部)
*スケジュールされたタスク
*コンテキストメニュー
に関しても同じ手順でlogを採り、見せてください。Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 01:37:06
インストールlog
A-Tuning v2.0.54 2014/03/18 84.4 MB 2.0.54
Acrobat.com Adobe Systems Incorporated 2014/03/18 1.1.377
Adobe Acrobat Reader DC - Japanese Adobe Systems Incorporated 2016/11/04 227 MB 15.020.20042
Adobe AIR Adobe Systems Incorporated 2016/11/07 23.0.0.257
Adobe Flash Player 23 NPAPI Adobe Systems Incorporated 2016/11/08 5.35 MB 23.0.0.207
Adobe Shockwave Player 12.2 Adobe Systems, Inc. 2016/10/23 12.2.5.195
AmvVideoCodec 2014/05/02
Apple Application Support(32 ビット) Apple Inc. 2016/11/07 126 MB 5.1
Apple Application Support(64 ビット) Apple Inc. 2016/11/07 142 MB 5.1
Apple Mobile Device Support Apple Inc. 2016/11/07 27.4 MB 10.0.1.3
Apple Software Update Apple Inc. 2016/04/22 2.69 MB 2.2.0.150
Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia Technology 2014/03/18 2.36 MB 1.16.2.0
ASRock App Charger v1.0.6 ASRock Inc. 2014/03/18 1.32 MB 1.0.6
ASRock SmartConnect v1.0.6 ASRock Inc. 2014/03/18 3.00 MB
ASRock XFast RAM v3.0.2 ASRock Inc. 2014/03/18 12.0 MB
AutoClickPositionsSetup AutoClickPositions 2015/07/19 32.0 KB 1.0.1
Avast Free Antivirus AVAST Software 2016/11/09 12.3.2280
Banished Shining Rock Software LLC 2015/06/26
Battle.net Blizzard Entertainment 2015/10/24
Battlelog Web Plugins EA Digital Illusions CE AB 2015/01/27 2.6.2
Bing Bar Microsoft Corporation 2014/03/20 464 KB 7.1.362.0
Bonjour Apple Inc. 2016/01/19 2.01 MB 3.1.0.1
BUFFALO エアステーション設定ツール BUFFALO INC. 2014/03/19 2.95 MB 2.0.15
BUFFALO クライアントマネージャV をアンインストール BUFFALO INC. 2014/03/19 9.87 MB 1.4.12
BUFFALO パソコン環境表示ツール BUFFALO INC. 2014/03/19 4.17 MB 1.1.0
Cappuccino 1.9.0 TonTon 2014/03/22
CCleaner Piriform 2016/11/10 5.23
ClocX (1.6.0) 2014/04/13
Common GameOn 2016/02/17 2694328
Don't Starve Klei Entertainment 2014/12/01
File Shredder 2.5 Pow Tools 2015/11/22 6.01 MB
Fishing Planet Fishing Planet LLC 2015/08/17
Freeraser Codyssey.com 2014/04/09 1.0.0.23
FreeStyle2: Street Basketball Joycity 2015/04/22
Glyph Trion Worlds, Inc. 2015/05/04 77.6 MB
Google Chrome Google Inc. 2014/03/18 54.0.2840.87
Google Earth Google 2016/10/31 178 MB 7.1.7.2606
Google 日本語入力 Google Inc. 2016/10/21 80.6 MB 2.19.2680.0
Hearthstone Blizzard Entertainment 2016/07/26
ImgBurn LIGHTNING UK! 2014/03/27 2.5.8.0
Intel(R) Management Engine Components Intel Corporation 2014/03/18 9.0.0.1323
Intel(R) Processor Graphics Intel Corporation 2014/04/25 10.18.10.3496
Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 2014/03/18 3.0.0.66956
Intel(R) Smart Connect Technology 4.1 x64 Intel 2014/03/18 44.0 MB 4.1.40.2143
Intel(R) Update Manager Intel Corporation 2016/10/27 23.1 MB 3.4.1942
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 2013/04/11 2.0.0.102
iTunes Apple Inc. 2016/11/07 243 MB 12.5.2.36
Java 8 Update 111 Oracle Corporation 2016/10/23 94.1 MB 8.0.1110.14
League of Legends Riot Games 2016/11/08 4.1.2
Lhaplus 2014/03/19
LimeChat 2 Satoshi Nakagawa 2015/03/08 2.40
Malwarebytes Anti-Malware バージョン 2.2.1.1043 Malwarebytes 2016/11/09 66.8 MB 2.2.1.1043
Microsoft .NET Framework 4.6.1 Microsoft Corporation 2016/05/15 38.8 MB 4.6.01055
Microsoft .NET Framework 4.6.1 (日本語) Microsoft Corporation 2016/05/16 2.93 MB 4.6.01055
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 2015/09/11 1.59 MB 4.0.40804.0
Microsoft Silverlight Microsoft Corporation 2016/10/12 299 MB 5.1.50901.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 2014/07/27 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 2014/07/27 572 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 2014/05/31 238 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 2014/05/13 598 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2014/07/20 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2014/07/20 11.1 MB 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 2015/09/05 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 2015/09/05 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 Microsoft Corporation 2015/10/24 24.3 MB 14.0.23026.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 Microsoft Corporation 2015/10/24 20.6 MB 14.0.23026.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 2014/03/21 8.03 MB 4.0.20823.0
Moo0 ボイス録音器 1.43 2014/12/18
Moyea FLV Editor Lite version: 1.1.1.846 2014/09/26
Mozilla Firefox 49.0.2 (x86 ja) Mozilla 2016/10/22 88.9 MB 49.0.2
Mozilla Maintenance Service Mozilla 2016/10/22 256 KB 49.0.2
MPC-BE 1.3.1.1.4603 MPC-BE Team 2014/03/20 26.3 MB 1.3.1.1.4603
Niconico Live Encoder niwango, inc. 2016/09/08 2.0.4
NVIDIA 3D Vision コントローラー ドライバー 369.04 NVIDIA Corporation 2016/10/24 369.04
NVIDIA 3D Vision ドライバー 375.63 NVIDIA Corporation 2016/10/24 375.63
NVIDIA GeForce Experience 2.11.4.0 NVIDIA Corporation 2016/07/16 2.11.4.0
NVIDIA HD オーディオ ドライバー 1.3.34.17 NVIDIA Corporation 2016/10/24 1.3.34.17
NVIDIA PhysX システム ソフトウェア 9.16.0318 NVIDIA Corporation 2016/05/28 9.16.0318
NVIDIA グラフィックス ドライバー 375.63 NVIDIA Corporation 2016/10/24 375.63
Opera Stable 41.0.2353.46 Opera Software 2016/10/28 41.0.2353.46
Origin Electronic Arts, Inc. 2014/04/10 9.4.6.2792
Path of Exile Grinding Gear Games 2015/09/29
Pmangインストールマネージャー GameOn,Pmang 2016/02/17 1.0.1.1
Realtek Ethernet Controller Driver Realtek 2014/03/18 7.68.201.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 2014/03/18 6.0.1.6873
Steam Valve Corporation 2014/03/21
StreamTransport version: 1.1.3.0 2014/06/07 5.07 MB
System Requirements Lab for Intel Husdawg, LLC 2014/04/25 1.12 MB 4.5.22.0
Team Fortress 2 Valve 2014/07/15
Terraria Re-Logic 2014/03/21
Thunder Master v2.5 Palit Microsystems Ltd. 2014/12/24 5.52 MB 2.5.0.4
Trove Trion Worlds, Inc. 2014/11/08
TroveTools .NET Dazo 2016/10/26 1.1.9.9
Unlocker 1.9.2 Cedrick Collomb 2014/04/09 1.9.2
Vulkan Run Time Libraries 1.0.26.0 LunarG, Inc. 2016/10/24 1.66 MB 1.0.26.0
Vulkan Run Time Libraries 1.0.3.0 LunarG, Inc. 2016/03/11 1.66 MB 1.0.3.0
Xvid Video Codec Xvid Team 2014/05/02 1.3.2
Zumas Revenge PopCap Games 2015/09/05 160 MB 1.0.5.600
ひまたんぷれいや UNKNOWN 2014/09/26 1.0
やります!アンコちゃん 2.2.1.3 居酒屋「めがね」 2016/09/09 2.2.1.3
ニコニコ実況 niwango 2014/05/13 1.27 MB 1.0.0
ニコ生アラート(´・ω・`) なんか いろいろ 2014/03/19
バッファロー らくらくアップデートツール Buffalo Inc. 2014/03/19 11.0 MB 1.12
窓の手 バージョン 2010 猪川正巳 2016/07/22 6.75 MB 2010
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 01:38:51
windowslog
有効 HKCU:Run ASRock A-Tuning
有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run THPanel Palit Microsystems Ltd. "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
有効 HKCU:Run Xvid C:\Program Files (x86)\Xvid\CheckUpdate.exe
無効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
有効 HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
有効 HKLM:Run Google Japanese Input Prelauncher Google Inc. "C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" --mode=prelaunch_processes
有効 HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
有効 HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
有効 HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run ShadowPlay Microsoft Corporation "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
有効 HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
有効 HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
有効 Startup User fc2live_checker.lnk E:\fc2live_checker Ver1.07\fc2live_checker.exe
