悪代官の伏魔殿掲示板別館

知恵袋からきました（ノートンの警告System Infected: Trojan Bedep Activity 2）

困っています。宜しくお願いします。

osはwindows7の64bitです
ノートンの報告でSystem Infected: Trojan Bedep Activity 2というのが出ています。
履歴を見ると五分に一回くらい○○からの侵入を遮断しました。というのが出ています。

Avast aswMBRのログ
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-06-11 00:57:53
-----------------------------
00:57:53.216 OS Version: Windows x64 6.1.7601 Service Pack 1
00:57:53.216 Number of processors: 8 586 0x2A07
00:57:53.216 ComputerName: MOONLIGHT UserName:
00:57:56.651 Initialize success
00:57:56.861 VM: initialized successfully
00:57:56.863 VM: Intel CPU supported
00:58:10.897 VM: supported disk I/O iaStor.sys
01:01:05.643 AVAST engine defs: 15061000
01:01:07.713 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:01:07.716 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
01:01:08.181 VM: Disk 0 MBR read successfully
01:01:08.183 Disk 0 MBR scan
01:01:08.211 Disk 0 Windows 7 default MBR code
01:01:08.233 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20480 MB offset 2048
01:01:08.263 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 41945088
01:01:08.266 Disk 0 default boot code
01:01:08.298 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 346112 MB offset 42354688
01:01:08.321 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 348610 MB offset 751192064
01:01:08.833 Disk 0 scanning C:\windows\system32\drivers
01:01:24.023 Service scanning
01:01:27.423 Service BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150602.001\BHDrvx64.sys **LOCKED** 5
01:01:30.269 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
01:01:30.664 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
01:01:33.489 Service IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150609.002\IDSvia64.sys **LOCKED** 5
01:01:37.946 Service NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150609.032\ENG64.SYS **LOCKED** 5
01:01:38.076 Service NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150609.032\EX64.SYS **LOCKED** 5
01:01:53.146 Modules scanning
01:01:53.151 Disk 0 trace - called modules:
01:01:53.176 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:01:53.181 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80093f1790]
01:01:53.184 3 CLASSPNP.SYS[fffff880013ce43f] -> nt!IofCallDriver -> [0xfffffa80075bc550]
01:01:53.189 5 ACPI.sys[fffff88000f7d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80076bb050]
01:01:54.729 AVAST engine scan C:\windows
01:01:57.351 AVAST engine scan C:\windows\system32
01:05:26.820 AVAST engine scan C:\windows\system32\drivers
01:05:43.885 AVAST engine scan C:\Users\
01:07:58.639 Disk 0 MBR has been saved successfully to "C:\Users\\Desktop\MBR.dat"
01:07:58.647 The log file has been saved successfully to "C:\Users\\Desktop\aswMBR.txt"

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-06-11 01:14:30
-----------------------------
01:14:30.350 OS Version: Windows x64 6.1.7601 Service Pack 1
01:14:30.350 Number of processors: 8 586 0x2A07
01:14:30.350 ComputerName: MOONLIGHT UserName:
01:14:32.587 Initialze error C000010E - driver not loaded
01:15:01.675 AVAST engine defs: 15061000
01:17:06.457 Service scanning
01:17:10.242 Service BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150602.001\BHDrvx64.sys **LOCKED** 5
01:17:13.610 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
01:17:14.082 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
01:17:17.040 Service IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150609.002\IDSvia64.sys **LOCKED** 5
01:17:25.155 Service NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150609.032\ENG64.SYS **LOCKED** 5
01:17:25.460 Service NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150609.032\EX64.SYS **LOCKED** 5
01:17:51.241 Modules scanning
01:17:51.246 Disk 0 trace - called modules:
01:17:51.249
01:17:54.366 AVAST engine scan C:\windows
01:17:58.211 AVAST engine scan C:\windows\system32
01:21:07.350 AVAST engine scan C:\windows\system32\drivers
01:21:24.736 AVAST engine scan C:\Users\
01:32:48.430 The log file has been saved successfully to "C:\Users\\Desktop\aswMBR.txt"