有効 Startup User GmailChecker - ショートカット.lnk C:\Program Files\GmailChecker1.17\GmailChecker.exe
有効 Startup User ツイキャス監視君.lnk SkyPower C:\Program Files\ツイキャス監視君 Ver1.06.6\ツイキャス監視君.exe
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 01:42:33
スケジュールタスク
有効 Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
有効 Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
有効 Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
有効 Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
有効 Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
有効 Task IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon Intel Corporation "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" --automatic
有効 Task Opera scheduled Autoupdate 1395179019 Opera Software C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task RunAsStdUser Task Moo0 C:\Program Files (x86)\Moo0\VoiceRecorder 1.43\VoiceRecorder.exe
有効 Task SafeZone scheduled Autoupdate 1458721983 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
有効 Task SidebarExecute Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /stopHidingGadgets
有効 Task ThunderMaster Palit Microsystems Ltd. C:\Program Files (x86)\Thunder Master\THPanel.exe /A
有効 Task {240F84B1-11CC-44FA-8924-EF414B83F714} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Users\zxc\Downloads\dotnetfx35setup (1).exe" -d C:\Users\zxc\Downloads
有効 Task {2EFA2BC9-8202-4058-9E37-296BB9E0DFBD} Microsoft Corporation C:\Windows\system32\pcalua.exe -a E:\pbsetup\pbsetup.exe -d E:\pbsetup
有効 Task {974313A2-D4A4-4E46-BB71-932AF85649E9} Microsoft Corporation C:\Windows\system32\pcalua.exe -a E:\fancysetup.exe -d E:\
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 01:46:40
コンテキストlog
有効 Directory LhaplusX64 Shark++ Software C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Drive Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 Drive LhaplusX64 Shark++ Software C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Drive ShExplzh64
有効 File 00avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 File DeleteFiles C:\Program Files\File Shredder\fsshell.dll
有効 File Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 File LhaplusX64 Shark++ Software C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 File MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 File UnlockerShellExtension C:\Program Files\Unlocker\UnlockerCOM.dll
有効 Folder avast AVAST Software C:\Program Files\AVAST Software\Avast\ashShA64.dll
有効 Folder Lhaplus C:\Program Files (x86)\Lhaplus\LplsShlx.dll
有効 Folder LhaplusX64 Shark++ Software C:\Program Files (x86)\Lhaplus\LplsShlx64.dll
有効 Folder MBAMShlExt Malwarebytes C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
有効 Folder ShExplzh64
有効 Folder UnlockerShellExtension C:\Program Files\Unlocker\UnlockerCOM.dll
logは以上です
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 02:16:02
ほむさんへ
Windows Defenderの事件ですが「誤検知」だと思います。米国のセキュリティ対策ソフトvendorも「誤検知」であるとコメントしたという投稿も見つけています。Windows Defenderのウイルス定義ファイルを「最新」の状態に更新すると、誤検知状態が解消したという書き込みも出てきました。しかし、ウイルス対策ソフトがインストールされておれば、Windows DefenderはWindows7に関しては必要がありません。ほむさんの場合は「avast無料版」がインストールされているわけですから、Windows Defenderは不要です。Windows Defenderを無効の設定にしておいてください(人騒がせだし)。今回Windows Defenderは「Vulkan Run Time Libraries (ほむさんの場合はですが)」に対して過剰反応(誤検知)を繰り返しているんですね。
●Origin Electronic Arts, Inc. 2014/04/10 9.4.6.2792 ←さてと、このOrigin(ゲームですよね?)は一旦アンインストールしてください。実はこれAdwareをPOP UPさせる「悪いことをする」場合があることが当掲示板での調査で判明。一旦アンインストールしてください。CCleaner経由でもアンインストールできますし、コントロールパネルからもアンインストール可能です。
アンインストール後、PCを再起動させてください。
--------------------------------------
お手数ですが「再び」Adwを起動し、スキャン→ログファイルとすすみ、logを全部見せてくださいね(削除は絶対しないでくださいね)。Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 02:18:42
逆質問です
ほむさんはグラボなどの「オーバークロック」されてます?Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 03:25:41
windows defenderを無効にしました
再起動してadwを起動すると・・・エンジンを読み込んでますでうごかないです
オーバクロックはしてないとおもいますRe: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 08:50:52
originアンインストールしました
# AdwCleaner v6.030 - ログファイルの作成日 10/11/2016 作成時間 05:40:26
# Malwarebytesによる 19/10/2016 の更新日
# データベース : 2016-11-08.1 [サーバー]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (X64)
# ユーザー名 : zxc - ZXC-PC
# 実行場所 : C:\Users\zxc\Desktop\adwcleaner_6.030.exe
# モード:スキャン
# サポート : https://www.malwarebytes.com/support
***** [ サービス ] *****
悪意あるサービスを検出しませんでした。
***** [ フォルダ ] *****
検出済みフォルダ: C:\Users\zxc\AppData\Local\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Roaming\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Roaming\OpenCandy
検出済みフォルダ: C:\Users\zxc\Documents\PC Speed Maximizer
検出済みフォルダ: C:\ProgramData\Babylon
検出済みフォルダ: C:\ProgramData\Application Data\Babylon
検出済みフォルダ: C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd
検出済みフォルダ: C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lajondecmobodlejlcjllhojikagldgd
***** [ ファイル ] *****
検出済みファイル: C:\END
検出済みファイル: C:\Windows\uninstaller.exe
***** [ DLL ] *****
悪意あるDLLsファイルを検出しませんでした。
***** [ WMI ] *****
悪意あるキーを検出しませんでした。
***** [ ショートカット ] *****
改ざん済みショートカットを検出しませんでした。
***** [ スケジュール済みタスク ] *****
検出済みタスク: ThunderMaster
***** [ レジストリ ] *****
検出済みキー: HKLM\SOFTWARE\Classes\Prod.cap
検出済みキー: [x64] HKLM\SOFTWARE\Classes\Prod.cap
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Conduit_Search_Protect
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Optimizer Pro
検出済みキー: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Softonic
検出済みキー: HKCU\Software\Conduit_Search_Protect
検出済みキー: HKCU\Software\Optimizer Pro
検出済みキー: HKCU\Software\Softonic
検出済みキー: [x64] HKCU\Software\Conduit_Search_Protect
検出済みキー: [x64] HKCU\Software\Optimizer Pro
検出済みキー: [x64] HKCU\Software\Softonic
検出済みデータ: HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-
検出済みデータ: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-01C83FD5A732&SearchSource=55&CUI=&UM=5&UP=SP
検出済みデータ: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3325163&octid=EB_ORIGINAL_CTID&ISID=M1C5F5B88-082C-461C-BAC1-01C83FD5A732&SearchSource=55&CUI=&UM=5&UP=
***** [ Webブラウザ ] *****
悪意あるFirefoxベースの要素を検出しませんでした。
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - booedmolknjekdopkepjjeckmjkdpfgl
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - flpcjncodpafbgdpnkljologafpionhb
検出済みChromium設定: [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - lajondecmobodlejlcjllhojikagldgd
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [3965 バイト] - [09/11/2016 18:46:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [4042 バイト] - [10/11/2016 02:21:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [3939 バイト] - [10/11/2016 05:40:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4016 バイト] ##########
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 16:01:37
ほむさんへ
❶まずシステム復元ポイント自作します(必須)「復元ポイントその2」と名付けてください。
❷Adwにて「削除」クリックしてください(検知されたPUP類は削除されます)。削除が完了すると「PCを再起動してください」ってな趣旨がAdwのコメントとして飛び出してくるのでOKを選択し、PCは再起動に向かいます。
❸PCの再起動後、お手数ですが「もう一度」
MBAMでscanしてlog
Adwでscanしてlogを見せてください
❹それから「IE」のhome page設定などですが、現在、どうなってますか?感染logを見る限りではhome page設定が改竄されているんですが、Adwでの削除後、IEが、どうなっているかも教えてください。
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 16:09:07
さらに作業します(この間の作業は良い方向に進んでいますよ)
❶修復ディスクを自作します
https://121ware.com/qasearch/1007/app/servlet/relatedqa?QID=012000
必要なモノなので必須作業とご理解ください。「空っぽ」のDVD-Rが必要です。手元にありますか?なければお手数ですがケーズ電気のようなところで購入願います。国産品か、日本のメーカーの監修で製造されている一定品質のDVD-Rを選択購入してください。
❷逆質問です。USBメモリは手元にありますか?
❸外付けHDDは手元にありますか?
❹超重要質問。「リカバリDVD」は手元にありますか?「持ってない」という場合、そのPCに「リカバリディスク自作機能」が含まれているか?メーカーサイトまで飛び、リカバリ方式を確認願います(必須作業)。リカバリDisk自作機能の「無い」機種も存在しています。いずれにせよ、非常に重要な点なので宜しくお願いします。
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 19:12:56
# AdwCleaner v6.030 - ログファイルの作成日 10/11/2016 作成時間 18:17:00
# Malwarebytesによる 19/10/2016 の更新日
# データベース : 2016-11-08.1 [サーバー]
# オペレーティングシステム : Windows 7 Home Premium Service Pack 1 (X64)
# ユーザー名 : zxc - ZXC-PC
# 実行場所 : C:\Users\zxc\Desktop\adwcleaner_6.030.exe
# モード:安全
# サポート : hxxps://www.malwarebytes.com/support
***** [ サービス ] *****
***** [ フォルダ ] *****
[-] 削除済みフォルダ:C:\Users\zxc\AppData\Local\Babylon
[-] 削除済みフォルダ:C:\Users\zxc\AppData\Roaming\Babylon
[-] 削除済みフォルダ:C:\Users\zxc\AppData\Roaming\OpenCandy
[-] 削除済みフォルダ:C:\Users\zxc\Documents\PC Speed Maximizer
[-] 削除済みフォルダ:C:\ProgramData\Babylon
[#] 再起動時に削除されたフォルダ::C:\ProgramData\Application Data\Babylon
[-] 削除済みフォルダ:C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd
[-] 削除済みフォルダ:C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lajondecmobodlejlcjllhojikagldgd
***** [ ファイル ] *****
[-] 削除済みファイル:C:\END
[-] 削除済みファイル:C:\Windows\uninstaller.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ ショートカット ] *****
***** [ スケジュール済みタスク ] *****
***** [ レジストリ ] *****
[-] 削除済みキー:HKLM\SOFTWARE\Classes\Prod.cap
[#] 再起動時に削除されたキー:[x64] HKLM\SOFTWARE\Classes\Prod.cap
[-] 削除済みキー:HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Conduit_Search_Protect
[-] 削除済みキー:HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Optimizer Pro
[-] 削除済みキー:HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Softonic
[#] 再起動時に削除されたキー:HKCU\Software\Conduit_Search_Protect
[#] 再起動時に削除されたキー:HKCU\Software\Optimizer Pro
[#] 再起動時に削除されたキー:HKCU\Software\Softonic
[#] 再起動時に削除されたキー:[x64] HKCU\Software\Conduit_Search_Protect
[#] 再起動時に削除されたキー:[x64] HKCU\Software\Optimizer Pro
[#] 再起動時に削除されたキー:[x64] HKCU\Software\Softonic
[-] 復元済みデータ:HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] 復元済みデータ:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] 復元済みデータ:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
***** [ ブラウザ ] *****
[-] [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default] [extension] 削除済み:booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default] [extension] 削除済み:flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default] [extension] 削除済み:lajondecmobodlejlcjllhojikagldgd
*************************
:: "Tracing" キーを削除しました
:: Winsock設定を削除しました
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3314 バイト] - [10/11/2016 18:17:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [3965 バイト] - [09/11/2016 18:46:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [4042 バイト] - [10/11/2016 02:21:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [4119 バイト] - [10/11/2016 05:40:26]
C:\AdwCleaner\AdwCleaner[S3].txt - [4196 バイト] - [10/11/2016 08:45:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [4273 バイト] - [10/11/2016 08:52:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3776 バイト] ##########
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 20:38:19
Adwの削除前に復元ポイント作りました。
MBAMはスキャン中です。
Adwで削除した後の再起動後デスクトップ画面が何も出てこなくてうまく起動しなかったんですけど何か関係ありますかね、一回切ってもっかいやるとレポートと同時にいつものトップ画面になったんですが・・ Adwはネット接続してるしてないで関係ありますか?Adwを使用するとCPUの使用が結構跳ね上がってるのも確認してますが
IEは元々使ってなかったのですが開くとアドレスが有効ではないとでました、検索はできますしネットの接続もできてますアドオンも特になにもホームページの標準設定でマイクロソフトのリンクに設定があるだけです。
修復ディスクはBTOパソコン購入当時に自作で作った修復ディスク一枚 リカバリーディスク三枚持ってました。(TDKのDVD)ちゃんと出来てるか不安ではありますが・・・
外部HDもってません USBメモリはもってますが容量が少ない奴しかないです。
USBのデーター移動のリンクケーブル購入してたので他のPCに移すのだったらできます。
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 21:25:36
Adwで削除した後の再起動後デスクトップ画面が何も出てこなくてうまく起動しなかったんですけど何か関係ありますかね、一回切ってもっかいやるとレポートと同時にいつものトップ画面になったんですが・・
↑
はい、時々Adwで削除後PC再起動してデスクトップ画面が「すんなり」と出てこないことはあります。でも、今、デスクトップ画面は表示されているわけですね?なら大丈夫です。Adwでのscanが怖いのであれば、じゃあAdwはやめておきましょう。
❷【修復ディスクはBTOパソコン購入当時に自作で作った修復ディスク一枚 リカバリーディスク三枚持ってました。(TDKのDVD)】
↑
了解です。
❸スマホもってますかね?スマホから当掲示板は閲覧できますか?