CCleanerでのスタートのログ

有効 HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
有効 HKCU:Run DAEMON Tools Lite Disc Soft Ltd "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
有効 HKCU:Run Google Update Google Inc. "C:\Users\xxxxxx\AppData\Local\Google\Update\GoogleUpdate.exe" /c
有効 HKCU:Run SUPERAntiSpyware SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
有効 HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
無効 HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
有効 HKLM:Run ATSwpNav "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
有効 HKLM:Run BSMLW06 DEXIN Corporation "C:\Program Files (x86)\BUFFALO\BSMLW06\Panel.exe"
無効 HKLM:Run Corel Photo Downloader Corel, Inc. "C:\Program Files (x86)\Corel\Corel MyPhoto\Corel Photo Downloader.exe" -startup
有効 HKLM:Run DivXMediaServer DivX, LLC C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
無効 HKLM:Run DivXUpdate DivX, LLC "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
無効 HKLM:Run EzSptBtn FUJITSU LIMITED C:\Fujitsu\sptnavi\EzSptBtn4.exe
有効 HKLM:Run FDM7 FUJITSU LIMITED C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
有効 HKLM:Run FJBATAID2 FUJITSU LIMITED C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
有効 HKLM:Run FJDust FUJITSU LIMITED C:\Program Files (x86)\Fujitsu\DustSolution\HokoriApp.exe
無効 HKLM:Run FJUPDNV_Chitose FUJITSU LIMITED C:\Program Files\Fujitsu\chitose\updatenv.exe
無効 HKLM:Run GIZMO2 ants Inc. "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess
有効 HKLM:Run GrooveMonitor Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
有効 HKLM:Run HotKeysCmds Intel Corporation C:\WINDOWS\system32\hkcmd.exe
有効 HKLM:Run IgfxTray Intel Corporation C:\WINDOWS\system32\igfxtray.exe
有効 HKLM:Run IJNetworkScannerSelectorEX CANON INC. C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
有効 HKLM:Run IME JPN 2007 Migration Microsoft Corporation C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG.EXE /Preload
無効 HKLM:Run IME14 JPN Uninstall Microsoft Corporation C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE /Uninstall /JPN /Log
有効 HKLM:Run IndicatorUtility FUJITSU LIMITED "C:\Program Files (x86)\Fujitsu\IndicatorUtility\IndicatorUty.exe"
有効 HKLM:Run IntelPAN Intel(R) Corporation "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
有効 HKLM:Run IoSecShadow I-O DATA DEVICE, INC. C:\Program Files (x86)\I-O DATA\HDDロック\IoSecShadow.exe
無効 HKLM:Run ITSecMng TOSHIBA CORPORATION %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
無効 HKLM:Run JustOnlineUpdate 株式会社ジャストシステム "C:\Program Files (x86)\Common Files\Justsystem\JustOnlineUpdate\JustOnlineUpdate.exe" /startup
有効 HKLM:Run LoadBtnHnd FUJITSU LIMITED C:\Program Files\Fujitsu\Fujitsu Quick Touch\BtnHnd.exe
有効 HKLM:Run LoadFUJ02E3 FUJITSU LIMITED C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
有効 HKLM:Run LoadFujitsuQuickTouch FUJITSU LIMITED C:\Program Files\Fujitsu\Fujitsu Quick Touch\QuickTouch.exe
有効 HKLM:Run LoadPUSCDaemon FUJITSU LIMITED C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCDaemon.exe
無効 HKLM:Run NaviStudio3User PIONEER CORPORATION C:\Program Files (x86)\Pioneer\NaviStudio3\NaviStudio3 User.exe
有効 HKLM:Run NetworkPlayerServerHelper DigiOn, Inc. "C:\Program Files (x86)\Fujitsu\NetworkPlayer Server\NetworkPlayerServerHelper.exe"
有効 HKLM:Run NUSB3MON Renesas Electronics Corporation "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
有効 HKLM:Run OmniPass Softex Inc. C:\Program Files\Softex\OmniPass\scureapp.exe
有効 HKLM:Run Persistence Intel Corporation C:\WINDOWS\system32\igfxpers.exe
有効 HKLM:Run PfNet FUJITSU LIMITED "C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe" /r
有効 HKLM:Run PMBVolumeWatcher Sony Corporation C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
無効 HKLM:Run PSUTility FUJITSU LIMITED C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
有効 HKLM:Run PUSCKAPLEXE FUJITSU LIMITED C:\Program Files\Fujitsu\PowerUtility\schedule\PUSCKAPLEXE.exe
無効 HKLM:Run PushButton I-O DATA DEVICE, INC. C:\Program Files (x86)\I-O DATA\PushButton\PushButton.exe
無効 HKLM:Run QuickTime Task Apple Inc. "C:\Program Files (x86)\QuickTime Alternative\qttask.exe" -atboottime
有効 HKLM:Run RtHDVBg Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORDTSUPTBT
有効 HKLM:Run RtHDVCpl Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
有効 HKLM:Run snp2uvc Sonix C:\windows\vsnp2uvc.exe
有効 HKLM:Run SSDMonitor PC Tools C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
有効 HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
無効 HKLM:Run UVS12 Preload Corel TW Corp. C:\Program Files (x86)\Corel\Corel VideoStudio 12\uvPL.exe
無効 HKLM:Run WSHelperSetup.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
無効 HKLM:Run YouCam Mirage CyberLink "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
無効 HKLM:Run YouCam Tray CyberLink Corp. "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s
有効 Startup Common Camera Monitor HD.lnk PIXELA CORPORATION D:\Program Files (x86)\PIXELA\Everio MediaBrowser HD Edition\MBCameraMonitor.exe
有効 Startup Common ImageBrowser EX Agent.lnk C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
有効 Startup Common PointGrab ハンドジェスチャーコントロール.lnk Acresso Software Inc. C:\windows\Installer\{8D0794C2-FE40-49FB-8695-E4A933A8BC98}\PointgrabShortcut_875D56C048FF45BAA9B778F0EEBE2A5E.exe
有効 Startup Common SetPoint.lnk Logicool, Inc. C:\Program Files\SetPoint\SetPoint.exe
有効 Startup User Bgcall.lnk C:\Program Files (x86)\Bgcall\Bgcall.exe
有効 Startup User BUFFALO NAS Navigator2.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
有効 Startup User NAS Scheduler.lnk BUFFALO INC. C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
有効 Startup User TokyoLoader.lnk C:\Program Files (x86)\TokyoLoader\TokyoLoader.exe

tomoaki_2000tox
2015/06/11 (Thu) 02:14:06

名前件名画像	メッセージプレビュー（投稿前に内容を確認）
	パスワード

悪代官の伏魔殿掲示板別館

返信フォーム※初心者、通りすがり等、重複しやすい名前の利用はご遠慮ください。