❹ええとFRST.exeをダウンロードします
まずね?デスクトップの上で「右」クリックして空フォルダを作る
そして名前は「FRST」と名付けてください。
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 21:28:40
ほむさんはwindows7の「64bit」なので、FRST.exeも「64bit」をダウンロードへ
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ ここからデスクトップにダウンロードへRe: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 21:30:28
64bitのFRST.exeを、デスクトップ上に自作した「FRST」フォルダにダウンロードしてください。
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 21:37:41
「管理者権限」でFRST.exeを起動
↓
写真を見てください。☑が入っていると思いますが
❶□Registry ← レジストリの✔は外してくださいね。□に設定してください
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 21:40:26
次、「Addition.txt」に✔が入っているか?確認してください。無印の場合は✔を入れて
☑ Addition txt
----------------------------
準備ができたら「Scan」をクリックして待機。
Scanが完了すると2つのメモ帳が飛び出してくるので、その2つとも全文をコピペして見せてください。Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/10 (Thu) 22:31:07
MBAMまだ終わってないんでスキャン後にFESTに取り掛かろうと思います。
スマホありませんがガラケーでこちらのサイトは観覧できました。ちなみにいままで別のPCで観覧してここに書き込んでます。
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/10 (Thu) 23:42:51
焦らなくてもOKですよ。
❷別PC、あるんですね。それはすごく大きなメリットです。こちらも別PCがあると、安心できます。Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/11 (Fri) 00:05:22
Malwarebytes Anti-Malware
www.malwarebytes.org
スキャン日付: 2016/11/10
スキャン時刻: 18:32
ログファイル: Malwarebytes.txt
管理者: はい
バージョン: 2.2.1.1043
マルウェアデータベース: v2016.11.10.01
ルートキットデータベース: v2016.10.31.01
ライセンス: 無料版
マルウェア保護機能: 無効
悪質ウェブサイト保護機能: 無効
自己防衛: 無効
OS: Windows 7 Service Pack 1
CPU: x64
ファイルシステム: NTFS
ユーザー: zxc
スキャン形式: 脅威スキャン
結果: 完了しました
スキャンされたオブジェクト数: 3092936
経過時間: 4 時間, 23 分, 17 秒
メモリ: 有効
スタートアップ: 有効
ファイルシステム: 有効
アーカイブ: 有効
ルートキット: 無効
ヒューリスティック: 有効
PUP: 警告
PUM: 有効
プロセス: 0
(なし悪意のある項目を検出)
モジュール: 0
(なし悪意のある項目を検出)
レジストリキー: 0
(なし悪意のある項目を検出)
レジストリ値: 0
(なし悪意のある項目を検出)
レジストリデータ: 0
(なし悪意のある項目を検出)
フォルダー: 0
(なし悪意のある項目を検出)
ファイル: 0
(なし悪意のある項目を検出)
物理セクタ: 0
(なし悪意のある項目を検出)
(end)Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/11 (Fri) 00:19:02
FRSTtxtです
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by zxc (administrator) on ZXC-PC (10-11-2016 23:46:47)
Running from C:\Users\zxc\Desktop\FRST
Loaded Profiles: zxc (Available Profiles: zxc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: 日本語 (日本)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaConverter.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaRenderer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-09] (AVAST Software)
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1752528 2016-10-12] (Google Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [3229696 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2972672 2016-08-29] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-18] ()
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-29] (Piriform Ltd)
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2197288 2014-08-28] (Palit Microsystems Ltd.)
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 145
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [166400 2016-06-26] (Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [756736 2016-09-10] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-11-09] (AVAST Software)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll [2012-01-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll [2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll [2012-01-04] (Microsoft Corporation)
Startup: C:\Users\zxc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fc2live_checker.lnk [2015-03-09]
ShortcutTarget: fc2live_checker.lnk -> E:\fc2live_checker Ver1.07\fc2live_checker.exe ()
Startup: C:\Users\zxc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmailChecker - ショートカット.lnk [2014-03-30]
ShortcutTarget: GmailChecker - ショートカット.lnk -> C:\Program Files\GmailChecker1.17\GmailChecker.exe ()
Startup: C:\Users\zxc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ツイキャス監視君.lnk [2016-03-15]
ShortcutTarget: ツイキャス監視君.lnk -> C:\Program Files\ツイキャス監視君 Ver1.06.6\ツイキャス監視君.exe (SkyPower)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B543AC77-9206-489F-A9B0-ABAC9B53724D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FCF0268F-3A8A-4489-9E3C-3B28FE95355C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-51566331-1450328070-3618766867-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-09] (AVAST Software)
BHO-x32: No Name -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} - No File
Toolbar: HKU\S-1-5-21-51566331-1450328070-3618766867-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FireFox:
========
FF DefaultProfile: z42oaif7.default
FF ProfilePath: C:\Users\zxc\AppData\Roaming\Mozilla\Firefox\Profiles\z42oaif7.default [2016-11-10]
FF Extension: (nclvauto) - C:\Users\zxc\AppData\Roaming\Mozilla\Firefox\Profiles\z42oaif7.default\Extensions\nclvauto@jetpack.xpi [2016-10-22]
FF Extension: (Speed Dial) - C:\Users\zxc\AppData\Roaming\Mozilla\Firefox\Profiles\z42oaif7.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-10-22]
FF Extension: (Adblock Plus) - C:\Users\zxc\AppData\Roaming\Mozilla\Firefox\Profiles\z42oaif7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\IPSFF => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-14] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-21] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-14] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic_0.dll [2015-07-23] (gameon)
FF Plugin HKU\S-1-5-21-51566331-1450328070-3618766867-1000: @fancyguo.com/FancyGame,version=1.0.0.1 -> C:\Users\zxc\AppData\Local\Fancy\npfancygame.dll [2014-09-05] (Hongfeng Hengyu (Beijing) Tech Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_269.dll => No File
CHR Profile: C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default [2016-11-10]
CHR Extension: (Adblock Plus) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-29]
CHR Extension: (Avast SafePrice) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-09]
CHR Extension: (楽天ウェブ検索) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihkglbebihpaflfihhkfmpabjgdpnol [2016-10-29]
CHR Extension: (Speed Dial 2) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-30]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2016-06-27]
CHR Extension: (Chrome ウェブストア決済) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\zxc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-09] (AVAST Software)
R2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [126328 2011-07-14] (BUFFALO INC.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [946640 2016-10-12] (Google Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-22] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-27] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-11-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-09] (AVAST Software)
S3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2011-07-14] (BUFFALO INC.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-10] (Malwarebytes)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 ucgnsta; C:\Windows\System32\DRIVERS\ucgnstax.sys [987648 2009-08-05] (Ralink Technology Corp.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-02] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-11-10] ()
S3 BstHdDrv; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [X]
S3 BstkDrv; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-10 23:38 - 2016-11-10 23:38 - 00000000 _____ C:\Users\zxc\Desktop\fast.txt
2016-11-10 23:17 - 2016-11-10 23:46 - 00000000 ____D C:\FRST
2016-11-10 23:15 - 2016-11-10 23:15 - 00001089 _____ C:\Users\zxc\Desktop\Malwarebytes.txt
2016-11-10 21:43 - 2016-11-10 23:23 - 00000000 ____D C:\Users\zxc\Desktop\FRST
2016-11-10 19:03 - 2016-11-10 19:04 - 00003484 _____ C:\Users\zxc\Desktop\新しいテキスト ドキュメント (3).txt
2016-11-10 18:31 - 2016-11-10 18:31 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2016-11-10 08:17 - 2016-11-10 08:18 - 00003685 _____ C:\Users\zxc\Desktop\新しいテキスト ドキュメント (2).txt
2016-11-10 03:53 - 2016-11-10 03:53 - 03910208 _____ C:\Users\zxc\Desktop\adwcleaner_6.030.exe
2016-11-10 00:44 - 2016-11-10 00:44 - 00002462 _____ C:\Users\zxc\Documents\コンテキストメニュー.txt
2016-11-10 00:43 - 2016-11-10 00:43 - 00003840 _____ C:\Users\zxc\Documents\スケジュール.txt
2016-11-10 00:35 - 2016-11-10 00:35 - 00003260 _____ C:\Users\zxc\Documents\windowslog.txt
2016-11-10 00:30 - 2016-11-10 00:30 - 00013458 _____ C:\Users\zxc\Documents\インストール情報その1.txt
2016-11-10 00:23 - 2016-11-10 00:23 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-11-10 00:23 - 2016-11-10 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-10 00:22 - 2016-11-10 00:23 - 00000935 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-10 00:22 - 2016-11-09 07:15 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-10 00:01 - 2016-11-10 00:01 - 08270712 _____ (Piriform Ltd) C:\Users\zxc\Downloads\ccsetup523.exe
2016-11-09 19:45 - 2016-11-09 19:46 - 00003537 _____ C:\Users\zxc\Desktop\新しいテキスト ドキュメント.txt
2016-11-09 18:45 - 2016-11-10 18:17 - 00000000 ____D C:\AdwCleaner
2016-11-09 11:02 - 2016-11-03 00:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 11:02 - 2016-11-03 00:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 11:02 - 2016-11-03 00:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 11:02 - 2016-11-03 00:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 11:02 - 2016-11-03 00:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 11:02 - 2016-11-03 00:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 11:02 - 2016-11-03 00:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 11:02 - 2016-11-03 00:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 11:02 - 2016-11-03 00:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 11:02 - 2016-11-02 23:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 11:02 - 2016-10-28 12:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 11:02 - 2016-10-28 12:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 11:02 - 2016-10-28 04:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 11:02 - 2016-10-28 04:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 11:02 - 2016-10-28 03:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 11:02 - 2016-10-28 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 11:02 - 2016-10-28 03:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 11:02 - 2016-10-28 03:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 11:02 - 2016-10-28 03:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 11:02 - 2016-10-28 03:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 11:02 - 2016-10-28 03:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 11:02 - 2016-10-28 03:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 11:02 - 2016-10-28 03:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 11:02 - 2016-10-28 03:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 11:02 - 2016-10-28 03:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 11:02 - 2016-10-28 03:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 11:02 - 2016-10-28 03:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 11:02 - 2016-10-28 03:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 11:02 - 2016-10-28 03:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 11:02 - 2016-10-28 03:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 11:02 - 2016-10-28 03:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 11:02 - 2016-10-28 03:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 11:02 - 2016-10-28 03:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 11:02 - 2016-10-28 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 11:02 - 2016-10-28 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 11:02 - 2016-10-28 03:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 11:02 - 2016-10-28 03:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 11:02 - 2016-10-28 02:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 11:02 - 2016-10-28 02:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 11:02 - 2016-10-28 02:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 11:02 - 2016-10-28 02:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 11:02 - 2016-10-28 02:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 11:02 - 2016-10-28 02:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 11:02 - 2016-10-28 02:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 11:02 - 2016-10-28 02:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 11:02 - 2016-10-28 01:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 11:02 - 2016-10-28 00:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 11:02 - 2016-10-26 00:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 11:02 - 2016-10-23 02:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 11:02 - 2016-10-23 02:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 11:02 - 2016-10-23 02:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 11:02 - 2016-10-23 02:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 11:02 - 2016-10-23 02:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 11:02 - 2016-10-23 02:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 11:02 - 2016-10-23 02:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 11:02 - 2016-10-23 02:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 11:02 - 2016-10-23 02:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 11:02 - 2016-10-23 02:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 11:02 - 2016-10-23 02:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 11:02 - 2016-10-23 02:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 11:02 - 2016-10-23 02:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 11:02 - 2016-10-23 02:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 11:02 - 2016-10-23 02:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 11:02 - 2016-10-23 02:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 11:02 - 2016-10-23 01:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 11:02 - 2016-10-23 01:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 11:02 - 2016-10-23 01:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 11:02 - 2016-10-23 01:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 11:02 - 2016-10-23 01:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 11:02 - 2016-10-23 01:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 11:02 - 2016-10-23 01:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 11:02 - 2016-10-23 01:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 11:02 - 2016-10-23 01:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 11:02 - 2016-10-23 01:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 11:02 - 2016-10-23 01:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 11:02 - 2016-10-23 01:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 11:02 - 2016-10-23 01:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 11:02 - 2016-10-16 00:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 11:02 - 2016-10-16 00:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 11:02 - 2016-10-16 00:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 11:02 - 2016-10-16 00:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 11:02 - 2016-10-12 00:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 11:02 - 2016-10-12 00:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 11:02 - 2016-10-12 00:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 11:02 - 2016-10-12 00:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 11:02 - 2016-10-12 00:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 11:02 - 2016-10-12 00:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 11:02 - 2016-10-12 00:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 11:02 - 2016-10-12 00:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 11:02 - 2016-10-12 00:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 11:02 - 2016-10-12 00:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 11:02 - 2016-10-12 00:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 11:02 - 2016-10-12 00:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 11:02 - 2016-10-11 22:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 11:02 - 2016-10-11 22:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 11:02 - 2016-10-11 00:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 11:02 - 2016-10-11 00:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 11:02 - 2016-10-11 00:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 11:02 - 2016-10-11 00:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 11:02 - 2016-10-11 00:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 11:02 - 2016-10-11 00:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 11:02 - 2016-10-11 00:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 11:02 - 2016-10-11 00:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 11:02 - 2016-10-11 00:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 11:02 - 2016-10-10 23:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 11:02 - 2016-10-10 23:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 11:02 - 2016-10-10 23:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 11:02 - 2016-10-10 23:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 11:02 - 2016-10-10 23:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 11:02 - 2016-10-10 23:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 11:02 - 2016-10-08 00:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 11:02 - 2016-10-08 00:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 11:02 - 2016-10-08 00:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 11:02 - 2016-10-08 00:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 11:02 - 2016-10-08 00:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 11:02 - 2016-10-08 00:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 11:02 - 2016-10-08 00:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 11:02 - 2016-10-08 00:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 11:02 - 2016-10-08 00:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 11:02 - 2016-10-08 00:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 11:02 - 2016-10-08 00:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 11:02 - 2016-10-07 23:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 11:02 - 2016-10-07 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 11:02 - 2016-10-07 23:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 11:02 - 2016-10-07 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 11:02 - 2016-10-07 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 11:02 - 2016-10-07 23:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 11:02 - 2016-10-07 23:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 11:02 - 2016-10-07 23:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 11:02 - 2016-10-07 23:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 11:02 - 2016-10-05 23:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 11:02 - 2016-09-15 23:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 11:02 - 2016-09-14 00:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 11:02 - 2016-09-14 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 11:02 - 2016-09-10 03:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 11:02 - 2016-09-10 03:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 11:01 - 2016-08-23 01:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 08:49 - 2016-11-10 18:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-09 08:49 - 2016-11-09 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-09 08:49 - 2016-11-09 08:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-09 08:49 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-09 08:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-09 08:44 - 2016-11-09 08:49 - 00000000 ____D C:\Users\zxc\AppData\Roaming\Malwarebytes
2016-11-09 08:43 - 2016-11-09 08:49 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-09 08:43 - 2016-11-09 08:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-09 08:43 - 2016-11-09 08:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-11-09 08:43 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-09 08:39 - 2016-11-09 08:28 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\zxc\Desktop\mbam-setup-1.75.0.1300.exe
2016-11-09 07:14 - 2016-11-09 07:14 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-11-09 06:59 - 2016-11-09 06:59 - 00000000 ____D C:\Users\zxc\Desktop\Avira-PC-Cleaner
2016-11-09 06:48 - 2016-11-09 06:48 - 00001981 _____ C:\Users\zxc\Desktop\Remove Avira PC Cleaner.lnk
2016-11-09 06:48 - 2016-11-09 06:48 - 00001925 _____ C:\Users\zxc\Desktop\Avira PC Cleaner.lnk
2016-11-08 23:41 - 2016-11-08 23:41 - 00000036 _____ C:\Users\zxc\AppData\Local\housecall.guid.cache
2016-11-08 23:39 - 2016-11-08 23:40 - 33302384 _____ C:\Users\zxc\Downloads\Onlinescan.exe
2016-11-08 21:36 - 2016-11-08 21:36 - 00000398 _____ C:\CD ドライブ - ショートカット.lnk
2016-11-08 21:36 - 2016-11-08 21:36 - 00000000 ____D C:\Users\zxc\Downloads\新しいフォルダー (3)
2016-11-08 11:43 - 2016-11-08 11:43 - 00000000 ____D C:\Users\zxc\Documents\League of Legends
2016-11-08 11:40 - 2016-11-08 11:40 - 00000000 ____D C:\Users\zxc\AppData\Roaming\LolClient
2016-11-08 10:06 - 2016-11-08 10:06 - 00000000 ____D C:\ProgramData\Riot Games
2016-11-08 10:05 - 2016-11-08 10:05 - 00000000 ____D C:\Riot Games
2016-11-08 10:05 - 2016-11-08 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-11-08 10:04 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-11-08 10:04 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-11-08 10:04 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-11-08 10:02 - 2016-11-08 10:02 - 23865088 _____ (Riot Games) C:\Users\zxc\Downloads\LeagueofLegends_JP_Installer_2016_05_31.exe
2016-11-08 10:02 - 2016-11-08 10:02 - 00000000 ____D C:\Users\zxc\AppData\Roaming\Riot Games
2016-11-07 17:59 - 2016-11-07 17:59 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-07 17:59 - 2016-11-07 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-07 17:59 - 2016-11-07 17:59 - 00000000 ____D C:\Program Files\iPod
2016-10-31 19:13 - 2016-10-31 19:13 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-10-31 19:13 - 2016-10-31 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-25 08:47 - 2016-10-26 10:18 - 00000000 ____D C:\Users\zxc\AppData\Roaming\TroveTools.NET
2016-10-25 08:47 - 2016-10-25 08:47 - 00000442 _____ C:\Users\zxc\Desktop\TroveTools .NET.appref-ms
2016-10-25 08:47 - 2016-10-25 08:47 - 00000000 ____D C:\Users\zxc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dazo
2016-10-25 08:41 - 2016-10-25 08:41 - 00791984 _____ () C:\Users\zxc\Downloads\setup.exe
2016-10-25 08:37 - 2016-10-25 08:37 - 00005615 _____ C:\Users\zxc\Downloads\Scythe_Plays_by_ScythePlays_v2692.zip
2016-10-25 08:19 - 2016-10-25 08:25 - 00000000 ____D C:\Users\zxc\Desktop\blueprints
2016-10-25 08:11 - 2016-10-25 08:19 - 00000000 ____D C:\Users\zxc\Downloads\blueprints
2016-10-24 14:28 - 2016-10-22 14:33 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-10-24 14:28 - 2016-10-22 14:22 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-10-24 14:06 - 2016-10-22 17:40 - 00212936 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-10-24 14:06 - 2016-10-22 17:40 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 35224120 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 34701368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 28136504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 19917400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 17426520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 14017984 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-10-24 14:06 - 2016-10-22 16:20 - 10910184 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 10772640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 10324072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 09112272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 08912488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 08715728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 03627968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 03193400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437563.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437563.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 01037368 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00975416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00944184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00896056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00492560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00439864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00407248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00388544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00170688 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-10-24 14:06 - 2016-10-22 16:20 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-10-24 14:06 - 2016-10-22 16:20 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-10-23 12:26 - 2016-11-10 23:44 - 00000626 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-23 12:26 - 2016-11-08 18:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-23 12:26 - 2016-11-08 18:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-23 12:26 - 2016-11-08 18:44 - 00003564 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-23 12:08 - 2016-10-23 12:08 - 05858616 _____ (Adobe Systems Inc.) C:\Users\zxc\Downloads\Shockwave_Installer_Slim(2).exe
2016-10-23 12:00 - 2016-10-23 12:00 - 01198288 _____ (Adobe Systems Incorporated) C:\Users\zxc\Downloads\flashplayer23_xa_install(2).exe
2016-10-23 11:46 - 2016-10-23 11:46 - 01224896 _____ (Adobe Systems Incorporated) C:\Users\zxc\Desktop\uninstall_flash_player.exe
2016-10-23 11:09 - 2016-10-23 11:09 - 01198288 _____ (Adobe Systems Incorporated) C:\Users\zxc\Downloads\flashplayer23_xa_install(1).exe
2016-10-23 11:02 - 2016-10-23 11:02 - 01198288 _____ (Adobe Systems Incorporated) C:\Users\zxc\Downloads\flashplayer23_xa_install.exe
2016-10-22 14:59 - 2016-10-22 15:13 - 00000000 ____D C:\Users\zxc\AppData\Local\Mozilla
2016-10-22 14:58 - 2016-10-22 14:58 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-22 14:58 - 2016-10-22 14:58 - 00001147 _____ C:\Users\Public\DesktRe: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/11 (Fri) 00:38:05
additon txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by zxc (10-11-2016 23:47:26)
Running from C:\Users\zxc\Desktop\FRST
Windows 7 Home Premium Service Pack 1 (X64) (2014-03-17 17:06:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-51566331-1450328070-3618766867-500 - Administrator - Disabled)
Guest (S-1-5-21-51566331-1450328070-3618766867-501 - Limited - Disabled)
zxc (S-1-5-21-51566331-1450328070-3618766867-1000 - Administrator - Enabled) => C:\Users\zxc
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Japanese (HKLM-x32\...\{AC76BA86-7AD7-1041-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
AmvVideoCodec (HKLM-x32\...\AmvVideoCodec) (Version: - )
Ansel (Version: 375.63 - NVIDIA Corporation) Hidden
Apple Application Support(32 ビット) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support(64 ビット) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.)
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.54 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.54 - )
AutoClickPositionsSetup (HKLM-x32\...\{310B9020-53A8-4E0B-B6ED-2951B64C7B1B}) (Version: 1.0.1 - AutoClickPositions)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BUFFALO エアステーション設定ツール (HKLM-x32\...\BUFFALO_AirSet2_is1) (Version: 2.0.15 - BUFFALO INC.)
BUFFALO クライアントマネージャV (HKLM-x32\...\UN900119) (Version: - )
BUFFALO クライアントマネージャV をアンインストール (HKLM-x32\...\UN900119_is1) (Version: 1.4.12 - BUFFALO INC.)
BUFFALO パソコン環境表示ツール (HKLM-x32\...\BUFFALO_BPCEnv_is1) (Version: 1.1.0 - BUFFALO INC.)
Cappuccino 1.9.0 (HKLM-x32\...\Cappuccino_is1) (Version: - TonTon)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
ClocX (1.6.0) (HKLM-x32\...\ClocX) (Version: - )
Common (HKLM-x32\...\Pmang_common) (Version: 2694328 - GameOn)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)
Fishing Planet (HKLM-x32\...\Steam App 380600) (Version: - Fishing Planet LLC)
Freeraser (HKLM-x32\...\Freeraser) (Version: 1.0.0.23 - Codyssey.com)
FreeStyle2: Street Basketball (HKLM-x32\...\Steam App 339610) (Version: - Joycity)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{FE76ABFF-A677-4EED-8D50-3FC2F1E34852}) (Version: 2.19.2680.0 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{B71910C5-BE1F-4091-A685-3FA2342A7635}) (Version: 4.1.40.2143 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lhaplus (HKLM-x32\...\Lhaplus) (Version: - )
LimeChat 2 (HKLM-x32\...\LimeChat 2) (Version: 2.40 - Satoshi Nakagawa)
Malwarebytes Anti-Malware バージョン 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Moo0 ボイス録音器 1.43 (HKLM-x32\...\Moo0 VoiceRecorder) (Version: - )
Moyea FLV Editor Lite version: 1.1.1.846 (HKLM-x32\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version: - )
Mozilla Firefox 49.0.2 (x86 ja) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 ja)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
MPC-BE 1.3.1.1.4603 (HKLM-x32\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.3.1.1.4603 - MPC-BE Team)
Niconico Live Encoder (HKLM-x32\...\{E3D1594B-8077-42C9-8541-B8438F52F283}) (Version: 2.0.4 - niwango, inc.)
NVIDIA 3D Vision コントローラー ドライバー 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision ドライバー 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA HD オーディオ ドライバー 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX システム ソフトウェア 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA グラフィックス ドライバー 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
StreamTransport version: 1.1.3.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Thunder Master v2.5 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.5.0.4 - Palit Microsystems Ltd.)
Trove (HKLM-x32\...\Glyph Trove) (Version: - Trion Worlds, Inc.)
TroveTools .NET (HKU\S-1-5-21-51566331-1450328070-3618766867-1000\...\0ad522f4516a2a4e) (Version: 1.1.9.9 - Dazo)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)
ニコニコ実況 (HKLM-x32\...\{DD5E9FFA-7728-4E6B-9E19-64F37C88158F}) (Version: 1.0.0 - niwango)
ニコ生アラート(´・ω・`) (HKLM-x32\...\Nicolive_Alert_Shobon) (Version: - なんか いろいろ)
バッファロー らくらくアップデートツール (HKLM\...\バッファロー らくらくアップデートツール) (Version: 1.12 - Buffalo Inc.)
ひまたんぷれいや (HKLM-x32\...\himaplayer.in.himado.B28713AACA7C2AEE71212091820231AD33CACF68.1) (Version: 1.0 - UNKNOWN)
ひまたんぷれいや (x32 Version: 1.0 - UNKNOWN) Hidden
やります!アンコちゃん 2.2.1.3 (HKLM-x32\...\やります!アンコちゃん) (Version: 2.2.1.3 - 居酒屋「めがね」)
窓の手 バージョン 2010 (HKLM-x32\...\{981E95EE-7844-4E6B-B724-2B0AABA51C3E}_is1) (Version: 2010 - 猪川正巳)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-51566331-1450328070-3618766867-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A225613-3282-488F-AFF8-1EEAFC7CC876} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {0C2AD913-32CD-4C7A-B0B0-6D781988E8C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {37569339-9C5E-4D64-8BC0-AEDB99929E97} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {484DECD5-10E8-46F6-A408-14372DF68C24} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {57E3E547-FAB4-44B5-84C1-A15C40FEC04E} - System32\Tasks\{974313A2-D4A4-4E46-BB71-932AF85649E9} => pcalua.exe -a E:\fancysetup.exe -d E:\
Task: {8DBF1A64-752B-4381-8505-7BD49B493BF3} - System32\Tasks\SafeZone scheduled Autoupdate 1458721983 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {99AD0F62-6631-49D0-8CFE-F4BDBC07400A} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\VoiceRecorder 1.43\VoiceRecorder.exe [2013-10-20] (Moo0)
Task: {A5F9508A-7826-41C9-8161-DF8D38282D58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B62BA1C5-4E23-441C-9683-3774636B9A85} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C3327222-7518-4128-9013-88E9C1E65170} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-11-09] (AVAST Software)
Task: {CB1B40B7-BB84-441C-9A09-596B6C8C8AC4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-29] (Piriform Ltd)
Task: {CE08E0B3-A1B6-4E26-B622-D7F02FF14182} - System32\Tasks\Opera scheduled Autoupdate 1395179019 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {EA2436BD-2023-461C-969B-28BEA645B3D5} - System32\Tasks\{240F84B1-11CC-44FA-8924-EF414B83F714} => pcalua.exe -a "C:\Users\zxc\Downloads\dotnetfx35setup (1).exe" -d C:\Users\zxc\Downloads
Task: {ED8700B0-4AD0-4D0D-BE45-B35F95AD5808} - System32\Tasks\{2EFA2BC9-8202-4058-9E37-296BB9E0DFBD} => pcalua.exe -a E:\pbsetup\pbsetup.exe -d E:\pbsetup
Task: {F134A886-9121-4694-AF65-434CDE13696E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FB2DFB5B-DBDD-4D2D-A50D-6B014FD09A2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-18 04:11 - 2013-05-28 17:58 - 00454656 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2010-07-15 13:44 - 2010-07-15 13:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-11-22 23:16 - 2012-04-01 00:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2016-09-29 01:26 - 2016-09-29 01:26 - 00032768 _____ () C:\Program Files\CCleaner\lang\lang-1041.dll
2014-12-24 16:42 - 2016-10-22 15:04 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-27 18:02 - 2015-01-27 18:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-11-09 07:14 - 2016-11-09 07:14 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-11-10 00:23 - 2016-11-10 00:23 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16110900\algo.dll
2016-11-09 07:14 - 2016-11-09 07:14 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-03-31 10:18 - 2016-06-15 05:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-09 07:15 - 2016-11-09 07:15 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-03 12:09 - 2016-10-31 14:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\libglesv2.dll
2016-11-03 12:09 - 2016-10-31 14:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\libegl.dll
2016-11-10 04:40 - 2016-11-10 04:40 - 17772736 _____ () C:\Users\zxc\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 11:34 - 2009-06-11 06:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-51566331-1450328070-3618766867-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9779AE0D-AB55-4DAB-82E4-70DD2036E931}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{CDBD9A89-26F2-4CD3-B43C-7B1ADF06E4A2}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{25B98BF8-615D-4DF1-816C-3F2BA7D9A39F}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{B41D8F2F-4385-464F-BD7C-A7E821C4D8A3}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{BC11E1BF-2E23-4372-A585-FAA4C3E5B3F4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2030019-A2A7-4FFE-8D84-985F9E5B4620}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5045AF21-E36F-47E8-A92C-5E3A709DE3E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{0A1680D6-8B37-48A2-AC5D-45D404B07F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{7D654C8B-9A7C-4AD0-B172-5BD1B1506389}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B4FE6BF6-E7A3-4A28-B0CC-9BCC4A9514DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5C00F587-08B7-4CE2-8F29-A12ED29EC4CC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F554B0FB-C4B4-423E-9A16-AB343CFAD68D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1AE6B6FF-0C9C-46C5-85C1-0DB62EFEDB4B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AEBE076F-50CF-4D4F-BE04-EB23F28A0ADD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6C2C8D6-AEC8-4EEB-BE53-34A7EFC728BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [{236A1A6B-684B-4E19-A7EB-D27E5EA15A68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FreeStyle2\LauncherSteam.exe
FirewallRules: [TCP Query User{B9E367A9-91E6-4123-B9CD-A4FE6ABFB0F7}C:\program files (x86)\steam\steamapps\common\freestyle2\freestyle2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\freestyle2\freestyle2.exe
FirewallRules: [UDP Query User{C3FF626E-04B1-40A6-9229-E06990A9FD6E}C:\program files (x86)\steam\steamapps\common\freestyle2\freestyle2.exe] => (Block) C:\program files (x86)\steam\steamapps\common\freestyle2\freestyle2.exe
FirewallRules: [{1016B9E7-60CD-4365-8A31-E1089F7C8B8C}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{520BB242-6D73-4781-AC5C-B2BA1DDFC1B7}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{8D3130D6-FACD-497F-A60B-62A85FC1A0E4}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{E03AD0C1-B9E2-46C8-9580-B01D01E307B5}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{EA532848-E8E4-4C42-B712-21E2C27EBEAB}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [{1B22206F-E5D7-4E87-B7A8-1E49C4499875}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [{C3E08DCB-857E-4B0E-AEF0-55BE78784A47}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [{3F5FB260-5574-4480-AEF5-59709E3614F2}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [TCP Query User{200030CC-6EC0-4E80-8874-8B3E896FDEC0}E:\bouyomichan\bouyomichan.exe] => (Block) E:\bouyomichan\bouyomichan.exe
FirewallRules: [UDP Query User{B94D3F7C-49EF-454A-B5A1-80D3166DE158}E:\bouyomichan\bouyomichan.exe] => (Block) E:\bouyomichan\bouyomichan.exe
FirewallRules: [{90AEA04F-D7BA-48B0-8E3F-67D28187E1A2}] => (Allow) C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe
FirewallRules: [{53E83D93-8C18-49B6-9EB2-CB8D57317A57}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{FFFC2E8F-4DA5-4587-8AC8-6EDD0BA5A4A6}] => (Allow) C:\Program Files (x86)\Glyph\GlyphClient.exe
FirewallRules: [{FCF878C0-ABC1-477E-B451-FEA79BA23E07}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [{7A6EE4CE-52A7-4EAF-9267-8B7F164A71EC}] => (Allow) C:\Program Files (x86)\Glyph\GlyphDownloader.exe
FirewallRules: [{4B8A15B6-1C0E-4624-ABB1-CBE79F5C5F8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{56759D36-0922-4E3C-8C9B-140F092BCD9F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{943F96BB-AC99-428B-A035-BF3F915A93C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5E8B0B70-6154-426B-A15B-A32EA6E88304}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{83253659-E624-4A2C-AFEF-C7F1C9429FA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{03F8BD1F-7922-4F70-9601-448FB54CE809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F9D46E4E-DE26-49B8-82E0-367F76343FF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A31E90C0-D048-4751-A0B8-428790093A42}] => (Allow) E:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{C74D2103-E97C-425C-8047-D50CBCD5DEDA}] => (Allow) E:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{EDDD99A8-3665-48A9-96BE-8AEC67E2DB36}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{E527D6DB-2BCA-4A12-9FF8-AB83F054C618}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{513750E4-2B64-47C8-B9DA-A5F05B21B579}] => (Allow) E:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1C8C5BF9-7445-4142-B8E8-CA71C4BB9BED}] => (Allow) E:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{0C7CDF14-944D-4EC9-A2E1-77DF94532EBE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3309BFD9-D020-41EE-951D-C03AE82CCF1C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8046BDBF-05CE-4E00-8E18-EE78FCD53C82}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{189246BA-2788-42C4-BDE5-E1106BFF8960}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F0AF0672-628E-407F-9DE1-4C04A7E799C2}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{7F0E5B70-5938-4CCD-B972-0B40127A14AF}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{BEDFE80B-9C39-4176-8648-B3AC695CF030}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{FAFAF5AB-440C-4774-81DB-303FB2611D09}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [TCP Query User{DB8F42F8-1D18-4D40-8313-196D5EACE140}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7E547653-AA03-409F-8B94-333A1564B1AB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{A19E05CF-7CB2-4EAF-A114-8A9FEC503E08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{EE062561-8E15-4838-8814-AE2D7B7EB532}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{091B38CC-D8C2-4F75-B7FF-8443002DF692}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30311A12-55DD-42BF-8A2F-11DB67FCE33A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5E1806D-3E5A-4503-A115-B5B55CE10E06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B07D996C-7632-4030-AE34-65A47053C888}] => (Allow) E:\TetrisOnlinePoland\tetris.exe
FirewallRules: [{BD76DAA9-4E42-4306-BE63-12D4B5D3817D}] => (Allow) E:\TetrisOnlinePoland\tetris.exe
FirewallRules: [{B20B83B2-18CA-4000-9EC8-F3794FB64F75}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
08-11-2016 10:04:53 League of Legendsをインストールしました
08-11-2016 21:38:41 Windows Defender Checkpoint
10-11-2016 02:41:08 Windows Update
10-11-2016 18:10:30 復元ポイントその2
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2016 06:31:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 06:19:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 04:05:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 03:54:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム adwcleaner_6.030.exe バージョン 6.0.3.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。
プロセス ID: 1290
開始時刻: 01d23ab9cd4f47a0
終了時刻: 5
アプリケーション パス: C:\Users\zxc\Desktop\adwcleaner_6.030.exe
レポート ID:
Error: (11/10/2016 03:47:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム adwcleaner_6.030.exe バージョン 6.0.3.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。
プロセス ID: 1058
開始時刻: 01d23ab6cd1e27b5
終了時刻: 0
アプリケーション パス: C:\Users\zxc\Desktop\adwcleaner_6.030.exe
レポート ID:
Error: (11/10/2016 03:26:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム adwcleaner_6.030.exe バージョン 6.0.3.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。
プロセス ID: 1318
開始時刻: 01d23ab4561cf9c2
終了時刻: 0
アプリケーション パス: C:\Users\zxc\Desktop\adwcleaner_6.030.exe
レポート ID:
Error: (11/10/2016 03:07:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 02:50:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
Error: (11/10/2016 02:40:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: プログラム adwcleaner_6.030.exe バージョン 6.0.3.0 は Windows との対話を停止し、終了しました。問題に関する詳細な情報があるかどうかを確認するには、アクション センター コントロール パネルで、問題の履歴をクリックしてください。
プロセス ID: fcc
開始時刻: 01d23aae1f817cd3
終了時刻: 16
アプリケーション パス: C:\Users\zxc\Desktop\adwcleaner_6.030.exe
レポート ID:
Error: (11/10/2016 02:24:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルターを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルターではイベント表示できません。
System errors:
=============
Error: (11/10/2016 06:29:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Windows Update サービスは、次のエラーで終了しました:
呼び出し元とは別のセキュリティ ID で実行するように、クラスが構成されています
Error: (11/10/2016 06:27:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update サービスは開始時にハングしました。
Error: (11/10/2016 06:24:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Search サービスは開始時にハングしました。
Error: (11/10/2016 06:17:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: サービス コントロール マネージャーで、Windows Search サービスの予期せぬ終了後に修正操作 (サービスの再開) を実行しようとしましたが、この処置は次のエラーで失敗しました:
サービス インスタンスは既に実行されています。
Error: (11/10/2016 06:16:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Software Protection サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が 120000 ミリ秒以内に実行されます: サービスの再開。
Error: (11/10/2016 06:16:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Virtual Disk サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が 60000 ミリ秒以内に実行されます: サービスの再開。
Error: (11/10/2016 06:16:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Block Level Backup Engine Service サービスは予期せぬ原因により終了しました。このサービスの終了は 1 回目です。次の修正操作が 120000 ミリ秒以内に実行されます: サービスの再開。
Error: (11/10/2016 06:16:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: BBUpdate サービスは予期せぬ原因により終了しました。このサービスの強制終了は 1 回目です。
Error: (11/10/2016 06:16:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 1 回目です。
Error: (11/10/2016 06:16:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Intel(R) ME Service サービスは予期せぬ原因により終了しました。このサービスの強制終了は 1 回目です。
Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/11 (Fri) 00:48:33
MBAMlogでPUP警告?がでてますね。。どうなんでしょ
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/11 (Fri) 01:21:45
PUP: 警告(MBAMlogでPUP警告?がでてますね。。どうなんでしょ)
↑
心配ないですよ。これはMBAMでPUPを検知する場合の条件付け設定に関するモノ。大丈夫です
❷今日は、遅いので明日、また作業指示しますね。
管理人は「Low & Order」という米国ドラマが大好きで、これから録画したドラマを観て、そして爆睡予定です。
また「明日」ネ♪
Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/11 (Fri) 19:28:47
ほむさんへ
FRST.exeでゴミ掃除をしようと考えたのですが、Adwを使うとデスクトップの立ち上がりが遅くて一瞬「びっくり?」したというニュアンスでコメントされてますね。なので今回はFRST.exeを使ったゴミ掃除は中止しておきます。ゴミ掃除しなくてもOkだと判断しました。
作業は、以上で「完了」といたしましょうか。PUP類は除去されていますし、ブラウザのhome page改竄もありませんので大丈夫だと思います。お疲れ様でした。
何か気になる部分があれば返信でコメント願います。Re: BrowserModifier: Win32/SupTab!blnk - ほむ
2016/11/11 (Fri) 21:18:40
Windows Defenderの誤検知からのPUP感染がみつかって除去できたみたいなのでありがとうございました!!
これで安心してPCが使えます。Re: BrowserModifier: Win32/SupTab!blnk - 管理人です
2016/11/11 (Fri) 22:59:53
暫く様子見しましょう。何か異変を感じたら、すぐに相談してくださね。いつでも対応致します。
Copyright © 1999- FC2, inc All Rights Reserved.
